Pc getting slow sometimes + getting unwanted scam messages part2

View previous topic View next topic Go down

Pc getting slow sometimes + getting unwanted scam messages OTL part1

Post by easyrider on Fri Jun 17, 2011 3:21 pm

Hello GeekPolice Team,

I thought to ask you kindly to take a look at my pc :smile2:

I am sometimes having it slown down. The other issue is that I am receiving unwanted e-mails that seem to be related to my browsing (eg. 'great job offer' after searching for jobs online). I also received few phishing emails (bank related) in the past. MBAM did not find anything. Latest malware removed was Trojan-Downloader.losabel (Infected registry keys/values detected
hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avp.exe
hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avp.exe\_harvestid) using Advanced System Protector.

Here are the logs:

OTL logfile created on: 2011-06-17 15:12:11 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Asia i Michal\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,20% Memory free
4,23 Gb Paging File | 2,48 Gb Available in Paging File | 58,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 719,69 Gb Free Space | 77,26% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Asia i Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-06-17 13:48:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Asia i Michal\Downloads\OTL.exe
PRC - [2011-04-20 02:04:38 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011-04-20 02:04:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011-04-19 07:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-04-01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-01-30 16:45:14 | 001,306,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2011-01-26 19:00:16 | 000,284,672 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010-10-05 20:26:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
PRC - [2010-06-17 06:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
PRC - [2010-05-07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009-04-11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011-06-17 13:48:21 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Asia i Michal\Downloads\OTL.exe
MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011-06-05 17:55:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-04-20 02:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011-04-19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011-04-19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011-04-01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-01-26 19:00:16 | 000,284,672 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010-11-11 13:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010-11-11 13:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010-11-11 13:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010-06-17 06:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010-05-07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011-06-07 08:18:07 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011-05-29 09:22:47 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011-04-20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011-04-20 01:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011-04-01 05:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C160(UVC)
DRV - [2011-04-01 05:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010-11-17 13:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2010-10-01 10:37:42 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010-09-01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010-05-07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010-02-18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-04-10 22:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008-08-05 20:28:46 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Systweak\Advanced System Protector\sasprot32.sys -- (BCASPROT)
DRV - [2007-08-09 19:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006-10-14 04:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Asia i Michal\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011-06-05 10:40:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011-06-05 18:45:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011-06-05 10:40:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-05 17:21:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011-06-05 17:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asia i Michal\AppData\Roaming\Mozilla\Extensions
[2011-06-14 23:08:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asia i Michal\AppData\Roaming\Mozilla\Firefox\Profiles\zpux7eyh.default\extensions
[2011-06-05 18:49:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-06-05 18:49:05 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2011-06-05 18:49:00 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) --
[2011-06-05 10:40:16 | 000,000,000 | ---D | M] (Kaspersky Virtual Keyboard) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\VIRTUALKEYBOARD@KASPERSKY.RU
() (No name found) -- C:\USERS\ASIA I MICHAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZPUX7EYH.DEFAULT\EXTENSIONS\{27C60876-B5C9-4335-B4F3-52B26782220C}.XPI
() (No name found) -- C:\USERS\ASIA I MICHAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZPUX7EYH.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011-02-15 21:22:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011-04-14 17:59:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010-01-01 09:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-01 09:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-01 09:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-01 09:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-01 09:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 09:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-06-11 16:54:11 | 000,000,806 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - Reg Error: Value error. File not found
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [You must be registered and logged in to see this link.] (MksSkanerOnline Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a31a17c4-3909-11e0-ac72-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a31a17c4-3909-11e0-ac72-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sasnative32) - C:\Windows\System32\sasnative32.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {743F1D23-A520-44EE-BEF5-6D7474AF898E} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\TSCCVID.DLL (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll ([You must be registered and logged in to see this link.]

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011-06-15 23:17:40 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011-06-15 23:16:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-06-15 23:16:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-06-15 23:16:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-06-15 23:16:37 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011-06-14 09:20:49 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\Desktop\materialy security
[2011-06-13 01:09:09 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\Documents\Simply Super Software
[2011-06-13 01:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2011-06-13 01:08:55 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2011-06-13 01:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011-06-13 01:08:53 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\AppData\Roaming\Simply Super Software
[2011-06-13 01:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011-06-07 08:18:07 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011-06-07 08:13:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011-06-07 08:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011-06-06 23:05:32 | 000,000,000 | -H-D | C] -- C:\Config.msi
[2011-06-06 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\DoctorWeb
[2011-06-05 17:22:15 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\AppData\Local\Mozilla
[2011-06-05 17:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011-06-05 10:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2011
[2011-06-05 10:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011-06-05 10:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011-06-05 10:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2011-06-04 14:45:41 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\Desktop\do druku
[2011-06-03 21:18:10 | 000,000,000 | ---D | C] -- C:\PFiles
[2011-06-02 21:51:08 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\Desktop\Infosecurity (UK) - Renowned security experts talk CNI and cyber war at upcoming Virtual Conference_files
[2011-06-02 16:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011-06-02 16:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011-06-02 16:14:56 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\AppData\Roaming\HpUpdate
[2011-06-02 16:14:19 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011-06-02 15:08:33 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-06-02 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\AppData\Local\Secunia PSI
[2011-06-02 14:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011-05-31 15:08:16 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\Documents\GTA Vice City User Files
[2011-05-31 14:41:10 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011-05-29 09:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2011-05-29 09:33:40 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2011-05-29 09:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011-05-29 09:22:47 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011-05-29 09:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011-05-29 09:22:15 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011-05-29 09:22:01 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\AppData\Roaming\DAEMON Tools Lite
[2011-05-29 09:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011-05-29 09:02:39 | 000,000,000 | ---D | C] -- C:\gry
[2011-05-28 12:03:11 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\AppData\Roaming\Kalypso Media
[2011-05-18 17:01:47 | 000,000,000 | ---D | C] -- C:\Users\Asia i Michal\Desktop\ymca croydon
[2011-05-08 00:47:32 | 000,265,976 | ---- | C] (Webroot Software, Inc. ) -- C:\ProgramData\WRFirewallInstall.dll
[2011-05-08 00:47:25 | 000,401,936 | ---- | C] (Webroot Software, Inc. ) -- C:\ProgramData\WRInstallProgressHelper.dll
[2011-05-08 00:47:07 | 006,210,336 | ---- | C] (Webroot Software, Inc.) -- C:\Program Files\Common Files\wruninstall.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-06-17 15:30:42 | 000,000,512 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\MBR.dat
[2011-06-17 15:30:01 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4185693352-1530599903-4211495979-1000UA.job
[2011-06-17 15:28:03 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\Asia i Michal\Desktop\aswMBR.exe
[2011-06-17 14:45:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-06-17 14:45:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-06-17 12:51:12 | 000,631,438 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-06-17 12:51:12 | 000,118,064 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-06-17 12:45:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-06-17 12:45:04 | 2143,813,632 | -HS- | M] () -- C:\hiberfil.sys
[2011-06-17 12:45:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011-06-16 22:30:03 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4185693352-1530599903-4211495979-1000Core.job
[2011-06-14 23:08:17 | 000,016,802 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\poradnia os.odt
[2011-06-14 10:28:41 | 000,056,025 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\lebork4.jpeg
[2011-06-14 10:26:12 | 000,046,236 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\lebork3.jpeg
[2011-06-14 10:25:38 | 000,040,813 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\lebork2.jpeg
[2011-06-14 10:22:29 | 000,042,343 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\swietlica.jpeg
[2011-06-13 01:08:59 | 000,000,930 | ---- | M] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\Trojan Remover.lnk
[2011-06-12 20:37:57 | 000,000,930 | ---- | M] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011-06-12 20:37:57 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-06-12 19:40:54 | 000,000,000 | ---- | M] () -- C:\Program Files\NAPI-PROJEKT
[2011-06-12 11:38:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SBRC.dat
[2011-06-12 11:16:32 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011-06-12 11:16:32 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011-06-11 23:06:09 | 000,050,431 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\congratulation_graphics_2.gif
[2011-06-11 22:55:12 | 000,004,400 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\easyrider.jpg
[2011-06-11 22:53:10 | 000,009,419 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\easy.jpg
[2011-06-11 22:52:42 | 000,009,553 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\image easy.htm
[2011-06-11 18:32:23 | 000,000,554 | ---- | M] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\start.exe - Shortcut.lnk
[2011-06-11 16:54:11 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011-06-09 18:59:20 | 000,012,449 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\library.odt
[2011-06-09 12:44:58 | 000,001,356 | ---- | M] () -- C:\Users\Asia i Michal\AppData\Local\d3d9caps.dat
[2011-06-09 08:15:14 | 242,021,740 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-06-07 08:18:07 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2011-06-07 02:00:39 | 000,000,028 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2011-06-06 23:05:27 | 000,004,496 | ---- | M] () -- C:\Windows\System32\entitlement.xml
[2011-06-05 21:34:31 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2011-06-05 21:34:31 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2011-06-05 17:35:36 | 000,000,846 | ---- | M] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2011-06-05 17:31:14 | 000,349,114 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate-050611-916.pdf
[2011-06-05 17:22:03 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011-06-05 10:38:03 | 048,050,022 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\WP_000204.mp4
[2011-06-05 10:33:37 | 000,001,340 | ---- | M] () -- C:\Windows\System32\.ini
[2011-06-05 02:36:37 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011-06-05 02:36:35 | 000,000,863 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\Glary Utilities.lnk
[2011-06-04 14:42:20 | 000,189,400 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\skanowanie0003.jpg
[2011-06-04 14:42:08 | 000,299,786 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\skanowanie0004.jpg
[2011-06-04 14:41:37 | 000,043,662 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\skanowanie0016 r.jpg
[2011-06-02 21:51:08 | 000,061,584 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\Infosecurity (UK) - Renowned security experts talk CNI and cyber war at upcoming Virtual Conference.htm
[2011-06-02 21:06:10 | 000,031,790 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_50036450.pdf
[2011-06-02 20:12:41 | 000,176,386 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\Wizzair-Boarding-mrs-joanna-dorosz (1).pdf
[2011-06-02 20:04:52 | 000,031,793 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_50031194.pdf
[2011-06-02 19:15:17 | 000,031,790 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_50020020.pdf
[2011-06-02 17:50:20 | 000,031,790 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_50014408.pdf
[2011-06-02 16:36:04 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011-06-02 16:15:47 | 000,031,861 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_50005875.pdf
[2011-06-02 14:46:22 | 000,031,799 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_50002027.pdf
[2011-06-02 13:53:11 | 000,031,802 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\certificate_49998740.pdf
[2011-05-30 14:26:23 | 000,013,824 | ---- | M] () -- C:\Users\Asia i Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-05-29 09:38:46 | 000,000,549 | ---- | M] () -- C:\Windows\eReg.dat
[2011-05-29 09:38:40 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield Vietnam.lnk
[2011-05-29 09:22:47 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011-05-29 09:22:17 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011-05-29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011-05-29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011-05-20 18:08:20 | 000,000,000 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\croyd.d4ohtyy.partial
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-06-14 23:08:15 | 000,016,802 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\poradnia os.odt
[2011-06-14 10:28:41 | 000,056,025 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\lebork4.jpeg
[2011-06-14 10:26:12 | 000,046,236 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\lebork3.jpeg
[2011-06-14 10:25:38 | 000,040,813 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\lebork2.jpeg
[2011-06-14 10:22:22 | 000,042,343 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\swietlica.jpeg
[2011-06-13 01:08:59 | 000,000,930 | ---- | C] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\Trojan Remover.lnk
[2011-06-13 01:08:55 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2011-06-13 01:08:55 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2011-06-13 01:08:55 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2011-06-13 01:08:54 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2011-06-12 20:37:57 | 000,000,930 | ---- | C] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011-06-12 19:40:54 | 000,000,000 | ---- | C] () -- C:\Program Files\NAPI-PROJEKT
[2011-06-12 11:38:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2011-06-11 23:06:09 | 000,050,431 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\congratulation_graphics_2.gif
[2011-06-11 22:55:12 | 000,004,400 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\easyrider.jpg
[2011-06-11 22:53:10 | 000,009,419 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\easy.jpg
[2011-06-11 22:52:35 | 000,009,553 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\image easy.htm
[2011-06-11 18:32:23 | 000,000,554 | ---- | C] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\start.exe - Shortcut.lnk
[2011-06-10 20:06:40 | 004,662,088 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\Rootkity.ppsx
[2011-06-09 18:59:17 | 000,012,449 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\library.odt
[2011-06-09 12:48:51 | 2143,813,632 | -HS- | C] () -- C:\hiberfil.sys
[2011-06-08 17:21:35 | 242,021,740 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011-06-08 08:15:10 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011-06-08 08:15:10 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2011-06-07 02:00:39 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2011-06-06 23:05:27 | 000,004,496 | ---- | C] () -- C:\Windows\System32\entitlement.xml
[2011-06-05 17:35:36 | 000,000,846 | ---- | C] () -- C:\Users\Asia i Michal\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2011-06-05 17:31:30 | 000,349,114 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate-050611-916.pdf
[2011-06-05 17:22:03 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011-06-05 17:22:03 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011-06-05 10:33:37 | 000,001,340 | ---- | C] () -- C:\Windows\System32\.ini
[2011-06-05 10:24:36 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011-06-05 10:24:36 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011-06-04 14:40:32 | 000,043,662 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\skanowanie0016 r.jpg
[2011-06-04 14:40:24 | 000,189,400 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\skanowanie0003.jpg
[2011-06-04 14:40:16 | 000,299,786 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\skanowanie0004.jpg
[2011-06-02 21:51:06 | 000,061,584 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\Infosecurity (UK) - Renowned security experts talk CNI and cyber war at upcoming Virtual Conference.htm
[2011-06-02 21:06:12 | 000,031,790 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_50036450.pdf
[2011-06-02 20:12:41 | 000,176,386 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\Wizzair-Boarding-mrs-joanna-dorosz (1).pdf
[2011-06-02 20:04:55 | 000,031,793 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_50031194.pdf
[2011-06-02 19:15:21 | 000,031,790 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_50020020.pdf
[2011-06-02 17:50:22 | 000,031,790 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_50014408.pdf
[2011-06-02 16:15:51 | 000,031,861 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_50005875.pdf
[2011-06-02 14:57:45 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011-06-02 14:46:28 | 000,031,799 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_50002027.pdf
[2011-06-02 13:53:41 | 000,031,802 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\certificate_49998740.pdf
[2011-05-29 09:38:46 | 000,000,549 | ---- | C] () -- C:\Windows\eReg.dat
[2011-05-29 09:38:40 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield Vietnam.lnk
[2011-05-29 09:22:17 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011-05-20 18:08:20 | 000,000,000 | ---- | C] () -- C:\Users\Asia i Michal\Desktop\croyd.d4ohtyy.partial
[2011-05-15 19:19:17 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-05-15 19:19:17 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-05-14 01:54:34 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2011-05-08 00:47:32 | 000,223,928 | ---- | C] () -- C:\ProgramData\pwipf6.dll
[2011-05-06 20:45:11 | 000,000,036 | ---- | C] () -- C:\Users\Asia i Michal\AppData\Local\housecall.guid.cache
[2011-04-30 18:43:19 | 000,088,928 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011-04-29 20:32:13 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-04-29 20:32:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-04-29 20:32:12 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-04-29 20:32:12 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-04-01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011-04-01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011-04-01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011-04-01 04:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011-03-19 20:17:02 | 000,001,356 | ---- | C] () -- C:\Users\Asia i Michal\AppData\Local\d3d9caps.dat
[2011-03-19 02:22:07 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2011-03-17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011-02-28 21:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011-02-20 23:35:04 | 000,013,824 | ---- | C] () -- C:\Users\Asia i Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-18 00:34:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-02-17 20:40:27 | 000,001,946 | ---- | C] () -- C:\Users\Asia i Michal\AppData\Roaming\wklnhst.dat
[2011-02-17 20:33:02 | 000,118,066 | ---- | C] () -- C:\Windows\hpqins00.dat
[2011-02-17 20:07:45 | 000,140,799 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011-02-17 20:07:00 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011-02-16 02:01:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011-02-16 02:00:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011-02-16 02:00:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011-02-15 16:10:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-08-26 02:19:36 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2010-06-07 05:35:06 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sdf1ml3.dll
[2010-06-07 05:35:00 | 000,282,624 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll
[2010-06-07 05:35:00 | 000,106,496 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll
[2010-06-07 05:35:00 | 000,090,112 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll
[2010-06-07 05:35:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll
[2010-05-07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010-05-07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009-09-09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009-01-05 16:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2006-11-02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 13:47:37 | 000,299,096 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:33:01 | 000,631,438 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 11:33:01 | 000,118,064 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011-03-13 13:19:55 | 000,258,640 | ---- | M] (ArcaBit) -- C:\Users\Asia i Michal\Desktop\arcavirmicroscan.exe
[2011-06-17 15:28:03 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\Asia i Michal\Desktop\aswMBR.exe
[2010-11-16 17:36:12 | 000,816,659 | ---- | M] () -- C:\Users\Asia i Michal\Desktop\ESTOOL.EXE

< %PROGRAMFILES%\Common Files\*.* >
[2011-05-08 00:47:16 | 006,210,336 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Common Files\wruninstall.exe

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011-04-14 17:59:13 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011-04-14 17:59:14 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011-04-14 17:59:14 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011-06-17 14:45:12 | 000,003,664 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-06-17 14:45:12 | 000,003,664 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011-02-15 23:21:30 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011-05-15 19:19:59 | 000,000,000 | ---D | M] -- C:\Program Files\ALLPlayer
[2011-02-17 13:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2011-02-17 13:38:54 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Stream
[2011-02-15 16:09:01 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2011-04-30 22:25:39 | 000,000,000 | ---D | M] -- C:\Program Files\Auslogics
[2011-06-07 08:07:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011-05-29 09:24:39 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2011-05-17 15:05:29 | 000,000,000 | ---D | M] -- C:\Program Files\Defraggler
[2011-02-16 09:19:47 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2011-02-26 22:47:11 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011-05-29 09:34:30 | 000,000,000 | ---D | M] -- C:\Program Files\EA GAMES
[2011-03-26 12:11:24 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2011-05-01 17:30:03 | 000,000,000 | ---D | M] -- C:\Program Files\Filmpex Cinema Player
[2011-02-16 22:36:53 | 000,000,000 | ---D | M] -- C:\Program Files\foobar2000
[2011-02-26 22:47:15 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin
[2011-06-05 10:48:50 | 000,000,000 | ---D | M] -- C:\Program Files\Glary Utilities
[2011-02-22 17:33:28 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011-02-17 20:28:50 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2011-06-05 19:06:30 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2011-06-05 02:04:34 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011-06-15 23:24:36 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011-04-03 20:50:35 | 000,000,000 | ---D | M] -- C:\Program Files\ipla
[2011-02-24 22:04:30 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011-04-29 20:32:28 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2011-06-05 10:19:50 | 000,000,000 | ---D | M] -- C:\Program Files\Kaspersky Lab
[2011-02-15 20:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2011-06-12 20:37:57 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-04-23 13:04:51 | 000,000,000 | ---D | M] -- C:\Program Files\Media Player Classic - Home Cinema
[2011-03-18 22:33:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ATS
[2011-04-04 17:17:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011-02-15 17:13:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft DirectX SDK (March 2009)
[2006-11-02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011-06-15 23:26:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2011-04-04 17:16:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011-02-16 02:29:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011-02-16 19:43:04 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011-06-05 17:21:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006-11-02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011-06-02 16:20:52 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2011-05-14 01:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSSOAP
[2011-02-17 23:57:52 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011-04-10 17:42:21 | 000,000,000 | ---D | M] -- C:\Program Files\Native Instruments
[2011-02-15 21:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\NETGEAR
[2011-03-07 21:40:39 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2011-02-18 19:17:29 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2006-11-02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011-06-05 02:07:17 | 000,000,000 | ---D | M] -- C:\Program Files\Rockstar Games
[2011-06-02 14:57:44 | 000,000,000 | ---D | M] -- C:\Program Files\Secunia
[2011-06-12 12:04:22 | 000,000,000 | ---D | M] -- C:\Program Files\SkanerOnline
[2011-06-12 11:59:23 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2011-05-06 23:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Spotify
[2011-06-14 18:53:51 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2011-05-15 19:13:47 | 000,000,000 | ---D | M] -- C:\Program Files\SubEdit-Player
[2011-03-19 02:22:26 | 000,000,000 | ---D | M] -- C:\Program Files\Systweak
[2011-06-13 01:09:00 | 000,000,000 | ---D | M] -- C:\Program Files\Trojan Remover
[2006-11-02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011-04-23 13:18:24 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011-02-15 20:57:56 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2011-06-12 11:08:22 | 000,000,000 | ---D | M] -- C:\Program Files\Webroot
[2011-02-16 02:18:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2011-02-16 02:18:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2011-02-16 02:18:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011-02-16 02:18:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011-06-15 23:11:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011-02-16 19:43:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006-11-02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011-02-16 02:18:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2011-02-17 09:25:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011-02-16 02:18:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011-02-26 22:03:39 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2011-05-26 22:52:52 | 000,000,000 | ---D | M] -- C:\Program Files\Zune

< MD5 for: AGP440.SYS >
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009-04-11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007-02-21 20:49:48 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007-02-21 20:49:48 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\drivers\atapi.sys
[2007-02-21 20:49:48 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007-02-21 20:49:48 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2011-02-15 19:12:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2011-02-15 19:12:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2011-02-15 19:12:35 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: DISK.SYS >
[2009-04-11 00:32:32 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009-04-11 00:32:32 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009-04-11 00:32:32 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008-01-19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008-01-19 08:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006-11-02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: NETLOGON.DLL >
[2006-11-02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009-04-11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009-04-11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008-01-19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2007-01-06 06:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys
[2007-01-06 06:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_45f67928\nvstor.sys
[2007-01-06 06:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvstor.inf_f48b8337\nvstor.sys
[2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008-01-19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008-01-19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-15 22:23:32

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Fri Jun 17, 2011 3:25 pm

continuation of OTL.Txt

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011-04-14 17:59:16 | 000,712,952 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011-04-14 17:59:16 | 000,712,952 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011-04-14 17:59:16 | 000,712,952 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011-04-30 14:19:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011-04-30 14:19:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011-04-30 14:19:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011-04-30 14:19:09 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011-04-30 14:19:09 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011-04-14 17:59:16 | 000,712,952 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011-04-14 17:59:16 | 000,712,952 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011-04-14 17:59:16 | 000,712,952 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011-04-14 17:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011-04-30 14:19:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011-04-30 14:19:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011-04-30 14:19:08 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011-04-30 14:19:09 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011-04-30 14:19:09 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Asia i Michal\Desktop\WP_000204.mp4:TOC.WMV
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:CAEDBDA6
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

OTL Extras logfile created on: 2011-06-17 15:12:11 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Asia i Michal\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,88 Gb Available Physical Memory | 44,20% Memory free
4,23 Gb Paging File | 2,48 Gb Available in Paging File | 58,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 719,69 Gb Free Space | 77,26% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Asia i Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0811163C-1772-4CA8-B3FA-49EFACBA2A50}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1AB2EC71-AA95-45C2-A37E-30AF74D541CC}" = lport=1900 | protocol=17 | dir=in | app=%programfiles%\zune\zune.exe |
"{1F257C92-940C-4B7E-B3EC-E34137C0315C}" = lport=10244 | protocol=6 | dir=in | app=system |
"{23BCFFAF-1ACE-4E1B-9632-7F74278AFB89}" = lport=10244 | protocol=6 | dir=in | app=system |
"{2813CF79-D578-421C-BCCF-CBC3BAE4545D}" = rport=10244 | protocol=6 | dir=out | app=system |
"{28181A01-D803-4118-98C5-B5D6CD276748}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C523E95-96EE-45B3-90E5-6C39ADDC7F0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{307036AD-F4DC-46BE-8954-79D935A1E505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4A6AA403-2A77-4C67-B4AD-92E4981B4266}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{652DBD50-6AE9-467A-88B4-96A2BA567474}" = lport=3390 | protocol=6 | dir=in | app=system |
"{7C3C96B0-3425-487B-9A9C-ABC0EF9E3D24}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{80805C3C-C666-48BA-ABF1-BAC638495D83}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{82451A3F-F925-409D-AB20-C9EB145E496E}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{88BFFEBB-BF09-4C35-BDE7-395B589FAA4D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{8D93B792-DDFB-400F-858E-D2F7B954277C}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{90EDB209-8AC1-4B85-AF3F-86105AE108B5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93BD1AAD-C2E5-4580-86F8-CAA769D8035C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93EF8D96-5C41-48A1-9791-3BB158E432DC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9F63B9E6-FFEB-436C-BB01-9BC1B37707B8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A536AB80-DDFF-4CA7-A610-95C3C5965BF2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC819974-51A6-469C-AB7F-2BA3CEE74159}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AE19A4B0-F8D9-49C4-9F08-443B2D7731E9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB9D1F07-E36C-43FD-AACD-82D51CF2006F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBDAF050-1C15-4916-86D6-4FBC3348E95C}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{C1E4621B-B508-47E3-AE45-D5B779C2621A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA38EC2E-6F67-4ED2-9F7F-C401AD4B71A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8BF061C-915F-44FF-9C52-30004CCC80E3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAC207FA-4BC0-44EE-8337-39CC30AD0D46}" = rport=10244 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30F53511-38DD-47D8-BC0A-36AF76D22C05}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{3768D7D1-0E90-43E4-B03F-3763F645070D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{3CF233E0-71F3-4894-8902-9669B21814DB}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{3F9AFB1E-28C4-423F-8CF9-E9698370BA1C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{43CBF939-22EC-4AA8-8674-FB1E63AB8F61}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{506A3ED6-4786-4D45-A9B1-B7241A41735F}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{52E9F06F-228F-4D09-89D0-89F5D5608B11}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{5AFB1331-C511-4014-B636-A874E9F2D3DB}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{5C3191A2-70B6-491E-AFA9-2433AB5CCF17}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{5D237EB1-7A53-4090-9F14-2062909E024F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{5FDD2804-C8B8-470E-8708-ACF108BF3356}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{60313D17-CA81-4328-904D-226641817A74}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{65168537-2065-45A0-8164-8F1825F1FD0B}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6B7A76EE-ACBE-44DF-98E4-E90988A62BC3}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{86B8D861-4D0E-43A1-91C7-0F9EB68C4324}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91364E93-8174-4A34-A5EB-FF73C8E547A1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{A762BFE7-FBF1-4856-92AE-5FD6E265A277}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB3FC53F-1F03-4D24-97CF-C898BDD0859A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{AF8DCF55-6FAE-468A-886A-1D390A5A452B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{BBA918EA-6C87-41EC-AF2A-B58D1072D6BC}" = protocol=6 | dir=out | app=system |
"{C55EED83-241D-4004-B49C-485555C6A028}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{D3184F32-81A2-4561-A61C-3D354317ED8D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{D41EF874-605E-4BE5-89F0-881D81A9CE6A}" = protocol=6 | dir=out | app=system |
"{EB51425A-8D88-478B-B787-FAF18BCCE646}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"TCP Query User{328E18B7-68A5-4A94-8894-7B27237B11DA}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe |
"TCP Query User{3DC776D3-EA03-4295-A186-368CE9ACEF09}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{46931E58-A0D8-4018-B032-09C079BC0AB4}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{C85D06ED-D7EE-4BBC-B5FD-F02877DFE664}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe |
"UDP Query User{4F7CB4AA-4635-4BC2-9F95-43CAB026B751}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{92BA9894-C1CF-4D38-B8B0-113EE0227CEF}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe |
"UDP Query User{B5B381CA-F140-4BF8-A986-FC1374390297}C:\program files\ea games\battlefield vietnam\bfvietnam.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield vietnam\bfvietnam.exe |
"UDP Query User{FCC8E889-01E4-4811-B1E4-DB26A566893F}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0141D498-16DA-4221-A529-1D7A64BE8B05}" = OpenOffice.org 3.3
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06092909-8851-C581-F990-7195076FDAEF}" = CCC Help Czech
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CA04779-346C-30FD-EB9B-8EEA2CE094B3}" = CCC Help Thai
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B3B5C60-70B8-F022-5497-03FD2772586C}" = CCC Help Greek
"{1C160168-BF5B-72FE-BAFA-6DD5F737404C}" = CCC Help Chinese Standard
"{1ED3EBF6-A130-4B3B-B01A-C29B067798B3}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.1.2903
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD
"{278AD90C-D27D-AA89-58DF-AD13852D51CA}" = CCC Help Spanish
"{2CDBFF1A-6433-E94D-CA25-831FDB9775E9}" = CCC Help Italian
"{31DED885-1124-0E58-97FB-73E4EF692E8D}" = CCC Help Hungarian
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help
"{33B670D7-8A06-DA5B-0341-5630D1E12007}" = ccc-core-static
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38D65ABC-A00B-6E13-2EF3-826CFC8CFC14}" = CCC Help French
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3B4325A0-43CD-10D1-64F6-BD2F90DCB756}" = Catalyst Control Center Graphics Previews Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3EEBD42E-4DC7-A874-645B-28B63907E930}" = ATI AVIVO Codecs
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3F8B39A4-B7CE-B036-941C-A8DB57676B04}" = CCC Help Norwegian
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACF9BBA-E137-7309-7BF9-567ADAB6B4E6}" = CCC Help Turkish
"{51AD839D-CE11-B9E3-227D-03BC89F227C8}" = CCC Help Danish
"{5774B4C1-8579-D5D9-8D38-A0CE32B6736C}" = CCC Help German
"{5968F27A-66E6-171E-5311-0A74D74AAD9B}" = ATI Catalyst Install Manager
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5D19BB0D-9B04-5B85-9295-4E11BCB1C2C3}" = CCC Help Polish
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{60341104-FC8E-EF26-12CB-93B17DF55976}" = CCC Help Japanese
"{62161867-51F1-9FB8-0E6E-FE49D89CBB71}" = CCC Help Dutch
"{6494E146-418F-85E1-142E-D2F122C75274}" = ccc-utility
"{65589581-920C-CAE1-58C2-2149D3AA3F39}" = HydraVision
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A7E9B60-4698-F505-CAD3-05F8AB22FB61}" = CCC Help Russian
"{6AEE2B0B-B3C1-4367-B1EF-FC4ED98DEED1}" = C4100
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed Special Edition
"{75794DD1-5D69-4E33-A141-C3D4B0724C71}" = Catalyst Control Center Graphics Previews Common
"{7CE47764-9A8F-380D-FB9E-FCFC37B9F727}" = CCC Help Korean
"{7ED4E9AB-9B5D-5380-9AB7-2865CA1DA0DB}" = AMD Fuel
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85092B90-AEB2-2E30-0EF1-432EC61F6BD1}" = Catalyst Control Center InstallProxy
"{86B247F9-1D5E-CCC6-3280-71486D9A4E70}" = ATI Stream SDK v2 Developer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{92317FD2-8A6B-4CEE-B03D-18CA3244E157}" = Windows Phone Intro Video (ENU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9ED77550-AF66-2B7E-97E1-34B3BFDEAC6D}" = CCC Help Swedish
"{A14A7F8B-2A06-4BDE-AC50-752DBAEEF795}_is1" = Filmpex Cinema Player BETA 1.4.456
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C7EA1AF1-F908-0832-AA52-5EDBE128FD6B}" = ccc-core-static
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E8454B5F-4122-864C-002D-31F878D2CBF4}" = CCC Help English
"{E9D4FBA9-FB46-A5CE-F52F-516C4B8F0373}" = ccc-utility
"{EB0E062C-575D-8154-2682-C84EF432CCF0}" = Catalyst Control Center Graphics Previews Common
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EEA54973-AFC8-21C8-1414-246AA9435890}" = CCC Help English
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0E6252F-8DC2-B508-D412-1C427CDB3448}" = CCC Help Portuguese
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{FC321AD2-48B4-4013-B997-A65D5FBBD006}" = NETGEAR WG311T Wireless Adapter
"{FCB6F9DC-A0FF-621E-DE53-877E63864DD1}" = CCC Help Chinese Traditional
"{FE4466A3-76B3-A9F4-9B22-150D6F8B4647}" = Catalyst Control Center Localization All
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced System Protector_is1" = Advanced System Protector
"ALLPlayer_is1" = ALLPlayer V4.X
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"ESET Online Scanner" = ESET Online Scanner v3
"foobar2000" = foobar2000 v1.1.2
"Glary Utilities_is1" = Glary Utilities 2.34.0.1190
"InstallShield_{FC321AD2-48B4-4013-B997-A65D5FBBD006}" = NETGEAR WG311T Wireless Adapter
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"ipla" = ipla 2.2.1
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.0.0
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware wersja 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft DirectX SDK (March 2009)" = Microsoft DirectX SDK (March 2009)
"Mozilla Firefox 4.0.1 (x86 pl)" = Mozilla Firefox 4.0.1 (x86 pl)
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SkanerOnline" = Skaner on-line mks_vir
"Spotify" = Spotify
"Steam App 20900" = The Witcher: Enhanced Edition
"Steam App 50130" = Mafia II
"SubEdit - Vista WMP Patch_is1" = SubEdit - Vista WMP Patch
"SubEdit-Player_is1" = SubEdit-Player
"Trojan Remover_is1" = Trojan Remover 6.8.2
"VLC media player" = VLC media player 1.1.9
"WinRAR archiver" = Archiwizator WinRAR
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011-06-17 10:24:48 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:48 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2011-06-17 10:24:49 | Computer Name = PC | Source = Windows Search Service | ID = 3013
Description =

[ Media Center Events ]
Error - 2011-03-26 07:07:54 | Computer Name = PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 2011-03-26 07:10:44 | Computer Name = PC | Source = McrMgr | ID = 109
Description =

[ System Events ]
Error - 2011-06-16 18:35:51 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-06-16 18:35:52 | Computer Name = PC | Source = Service Control Manager | ID = 7024
Description =

Error - 2011-06-16 18:37:53 | Computer Name = PC | Source = Service Control Manager | ID = 7024
Description =

Error - 2011-06-16 18:58:55 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 2011-06-17 07:46:44 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2011-06-17 07:46:44 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description =

Error - 2011-06-17 07:46:48 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description =

Error - 2011-06-17 07:46:49 | Computer Name = PC | Source = Service Control Manager | ID = 7024
Description =

Error - 2011-06-17 07:48:50 | Computer Name = PC | Source = Service Control Manager | ID = 7024
Description =

Error - 2011-06-17 10:06:42 | Computer Name = PC | Source = DCOM | ID = 10010
Description =


< End of report >

aswMBR version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-17 15:29:00
-----------------------------
15:29:00.716 OS Version: Windows 6.0.6002 Service Pack 2
15:29:00.716 Number of processors: 2 586 0x6B01
15:29:00.732 ComputerName: PC UserName:
15:29:08.532 Initialize success
15:29:55.784 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056
15:29:55.784 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 6
15:29:57.812 Disk 0 MBR read successfully
15:29:57.812 Disk 0 MBR scan
15:29:57.812 Disk 0 unknown MBR code
15:29:59.825 Disk 0 scanning sectors +1953521664
15:29:59.840 Disk 0 scanning C:\Windows\system32\drivers
15:30:09.980 Service scanning
15:30:11.899 Disk 0 trace - called modules:
15:30:11.915 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
15:30:11.915 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87bd1030]
15:30:11.930 3 CLASSPNP.SYS[897668b3] -> nt!IofCallDriver -> [0x8586f218]
15:30:11.930 5 acpi.sys[806966bc] -> nt!IofCallDriver -> \Device\00000056[0x8586f6c0]
15:30:11.930 Scan finished successfully
15:30:42.054 Disk 0 MBR has been saved successfully to "C:\Users\Asia i Michal\Desktop\MBR.dat"
15:30:42.054 The log file has been saved successfully to "C:\Users\Asia i Michal\Desktop\aswMBR.txt"

Results of screen317's Security Check version 0.99.13
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Kaspersky Internet Security 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Out of date Java installed!
Adobe Flash Player 10.3.181.14
Adobe Reader X (10.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
Kaspersky Lab Kaspersky Internet Security 2011 klwtblfs.exe
Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
Kaspersky Lab Kaspersky Internet Security 2011 klwtblfs.exe
``````````End of Log````````````


Many thanks,

Easyrider


easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Belahzur on Fri Jun 17, 2011 6:00 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Fri Jun 17, 2011 7:31 pm

Hi Belahzur,

thanks very much.

Here is the log from Combofix. I am afraid that it switched to Polish as my pc location is set to Poland...

Please let me know if you still will be able to read it or if you would like me to re-run it.

ComboFix 11-06-17.04 - Asia i Michal 2011-06-17 20:15:23.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1033.18.2046.1136 [GMT 1:00]
Uruchomiony z: c:\users\Asia i Michal\Desktop\Combo-Fix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
* Utworzono nowy punkt przywracania
.
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\pwipf6.dll
c:\programdata\WRFirewallInstall.dll
c:\programdata\WRInstallProgressHelper.dll
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-05-17 do 2011-06-17 )))))))))))))))))))))))))))))))
.
.
2011-06-17 19:24 . 2011-06-17 19:24 -------- d-----w- c:\users\Asia i Michal\AppData\Local\temp
2011-06-17 19:13 . 2011-06-17 19:13 -------- d-----w- C:\32788R22FWJFW
2011-06-17 16:22 . 2011-06-17 16:41 -------- d-----w- c:\users\Asia i Michal\AppData\Roaming\Mount&Blade With Fire and Sword
2011-06-17 16:11 . 2011-06-17 16:35 -------- d-----w- c:\program files\Mount&Blade With Fire and Sword
2011-06-17 16:06 . 2011-06-17 16:07 -------- d-----w- c:\program files\Common Files\Adobe
2011-06-17 15:41 . 2011-06-17 15:41 -------- d-----w- c:\program files\Common Files\Java
2011-06-17 15:39 . 2011-06-17 15:39 -------- d-----w- c:\program files\Java
2011-06-15 22:17 . 2011-06-15 22:17 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-06-15 22:16 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-15 22:16 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 22:16 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-15 21:57 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-15 21:57 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 21:57 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 21:57 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 21:57 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 21:57 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 21:57 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 21:57 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 21:57 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 21:57 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-06-13 00:08 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2011-06-13 00:08 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2011-06-13 00:08 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2011-06-13 00:08 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2011-06-13 00:08 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2011-06-13 00:08 . 2011-06-13 00:09 -------- d-----w- c:\program files\Trojan Remover
2011-06-13 00:08 . 2011-06-13 00:08 -------- d-----w- c:\users\Asia i Michal\AppData\Roaming\Simply Super Software
2011-06-13 00:08 . 2011-06-13 00:08 -------- d-----w- c:\programdata\Simply Super Software
2011-06-07 07:18 . 2011-06-07 07:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-07 07:13 . 2011-06-12 10:52 -------- dc----w- c:\windows\system32\DRVSTORE
2011-06-07 07:12 . 2011-06-12 10:52 -------- d-----w- c:\programdata\Lavasoft
2011-06-06 21:38 . 2011-06-09 06:19 -------- d-----w- c:\users\Asia i Michal\DoctorWeb
2011-06-05 16:52 . 2011-06-17 11:51 -------- d-----w- c:\windows\system32\wbem\Performance
2011-06-05 16:45 . 2011-06-17 11:45 -------- d-----w- c:\windows\system32\wbem\repository
2011-06-05 16:45 . 2011-06-06 22:05 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2011-06-05 16:44 . 2011-06-05 16:44 -------- d-----w- c:\windows\system32\wbem\MOF
2011-06-05 16:22 . 2011-06-05 16:22 -------- d-----w- c:\users\Asia i Michal\AppData\Local\Mozilla
2011-06-05 09:24 . 2011-06-05 20:34 97859 ----a-w- c:\windows\system32\drivers\klick.dat
2011-06-05 09:24 . 2011-06-05 20:34 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2011-06-05 09:19 . 2011-06-05 09:19 -------- d-----w- c:\program files\Kaspersky Lab
2011-06-05 09:19 . 2011-06-17 18:57 -------- d-----w- c:\programdata\Kaspersky Lab
2011-06-05 09:15 . 2011-06-05 09:15 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2011-06-03 20:18 . 2011-06-03 20:18 -------- d-----w- C:\PFiles
2011-06-02 15:29 . 2011-06-02 15:29 -------- d-----w- c:\programdata\HP Product Assistant
2011-06-02 15:20 . 2011-06-02 15:20 -------- d-----w- c:\program files\MSECache
2011-06-02 15:14 . 2011-06-02 15:48 -------- d-----w- c:\users\Asia i Michal\AppData\Roaming\HpUpdate
2011-06-02 15:14 . 2011-06-02 15:14 -------- d-----w- c:\windows\Hewlett-Packard
2011-06-02 14:08 . 2011-06-17 15:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 14:01 . 2011-06-02 14:01 -------- d-----w- c:\users\Asia i Michal\AppData\Local\Secunia PSI
2011-06-02 13:57 . 2011-06-02 13:57 -------- d-----w- c:\program files\Secunia
2011-05-31 13:41 . 2011-06-05 01:07 -------- d-----w- c:\program files\Rockstar Games
2011-05-29 08:33 . 2011-06-17 15:57 -------- d-----w- c:\program files\EA GAMES
2011-05-29 08:33 . 2011-06-05 01:05 -------- d-----w- c:\program files\Common Files\InstallShield
2011-05-29 08:22 . 2011-06-17 16:00 -------- d-----w- c:\users\Asia i Michal\AppData\Roaming\DAEMON Tools Lite
2011-05-29 08:22 . 2011-06-17 16:00 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-05-29 08:02 . 2011-05-29 08:02 -------- d-----w- C:\gry
2011-05-28 11:03 . 2011-05-28 11:03 -------- d-----w- c:\users\Asia i Michal\AppData\Roaming\Kalypso Media
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-17 15:40 . 2011-02-24 21:04 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-29 08:11 . 2011-04-30 14:14 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 08:11 . 2011-04-30 14:14 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-07 23:47 . 2011-05-07 23:47 6210336 ----a-w- c:\program files\Common Files\wruninstall.exe
2011-05-04 22:26 . 2010-12-29 00:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-04-30 13:19 . 2011-04-30 13:19 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-30 13:19 . 2011-04-30 13:19 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-30 13:19 . 2011-04-30 13:19 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-30 13:19 . 2011-04-30 13:19 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-30 13:19 . 2011-04-30 13:19 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-30 13:19 . 2011-04-30 13:19 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-30 13:19 . 2011-04-30 13:19 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-30 13:19 . 2011-04-30 13:19 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-30 13:19 . 2011-04-30 13:19 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-30 13:19 . 2011-04-30 13:19 367104 ----a-w- c:\windows\system32\html.iec
2011-04-30 13:19 . 2011-04-30 13:19 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-30 13:19 . 2011-04-30 13:19 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-30 13:19 . 2011-04-30 13:19 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-30 13:19 . 2011-04-30 13:19 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-30 13:19 . 2011-04-30 13:19 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-30 13:19 . 2011-04-30 13:19 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-30 13:19 . 2011-04-30 13:19 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-30 13:19 . 2011-04-30 13:19 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-30 13:19 . 2011-04-30 13:19 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-23 16:19 . 2011-04-23 16:19 249856 ------w- c:\windows\Setup1.exe
2011-04-23 16:19 . 2011-04-23 16:19 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-04-20 01:43 . 2011-04-20 01:43 7772160 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-04-20 01:09 . 2011-04-20 01:09 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-04-20 01:09 . 2010-08-26 02:01 676864 ----a-w- c:\windows\system32\aticfx32.dll
2011-04-20 01:07 . 2011-04-20 01:07 17693184 ----a-w- c:\windows\system32\atioglxx.dll
2011-04-20 01:05 . 2011-04-20 01:05 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-04-20 01:04 . 2011-01-26 22:55 393216 ----a-w- c:\windows\system32\atieclxx.exe
2011-04-20 01:04 . 2011-01-26 22:55 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-04-20 01:02 . 2011-04-20 01:02 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-04-20 01:02 . 2011-04-20 01:02 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-04-20 01:02 . 2011-04-20 01:02 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-04-20 01:02 . 2011-04-20 01:02 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-04-20 01:02 . 2011-04-20 01:02 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-04-20 00:59 . 2011-01-26 22:49 4161536 ----a-w- c:\windows\system32\atidxx32.dll
2011-04-20 00:46 . 2011-04-20 00:46 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-04-20 00:46 . 2011-04-20 00:46 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-04-20 00:42 . 2011-04-20 00:42 6389760 ----a-w- c:\windows\system32\aticaldd.dll
2011-04-20 00:40 . 2011-04-20 00:40 1923584 ----a-w- c:\windows\system32\atiumdmv.dll
2011-04-20 00:38 . 2010-08-26 01:33 4286464 ----a-w- c:\windows\system32\atiumdag.dll
2011-04-20 00:30 . 2011-04-20 00:30 4056576 ----a-w- c:\windows\system32\atiumdva.dll
2011-04-20 00:27 . 2011-02-15 15:07 52736 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 00:23 . 2011-01-26 22:14 262144 ----a-w- c:\windows\system32\atiadlxx.dll
2011-04-20 00:22 . 2011-04-20 00:22 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-04-20 00:22 . 2011-04-20 00:22 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-04-20 00:22 . 2011-04-20 00:22 243712 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-04-20 00:21 . 2011-01-26 22:12 31232 ----a-w- c:\windows\system32\atiuxpag.dll
2011-04-20 00:21 . 2010-08-26 01:19 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-04-20 00:21 . 2010-08-26 01:19 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-04-20 00:20 . 2011-04-20 00:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-04-20 00:13 . 2011-04-20 00:13 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-04-20 00:13 . 2011-04-20 00:13 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-04-11 07:04 . 2011-04-29 11:19 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{899DB460-961D-4213-B48E-11DE7E60D639}\mpengine.dll
2011-04-03 19:50 . 2011-04-03 19:50 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-03 19:50 . 2011-04-03 19:50 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-04-01 04:11 . 2011-04-01 04:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-04-01 04:10 . 2011-04-01 04:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-04-01 04:10 . 2011-04-01 04:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-04-01 04:09 . 2011-04-01 04:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-04-01 04:08 . 2011-04-01 04:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-04-01 04:08 . 2011-04-01 04:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-04-01 04:07 . 2011-04-01 04:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-04-01 04:07 . 2011-04-01 04:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-04-01 04:06 . 2011-04-01 04:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-04-01 03:56 . 2011-04-01 03:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-04-14 16:59 . 2011-06-05 16:21 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-11-11 268528]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-06-07 98392]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 284672]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2010-11-17 97296]
S3 BCASPROT;Advanced System Protector;c:\program files\Systweak\Advanced System Protector\sasprot32.sys [2008-08-05 6656]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-06-05 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-02-25 07:25]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4185693352-1530599903-4211495979-1000Core.job
- c:\users\Asia i Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 17:15]
.
2011-06-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4185693352-1530599903-4211495979-1000UA.job
- c:\users\Asia i Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-16 17:15]
.
.
------- Skan uzupełniający -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = about:blank
TCP: DhcpNameServer = 192.168.1.254
DPF: Garmin Communicator Plug-In - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Asia i Michal\AppData\Roaming\Mozilla\Firefox\Profiles\zpux7eyh.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 0
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-06-17 20:24
Windows 6.0.6002 Service Pack 2 NTFS
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
skanowanie ukrytych plików ...
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4185693352-1530599903-4211495979-1000\Software\SecuROM\License information*]
"datasecu"=hex:82,d6,df,cd,a5,99,f2,28,ff,ab,4f,68,77,4d,05,3f,25,87,79,5c,87,
e8,94,83,eb,71,3a,68,2b,36,0f,28,0c,de,77,3c,e6,fd,db,a8,cd,b2,61,b3,fe,af,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
Czas ukończenia: 2011-06-17 20:27:07
ComboFix-quarantined-files.txt 2011-06-17 19:26
.
Przed: 781 745 303 552 bytes free
Po: 780 690 767 872 bytes free
.
Current=2 Default=2 Failed=1 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 756EFFDEDF7744F57266F4088DC1F01D



easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Sat Jun 18, 2011 1:39 pm

Hi Belahzur,

would you like me to re-scan with Combofix & submit the log in English?

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Mon Jun 20, 2011 7:59 pm

Belahzur, could you please advise what to do next?

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Sneakyone on Tue Jun 21, 2011 3:01 am

Hi,

Please download aswMBR from [You must be registered and logged in to see this link.]


  • Save aswMBR.exe to your Desktop
  • Double click aswMBR.exe to run it
  • Click the Scan button to start the scan as illustrated below




Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are [You must be registered and logged in to see this link.]


  • Once the scan finishes click Save log to save the log to your Desktop


  • Copy and paste the contents of aswMBR.txt back here for review


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Tue Jun 21, 2011 4:21 pm

Hi Sneakyone,

thanks for help. Here's the log:

aswMBR version 0.9.7.675 Copyright(c) 2011 AVAST Software
Run date: 2011-06-21 13:36:29
-----------------------------
13:36:29.072 OS Version: Windows 6.0.6002 Service Pack 2
13:36:29.072 Number of processors: 2 586 0x6B01
13:36:29.088 ComputerName: PC UserName:
13:36:55.465 Initialize success
13:38:15.469 AVAST engine defs: 11062100
13:38:31.272 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056
13:38:31.288 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 6
13:38:33.518 Disk 0 MBR read successfully
13:38:33.518 Disk 0 MBR scan
13:38:33.534 Disk 0 unknown MBR code
13:38:35.578 Disk 0 scanning sectors +1953521664
13:38:36.108 Disk 0 scanning C:\Windows\system32\drivers
13:39:17.370 Service scanning
13:39:19.086 Disk 0 trace - called modules:
13:39:19.117 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
13:39:19.117 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87c49030]
13:39:19.117 3 CLASSPNP.SYS[8976e8b3] -> nt!IofCallDriver -> [0x85870150]
13:39:19.133 5 acpi.sys[806106bc] -> nt!IofCallDriver -> \Device\00000056[0x85870c90]
13:39:27.588 AVAST engine scan C:\Windows
15:40:19.156 AVAST engine scan C:\Users\Asia i Michal
16:38:55.074 AVAST engine scan C:\ProgramData
17:02:38.403 Scan finished successfully
17:18:34.012 Disk 0 MBR has been saved successfully to "C:\Users\Asia i Michal\Desktop\MBR.dat"
17:18:34.043 The log file has been saved successfully to "C:\Users\Asia i Michal\Desktop\aswMBR.txt"

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Sneakyone on Wed Jun 22, 2011 1:11 am

Hi,

Please download TDSSKiller from [You must be registered and logged in to see this link.] and save it to your Desktop.
  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Wed Jun 22, 2011 12:38 pm

2011/06/22 13:37:27.0894 0876 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/22 13:37:28.0456 0876 ================================================================================
2011/06/22 13:37:28.0456 0876 SystemInfo:
2011/06/22 13:37:28.0456 0876
2011/06/22 13:37:28.0456 0876 OS Version: 6.0.6002 ServicePack: 2.0
2011/06/22 13:37:28.0456 0876 Product type: Workstation
2011/06/22 13:37:28.0456 0876 ComputerName: PC
2011/06/22 13:37:28.0456 0876 UserName: Asia i Michal
2011/06/22 13:37:28.0456 0876 Windows directory: C:\Windows
2011/06/22 13:37:28.0456 0876 System windows directory: C:\Windows
2011/06/22 13:37:28.0456 0876 Processor architecture: Intel x86
2011/06/22 13:37:28.0456 0876 Number of processors: 2
2011/06/22 13:37:28.0456 0876 Page size: 0x1000
2011/06/22 13:37:28.0456 0876 Boot type: Normal boot
2011/06/22 13:37:28.0456 0876 ================================================================================
2011/06/22 13:37:29.0095 0876 Initialize success
2011/06/22 13:37:32.0964 1424 ================================================================================
2011/06/22 13:37:32.0964 1424 Scan started
2011/06/22 13:37:32.0964 1424 Mode: Manual;
2011/06/22 13:37:32.0964 1424 ================================================================================
2011/06/22 13:37:34.0384 1424 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/06/22 13:37:34.0508 1424 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/06/22 13:37:34.0602 1424 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/06/22 13:37:34.0711 1424 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/06/22 13:37:34.0805 1424 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/06/22 13:37:34.0976 1424 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/06/22 13:37:35.0039 1424 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/06/22 13:37:35.0101 1424 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/22 13:37:35.0164 1424 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
2011/06/22 13:37:35.0242 1424 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/06/22 13:37:35.0273 1424 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
2011/06/22 13:37:35.0335 1424 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
2011/06/22 13:37:35.0382 1424 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/06/22 13:37:35.0429 1424 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/22 13:37:35.0647 1424 amdkmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/06/22 13:37:35.0928 1424 amdkmdap (fb68e1b9cec598f0f69503f3aebb45dd) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/06/22 13:37:36.0037 1424 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/06/22 13:37:36.0115 1424 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/06/22 13:37:36.0193 1424 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/22 13:37:36.0224 1424 atapi (a779ca2c76da4fcb595e692c05e8e4eb) C:\Windows\system32\drivers\atapi.sys
2011/06/22 13:37:36.0302 1424 athr (2846f5ee802889d500fcf5cc48b28381) C:\Windows\system32\DRIVERS\athr.sys
2011/06/22 13:37:36.0458 1424 AtiHDAudioService (0c3c2e9136397e1aaa9033dcae25ced2) C:\Windows\system32\drivers\AtihdLH3.sys
2011/06/22 13:37:36.0677 1424 BCASPROT (794ce0f2d1fd719b9cd8cb1f1f4402fd) C:\Program Files\Systweak\Advanced System Protector\sasprot32.sys
2011/06/22 13:37:36.0724 1424 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
2011/06/22 13:37:36.0802 1424 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/06/22 13:37:36.0942 1424 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/22 13:37:36.0989 1424 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/22 13:37:37.0036 1424 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/22 13:37:37.0098 1424 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/22 13:37:37.0207 1424 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/22 13:37:37.0285 1424 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/22 13:37:37.0332 1424 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/22 13:37:37.0379 1424 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/06/22 13:37:37.0519 1424 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/22 13:37:37.0582 1424 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/22 13:37:37.0644 1424 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/06/22 13:37:37.0753 1424 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/06/22 13:37:37.0847 1424 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
2011/06/22 13:37:37.0894 1424 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/06/22 13:37:37.0940 1424 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/06/22 13:37:37.0987 1424 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/06/22 13:37:38.0190 1424 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/06/22 13:37:38.0252 1424 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/06/22 13:37:38.0330 1424 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/06/22 13:37:38.0393 1424 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/06/22 13:37:38.0440 1424 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/06/22 13:37:38.0533 1424 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/06/22 13:37:38.0767 1424 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/22 13:37:38.0845 1424 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/22 13:37:38.0892 1424 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/06/22 13:37:38.0986 1424 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/06/22 13:37:39.0095 1424 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/06/22 13:37:39.0157 1424 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/06/22 13:37:39.0251 1424 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/22 13:37:39.0344 1424 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/06/22 13:37:39.0422 1424 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/06/22 13:37:39.0500 1424 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/22 13:37:39.0547 1424 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/06/22 13:37:39.0625 1424 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/22 13:37:39.0672 1424 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/22 13:37:39.0734 1424 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\Windows\system32\drivers\grmnusb.sys
2011/06/22 13:37:39.0781 1424 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/06/22 13:37:39.0844 1424 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/22 13:37:39.0922 1424 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/06/22 13:37:39.0953 1424 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/06/22 13:37:40.0000 1424 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/22 13:37:40.0062 1424 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/06/22 13:37:40.0156 1424 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/06/22 13:37:40.0202 1424 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/06/22 13:37:40.0265 1424 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/22 13:37:40.0312 1424 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/06/22 13:37:40.0421 1424 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/22 13:37:40.0514 1424 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys
2011/06/22 13:37:40.0577 1424 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/22 13:37:40.0624 1424 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/22 13:37:40.0764 1424 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/22 13:37:40.0951 1424 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/22 13:37:41.0029 1424 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/06/22 13:37:41.0060 1424 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/06/22 13:37:41.0138 1424 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/22 13:37:41.0279 1424 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/22 13:37:41.0326 1424 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/22 13:37:41.0419 1424 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/22 13:37:41.0466 1424 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/22 13:37:41.0560 1424 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys
2011/06/22 13:37:41.0638 1424 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys
2011/06/22 13:37:41.0684 1424 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys
2011/06/22 13:37:41.0747 1424 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
2011/06/22 13:37:41.0794 1424 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
2011/06/22 13:37:41.0856 1424 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/22 13:37:41.0950 1424 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/22 13:37:42.0028 1424 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/22 13:37:42.0074 1424 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/22 13:37:42.0137 1424 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/22 13:37:42.0215 1424 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/06/22 13:37:42.0262 1424 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/06/22 13:37:42.0324 1424 LVRS (b6e1ccd6572984adcae68439afd07011) C:\Windows\system32\DRIVERS\lvrs.sys
2011/06/22 13:37:42.0464 1424 LVUVC (6c42815dd57e397f0cd988304b5eb4b3) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/06/22 13:37:42.0667 1424 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/06/22 13:37:42.0823 1424 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/06/22 13:37:42.0870 1424 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/22 13:37:42.0917 1424 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/22 13:37:42.0979 1424 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/22 13:37:43.0010 1424 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/06/22 13:37:43.0073 1424 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/06/22 13:37:43.0120 1424 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/22 13:37:43.0166 1424 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/22 13:37:43.0260 1424 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/22 13:37:43.0307 1424 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/22 13:37:43.0369 1424 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/22 13:37:43.0447 1424 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/22 13:37:43.0525 1424 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
2011/06/22 13:37:43.0588 1424 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/06/22 13:37:43.0650 1424 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/06/22 13:37:43.0697 1424 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/06/22 13:37:43.0775 1424 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/22 13:37:43.0806 1424 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/22 13:37:43.0931 1424 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/06/22 13:37:43.0978 1424 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/06/22 13:37:44.0040 1424 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/22 13:37:44.0071 1424 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/06/22 13:37:44.0118 1424 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/06/22 13:37:44.0180 1424 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/22 13:37:44.0227 1424 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/06/22 13:37:44.0321 1424 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/22 13:37:44.0368 1424 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/22 13:37:44.0446 1424 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/22 13:37:44.0477 1424 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/06/22 13:37:44.0555 1424 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/22 13:37:44.0633 1424 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/22 13:37:44.0726 1424 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/22 13:37:44.0789 1424 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/06/22 13:37:44.0836 1424 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/22 13:37:44.0898 1424 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/06/22 13:37:45.0007 1424 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/22 13:37:45.0054 1424 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/06/22 13:37:45.0194 1424 nvlddmkm (cfddedc1151839dd71f78472645214a5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/22 13:37:45.0304 1424 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
2011/06/22 13:37:45.0444 1424 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
2011/06/22 13:37:45.0538 1424 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys
2011/06/22 13:37:45.0584 1424 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/06/22 13:37:45.0678 1424 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/06/22 13:37:45.0740 1424 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/22 13:37:45.0787 1424 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/06/22 13:37:45.0834 1424 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/22 13:37:45.0881 1424 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/06/22 13:37:45.0943 1424 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys
2011/06/22 13:37:46.0068 1424 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/22 13:37:46.0115 1424 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/22 13:37:46.0255 1424 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/22 13:37:46.0302 1424 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/06/22 13:37:46.0364 1424 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/22 13:37:46.0411 1424 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
2011/06/22 13:37:46.0474 1424 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/06/22 13:37:46.0676 1424 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/22 13:37:46.0770 1424 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/22 13:37:46.0848 1424 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/22 13:37:46.0895 1424 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/22 13:37:46.0973 1424 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/22 13:37:47.0035 1424 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/22 13:37:47.0098 1424 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/22 13:37:47.0160 1424 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/22 13:37:47.0207 1424 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/06/22 13:37:47.0394 1424 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/22 13:37:47.0456 1424 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/06/22 13:37:47.0534 1424 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/22 13:37:47.0628 1424 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/22 13:37:47.0675 1424 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\Windows\system32\drivers\SBREdrv.sys
2011/06/22 13:37:47.0815 1424 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/22 13:37:47.0909 1424 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/06/22 13:37:47.0940 1424 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/06/22 13:37:48.0002 1424 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/06/22 13:37:48.0065 1424 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/06/22 13:37:48.0112 1424 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/22 13:37:48.0205 1424 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/22 13:37:48.0252 1424 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/22 13:37:48.0377 1424 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/06/22 13:37:48.0424 1424 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/06/22 13:37:48.0470 1424 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/06/22 13:37:48.0564 1424 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/06/22 13:37:48.0689 1424 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/06/22 13:37:48.0798 1424 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/06/22 13:37:48.0845 1424 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/22 13:37:48.0892 1424 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/22 13:37:48.0985 1424 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/22 13:37:49.0048 1424 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/22 13:37:49.0094 1424 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/22 13:37:49.0157 1424 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/22 13:37:49.0313 1424 Tcpip (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\drivers\tcpip.sys
2011/06/22 13:37:49.0406 1424 Tcpip6 (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/22 13:37:49.0453 1424 tcpipreg (9bf343f4c878d6ad6922b2c5a4fefe0d) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/22 13:37:49.0500 1424 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/06/22 13:37:49.0531 1424 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/06/22 13:37:49.0578 1424 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/22 13:37:49.0640 1424 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/22 13:37:49.0718 1424 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/22 13:37:49.0765 1424 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/22 13:37:49.0796 1424 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/22 13:37:49.0968 1424 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/06/22 13:37:50.0015 1424 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/22 13:37:50.0124 1424 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/22 13:37:50.0171 1424 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/06/22 13:37:50.0233 1424 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/22 13:37:50.0296 1424 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/22 13:37:50.0342 1424 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/22 13:37:50.0389 1424 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/22 13:37:50.0452 1424 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/06/22 13:37:50.0498 1424 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/22 13:37:50.0561 1424 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/22 13:37:50.0608 1424 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/22 13:37:50.0654 1424 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/22 13:37:50.0701 1424 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/22 13:37:50.0748 1424 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/22 13:37:50.0795 1424 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/22 13:37:50.0842 1424 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/22 13:37:50.0873 1424 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/22 13:37:50.0998 1424 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/22 13:37:51.0076 1424 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/22 13:37:51.0122 1424 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/06/22 13:37:51.0169 1424 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/06/22 13:37:51.0216 1424 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/06/22 13:37:51.0263 1424 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
2011/06/22 13:37:51.0325 1424 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/06/22 13:37:51.0434 1424 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/06/22 13:37:51.0481 1424 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/06/22 13:37:51.0559 1424 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/06/22 13:37:51.0637 1424 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/22 13:37:51.0684 1424 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/22 13:37:51.0700 1424 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/22 13:37:51.0762 1424 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/06/22 13:37:51.0856 1424 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/22 13:37:52.0090 1424 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
2011/06/22 13:37:52.0152 1424 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/22 13:37:52.0230 1424 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/06/22 13:37:52.0292 1424 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/22 13:37:52.0355 1424 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/06/22 13:37:52.0402 1424 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/22 13:37:52.0495 1424 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/06/22 13:37:52.0511 1424 ================================================================================
2011/06/22 13:37:52.0511 1424 Scan finished
2011/06/22 13:37:52.0511 1424 ================================================================================
2011/06/22 13:37:52.0526 2944 Detected object count: 0
2011/06/22 13:37:52.0526 2944 Actual detected object count: 0

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Sneakyone on Thu Jun 23, 2011 4:32 am

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Thu Jun 23, 2011 8:18 pm

Hello,

here's the log:

Malwarebytes' Anti-Malware 1.51.0.1200
[You must be registered and logged in to see this link.]

Database version: 6928

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

2011-06-23 19:17:22
mbam-log-2011-06-23 (19-17-22).txt

Scan type: Full scan (C:\|)
Objects scanned: 315009
Time elapsed: 1 hour(s), 16 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Sneakyone on Fri Jun 24, 2011 6:42 am

Hi,

Please run a free online scan with the [You must be registered and logged in to see this link.]
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Fri Jun 24, 2011 6:45 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=69808814fbc9b849a1510e982d3da172
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-24 02:36:40
# local_time=2011-06-24 03:36:40 (+0000, GMT Daylight Time)
# country="Poland"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1280 16777215 100 0 1651770 1651770 0 0
# compatibility_mode=5892 16776638 100 100 4841367 146450088 0 0
# compatibility_mode=8192 67108863 100 0 7783076 7783076 0 0
# scanned=179230
# found=0
# cleaned=0
# scan_time=8841

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Sneakyone on Sun Jun 26, 2011 5:38 am

Hi,

How's your computer running now?


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by easyrider on Mon Jun 27, 2011 9:18 pm

HI Sneakyone,

it's running better, I think. Did you found any traces of malware in my logs?

Many thanks.

easyrider
Novice
Novice

Posts Posts : 31
Joined Joined : 2011-06-10
Gender Gender : Male
OS OS : Vista Home Premium
Points Points : 20201
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pc getting slow sometimes + getting unwanted scam messages part2

Post by Sneakyone on Tue Jun 28, 2011 8:50 pm

Hi, you're welcome, glad to help. Smile

Your computer is now clean. Now, time to remove the tools used, and update your computer to prevent vulnerability.

Updating System Restore

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:




  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE.





You now have a clean restore point.

To get rid of the bad ones:




  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do a calculation of temporary/old files, and then display a dialogue box.
  • Select the More Options Tab.
  • At the bottom will be a System Restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done.





========

Removing the tools

Now, to remove all of the tools we used and the files and folders they created, please do the following:

Download [URL="http://www.itxassociates.com/OT-Tools/OTC.exe"]OTC.exe[/URL] by OldTimer:




  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.





============

Update Programs

Please download the newest version of Adobe Acrobat Reader from [URL="http://www.adobe.com/products/acrobat/readstep2.html"]Adobe.com[/URL]

Please download the newest version of Java from [URL="http://www.java.com/en/download/manual.jsp"]Java.com[/URL].

===============

Staying Protected

If you don't have a anti-virus I recommend to download one of these free anti-virus programs:
1. [URL="http://www.avast.com/"]Avast![/URL]
2. [URL="http://www.avira.com/en/support-download-free-antivirus"]Avira[/URL]
3. [URL="http://www.microsoft.com/security_essentials/default.aspx"]Microsoft Security Essentials[/URL]

If you have Windows XP, then I recommend downloading one of these free firewalls if you do not already have one:
1. [URL="http://www.comodo.com/home/internet-security/firewall.php"]Comodo Firewall[/URL]
2. [URL="http://www.tallemu.com/products-online-armor-free.php"]Tallemu Online Armor[/URL]

I recommend using [URL="http://www.malwarebytes.org/mbam.php"]MalwareBytes Anti-Malware[/URL] for a anti-malware program.

If you don't have a anti-spyware I recommend to download this free program to help keep you spyware free:
1. [URL="http://www.javacoolsoftware.com/spywareblaster.html"]SpywareBlaster[/URL]

Please don't download more than one anti-virus, firewall, or anti-spyware because they will conflict with each other making your computer slow, data loss, and false results so please just don't do it.

================

Here are some prevention tips:

1. Torrents are a conduit of malware; this is why we highly recommend not using them as chances are extremely high that you will be infected from them.

2. Cracks/warez/keygens are another conduit of malware and are illegal so don't use them.

3. Disable auto-run to prevent auto-run worms from infecting your machine through USB drives.[URL="http://www.engadget.com/2004/06/29/how-to-tuesday-disable-autorun-on-windows/"]XP[/URL] or [URL="http://www.howtogeek.com/howto/windows-vista/disable-autoplay-in-windows-vista/"]Vista/7[/URL]

4. Always make sure you have the latest [URL="http://windowsupdate.microsoft.com"]Windows update[/URL].

5. Use a Site Advisor so you don't go to sites that will infect you. [URL="http://www.mywot.com/en/download"]Web-of-Trust[/URL] or [URL="http://www.siteadvisor.com/download/windows.html"]Mcafee Siteadvisor[/URL]

6. Also there are many holes and flaws in Internet Explorer I recommend using [URL="http://www.getfirefox.com/"]Firefox[/URL] or [URL="http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95346"]Google Chrome[/URL] to keep you more safe.

7. Always keep your [URL="http://www.java.com/en/download/installed.jsp"]Java[/URL] and Adobe Reader updated and all older versions removed to keep clear from exploits.

8. Don't fall for Scareware. What is Scareware? A rogue anti-virus on your system that will scare you into buying their fake software due to false detections.

9. Be sure to always have a firewall and anti-virus installed at all times.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56074
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum