[code] OTS logfile created on: 2011-09-07 08:04:43 - Run 2 OTS by OldTimer - Version 3.1.44.5 Folder = G:\ Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,41 Gb Total Space | 39,79 Gb Free Space | 26,63% Space Free | Partition Type: NTFS Drive D: | 148,28 Gb Total Space | 7,46 Gb Free Space | 5,03% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 7,73 Gb Total Space | 0,47 Gb Free Space | 6,04% Space Free | Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TOMCIO-TOSH Current User Name: Tomcio Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Quick Scan [Processes - Safe List] ots.exe -> G:\OTS.exe -> [2011-09-07 08:00:00 | 000,646,144 | ---- | M] (OldTimer Tools) crystal.exe -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe -> [2011-08-30 19:51:29 | 000,737,029 | ---- | M] () avastui.exe -> C:\Program Files\AVAST Software\Avast\AvastUI.exe -> [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) avastsvc.exe -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) armsvc.exe -> C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) seaport.exe -> C:\Program Files\Microsoft\BingBar\SeaPort.EXE -> [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\Windows\explorer.exe -> [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) toshibaservicestation.exe -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe -> [2010-07-01 11:59:04 | 001,295,224 | ---- | M] (TOSHIBA Corporation) tmachinfo.exe -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -> [2010-07-01 11:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) tecoservice.exe -> C:\Program Files\TOSHIBA\TECO\TecoService.exe -> [2009-08-27 14:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) teco.exe -> C:\Program Files\TOSHIBA\TECO\TEco.exe -> [2009-08-26 19:00:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) smoothview.exe -> C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe -> [2009-08-13 13:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) topi.exe -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) twebcamera.exe -> C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe -> [2009-08-11 12:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) cfiwmxsvcs.exe -> C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -> [2009-08-10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) tpchwmsg.exe -> C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe -> [2009-08-06 18:05:18 | 000,583,024 | ---- | M] (TOSHIBA Corporation) tpchsrv.exe -> C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -> [2009-08-06 18:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) temprotray.exe -> C:\Program Files\Toshiba TEMPRO\TemproTray.exe -> [2009-08-06 16:02:56 | 001,050,000 | ---- | M] (Toshiba Europe GmbH) temprosvc.exe -> C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -> [2009-08-06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) tosreeltimemonitor.exe -> C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe -> [2009-08-06 15:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) tosnccore.exe -> C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe -> [2009-08-06 13:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) toscosrv.exe -> C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -> [2009-08-05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) tpwrmain.exe -> C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe -> [2009-08-05 15:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) tcrdmain.exe -> C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe -> [2009-08-05 15:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) tossenotify.exe -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe -> [2009-08-03 18:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) tossmartsrv.exe -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -> [2009-08-03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) cfswmgr.exe -> C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe -> [2009-07-28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) toddsrv.exe -> C:\Windows\System32\TODDSrv.exe -> [2009-07-28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) ndstray.exe -> C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe -> [2009-07-13 16:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) cfsvcs.exe -> C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -> [2009-03-10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) kenotify.exe -> C:\Program Files\TOSHIBA\Utilities\KeNotify.exe -> [2009-01-13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) watch.exe -> C:\Program Files\YDP\YdpDict\Watch.exe -> [2007-07-06 12:59:12 | 000,354,816 | ---- | M] (Young Digital Planet SA) hp1005mc.exe -> C:\Windows\System32\spool\drivers\w32x86\3\HP1005MC.EXE -> [2006-09-13 15:25:00 | 000,069,632 | ---- | M] (Software 2000 Limited) [Modules - No Company Name] microsoft.visualbasic.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\47a4b624c147aae197214d4ee5f0661b\Microsoft.VisualBasic.ni.dll -> [2011-09-06 20:13:37 | 001,670,144 | ---- | M] () system.serviceprocess.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86a2ec5efbcfcd1105475364d7975b15\System.ServiceProcess.ni.dll -> [2011-09-06 20:10:52 | 000,212,992 | ---- | M] () system.runtime.remoting.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll -> [2011-09-06 20:10:33 | 000,771,584 | ---- | M] () system.windows.forms.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll -> [2011-09-06 20:10:18 | 012,433,408 | ---- | M] () system.drawing.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll -> [2011-09-06 20:10:10 | 001,587,200 | ---- | M] () presentationcore.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll -> [2011-09-06 20:09:53 | 012,234,752 | ---- | M] () windowsbase.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll -> [2011-09-06 20:09:41 | 003,347,968 | ---- | M] () system.xml.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll -> [2011-09-06 20:09:32 | 005,453,312 | ---- | M] () system.configuration.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll -> [2011-09-06 20:09:28 | 000,971,264 | ---- | M] () system.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll -> [2011-09-06 20:09:24 | 007,963,648 | ---- | M] () mscorlib.ni.dll -> C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll -> [2011-09-06 20:09:13 | 011,490,304 | ---- | M] () crystal.exe -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe -> [2011-08-30 19:51:29 | 000,737,029 | ---- | M] () system.windows.forms.resources.dll -> C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_pl_b77a5c561934e089\System.Windows.Forms.resources.dll -> [2010-11-13 03:57:57 | 000,425,984 | ---- | M] () mscorlib.resources.dll -> C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll -> [2010-11-13 03:57:46 | 000,311,296 | ---- | M] () microsoft.mshtml.dll -> C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll -> [2009-09-07 10:20:10 | 008,007,680 | ---- | M] () tosncui.dll -> C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll -> [2009-08-06 13:08:04 | 002,878,824 | ---- | M] () tosipcwraper.dll -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll -> [2009-08-03 18:17:24 | 000,079,192 | ---- | M] () fnz.dll -> C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll -> [2009-07-16 16:27:48 | 000,052,536 | ---- | M] () blackpng.dll -> C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll -> [2009-07-16 16:27:44 | 007,263,544 | ---- | M] () notifyx.dll -> C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll -> [2009-06-22 15:38:40 | 000,015,160 | ---- | M] () notifypcd.dll -> C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll -> [2009-03-12 20:08:04 | 000,049,152 | ---- | M] () notifytdc.dll -> C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll -> [2006-10-07 12:57:04 | 000,053,248 | ---- | M] () [Win32 Services - Safe List] (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) (AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) (BBSvc) Bing Bar Update Service [On_Demand | Stopped] -> C:\Program Files\Microsoft\BingBar\BBSvc.EXE -> [2011-02-28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) (SeaPort) SeaPort [Auto | Running] -> C:\Program Files\Microsoft\BingBar\SeaPort.EXE -> [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) (WatAdminSvc) Usługa Technologie aktywacji systemu Windows [Unknown | Stopped] -> C:\Windows\System32\Wat\WatAdminSvc.exe -> [2010-07-08 19:10:07 | 001,343,400 | ---- | M] (Microsoft Corporation) (TMachInfo) TMachInfo [On_Demand | Running] -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -> [2010-07-01 11:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) (TOSHIBA eco Utility Service) TOSHIBA eco Utility Service [Auto | Running] -> C:\Program Files\TOSHIBA\TECO\TecoService.exe -> [2009-08-27 14:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) (cfWiMAXService) ConfigFree WiMAX Service [Auto | Running] -> C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -> [2009-08-10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) (TPCHSrv) TPCH Service [On_Demand | Running] -> C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -> [2009-08-06 18:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) [Auto | Running] -> C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -> [2009-08-06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) (TosCoSrv) TOSHIBA Power Saver [Auto | Running] -> C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -> [2009-08-05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) (TOSHIBA HDD SSD Alert Service) TOSHIBA HDD SSD Alert Service [On_Demand | Running] -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -> [2009-08-03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) (TODDSrv) TOSHIBA Optical Disc Drive Service [Auto | Running] -> C:\Windows\System32\TODDSrv.exe -> [2009-07-28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) (SensrSvc) Jasność adaptacyjna [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) (ConfigFree Service) ConfigFree Service [Auto | Running] -> C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -> [2009-03-10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Driver Services - Safe List] (aswSnx) aswSnx [File_System | System | Running] -> C:\Windows\System32\drivers\aswSnx.sys -> [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) (aswSP) aswSP [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) (aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) (aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) (TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\TsUsbFlt.sys -> [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) (WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) (RTL8187B) Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTL8187B.sys -> [2009-08-13 09:37:00 | 000,376,320 | ---- | M] (Realtek Semiconductor Corporation ) (LPCFilter) LPC Lower Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\system32\DRIVERS\LPCFilter.sys -> [2009-07-30 21:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) (RSUSBSTOR) RtsUStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\RtsUStor.sys -> [2009-07-30 18:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) (tdcmdpst) TOSHIBA Writing Engine Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\tdcmdpst.sys -> [2009-07-30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) (tos_sps32) TOSHIBA tos_sps32 Service [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\tos_sps32.sys -> [2009-07-24 16:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) (TVALZ) TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\TVALZ_O.SYS -> [2009-07-14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) (vwifimp) Microsoft Virtual WiFi Miniport Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\vwifimp.sys -> [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\AGRSM.sys -> [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) (netw5v32) Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 32-bitowej [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\netw5v32.sys -> [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) (IntcHdmiAddService) Intel(R) High Definition Audio HDMI [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\IntcHdmi.sys -> [2009-07-10 07:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) (PGEffect) Pangu effect driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\PGEffect.sys -> [2009-06-22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) (TVALZFL) TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\TVALZFL.sys -> [2009-06-19 20:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) (hwdatacard) Huawei DataCard USB Modem and USB Serial [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ewusbmdm.sys -> [2008-09-26 19:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> HKEY_USERS\.DEFAULT\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\__aswSnx private storage\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-18\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: Main\\"Default_Page_URL" -> http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: Main\\"Start Page" -> http://www.qooqlle.com/ -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\Tomcio\AppData\Roaming\Mozilla\FireFox\Profiles\xmwrwpre.default\prefs.js -> browser.search.selectedEngine -> "qooqlle" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.qooqlle.com/" -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 -> extensions.enabledItems -> cssreloader@kenneth.io:1.0.2 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 -> network.proxy.backup.ftp -> "127.0.0.1" -> network.proxy.backup.ftp_port -> 9666 -> network.proxy.backup.gopher -> "127.0.0.1" -> network.proxy.backup.gopher_port -> 9666 -> network.proxy.backup.socks -> "127.0.0.1" -> network.proxy.backup.socks_port -> 9666 -> network.proxy.backup.ssl -> "127.0.0.1" -> network.proxy.backup.ssl_port -> 9666 -> network.proxy.ftp -> "127.0.0.1" -> network.proxy.ftp_port -> 9666 -> network.proxy.gopher -> "127.0.0.1" -> network.proxy.gopher_port -> 9666 -> network.proxy.http -> "127.0.0.1" -> network.proxy.http_port -> 9666 -> network.proxy.share_proxy_settings -> true -> network.proxy.socks -> "127.0.0.1" -> network.proxy.socks_port -> 9666 -> network.proxy.ssl -> "127.0.0.1" -> network.proxy.ssl_port -> 9666 -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\AVAST Software\Avast\WebRep\FF [C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF] -> [2011-09-06 11:54:34 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-09-06 15:29:01 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-09-06 15:29:01 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-09-06 15:29:01 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> < FireFox Extensions [User Folders] > -> -> C:\Users\Tomcio\AppData\Roaming\mozilla\Extensions -> [2011-09-06 15:29:08 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> search.xml -> C:\Users\Tomcio\AppData\Roaming\Mozilla\FireFox\Profiles\xmwrwpre.default\searchplugins\search.xml -> [2011-09-07 07:51:14 | 000,001,860 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011-09-06 15:29:00 | 000,000,000 | ---D | M] < HOSTS File > ([2009-06-10 23:39:37 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-07-04 13:43:50 | 000,820,864 | ---- | M] (AVAST Software) {d2ce3e00-f94a-4740-988e-03dc2f38c34f} [HKLM] -> C:\Program Files\Microsoft\BingBar\BingExt.dll [Bing Bar Helper] -> [2011-02-28 19:44:14 | 001,089,288 | ---- | M] (Microsoft Corporation.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{8dcb7100-df86-4384-8842-8fa844297b3f}" [HKLM] -> C:\Program Files\Microsoft\BingBar\BingExt.dll [Bing Bar] -> [2011-02-28 19:44:14 | 001,089,288 | ---- | M] (Microsoft Corporation.) "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-07-04 13:43:50 | 000,820,864 | ---- | M] (AVAST Software) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "00TCrdMain" -> C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe] -> [2009-08-05 15:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) "avast" -> C:\Program Files\AVAST Software\Avast\avastUI.exe ["C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui] -> [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) "GProton" -> C:\ProgramData\GProton.exe [%ALLUSERSPROFILE%\GProton.exe] -> [2010-12-21 23:50:34 | 007,793,152 | RHS- | M] () "HWSetup" -> C:\Program Files\TOSHIBA\Utilities\HWSetup.exe ["C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP] -> [2009-06-02 09:24:24 | 000,425,984 | ---- | M] (TOSHIBA Electronics, Inc.) "KeNotify" -> C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [C:\Program Files\TOSHIBA\Utilities\KeNotify.exe] -> [2009-01-13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) "SmartFaceVWatcher" -> C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe] -> [2009-07-29 09:19:44 | 000,163,840 | ---- | M] (TOSHIBA Corporation) "SmoothView" -> C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe] -> [2009-08-13 13:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) "SVPWUTIL" -> C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL] -> [2009-08-12 13:21:18 | 000,352,256 | ---- | M] (TOSHIBA) "Teco" -> C:\Program Files\TOSHIBA\TECO\Teco.exe ["%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r] -> [2009-08-26 19:00:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) "Toshiba Registration" -> C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [C:\Program Files\Toshiba\Registration\ToshibaReminder.exe] -> [2009-07-30 13:24:24 | 000,134,032 | ---- | M] (Toshiba Europe GmbH) "Toshiba TEMPRO" -> C:\Program Files\Toshiba TEMPRO\TemproTray.exe [C:\Program Files\Toshiba TEMPRO\TemproTray.exe] -> [2009-08-06 16:02:56 | 001,050,000 | ---- | M] (Toshiba Europe GmbH) "ToshibaServiceStation" -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe ["C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60] -> [2010-07-01 11:59:04 | 001,295,224 | ---- | M] (TOSHIBA Corporation) "TosNC" -> C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe] -> [2009-08-06 13:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) "TosReelTimeMonitor" -> C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe] -> [2009-08-06 15:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) "TosSENotify" -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe] -> [2009-08-03 18:17:06 | 000,611,672 | ---- | M] (TOSHIBA Corporation) "TosWaitSrv" -> C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe] -> [2009-08-06 18:05:42 | 000,611,672 | ---- | M] (TOSHIBA Corporation) "TPwrMain" -> C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE] -> [2009-08-05 15:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) "TWebCamera" -> C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe ["%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun] -> [2009-08-11 12:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) < RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx -> "Flags" -> Reg Error: Invalid data type. [Reg Error: Invalid data type.] -> File not found "Title" -> [UnHackMe Rootkit Check] -> File not found < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "TOSHIBA Online Product Information" -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe] -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "TOSHIBA Online Product Information" -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe] -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009-07-14 03:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009-07-14 03:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Crystal.exe" -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe [C:\Users\Tomcio\AppData\Roaming\Crystal.exe] -> [2011-08-30 19:51:29 | 000,737,029 | ---- | M] () "TOSHIBA Online Product Information" -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe] -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Funkcja Google Sidewiki -> [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\__aswSnx private storage\] > -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\__aswSnx private storage\] > -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {783B260A-9820-4AFF-BD5F-C99647FA0E95}\\DhcpNameServer -> 192.168.1.1 (Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter) -> {BD046CBA-07B2-4DB4-98D9-C5857EE88D78}\\DhcpNameServer -> 192.168.1.1 (Realtek PCIe FE Family Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009-07-14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \F HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell \F\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell\AutoRun\command \F\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{32fe6b59-1e66-11df-8d9b-701a041c668c} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell \{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command \{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{32fe6b5e-1e66-11df-8d9b-701a041c668c} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell \{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command \{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{32fe6bb0-1e66-11df-8d9b-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell \{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell\AutoRun\command \{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{333985bf-8955-11e0-9e25-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{333985bf-8955-11e0-9e25-0026223d6cd2}\shell \{333985bf-8955-11e0-9e25-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{333985bf-8955-11e0-9e25-0026223d6cd2}\shell\AutoRun\command \{333985bf-8955-11e0-9e25-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{8ef293f2-9cec-11e0-81ed-806e6f6e6963} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell \{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell\AutoRun\command \{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{989460b8-b6cb-11e0-a42a-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell \{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command \{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{989460f1-b6cb-11e0-a42a-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell \{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command \{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{9da55968-57b0-11df-956b-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9da55968-57b0-11df-956b-0026223d6cd2}\shell \{9da55968-57b0-11df-956b-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9da55968-57b0-11df-956b-0026223d6cd2}\shell\AutoRun\command \{9da55968-57b0-11df-956b-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] OTL.exe -> C:\Users\Tomcio\Desktop\OTL.exe -> [2011-09-07 07:53:52 | 000,581,120 | ---- | C] (OldTimer Tools) Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2011-09-06 15:28:59 | 000,000,000 | ---D | C] Config.Msi -> C:\Config.Msi -> [2011-09-06 14:50:56 | 000,000,000 | -HSD | C] RegRun2 -> C:\Users\Tomcio\Documents\RegRun2 -> [2011-09-06 12:10:45 | 000,000,000 | ---D | C] UnHackMe -> C:\Program Files\UnHackMe -> [2011-09-06 12:10:37 | 000,000,000 | ---D | C] Zdjęcia -> C:\Users\Tomcio\Desktop\Zdjęcia -> [2011-09-06 12:09:53 | 000,000,000 | R--D | C] Dokumenty -> C:\Users\Tomcio\Desktop\Dokumenty -> [2011-09-06 11:57:57 | 000,000,000 | R--D | C] avast! Free Antivirus -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus -> [2011-09-06 11:55:05 | 000,000,000 | ---D | C] aswSP.sys -> C:\Windows\System32\drivers\aswSP.sys -> [2011-09-06 11:55:04 | 000,309,848 | ---- | C] (AVAST Software) aswFsBlk.sys -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2011-09-06 11:55:04 | 000,019,544 | ---- | C] (AVAST Software) aswRdr.sys -> C:\Windows\System32\drivers\aswRdr.sys -> [2011-09-06 11:55:03 | 000,025,432 | ---- | C] (AVAST Software) aswSnx.sys -> C:\Windows\System32\drivers\aswSnx.sys -> [2011-09-06 11:55:02 | 000,441,176 | ---- | C] (AVAST Software) aswTdi.sys -> C:\Windows\System32\drivers\aswTdi.sys -> [2011-09-06 11:55:02 | 000,043,608 | ---- | C] (AVAST Software) aswMonFlt.sys -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2011-09-06 11:55:01 | 000,054,104 | ---- | C] (AVAST Software) avastSS.scr -> C:\Windows\avastSS.scr -> [2011-09-06 11:54:28 | 000,040,112 | ---- | C] (AVAST Software) aswBoot.exe -> C:\Windows\System32\aswBoot.exe -> [2011-09-06 11:54:26 | 000,199,304 | ---- | C] (AVAST Software) AVAST Software -> C:\ProgramData\AVAST Software -> [2011-09-06 11:54:19 | 000,000,000 | ---D | C] AVAST Software -> C:\Program Files\AVAST Software -> [2011-09-06 11:54:19 | 000,000,000 | ---D | C] Mozilla -> C:\Users\Tomcio\AppData\Roaming\Mozilla -> [2011-08-31 22:11:35 | 000,000,000 | ---D | C] Mozilla -> C:\Users\Tomcio\AppData\Local\Mozilla -> [2011-08-31 22:11:35 | 000,000,000 | ---D | C] nvwiz.exe -> C:\Users\Tomcio\AppData\Local\nvwiz.exe -> [2011-08-30 19:56:29 | 000,498,688 | ---- | C] ( ) OmegaSys Generator WNA -> C:\Users\Tomcio\AppData\Roaming\OmegaSys Generator WNA -> [2011-08-20 17:29:43 | 000,000,000 | ---D | C] Wnioski płatnicze -> C:\Users\Tomcio\Documents\Wnioski płatnicze -> [2011-08-20 17:29:41 | 000,000,000 | ---D | C] Generator Wniosków Płatniczych dla POKL -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Generator Wniosków Płatniczych dla POKL -> [2011-08-20 17:29:16 | 000,000,000 | ---D | C] JCommerce -> C:\Users\Tomcio\AppData\Roaming\JCommerce -> [2011-08-20 17:29:12 | 000,000,000 | ---D | C] GWP -> C:\Program Files\GWP -> [2011-08-20 17:29:12 | 000,000,000 | ---D | C] Generator Wniosków Płatniczych dla POKL -> C:\Users\Tomcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Generator Wniosków Płatniczych dla POKL -> [2011-08-20 17:29:12 | 000,000,000 | ---D | C] Business Objects -> C:\Program Files\Common Files\Business Objects -> [2011-08-20 17:27:47 | 000,000,000 | ---D | C] Apple Software Update -> C:\Program Files\Apple Software Update -> [2011-08-15 11:12:10 | 000,000,000 | ---D | C] 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files/Folders - Modified Within 30 Days] perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2011-09-07 07:59:23 | 000,697,912 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011-09-07 07:59:23 | 000,616,008 | ---- | M] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2011-09-07 07:59:23 | 000,134,990 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011-09-07 07:59:23 | 000,106,388 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011-09-07 07:58:41 | 000,016,304 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011-09-07 07:58:41 | 000,016,304 | -H-- | M] () System.dat -> C:\Users\Tomcio\AppData\Roaming\System.dat -> [2011-09-07 07:51:22 | 000,000,002 | ---- | M] () etc.dat -> C:\Users\Tomcio\AppData\Roaming\etc.dat -> [2011-09-07 07:51:22 | 000,000,001 | ---- | M] () OTL.exe -> C:\Users\Tomcio\Desktop\OTL.exe -> [2011-09-07 07:50:54 | 000,581,120 | ---- | M] (OldTimer Tools) Ikeext.etl -> C:\Windows\System32\Ikeext.etl -> [2011-09-07 07:50:53 | 000,065,536 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011-09-07 07:50:32 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011-09-07 07:50:26 | 1504,346,112 | -HS- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-09-06 15:29:01 | 000,001,107 | ---- | M] () config.nt -> C:\Windows\System32\config.nt -> [2011-09-06 12:10:47 | 000,002,577 | ---- | M] () autoexec.nt -> C:\Windows\System32\autoexec.nt -> [2011-09-06 12:10:47 | 000,001,688 | ---- | M] () winstart.bat -> C:\Windows\winstart.bat -> [2011-09-06 12:10:47 | 000,000,002 | RHS- | M] () avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2011-09-06 11:55:05 | 000,002,005 | ---- | M] () ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2011-08-30 21:00:15 | 000,072,822 | ---- | M] () Qiii.INI -> C:\Windows\Qiii.INI -> [2011-08-30 20:11:21 | 000,000,551 | ---- | M] () data2.cab -> C:\Users\Tomcio\AppData\Local\data2.cab -> [2011-08-30 19:56:29 | 006,501,171 | ---- | M] () done.exe -> C:\Users\Tomcio\AppData\Local\done.exe -> [2011-08-30 19:56:29 | 000,646,601 | ---- | M] () nvwiz.exe -> C:\Users\Tomcio\AppData\Local\nvwiz.exe -> [2011-08-30 19:56:29 | 000,498,688 | ---- | M] ( ) Setup.dat -> C:\Users\Tomcio\AppData\Local\Setup.dat -> [2011-08-30 19:56:29 | 000,000,246 | ---- | M] () Crystal.exe -> C:\Users\Tomcio\AppData\Local\Crystal.exe -> [2011-08-30 19:56:26 | 000,737,029 | ---- | M] () patterns.ini -> C:\Users\Tomcio\AppData\Local\patterns.ini -> [2011-08-30 19:51:40 | 000,000,000 | ---- | M] () Windows.dat -> C:\Users\Tomcio\AppData\Roaming\Windows.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | M] () DirectX.dat -> C:\Users\Tomcio\AppData\Roaming\DirectX.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | M] () Crystal.exe -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe -> [2011-08-30 19:51:29 | 000,737,029 | ---- | M] () Generator Wniosków Płatniczych dla POKL.lnk -> C:\Users\Public\Desktop\Generator Wniosków Płatniczych dla POKL.lnk -> [2011-08-20 17:29:17 | 000,002,173 | ---- | M] () 214 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files - No Company Name] Mozilla Firefox.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> [2011-09-06 15:29:01 | 000,001,119 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-09-06 15:29:01 | 000,001,107 | ---- | C] () winstart.bat -> C:\Windows\winstart.bat -> [2011-09-06 12:10:47 | 000,000,002 | RHS- | C] () avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2011-09-06 11:55:05 | 000,002,005 | ---- | C] () ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2011-08-30 21:00:15 | 000,072,822 | ---- | C] () data2.cab -> C:\Users\Tomcio\AppData\Local\data2.cab -> [2011-08-30 19:56:29 | 006,501,171 | ---- | C] () done.exe -> C:\Users\Tomcio\AppData\Local\done.exe -> [2011-08-30 19:56:29 | 000,646,601 | ---- | C] () Setup.dat -> C:\Users\Tomcio\AppData\Local\Setup.dat -> [2011-08-30 19:56:29 | 000,000,246 | ---- | C] () Crystal.exe -> C:\Users\Tomcio\AppData\Local\Crystal.exe -> [2011-08-30 19:56:26 | 000,737,029 | ---- | C] () patterns.ini -> C:\Users\Tomcio\AppData\Local\patterns.ini -> [2011-08-30 19:51:40 | 000,000,000 | ---- | C] () System.dat -> C:\Users\Tomcio\AppData\Roaming\System.dat -> [2011-08-30 19:51:38 | 000,000,002 | ---- | C] () Windows.dat -> C:\Users\Tomcio\AppData\Roaming\Windows.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | C] () etc.dat -> C:\Users\Tomcio\AppData\Roaming\etc.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | C] () DirectX.dat -> C:\Users\Tomcio\AppData\Roaming\DirectX.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | C] () Crystal.exe -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe -> [2011-08-30 19:51:33 | 000,737,029 | ---- | C] () Generator Wniosków Płatniczych dla POKL.lnk -> C:\Users\Public\Desktop\Generator Wniosków Płatniczych dla POKL.lnk -> [2011-08-20 17:29:17 | 000,002,173 | ---- | C] () ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011-02-21 09:08:16 | 000,000,777 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2011-02-21 09:08:16 | 000,000,288 | ---- | C] () unrar.dll -> C:\Windows\System32\unrar.dll -> [2010-12-21 23:51:11 | 000,165,376 | ---- | C] () avisplitter.ini -> C:\Windows\avisplitter.ini -> [2010-12-21 23:51:11 | 000,000,038 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2010-12-21 23:51:10 | 000,790,528 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2010-12-21 23:51:10 | 000,134,144 | ---- | C] () ff_vfw.dll -> C:\Windows\System32\ff_vfw.dll -> [2010-12-21 23:51:10 | 000,108,032 | ---- | C] () GProton.exe -> C:\ProgramData\GProton.exe -> [2010-12-21 23:50:35 | 007,793,152 | RHS- | C] () Qiii.INI -> C:\Windows\Qiii.INI -> [2010-11-02 17:12:52 | 000,000,551 | ---- | C] () Q3version.ini -> C:\Windows\Q3version.ini -> [2010-11-02 17:12:52 | 000,000,030 | ---- | C] () HPMLVS.dll -> C:\Windows\System32\HPMLVS.dll -> [2010-07-24 17:07:30 | 000,049,152 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Tomcio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010-04-12 18:34:43 | 000,004,608 | ---- | C] () NDSTray.INI -> C:\Windows\NDSTray.INI -> [2010-02-20 23:23:02 | 000,000,000 | ---- | C] () RTEQEX1.dat -> C:\Windows\System32\drivers\RTEQEX1.dat -> [2010-02-20 23:14:19 | 000,000,520 | ---- | C] () RTEQEX0.dat -> C:\Windows\System32\drivers\RTEQEX0.dat -> [2010-02-20 23:14:19 | 000,000,520 | ---- | C] () RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2009-09-07 10:02:48 | 000,073,728 | ---- | C] () HWS_Ctrl.dll -> C:\Windows\System32\HWS_Ctrl.dll -> [2009-09-07 10:02:14 | 000,045,056 | ---- | C] () igkrng500.bin -> C:\Windows\System32\igkrng500.bin -> [2009-08-27 08:57:38 | 000,982,220 | ---- | C] () igcompkrng500.bin -> C:\Windows\System32\igcompkrng500.bin -> [2009-08-27 08:57:38 | 000,439,300 | ---- | C] () igfcg500.bin -> C:\Windows\System32\igfcg500.bin -> [2009-08-27 08:57:38 | 000,134,592 | ---- | C] () igfcg500m.bin -> C:\Windows\System32\igfcg500m.bin -> [2009-08-27 08:57:38 | 000,092,216 | ---- | C] () perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2009-07-14 10:07:57 | 000,697,912 | ---- | C] () perfi015.dat -> C:\Windows\System32\perfi015.dat -> [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2009-07-14 10:07:57 | 000,134,990 | ---- | C] () perfd015.dat -> C:\Windows\System32\perfd015.dat -> [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009-07-14 06:33:53 | 000,343,960 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009-07-14 04:05:48 | 000,616,008 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009-07-14 04:05:48 | 000,106,388 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () BthpanContextHandler.dll -> C:\Windows\System32\BthpanContextHandler.dll -> [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () BWContextHandler.dll -> C:\Windows\System32\BWContextHandler.dll -> [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () HdmiCoin.dll -> C:\Windows\System32\HdmiCoin.dll -> [2009-07-10 07:44:40 | 000,004,608 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () SPCtl.dll -> C:\Windows\System32\SPCtl.dll -> [2009-04-28 04:37:00 | 000,028,672 | ---- | C] () [File - Lop Check] JCommerce -> C:\Users\Tomcio\AppData\Roaming\JCommerce -> [2011-08-20 17:29:12 | 000,000,000 | ---D | M] OmegaSys Generator WNA -> C:\Users\Tomcio\AppData\Roaming\OmegaSys Generator WNA -> [2011-08-20 17:29:43 | 000,000,000 | ---D | M] Toshiba -> C:\Users\Tomcio\AppData\Roaming\Toshiba -> [2010-04-16 16:38:56 | 000,000,000 | ---D | M] TransAng3 -> C:\Users\Tomcio\AppData\Roaming\TransAng3 -> [2010-05-06 21:11:47 | 000,000,000 | ---D | M] TransEngPol4 -> C:\Users\Tomcio\AppData\Roaming\TransEngPol4 -> [2010-12-16 19:21:52 | 000,000,000 | ---D | M] WinBatch -> C:\Users\Tomcio\AppData\Roaming\WinBatch -> [2011-02-18 10:58:25 | 000,000,000 | ---D | M] Windows Live Writer -> C:\Users\Tomcio\AppData\Roaming\Windows Live Writer -> [2010-11-17 20:22:58 | 000,000,000 | ---D | M] SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2011-07-22 09:53:03 | 000,032,608 | ---- | M] () [File - Purity Scan] < End of report > [/code] (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\AVAST Software\Avast\AvastSvc.exe -> [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) (AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) (BBSvc) Bing Bar Update Service [On_Demand | Stopped] -> C:\Program Files\Microsoft\BingBar\BBSvc.EXE -> [2011-02-28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) (SeaPort) SeaPort [Auto | Running] -> C:\Program Files\Microsoft\BingBar\SeaPort.EXE -> [2011-02-25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) (WatAdminSvc) Usługa Technologie aktywacji systemu Windows [Unknown | Stopped] -> C:\Windows\System32\Wat\WatAdminSvc.exe -> [2010-07-08 19:10:07 | 001,343,400 | ---- | M] (Microsoft Corporation) (TMachInfo) TMachInfo [On_Demand | Running] -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -> [2010-07-01 11:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) (TOSHIBA eco Utility Service) TOSHIBA eco Utility Service [Auto | Running] -> C:\Program Files\TOSHIBA\TECO\TecoService.exe -> [2009-08-27 14:37:10 | 000,185,712 | ---- | M] (TOSHIBA Corporation) (cfWiMAXService) ConfigFree WiMAX Service [Auto | Running] -> C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -> [2009-08-10 20:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) (TPCHSrv) TPCH Service [On_Demand | Running] -> C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -> [2009-08-06 18:04:56 | 000,685,424 | ---- | M] (TOSHIBA Corporation) (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) [Auto | Running] -> C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -> [2009-08-06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) (TosCoSrv) TOSHIBA Power Saver [Auto | Running] -> C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -> [2009-08-05 15:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) (TOSHIBA HDD SSD Alert Service) TOSHIBA HDD SSD Alert Service [On_Demand | Running] -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -> [2009-08-03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) (TODDSrv) TOSHIBA Optical Disc Drive Service [Auto | Running] -> C:\Windows\System32\TODDSrv.exe -> [2009-07-28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) (SensrSvc) Jasność adaptacyjna [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) (ConfigFree Service) ConfigFree Service [Auto | Running] -> C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -> [2009-03-10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Driver Services - Safe List] (aswSnx) aswSnx [File_System | System | Running] -> C:\Windows\System32\drivers\aswSnx.sys -> [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) (aswSP) aswSP [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) (aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) (aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) (TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\TsUsbFlt.sys -> [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) (WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) (RTL8187B) Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTL8187B.sys -> [2009-08-13 09:37:00 | 000,376,320 | ---- | M] (Realtek Semiconductor Corporation ) (LPCFilter) LPC Lower Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\system32\DRIVERS\LPCFilter.sys -> [2009-07-30 21:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) (RSUSBSTOR) RtsUStor.Sys Realtek USB Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\RtsUStor.sys -> [2009-07-30 18:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) (tdcmdpst) TOSHIBA Writing Engine Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\tdcmdpst.sys -> [2009-07-30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) (tos_sps32) TOSHIBA tos_sps32 Service [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\tos_sps32.sys -> [2009-07-24 16:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) (TVALZ) TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\TVALZ_O.SYS -> [2009-07-14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) (vwifimp) Microsoft Virtual WiFi Miniport Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\vwifimp.sys -> [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\AGRSM.sys -> [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) (netw5v32) Sterownik karty Intel(R) Wireless WiFi Link 5000 Series dla systemu Windows Vista w wersji 32-bitowej [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\netw5v32.sys -> [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) (IntcHdmiAddService) Intel(R) High Definition Audio HDMI [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\IntcHdmi.sys -> [2009-07-10 07:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) (PGEffect) Pangu effect driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\PGEffect.sys -> [2009-06-22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) (TVALZFL) TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\TVALZFL.sys -> [2009-06-19 20:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) (hwdatacard) Huawei DataCard USB Modem and USB Serial [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ewusbmdm.sys -> [2008-09-26 19:04:10 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> HKEY_USERS\.DEFAULT\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\__aswSnx private storage\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-18\: "ProxyOverride" -> *.local -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: Main\\"Default_Page_URL" -> http://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: Main\\"Start Page" -> http://www.qooqlle.com/ -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\Tomcio\AppData\Roaming\Mozilla\FireFox\Profiles\xmwrwpre.default\prefs.js -> browser.search.selectedEngine -> "qooqlle" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.qooqlle.com/" -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 -> extensions.enabledItems -> cssreloader@kenneth.io:1.0.2 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 -> network.proxy.backup.ftp -> "127.0.0.1" -> network.proxy.backup.ftp_port -> 9666 -> network.proxy.backup.gopher -> "127.0.0.1" -> network.proxy.backup.gopher_port -> 9666 -> network.proxy.backup.socks -> "127.0.0.1" -> network.proxy.backup.socks_port -> 9666 -> network.proxy.backup.ssl -> "127.0.0.1" -> network.proxy.backup.ssl_port -> 9666 -> network.proxy.ftp -> "127.0.0.1" -> network.proxy.ftp_port -> 9666 -> network.proxy.gopher -> "127.0.0.1" -> network.proxy.gopher_port -> 9666 -> network.proxy.http -> "127.0.0.1" -> network.proxy.http_port -> 9666 -> network.proxy.share_proxy_settings -> true -> network.proxy.socks -> "127.0.0.1" -> network.proxy.socks_port -> 9666 -> network.proxy.ssl -> "127.0.0.1" -> network.proxy.ssl_port -> 9666 -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\AVAST Software\Avast\WebRep\FF [C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF] -> [2011-09-06 11:54:34 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-09-06 15:29:01 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-09-06 15:29:01 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-09-06 15:29:01 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> < FireFox Extensions [User Folders] > -> -> C:\Users\Tomcio\AppData\Roaming\mozilla\Extensions -> [2011-09-06 15:29:08 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> search.xml -> C:\Users\Tomcio\AppData\Roaming\Mozilla\FireFox\Profiles\xmwrwpre.default\searchplugins\search.xml -> [2011-09-07 07:51:14 | 000,001,860 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011-09-06 15:29:00 | 000,000,000 | ---D | M] < HOSTS File > ([2009-06-10 23:39:37 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-07-04 13:43:50 | 000,820,864 | ---- | M] (AVAST Software) {d2ce3e00-f94a-4740-988e-03dc2f38c34f} [HKLM] -> C:\Program Files\Microsoft\BingBar\BingExt.dll [Bing Bar Helper] -> [2011-02-28 19:44:14 | 001,089,288 | ---- | M] (Microsoft Corporation.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{8dcb7100-df86-4384-8842-8fa844297b3f}" [HKLM] -> C:\Program Files\Microsoft\BingBar\BingExt.dll [Bing Bar] -> [2011-02-28 19:44:14 | 001,089,288 | ---- | M] (Microsoft Corporation.) "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [avast! WebRep] -> [2011-07-04 13:43:50 | 000,820,864 | ---- | M] (AVAST Software) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "00TCrdMain" -> C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe] -> [2009-08-05 15:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) "avast" -> C:\Program Files\AVAST Software\Avast\avastUI.exe ["C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui] -> [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) "GProton" -> C:\ProgramData\GProton.exe [%ALLUSERSPROFILE%\GProton.exe] -> [2010-12-21 23:50:34 | 007,793,152 | RHS- | M] () "HWSetup" -> C:\Program Files\TOSHIBA\Utilities\HWSetup.exe ["C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP] -> [2009-06-02 09:24:24 | 000,425,984 | ---- | M] (TOSHIBA Electronics, Inc.) "KeNotify" -> C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [C:\Program Files\TOSHIBA\Utilities\KeNotify.exe] -> [2009-01-13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) "SmartFaceVWatcher" -> C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe] -> [2009-07-29 09:19:44 | 000,163,840 | ---- | M] (TOSHIBA Corporation) "SmoothView" -> C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe] -> [2009-08-13 13:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) "SVPWUTIL" -> C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL] -> [2009-08-12 13:21:18 | 000,352,256 | ---- | M] (TOSHIBA) "Teco" -> C:\Program Files\TOSHIBA\TECO\Teco.exe ["%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r] -> [2009-08-26 19:00:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) "Toshiba Registration" -> C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [C:\Program Files\Toshiba\Registration\ToshibaReminder.exe] -> [2009-07-30 13:24:24 | 000,134,032 | ---- | M] (Toshiba Europe GmbH) "Toshiba TEMPRO" -> C:\Program Files\Toshiba TEMPRO\TemproTray.exe [C:\Program Files\Toshiba TEMPRO\TemproTray.exe] -> [2009-08-06 16:02:56 | 001,050,000 | ---- | M] (Toshiba Europe GmbH) "ToshibaServiceStation" -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe ["C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60] -> [2010-07-01 11:59:04 | 001,295,224 | ---- | M] (TOSHIBA Corporation) "TosNC" -> C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe] -> [2009-08-06 13:06:58 | 000,466,792 | ---- | M] (TOSHIBA Corporation) "TosReelTimeMonitor" -> C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe] -> [2009-08-06 15:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) "TosSENotify" -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe] -> [2009-08-03 18:17:06 | 000,611,672 | ---- | M] (TOSHIBA Corporation) "TosWaitSrv" -> C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe] -> [2009-08-06 18:05:42 | 000,611,672 | ---- | M] (TOSHIBA Corporation) "TPwrMain" -> C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE] -> [2009-08-05 15:18:08 | 000,476,512 | ---- | M] (TOSHIBA Corporation) "TWebCamera" -> C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe ["%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun] -> [2009-08-11 12:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) < RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx -> "Flags" -> Reg Error: Invalid data type. [Reg Error: Invalid data type.] -> File not found "Title" -> [UnHackMe Rootkit Check] -> File not found < Run [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "TOSHIBA Online Product Information" -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe] -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) < Run [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "TOSHIBA Online Product Information" -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe] -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009-07-14 03:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009-07-14 03:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Crystal.exe" -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe [C:\Users\Tomcio\AppData\Roaming\Crystal.exe] -> [2011-08-30 19:51:29 | 000,737,029 | ---- | M] () "TOSHIBA Online Product Information" -> C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe] -> [2009-08-12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Funkcja Google Sidewiki -> [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\__aswSnx private storage\] > -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\__aswSnx private storage\] > -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\__aswSnx private storage\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\] > -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1176814540-2977748473-2366033037-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {783B260A-9820-4AFF-BD5F-C99647FA0E95}\\DhcpNameServer -> 192.168.1.1 (Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter) -> {BD046CBA-07B2-4DB4-98D9-C5857EE88D78}\\DhcpNameServer -> 192.168.1.1 (Realtek PCIe FE Family Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2010-11-20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009-07-14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Sterownik stacji dysków CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \F HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell \F\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell\AutoRun\command \F\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{32fe6b59-1e66-11df-8d9b-701a041c668c} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell \{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command \{32fe6b59-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{32fe6b5e-1e66-11df-8d9b-701a041c668c} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell \{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command \{32fe6b5e-1e66-11df-8d9b-701a041c668c}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{32fe6bb0-1e66-11df-8d9b-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell \{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell\AutoRun\command \{32fe6bb0-1e66-11df-8d9b-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{333985bf-8955-11e0-9e25-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{333985bf-8955-11e0-9e25-0026223d6cd2}\shell \{333985bf-8955-11e0-9e25-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{333985bf-8955-11e0-9e25-0026223d6cd2}\shell\AutoRun\command \{333985bf-8955-11e0-9e25-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{8ef293f2-9cec-11e0-81ed-806e6f6e6963} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell \{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell\AutoRun\command \{8ef293f2-9cec-11e0-81ed-806e6f6e6963}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{989460b8-b6cb-11e0-a42a-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell \{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command \{989460b8-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{989460f1-b6cb-11e0-a42a-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell \{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command \{989460f1-b6cb-11e0-a42a-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found \{9da55968-57b0-11df-956b-0026223d6cd2} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9da55968-57b0-11df-956b-0026223d6cd2}\shell \{9da55968-57b0-11df-956b-0026223d6cd2}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9da55968-57b0-11df-956b-0026223d6cd2}\shell\AutoRun\command \{9da55968-57b0-11df-956b-0026223d6cd2}\shell\AutoRun\command\\"" -> [F:\AutoRun.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] OTL.exe -> C:\Users\Tomcio\Desktop\OTL.exe -> [2011-09-07 07:53:52 | 000,581,120 | ---- | C] (OldTimer Tools) Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2011-09-06 15:28:59 | 000,000,000 | ---D | C] Firefox Setup 6.0.2-[www.legalne.info].exe -> C:\Users\Tomcio\Desktop\Firefox Setup 6.0.2-[www.legalne.info].exe -> [2011-09-06 14:56:53 | 014,716,072 | ---- | C] (Mozilla) FlashPlayerCPLApp.cpl -> C:\Windows\System32\FlashPlayerCPLApp.cpl -> [2011-09-06 14:56:12 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) Config.Msi -> C:\Config.Msi -> [2011-09-06 14:50:56 | 000,000,000 | -HSD | C] RegRun2 -> C:\Users\Tomcio\Documents\RegRun2 -> [2011-09-06 12:10:45 | 000,000,000 | ---D | C] UnHackMe -> C:\Program Files\UnHackMe -> [2011-09-06 12:10:37 | 000,000,000 | ---D | C] Zdjęcia -> C:\Users\Tomcio\Desktop\Zdjęcia -> [2011-09-06 12:09:53 | 000,000,000 | R--D | C] Dokumenty -> C:\Users\Tomcio\Desktop\Dokumenty -> [2011-09-06 11:57:57 | 000,000,000 | R--D | C] avast! Free Antivirus -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus -> [2011-09-06 11:55:05 | 000,000,000 | ---D | C] aswSP.sys -> C:\Windows\System32\drivers\aswSP.sys -> [2011-09-06 11:55:04 | 000,309,848 | ---- | C] (AVAST Software) aswFsBlk.sys -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2011-09-06 11:55:04 | 000,019,544 | ---- | C] (AVAST Software) aswRdr.sys -> C:\Windows\System32\drivers\aswRdr.sys -> [2011-09-06 11:55:03 | 000,025,432 | ---- | C] (AVAST Software) aswSnx.sys -> C:\Windows\System32\drivers\aswSnx.sys -> [2011-09-06 11:55:02 | 000,441,176 | ---- | C] (AVAST Software) aswTdi.sys -> C:\Windows\System32\drivers\aswTdi.sys -> [2011-09-06 11:55:02 | 000,043,608 | ---- | C] (AVAST Software) aswMonFlt.sys -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2011-09-06 11:55:01 | 000,054,104 | ---- | C] (AVAST Software) avastSS.scr -> C:\Windows\avastSS.scr -> [2011-09-06 11:54:28 | 000,040,112 | ---- | C] (AVAST Software) aswBoot.exe -> C:\Windows\System32\aswBoot.exe -> [2011-09-06 11:54:26 | 000,199,304 | ---- | C] (AVAST Software) AVAST Software -> C:\ProgramData\AVAST Software -> [2011-09-06 11:54:19 | 000,000,000 | ---D | C] AVAST Software -> C:\Program Files\AVAST Software -> [2011-09-06 11:54:19 | 000,000,000 | ---D | C] Mozilla -> C:\Users\Tomcio\AppData\Roaming\Mozilla -> [2011-08-31 22:11:35 | 000,000,000 | ---D | C] Mozilla -> C:\Users\Tomcio\AppData\Local\Mozilla -> [2011-08-31 22:11:35 | 000,000,000 | ---D | C] ieapfltr.dat -> C:\Windows\System32\ieapfltr.dat -> [2011-08-30 21:00:15 | 003,695,416 | ---- | C] (Microsoft Corporation) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2011-08-30 21:00:15 | 002,382,848 | ---- | C] (Microsoft Corporation) jscript9.dll -> C:\Windows\System32\jscript9.dll -> [2011-08-30 21:00:15 | 001,797,632 | ---- | C] (Microsoft Corporation) inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2011-08-30 21:00:15 | 001,427,456 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2011-08-30 21:00:15 | 000,580,608 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\System32\ieapfltr.dll -> [2011-08-30 21:00:15 | 000,434,176 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\System32\html.iec -> [2011-08-30 21:00:15 | 000,367,104 | ---- | C] (Microsoft Corporation) dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2011-08-30 21:00:15 | 000,353,792 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2011-08-30 21:00:15 | 000,353,584 | ---- | C] (Microsoft Corporation) url.dll -> C:\Windows\System32\url.dll -> [2011-08-30 21:00:15 | 000,231,936 | ---- | C] (Microsoft Corporation) ieaksie.dll -> C:\Windows\System32\ieaksie.dll -> [2011-08-30 21:00:15 | 000,227,840 | ---- | C] (Microsoft Corporation) dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2011-08-30 21:00:15 | 000,223,232 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2011-08-30 21:00:15 | 000,176,640 | ---- | C] (Microsoft Corporation) ieakui.dll -> C:\Windows\System32\ieakui.dll -> [2011-08-30 21:00:15 | 000,163,840 | ---- | C] (Microsoft Corporation) msrating.dll -> C:\Windows\System32\msrating.dll -> [2011-08-30 21:00:15 | 000,162,304 | ---- | C] (Microsoft Corporation) msls31.dll -> C:\Windows\System32\msls31.dll -> [2011-08-30 21:00:15 | 000,161,792 | ---- | C] (Microsoft Corporation) wextract.exe -> C:\Windows\System32\wextract.exe -> [2011-08-30 21:00:15 | 000,152,064 | ---- | C] (Microsoft Corporation) iexpress.exe -> C:\Windows\System32\iexpress.exe -> [2011-08-30 21:00:15 | 000,150,528 | ---- | C] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2011-08-30 21:00:15 | 000,142,848 | ---- | C] (Microsoft Corporation) ieakeng.dll -> C:\Windows\System32\ieakeng.dll -> [2011-08-30 21:00:15 | 000,130,560 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2011-08-30 21:00:15 | 000,118,784 | ---- | C] (Microsoft Corporation) IEAdvpack.dll -> C:\Windows\System32\IEAdvpack.dll -> [2011-08-30 21:00:15 | 000,110,592 | ---- | C] (Microsoft Corporation) admparse.dll -> C:\Windows\System32\admparse.dll -> [2011-08-30 21:00:15 | 000,101,888 | ---- | C] (Microsoft Corporation) iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2011-08-30 21:00:15 | 000,086,528 | ---- | C] (Microsoft Corporation) inseng.dll -> C:\Windows\System32\inseng.dll -> [2011-08-30 21:00:15 | 000,078,848 | ---- | C] (Microsoft Corporation) SetIEInstalledDate.exe -> C:\Windows\System32\SetIEInstalledDate.exe -> [2011-08-30 21:00:15 | 000,076,800 | ---- | C] (Microsoft Corporation) RegisterIEPKEYs.exe -> C:\Windows\System32\RegisterIEPKEYs.exe -> [2011-08-30 21:00:15 | 000,074,752 | ---- | C] (Microsoft Corporation) iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2011-08-30 21:00:15 | 000,074,752 | ---- | C] (Microsoft Corporation) ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2011-08-30 21:00:15 | 000,074,240 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2011-08-30 21:00:15 | 000,065,024 | ---- | C] (Microsoft Corporation) pngfilt.dll -> C:\Windows\System32\pngfilt.dll -> [2011-08-30 21:00:15 | 000,054,272 | ---- | C] (Microsoft Corporation) mshtmler.dll -> C:\Windows\System32\mshtmler.dll -> [2011-08-30 21:00:15 | 000,048,640 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2011-08-30 21:00:15 | 000,041,472 | ---- | C] (Microsoft Corporation) imgutil.dll -> C:\Windows\System32\imgutil.dll -> [2011-08-30 21:00:15 | 000,035,840 | ---- | C] (Microsoft Corporation) iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2011-08-30 21:00:15 | 000,031,744 | ---- | C] (Microsoft Corporation) licmgr10.dll -> C:\Windows\System32\licmgr10.dll -> [2011-08-30 21:00:15 | 000,023,552 | ---- | C] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2011-08-30 21:00:15 | 000,010,752 | ---- | C] (Microsoft Corporation) nvwiz.exe -> C:\Users\Tomcio\AppData\Local\nvwiz.exe -> [2011-08-30 19:56:29 | 000,498,688 | ---- | C] ( ) tzres.dll -> C:\Windows\System32\tzres.dll -> [2011-08-24 12:01:01 | 000,002,048 | ---- | C] (Microsoft Corporation) OmegaSys Generator WNA -> C:\Users\Tomcio\AppData\Roaming\OmegaSys Generator WNA -> [2011-08-20 17:29:43 | 000,000,000 | ---D | C] Wnioski płatnicze -> C:\Users\Tomcio\Documents\Wnioski płatnicze -> [2011-08-20 17:29:41 | 000,000,000 | ---D | C] Generator Wniosków Płatniczych dla POKL -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Generator Wniosków Płatniczych dla POKL -> [2011-08-20 17:29:16 | 000,000,000 | ---D | C] JCommerce -> C:\Users\Tomcio\AppData\Roaming\JCommerce -> [2011-08-20 17:29:12 | 000,000,000 | ---D | C] GWP -> C:\Program Files\GWP -> [2011-08-20 17:29:12 | 000,000,000 | ---D | C] Generator Wniosków Płatniczych dla POKL -> C:\Users\Tomcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Generator Wniosków Płatniczych dla POKL -> [2011-08-20 17:29:12 | 000,000,000 | ---D | C] Business Objects -> C:\Program Files\Common Files\Business Objects -> [2011-08-20 17:27:47 | 000,000,000 | ---D | C] Apple Software Update -> C:\Program Files\Apple Software Update -> [2011-08-15 11:12:10 | 000,000,000 | ---D | C] ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2011-08-15 10:38:51 | 003,912,576 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2011-08-15 10:38:49 | 003,967,872 | ---- | C] (Microsoft Corporation) conhost.exe -> C:\Windows\System32\conhost.exe -> [2011-08-15 10:37:53 | 000,271,360 | ---- | C] (Microsoft Corporation) winsrv.dll -> C:\Windows\System32\winsrv.dll -> [2011-08-15 10:37:53 | 000,169,984 | ---- | C] (Microsoft Corporation) api-ms-win-core-file-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processthreads-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-sysinfo-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-synch-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-misc-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localregistry-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processenvironment-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-memory-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-libraryloader-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-interlocked-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-heap-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-string-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-rtlsupport-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-profile-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-io-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-handle-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-fibers-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-delayload-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll -> [2011-08-15 10:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-security-base-l1-1-0.dll -> C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) api-ms-win-core-threadpool-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localization-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-xstate-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-namedpipe-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-util-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-errorhandling-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-debug-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-datetime-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-console-l1-1-0.dll -> C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll -> [2011-08-15 10:37:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) odbcjt32.dll -> C:\Windows\System32\odbcjt32.dll -> [2011-08-15 10:37:47 | 000,319,488 | ---- | C] (Microsoft Corporation) odbctrac.dll -> C:\Windows\System32\odbctrac.dll -> [2011-08-15 10:37:47 | 000,163,840 | ---- | C] (Microsoft Corporation) odbccp32.dll -> C:\Windows\System32\odbccp32.dll -> [2011-08-15 10:37:47 | 000,122,880 | ---- | C] (Microsoft Corporation) odbccu32.dll -> C:\Windows\System32\odbccu32.dll -> [2011-08-15 10:37:47 | 000,086,016 | ---- | C] (Microsoft Corporation) odbccr32.dll -> C:\Windows\System32\odbccr32.dll -> [2011-08-15 10:37:47 | 000,081,920 | ---- | C] (Microsoft Corporation) 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files/Folders - Modified Within 30 Days] perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2011-09-07 07:59:23 | 000,697,912 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011-09-07 07:59:23 | 000,616,008 | ---- | M] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2011-09-07 07:59:23 | 000,134,990 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011-09-07 07:59:23 | 000,106,388 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011-09-07 07:58:41 | 000,016,304 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011-09-07 07:58:41 | 000,016,304 | -H-- | M] () System.dat -> C:\Users\Tomcio\AppData\Roaming\System.dat -> [2011-09-07 07:51:22 | 000,000,002 | ---- | M] () etc.dat -> C:\Users\Tomcio\AppData\Roaming\etc.dat -> [2011-09-07 07:51:22 | 000,000,001 | ---- | M] () OTL.exe -> C:\Users\Tomcio\Desktop\OTL.exe -> [2011-09-07 07:50:54 | 000,581,120 | ---- | M] (OldTimer Tools) Ikeext.etl -> C:\Windows\System32\Ikeext.etl -> [2011-09-07 07:50:53 | 000,065,536 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011-09-07 07:50:32 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011-09-07 07:50:26 | 1504,346,112 | -HS- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-09-06 15:29:01 | 000,001,107 | ---- | M] () Firefox Setup 6.0.2-[www.legalne.info].exe -> C:\Users\Tomcio\Desktop\Firefox Setup 6.0.2-[www.legalne.info].exe -> [2011-09-06 14:57:17 | 014,716,072 | ---- | M] (Mozilla) FlashPlayerCPLApp.cpl -> C:\Windows\System32\FlashPlayerCPLApp.cpl -> [2011-09-06 14:56:12 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) config.nt -> C:\Windows\System32\config.nt -> [2011-09-06 12:10:47 | 000,002,577 | ---- | M] () autoexec.nt -> C:\Windows\System32\autoexec.nt -> [2011-09-06 12:10:47 | 000,001,688 | ---- | M] () winstart.bat -> C:\Windows\winstart.bat -> [2011-09-06 12:10:47 | 000,000,002 | RHS- | M] () avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2011-09-06 11:55:05 | 000,002,005 | ---- | M] () ieapfltr.dat -> C:\Windows\System32\ieapfltr.dat -> [2011-08-30 21:00:15 | 003,695,416 | ---- | M] (Microsoft Corporation) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2011-08-30 21:00:15 | 002,382,848 | ---- | M] (Microsoft Corporation) jscript9.dll -> C:\Windows\System32\jscript9.dll -> [2011-08-30 21:00:15 | 001,797,632 | ---- | M] (Microsoft Corporation) inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2011-08-30 21:00:15 | 001,427,456 | ---- | M] (Microsoft Corporation) msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2011-08-30 21:00:15 | 000,580,608 | ---- | M] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\System32\ieapfltr.dll -> [2011-08-30 21:00:15 | 000,434,176 | ---- | M] (Microsoft Corporation) html.iec -> C:\Windows\System32\html.iec -> [2011-08-30 21:00:15 | 000,367,104 | ---- | M] (Microsoft Corporation) dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2011-08-30 21:00:15 | 000,353,792 | ---- | M] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2011-08-30 21:00:15 | 000,353,584 | ---- | M] (Microsoft Corporation) url.dll -> C:\Windows\System32\url.dll -> [2011-08-30 21:00:15 | 000,231,936 | ---- | M] (Microsoft Corporation) ieaksie.dll -> C:\Windows\System32\ieaksie.dll -> [2011-08-30 21:00:15 | 000,227,840 | ---- | M] (Microsoft Corporation) dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2011-08-30 21:00:15 | 000,223,232 | ---- | M] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2011-08-30 21:00:15 | 000,176,640 | ---- | M] (Microsoft Corporation) ieakui.dll -> C:\Windows\System32\ieakui.dll -> [2011-08-30 21:00:15 | 000,163,840 | ---- | M] (Microsoft Corporation) msrating.dll -> C:\Windows\System32\msrating.dll -> [2011-08-30 21:00:15 | 000,162,304 | ---- | M] (Microsoft Corporation) msls31.dll -> C:\Windows\System32\msls31.dll -> [2011-08-30 21:00:15 | 000,161,792 | ---- | M] (Microsoft Corporation) wextract.exe -> C:\Windows\System32\wextract.exe -> [2011-08-30 21:00:15 | 000,152,064 | ---- | M] (Microsoft Corporation) iexpress.exe -> C:\Windows\System32\iexpress.exe -> [2011-08-30 21:00:15 | 000,150,528 | ---- | M] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2011-08-30 21:00:15 | 000,142,848 | ---- | M] (Microsoft Corporation) ieakeng.dll -> C:\Windows\System32\ieakeng.dll -> [2011-08-30 21:00:15 | 000,130,560 | ---- | M] (Microsoft Corporation) iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2011-08-30 21:00:15 | 000,118,784 | ---- | M] (Microsoft Corporation) IEAdvpack.dll -> C:\Windows\System32\IEAdvpack.dll -> [2011-08-30 21:00:15 | 000,110,592 | ---- | M] (Microsoft Corporation) admparse.dll -> C:\Windows\System32\admparse.dll -> [2011-08-30 21:00:15 | 000,101,888 | ---- | M] (Microsoft Corporation) iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2011-08-30 21:00:15 | 000,086,528 | ---- | M] (Microsoft Corporation) inseng.dll -> C:\Windows\System32\inseng.dll -> [2011-08-30 21:00:15 | 000,078,848 | ---- | M] (Microsoft Corporation) SetIEInstalledDate.exe -> C:\Windows\System32\SetIEInstalledDate.exe -> [2011-08-30 21:00:15 | 000,076,800 | ---- | M] (Microsoft Corporation) RegisterIEPKEYs.exe -> C:\Windows\System32\RegisterIEPKEYs.exe -> [2011-08-30 21:00:15 | 000,074,752 | ---- | M] (Microsoft Corporation) iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2011-08-30 21:00:15 | 000,074,752 | ---- | M] (Microsoft Corporation) ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2011-08-30 21:00:15 | 000,074,240 | ---- | M] (Microsoft Corporation) ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2011-08-30 21:00:15 | 000,072,822 | ---- | M] () jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2011-08-30 21:00:15 | 000,065,024 | ---- | M] (Microsoft Corporation) pngfilt.dll -> C:\Windows\System32\pngfilt.dll -> [2011-08-30 21:00:15 | 000,054,272 | ---- | M] (Microsoft Corporation) mshtmler.dll -> C:\Windows\System32\mshtmler.dll -> [2011-08-30 21:00:15 | 000,048,640 | ---- | M] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2011-08-30 21:00:15 | 000,041,472 | ---- | M] (Microsoft Corporation) imgutil.dll -> C:\Windows\System32\imgutil.dll -> [2011-08-30 21:00:15 | 000,035,840 | ---- | M] (Microsoft Corporation) iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2011-08-30 21:00:15 | 000,031,744 | ---- | M] (Microsoft Corporation) licmgr10.dll -> C:\Windows\System32\licmgr10.dll -> [2011-08-30 21:00:15 | 000,023,552 | ---- | M] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2011-08-30 21:00:15 | 000,010,752 | ---- | M] (Microsoft Corporation) Qiii.INI -> C:\Windows\Qiii.INI -> [2011-08-30 20:11:21 | 000,000,551 | ---- | M] () data2.cab -> C:\Users\Tomcio\AppData\Local\data2.cab -> [2011-08-30 19:56:29 | 006,501,171 | ---- | M] () done.exe -> C:\Users\Tomcio\AppData\Local\done.exe -> [2011-08-30 19:56:29 | 000,646,601 | ---- | M] () nvwiz.exe -> C:\Users\Tomcio\AppData\Local\nvwiz.exe -> [2011-08-30 19:56:29 | 000,498,688 | ---- | M] ( ) Setup.dat -> C:\Users\Tomcio\AppData\Local\Setup.dat -> [2011-08-30 19:56:29 | 000,000,246 | ---- | M] () Crystal.exe -> C:\Users\Tomcio\AppData\Local\Crystal.exe -> [2011-08-30 19:56:26 | 000,737,029 | ---- | M] () patterns.ini -> C:\Users\Tomcio\AppData\Local\patterns.ini -> [2011-08-30 19:51:40 | 000,000,000 | ---- | M] () Windows.dat -> C:\Users\Tomcio\AppData\Roaming\Windows.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | M] () DirectX.dat -> C:\Users\Tomcio\AppData\Roaming\DirectX.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | M] () Crystal.exe -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe -> [2011-08-30 19:51:29 | 000,737,029 | ---- | M] () Generator Wniosków Płatniczych dla POKL.lnk -> C:\Users\Public\Desktop\Generator Wniosków Płatniczych dla POKL.lnk -> [2011-08-20 17:29:17 | 000,002,173 | ---- | M] () 214 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files - No Company Name] Mozilla Firefox.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> [2011-09-06 15:29:01 | 000,001,119 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-09-06 15:29:01 | 000,001,107 | ---- | C] () winstart.bat -> C:\Windows\winstart.bat -> [2011-09-06 12:10:47 | 000,000,002 | RHS- | C] () avast! Free Antivirus.lnk -> C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> [2011-09-06 11:55:05 | 000,002,005 | ---- | C] () ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2011-08-30 21:00:15 | 000,072,822 | ---- | C] () data2.cab -> C:\Users\Tomcio\AppData\Local\data2.cab -> [2011-08-30 19:56:29 | 006,501,171 | ---- | C] () done.exe -> C:\Users\Tomcio\AppData\Local\done.exe -> [2011-08-30 19:56:29 | 000,646,601 | ---- | C] () Setup.dat -> C:\Users\Tomcio\AppData\Local\Setup.dat -> [2011-08-30 19:56:29 | 000,000,246 | ---- | C] () Crystal.exe -> C:\Users\Tomcio\AppData\Local\Crystal.exe -> [2011-08-30 19:56:26 | 000,737,029 | ---- | C] () patterns.ini -> C:\Users\Tomcio\AppData\Local\patterns.ini -> [2011-08-30 19:51:40 | 000,000,000 | ---- | C] () System.dat -> C:\Users\Tomcio\AppData\Roaming\System.dat -> [2011-08-30 19:51:38 | 000,000,002 | ---- | C] () Windows.dat -> C:\Users\Tomcio\AppData\Roaming\Windows.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | C] () etc.dat -> C:\Users\Tomcio\AppData\Roaming\etc.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | C] () DirectX.dat -> C:\Users\Tomcio\AppData\Roaming\DirectX.dat -> [2011-08-30 19:51:38 | 000,000,001 | ---- | C] () Crystal.exe -> C:\Users\Tomcio\AppData\Roaming\Crystal.exe -> [2011-08-30 19:51:33 | 000,737,029 | ---- | C] () Generator Wniosków Płatniczych dla POKL.lnk -> C:\Users\Public\Desktop\Generator Wniosków Płatniczych dla POKL.lnk -> [2011-08-20 17:29:17 | 000,002,173 | ---- | C] () ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011-02-21 09:08:16 | 000,000,777 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2011-02-21 09:08:16 | 000,000,288 | ---- | C] () unrar.dll -> C:\Windows\System32\unrar.dll -> [2010-12-21 23:51:11 | 000,165,376 | ---- | C] () avisplitter.ini -> C:\Windows\avisplitter.ini -> [2010-12-21 23:51:11 | 000,000,038 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2010-12-21 23:51:10 | 000,790,528 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2010-12-21 23:51:10 | 000,134,144 | ---- | C] () ff_vfw.dll -> C:\Windows\System32\ff_vfw.dll -> [2010-12-21 23:51:10 | 000,108,032 | ---- | C] () GProton.exe -> C:\ProgramData\GProton.exe -> [2010-12-21 23:50:35 | 007,793,152 | RHS- | C] () Qiii.INI -> C:\Windows\Qiii.INI -> [2010-11-02 17:12:52 | 000,000,551 | ---- | C] () Q3version.ini -> C:\Windows\Q3version.ini -> [2010-11-02 17:12:52 | 000,000,030 | ---- | C] () HPMLVS.dll -> C:\Windows\System32\HPMLVS.dll -> [2010-07-24 17:07:30 | 000,049,152 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Tomcio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010-04-12 18:34:43 | 000,004,608 | ---- | C] () NDSTray.INI -> C:\Windows\NDSTray.INI -> [2010-02-20 23:23:02 | 000,000,000 | ---- | C] () RTEQEX1.dat -> C:\Windows\System32\drivers\RTEQEX1.dat -> [2010-02-20 23:14:19 | 000,000,520 | ---- | C] () RTEQEX0.dat -> C:\Windows\System32\drivers\RTEQEX0.dat -> [2010-02-20 23:14:19 | 000,000,520 | ---- | C] () RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2009-09-07 10:02:48 | 000,073,728 | ---- | C] () HWS_Ctrl.dll -> C:\Windows\System32\HWS_Ctrl.dll -> [2009-09-07 10:02:14 | 000,045,056 | ---- | C] () igkrng500.bin -> C:\Windows\System32\igkrng500.bin -> [2009-08-27 08:57:38 | 000,982,220 | ---- | C] () igcompkrng500.bin -> C:\Windows\System32\igcompkrng500.bin -> [2009-08-27 08:57:38 | 000,439,300 | ---- | C] () igfcg500.bin -> C:\Windows\System32\igfcg500.bin -> [2009-08-27 08:57:38 | 000,134,592 | ---- | C] () igfcg500m.bin -> C:\Windows\System32\igfcg500m.bin -> [2009-08-27 08:57:38 | 000,092,216 | ---- | C] () perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2009-07-14 10:07:57 | 000,697,912 | ---- | C] () perfi015.dat -> C:\Windows\System32\perfi015.dat -> [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2009-07-14 10:07:57 | 000,134,990 | ---- | C] () perfd015.dat -> C:\Windows\System32\perfd015.dat -> [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009-07-14 06:33:53 | 000,343,960 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009-07-14 04:05:48 | 000,616,008 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009-07-14 04:05:48 | 000,106,388 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () BthpanContextHandler.dll -> C:\Windows\System32\BthpanContextHandler.dll -> [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () BWContextHandler.dll -> C:\Windows\System32\BWContextHandler.dll -> [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () HdmiCoin.dll -> C:\Windows\System32\HdmiCoin.dll -> [2009-07-10 07:44:40 | 000,004,608 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () SPCtl.dll -> C:\Windows\System32\SPCtl.dll -> [2009-04-28 04:37:00 | 000,028,672 | ---- | C] () [File - Lop Check] JCommerce -> C:\Users\Tomcio\AppData\Roaming\JCommerce -> [2011-08-20 17:29:12 | 000,000,000 | ---D | M] OmegaSys Generator WNA -> C:\Users\Tomcio\AppData\Roaming\OmegaSys Generator WNA -> [2011-08-20 17:29:43 | 000,000,000 | ---D | M] Toshiba -> C:\Users\Tomcio\AppData\Roaming\Toshiba -> [2010-04-16 16:38:56 | 000,000,000 | ---D | M] TransAng3 -> C:\Users\Tomcio\AppData\Roaming\TransAng3 -> [2010-05-06 21:11:47 | 000,000,000 | ---D | M] TransEngPol4 -> C:\Users\Tomcio\AppData\Roaming\TransEngPol4 -> [2010-12-16 19:21:52 | 000,000,000 | ---D | M] WinBatch -> C:\Users\Tomcio\AppData\Roaming\WinBatch -> [2011-02-18 10:58:25 | 000,000,000 | ---D | M] Windows Live Writer -> C:\Users\Tomcio\AppData\Roaming\Windows Live Writer -> [2010-11-17 20:22:58 | 000,000,000 | ---D | M] SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2011-07-22 09:53:03 | 000,032,608 | ---- | M] () [File - Purity Scan] < End of report > [/code]