Results 1 to 7 of 7

Thread: drvkev.dll

  1. #1
    Junior Member
    Join Date
    May 2008
    Posts
    4

    Default drvkev.dll

    Ever since I deleted something from my laptop, there's an error message when Windows comes up, saying that "drvkev.dll" is missing from the System32 folder.

    Would somebody be able to send me the file??

    Thanks in advance.

    Zozoka

  2. #2
    Retired Security Volunteer
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,620

    Default

    The file is malware so you probably don't want it


    Please download Deckard's System Scanner (DSS) and save it to your Desktop.
    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
    • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
    Who watches The Watchmen?

    It's like you said. All I am is what I'm going after.

    ~Scratch~

  3. #3
    Retired Security Volunteer
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,620

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

    If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.
    Who watches The Watchmen?

    It's like you said. All I am is what I'm going after.

    ~Scratch~

  4. #4
    Junior Member
    Join Date
    May 2008
    Posts
    4

    Default drvkev.dll

    Hi,

    Here are the log files:


    Deckard's System Scanner v20071014.68
    Run by Csima Zoli on 2008-05-31 22:15:21
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    84: 2008-05-31 20:15:31 UTC - RP382 - Deckard's System Scanner Restore Point
    83: 2008-05-29 21:21:40 UTC - RP381 - Uniblue RegistryBooster
    82: 2008-05-29 20:55:25 UTC - RP380 - Uniblue RegistryBooster
    81: 2008-05-25 09:57:41 UTC - RP379 - System Checkpoint
    80: 2008-05-21 19:15:13 UTC - RP378 - Telepítve: Nero 7 Demo


    -- First Restore Point --
    1: 2008-02-24 12:22:56 UTC - RP299 - Restore Operation


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis Clone ------------------------------------------------------------


    Emulating logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2008-05-31 22:18:29
    Platform: Windows XP Service Pack 3 (5.01.2600)
    MSIE: Internet Explorer (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\system32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\cFosSpeed\spd.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\ehome\ehrecvr.exe
    C:\WINDOWS\ehome\ehSched.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE
    C:\Program Files\ESET\nod32krn.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    C:\WINDOWS\agrsmmsg.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\hphmon03.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\cFosSpeed\cfosspeed.exe
    C:\Program Files\ESET\nod32kui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\PeerGuardian2\pg2.exe
    C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Metamail Inc\Metamail Reader\Metamail Secure Server.exe
    C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
    C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sony Ericsson\Mobile\Connectivity Pack\ConnMngMntBox.exe
    C:\TOSHIBA\IVP\ISM\Ivpsvmgr.exe
    C:\Documents and Settings\Csima Zoli\Desktop\dss.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.origo.hu/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
    O4 - HKLM\..\Run: [MSDisp32] rundll32.exe C:\WINDOWS\system32\drvkev.dll,startup
    O4 - HKLM\..\Run: [SBI] C:\Documents and Settings\Csima Zoli\Local Settings\Temporary Internet Files\Content.IE5\L9MENZKE\install_sbd_en[1].exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: Metamail Trust Manager.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: RAMASST.lnk = ?
    O4 - Global Startup: Telefonkapcsolat-figyelo.lnk = ?
    O4 - Global Startup: web'n'walk Manager.lnk = C:\Program Files\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZJxdm131YYHU
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xportálás Microsoft Excel formátumba - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Küldés blogba - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Küldés blogba a Windows Live Writer programmal - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} (SentinelVE3D Class) - http://download.microsoft.com/downlo...ualEarth3D.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {1A61A6A2-0C54-43C8-A249-C3FCBA154001} (OpenNetUserAgent Control) - http://hotline.opennet.hu/activeX/1....tUserAgent.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windo..._5.3.0.228.cab
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get.../ultrashim.cab
    O16 - DPF: {BE9B2B7C-6680-44E6-9F51-05384AD9C2FF} (MapConnect Control) - http://wayfinder.com/maps/MapConnect.ocx
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
    O16 - DPF: {EF58E341-49C3-4156-A3C4-5FFCA7C1EAB7} (EURAS_Portal.Gateway) - http://www.euras.com/euras/activex2/euras.CAB
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
    O18 - Protocol: bw+0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {e4c99c09-f7f8-4257-97fc-1098e52318e2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
    O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
    O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
    O18 - Protocol: offline-8876480 - {E4C99C09-F7F8-4257-97FC-1098E52318E2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O20 - Winlogon Notify: winmmt32 - C:\WINDOWS\system32\winmmt32.dll (file missing)
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\ESET\nod32krn.exe
    O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\hphipm09.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Swupdtmr - Unknown owner - C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe


    --
    End of file - 25546 bytes

    -- File Associations -----------------------------------------------------------

    .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 KR10N - c:\windows\system32\drivers\kr10n.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
    R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
    R1 StarOpen - c:\windows\system32\drivers\staropen.sys
    R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.9.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
    R2 AMON - c:\windows\system32\drivers\amon.sys <Not Verified; Eset; NOD32 Antivirus System>
    R2 FdRedir - c:\program files\common files\protector suite ql\drivers\fdredir.sys <Not Verified; UPEK Inc.; Protector Suite QL>
    R2 FileDisk2 (FileDisk Protector Kernel Driver) - c:\program files\common files\protector suite ql\drivers\filedisk.sys <Not Verified; UPEK Inc.; Protector Suite QL>
    R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
    R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
    R2 smihlp (SMI helper driver) - c:\program files\protector suite ql\smihlp.sys <Not Verified; UPEK Inc.; Protector Suite QL>
    R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell>
    R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
    R3 pgfilter - c:\program files\peerguardian2\pgfilter.sys
    R3 tifm21 - c:\windows\system32\drivers\tifm21.sys <Not Verified; Texas Instruments; Texas Instruments PCIxx21/PCIxx12 Integrated FlashMedia Controller>
    R3 TVALD (Toshiba Mobile PC Service) - c:\windows\system32\drivers\nbsmi.sys <Not Verified; Toshiba Corporation; Toshiba Notebook PC SMI Service>
    R3 Tvs (TOSHIBA Virtual Sound with SRS technologies) - c:\windows\system32\drivers\tvs.sys <Not Verified; TOSHIBA Corporation; Audio Filter>

    S2 DLABOIOM - c:\windows\system32\dla\dlaboiom.sys (file missing)
    S2 DLADResN - c:\windows\system32\dla\dladresn.sys (file missing)
    S2 DLAIFS_M - c:\windows\system32\dla\dlaifs_m.sys (file missing)
    S2 DLAOPIOM - c:\windows\system32\dla\dlaopiom.sys (file missing)
    S2 DLAPoolM - c:\windows\system32\dla\dlapoolm.sys (file missing)
    S2 DLAUDF_M - c:\windows\system32\dla\dlaudf_m.sys (file missing)
    S2 DLAUDFAM - c:\windows\system32\dla\dlaudfam.sys (file missing)
    S3 cglptnt - c:\totalcmd\cglptnt.sys <Not Verified; C. Ghisler & Co.; Windows Commander 32 bit>
    S3 hwdatacard (Huawei DataCard USB Modem and USB Serial) - c:\windows\system32\drivers\ewusbmdm.sys (file missing)
    S3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver>
    S3 usb2vcom (Nokia CA-42 USB) - c:\windows\system32\drivers\usb2vcom.sys <Not Verified; USB World Technology Inc. http://www.usbworld.net; USB Data Cable>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
    R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
    R2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
    R2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe

    S4 TAPPSRV (TOSHIBA Application Service) - "c:\program files\toshiba\toshiba applet\tappsrv.exe" <Not Verified; TOSHIBA Corp.; TOSHIBA TAPPSRV>


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Files created between 2008-04-30 and 2008-05-31 -----------------------------

    2008-05-29 22:51:52 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Uniblue
    2008-05-29 22:51:44 0 d-------- C:\Program Files\Uniblue
    2008-05-21 21:17:47 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Ahead
    2008-05-21 21:15:28 0 d-------- C:\Program Files\Nero
    2008-05-21 21:00:46 0 d-------- C:\Program Files\GoldEsel
    2008-05-20 00:03:52 0 d-------- C:\XP Pro Performance Edition April 2008 Multi
    2008-05-19 23:55:57 0 d-------- C:\XP Performance
    2008-05-19 23:31:56 0 d-------- C:\ubuntu
    2008-05-19 21:23:40 0 d-------- C:\Linux Xubuntu
    2008-05-18 23:17:07 0 d-------- C:\Adóbevallási nyugták
    2008-05-18 20:39:36 0 d-------- C:\Program Files\Abev 2006
    2008-05-18 18:55:33 5376 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-05-18 18:40:13 0 d-------- C:\WINDOWS\Prefetch
    2008-05-18 18:28:28 0 d-------- C:\WINDOWS\system32\scripting
    2008-05-18 18:28:27 0 d-------- C:\WINDOWS\l2schemas
    2008-05-18 18:28:26 0 d-------- C:\WINDOWS\system32\en
    2008-05-18 18:28:26 0 d-------- C:\WINDOWS\system32\bits
    2008-05-18 18:25:12 0 d-------- C:\WINDOWS\ServicePackFiles
    2008-05-18 11:13:17 0 d-------- C:\Linux Slax USB
    2008-05-18 10:33:22 0 d-------- C:\Linux Ubuntu v.6
    2008-05-17 15:55:50 90112 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
    2008-05-17 15:55:41 0 d-------- C:\Program Files\SWiSH Max2
    2008-05-17 10:31:13 502368 --a------ C:\WINDOWS\system32\drivers\amon.sys <Not Verified; Eset; NOD32 Antivirus System>
    2008-05-16 23:34:39 1160 --a------ C:\WINDOWS\mozver.dat
    2008-05-15 21:49:01 0 d-------- C:\Linux Ubuntu
    2008-05-15 21:36:36 0 d-------- C:\Linux Slax
    2008-05-13 23:08:03 0 d-------- C:\Windows FLP
    2008-05-13 19:24:07 0 d-------- C:\Windows FLP xp
    2008-05-12 21:00:27 0 d-------- C:\Elive_1.0_Gem
    2008-05-12 12:24:34 0 d-------- C:\Windows 2000
    2008-05-12 00:44:16 0 d-------- C:\XP Home
    2008-05-10 17:23:33 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\MemoQ
    2008-05-10 17:22:44 0 d-------- C:\Program Files\Kilgray
    2008-05-10 17:22:44 0 d-------- C:\Documents and Settings\All Users\Application Data\MemoQ
    2008-05-08 22:02:17 0 d-------- C:\Documents and Settings\Csima Zoli\LocalLow
    2008-05-08 22:02:17 0 d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks
    2008-05-03 19:15:46 0 d-------- C:\Program Files\cFosSpeed
    2008-05-03 14:08:05 90112 -----n--- C:\WINDOWS\SDUnInst.exe <Not Verified; Software Design; UnInstaller Utility for Windows>
    2008-04-30 22:57:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-04-30 22:54:12 0 d-------- C:\kav
    2008-04-30 21:49:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab(2)


    -- Find3M Report ---------------------------------------------------------------

    2008-05-31 22:19:03 0 d-------- C:\Program Files\PeerGuardian2
    2008-05-29 23:27:50 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\XnView
    2008-05-28 22:25:34 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Skype
    2008-05-28 22:24:27 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\skypePM
    2008-05-21 21:18:50 0 d-------- C:\Program Files\Common Files\Ahead
    2008-05-21 21:04:16 0 d-------- C:\Program Files\Ahead
    2008-05-21 21:00:46 0 d--h----- C:\Program Files\InstallShield Installation Information
    2008-05-20 00:06:28 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\uTorrent
    2008-05-18 18:59:23 0 d-------- C:\Program Files\Movie Maker
    2008-05-18 18:57:24 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-05-18 18:57:24 71640 --a------ C:\WINDOWS\BricoPackUninst.cmd
    2008-05-18 18:29:00 0 d-------- C:\Program Files\Messenger
    2008-05-18 18:24:39 0 d-------- C:\Program Files\Windows NT
    2008-05-17 10:30:57 274432 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
    2008-05-06 20:24:22 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\OpenOffice.org2
    2008-05-04 12:05:36 51088 --a------ C:\Documents and Settings\Csima Zoli\Application Data\GDIPFONTCACHEV1.DAT
    2008-04-30 21:21:23 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\1'st ZipCommander
    2008-04-24 21:17:16 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Samsung
    2008-04-24 18:45:55 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Talkback
    2008-04-24 18:41:49 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Mozilla
    2008-04-24 18:40:42 0 d-------- C:\Program Files\Common Files
    2008-04-24 18:40:42 0 d-------- C:\Program Files\Common Files\xing shared
    2008-04-24 18:40:33 0 d-------- C:\Program Files\Common Files\Real
    2008-04-23 22:50:49 0 d-------- C:\Program Files\Radio Decoder Pro
    2008-04-23 22:03:09 0 d-------- C:\Program Files\FairStars Recorder
    2008-04-23 20:11:28 0 d-------- C:\Program Files\EFTP
    2008-04-23 19:53:53 0 d-------- C:\Program Files\Ashampoo
    2008-04-23 18:59:42 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\FairStars Recorder
    2008-04-22 23:03:07 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Adobe
    2008-04-21 17:45:51 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\ADPHONE
    2008-04-21 17:35:13 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Real
    2008-04-18 21:55:22 0 d-------- C:\Program Files\Virtual Earth 3D
    2008-04-17 20:45:19 0 d-------- C:\Documents and Settings\Csima Zoli\Application Data\Voipwise
    2008-04-17 20:43:29 0 d-------- C:\Program Files\Voipwise.com
    2008-04-14 05:42:44 3128320 --a------ C:\WINDOWS\system32\logon.scr <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:40 885248 --a------ C:\WINDOWS\system32\wiaacmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:38 181760 --a------ C:\WINDOWS\system32\taskmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:38 182272 --a------ C:\WINDOWS\system32\sysocmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:38 180736 --a------ C:\WINDOWS\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:34 224256 --a------ C:\WINDOWS\regedit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:30 155136 --a------ C:\WINDOWS\system32\notepad.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:30 55808 --a------ C:\WINDOWS\system32\narrator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:30 439808 --a------ C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:30 155136 --a------ C:\WINDOWS\notepad.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:26 5650432 --a------ C:\WINDOWS\system32\logonui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:20 975872 --a------ C:\WINDOWS\explorer.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:16 415744 --a------ C:\WINDOWS\system32\cmd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:16 108544 --a------ C:\WINDOWS\system32\cleanmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:14 100864 --a------ C:\WINDOWS\system32\ahui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:12 905728 --a------ C:\WINDOWS\system32\zipfldr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:10 294400 --a------ C:\WINDOWS\system32\winsrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:10 769536 --a------ C:\WINDOWS\system32\wiashext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:08 388096 --a------ C:\WINDOWS\system32\themeui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:08 1246720 --a------ C:\WINDOWS\system32\syssetup.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:08 147456 --a------ C:\WINDOWS\system32\stobject.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:06 1788416 --a------ C:\WINDOWS\system32\shimgvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:04 1230336 --a------ C:\WINDOWS\system32\rasdlg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:04 740864 --a------ C:\WINDOWS\system32\printui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:04 231936 --a------ C:\WINDOWS\system32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:04 413184 --a------ C:\WINDOWS\system32\newdev.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:04 2118656 --a------ C:\WINDOWS\system32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:02 147456 --a------ C:\WINDOWS\system32\netid.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:02 86016 --a------ C:\WINDOWS\system32\mydocs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:02 321536 --a------ C:\WINDOWS\system32\mstask.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:42:00 1104896 --a------ C:\WINDOWS\system32\msgina.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:58 2089472 --a------ C:\WINDOWS\system32\mstscax.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:58 402944 --a------ C:\WINDOWS\system32\keymgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:56 159744 --a------ C:\WINDOWS\system32\hotplug.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:54 392704 --a------ C:\WINDOWS\system32\fontext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:52 188928 --a------ C:\WINDOWS\system32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:52 449536 --a------ C:\WINDOWS\system32\cmdial32.dll <Not Verified; Microsoft Corporation; Microsoft(R) Connection Manager>
    2008-04-14 05:41:52 82944 --a------ C:\WINDOWS\system32\cabview.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:52 28672 --a------ C:\WINDOWS\system32\batmeter.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 05:41:12 755712 --a------ C:\WINDOWS\system32\WINNTBBU.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-13 23:09:26 3288064 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-13 22:33:20 666112 --a------ C:\WINDOWS\system32\shdoclc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-13 22:15:32 379904 --a------ C:\WINDOWS\system32\moricons.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-13 11:46:43 0 d-------- C:\Program Files\Java
    2008-04-13 11:26:31 0 d-------- C:\Program Files\Bonjour
    2008-04-12 19:34:50 0 d-------- C:\Program Files\QuickTime
    2008-04-12 19:33:03 0 d-------- C:\Program Files\Common Files\Adobe
    2008-04-12 19:22:02 0 d-------- C:\Program Files\Common Files\Macrovision Shared
    2008-04-11 21:56:05 0 d-------- C:\Program Files\MediaCoder
    2008-04-07 00:48:28 0 d-------- C:\Program Files\OpenOffice.org 2.4
    2008-04-07 00:47:27 0 d-------- C:\Program Files\OpenOffice.org 2.3
    2008-03-22 11:33:05 24 --a------ C:\Documents and Settings\Csima Zoli\Application Data\MyPhrases.dta
    2008-03-21 20:51:37 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
    2008-03-14 21:23:15 0 --a------ C:\Documents and Settings\Csima Zoli\Application Data\wklnhst.dat
    2008-03-04 18:52:34 286720 --a------ C:\WINDOWS\system32\libcurl.dll


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AGRSMMSG"="AGRSMMSG.exe" [2005.10.15. 16:29 C:\WINDOWS\agrsmmsg.exe]
    "NDSTray.exe"="NDSTray.exe" []
    "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" []
    "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005.04.27. 02:13]
    "Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2005.03.18. 03:37]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005.12.05. 21:37]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005.11.28. 20:41]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005.07.19. 17:32]
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005.07.15. 23:48]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008.02.22. 04:25]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2006.01.13. 08:46]
    "HPHmon03"="C:\WINDOWS\system32\hphmon03.exe" [2006.01.13. 08:46]
    "MSDisp32"="C:\WINDOWS\system32\drvkev.dll" []
    "SBI"="C:\Documents and Settings\Csima Zoli\Local Settings\Temporary Internet Files\Content.IE5\L9MENZKE\install_sbd_en[1].exe" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006.02.16. 11:56]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008.04.24. 18:39]
    "cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2007.07.09. 17:10]
    "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008.05.17. 10:30]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006.01.12. 15:40]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008.04.14. 05:42]
    "PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005.09.18. 18:40]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005.06.08. 14:44]
    "UIWatcher"="C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe" [2008.04.22. 08:47]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006.02.01. 16:45]

    C:\Documents and Settings\Csima Zoli\Start Menu\Programs\Startup\
    OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [9/26/2007 11:51:12 PM]
    RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [3/19/2007 12:05:02 AM]
    TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [6/1/2005 9:41:18 PM]
    UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [5/21/2006 9:43:08 AM]
    Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [5/21/2006 9:43:14 AM]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Metamail Trust Manager.lnk - C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe [5/29/2006 3:12:30 AM]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 12:01:04 PM]
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2/15/2006 6:31:42 PM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004.10.09. 15:18 49152]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
    C:\WINDOWS\System32\dimsntfy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
    psqlpwd.dll 2005.12.22. 06:42 40448 C:\WINDOWS\system32\psqlpwd.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winmmt32]
    winmmt32.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages"= scecli psqlpwd

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Csima Zoli^Start Menu^Programs^Startup^Y'z Shadow.lnk]
    path=C:\Documents and Settings\Csima Zoli\Start Menu\Programs\Startup\Y'z Shadow.lnk
    backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
    "C:\Program Files\America Online 9.0\AOL.EXE" -b

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    C:\WINDOWS\system32\hkcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    C:\WINDOWS\system32\igfxpers.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    C:\WINDOWS\system32\igfxtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    C:\Program Files\Logitech\Video\ISStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    C:\Program Files\Logitech\Video\LogiTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher]
    "C:\Program Files\Protector Suite QL\launcher.exe" /startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TDispVol]
    TDispVol.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TFncKy]
    TFncKy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THotkey]
    C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain]
    TPSMain.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs]
    C:\Program Files\Toshiba\Tvs\TvsTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "TAPPSRV"=2 (0x2)
    "Fax"=2 (0x2)
    "ERSvc"=2 (0x2)
    "AOL TopSpeedMonitor"=2 (0x2)
    "AOL ACS"=2 (0x2)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    eapsvcs eaphost
    dot3svc dot3svc

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    napagent
    hkmsvc


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deed624a-de38-11dc-a2d9-00f1d000f1d0}]
    AutoRun\command- E:\AutoRun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deed624c-de38-11dc-a2d9-00038a000015}]
    AutoRun\command- E:\AutoRun.exe

    *Newly Created Service* - PGFILTER



    -- Hosts -----------------------------------------------------------------------

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

    60 more entries in hosts file.


    -- End of Deckard's System Scanner: finished at 2008-05-31 22:20:55 ------------

  5. #5
    Junior Member
    Join Date
    May 2008
    Posts
    4

    Default drvkev.dll - extra.txt

    And the other one:

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professional (build 2600) SP 3.0
    Architecture: X86; Language: English

    CPU 0: Genuine Intel(R) CPU T2400 @ 1.83GHz
    Percentage of Memory in Use: 27%
    Physical Memory (total/avail): 2037.98 MiB / 1479.42 MiB
    Pagefile Memory (total/avail): 3933.5 MiB / 3576.05 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1902.43 MiB

    C: is Fixed (NTFS) - 111.54 GiB total, 35.09 GiB free.
    D: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - TOSHIBA MK1234GSX - 111.79 GiB - 2 partitions
    \PARTITION0 (bootable) - Installable File System - 111.54 GiB - C:
    \PARTITION1 - Unknown - 251.02 MiB



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Csima Zoli\Application Data
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=CSIMA
    ComSpec=C:\WINDOWS\system32\cmd.exe
    DEFAULT_CA_NR=CA8
    FP_NO_HOST_CHECK=NO
    GETMODEL=Satellite A105
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Csima Zoli
    KRDIR=C:\Program Files\Abev 2006\eKuldes
    LOGONSERVER=\\CSIMA
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\Program Files\Abev 2006\krtitok;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\Teleca Shared;c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0e08
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\CSIMAZ~1\LOCALS~1\Temp
    TMP=C:\DOCUME~1\CSIMAZ~1\LOCALS~1\Temp
    USERDOMAIN=CSIMA
    USERNAME=Csima Zoli
    USERPROFILE=C:\Documents and Settings\Csima Zoli
    VERNUM=PSAA8U-02200UR
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Csima Zoli (admin)
    Administrator (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    --> C:\WINDOWS\mlhunins.exe -f"C:\Program Files\MoBiMouse\eheakad\aconfig\DeIsLog.1"
    --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    --> C:\WINDOWS\UNRecode.exe /UNINSTALL
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}\Setup.exe" -l0x9
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Abev6 (Verzió: 6.5.18) --> C:\Program Files\Abev 2006\uninstall.exe
    Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Photoshop 7.0 CE --> C:\WINDOWS\ISUN040E.EXE -f"C:\Program Files\Adobe\Photoshop 7.0 CE\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0 CE\Uninst.dll"
    Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Akadémiai MoBiMouse - angol --> C:\WINDOWS\mlhunins.exe -f"C:\Program Files\MoBiMouse\eheakad\DeIsLog.1"
    Akadémiai MoBiMouse Plus - Angol --> MsiExec.exe /I{C0A73873-F936-4C90-B6F3-FD2F1BBDDAA6}
    Akadémiai MoBiMouse Plus - Német --> MsiExec.exe /I{2944FACE-DF53-454A-B184-D793DC346268}
    America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\aolunins_us.exe
    AOL Coach Version 2.0(Build:20041026.5 en) --> C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
    AOL Connectivity Services --> "C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /c
    AOL Spyware Protection --> C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
    AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
    Ashampoo UnInstaller 3.05 --> "C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\unins000.exe"
    Ashampoo WinOptimizer 4.41 --> "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 4\unins000.exe"
    BearPaw 1200CU Plus v1.0 --> C:\PROGRA~1\BEARPA~1\Driver\UNINST.EXE
    Bejeweled 2 Deluxe --> "C:\Program Files\Toshiba Games\Bejeweled 2 Deluxe\Uninstall.exe"
    BlackBerry Connect Desktop számára Sony Ericsson --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{70B45E50-F8F0-47D5-B707-495545A5BD00} /l1038
    Blasterball 2 Revolution --> "C:\Program Files\Toshiba Games\Blasterball 2 Revolution\Uninstall.exe"
    Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
    Canon S300 --> C:\WINDOWS\system32\CNMCP38.EXE -@C:\WINDOWS\IsUninst.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\DeIsL1.isu" -pCanon S300-c"C:\BJPrinter\CNMWINDOWS\Canon S300 Installer\Inst\bjinst.dll
    CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
    cFosSpeed v4.01 --> "C:\Program Files\cFosSpeed\setup.exe" -uninstall
    concept/design onlineTV 4 --> "C:\Program Files\concept design\onlineTV 4\unins000.exe"
    Dativus --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65B8163D-330E-452A-BA10-5BF126A6FA0D}\setup.exe" -l0xe -removeonly
    DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
    DVD Region+CSS Free 5.84 --> "C:\Program Files\DVD Region+CSS Free\unins000.exe"
    Encrypted FTP --> C:\PROGRA~1\EFTP\UNWISE.EXE C:\PROGRA~1\EFTP\INSTALL.LOG
    ESPNMotion --> C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
    FairStars Recorder 2.57 --> "C:\Program Files\FairStars Recorder\unins000.exe"
    FATE --> "C:\Program Files\Toshiba Games\FATE\Uninstall.exe"
    Final Drive Fury --> "C:\Program Files\TOSHIBA Games\Final Drive Fury\Uninstall.exe"
    Foxit PDF Creator --> C:\Program Files\Foxit Software\PDF Creator\FPC_Uninstall.exe
    Foxit PDF Editor --> C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
    GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe"
    Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
    Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
    Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
    Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    hp photosmart printer series (Remove only) --> C:\Program Files\hp photosmart\printer\hphuni03.exe
    Htmlpad_little 2.0 --> C:\WINDOWS\iun506.exe C:\Program Files\Htmlpad_little\irunin.ini
    Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
    Intel(R) PRO Network Connections Drivers --> Prounstl.exe
    Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
    InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
    InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Jogtar --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43F2A90-8045-4BC0-87C4-401D7F0F16FF}\setup.exe" -l0xe
    K-Lite Mega Codec Pack 1.38 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Light Artist 1.5 --> "C:\Program Files\Light Artist\unins000.exe"
    LiveUpdate for 1'st ZipCommander --> C:\WINDOWS\uninst.exe -f"C:\Program Files\1'st ZipCommander\UnInstall\LiveUpdate for 1'st ZipCommander\DeIsL1.isu" -c"C:\Program Files\1'st ZipCommander\UnInstall\LiveUpdate for 1'st ZipCommander\_ISREG32.DLL"
    Lizardtech DjVu Control --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x9
    Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL -removeonly
    Logitech QuickCam Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
    Logitech® Camera Driver --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
    Macromedia HomeSite 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}\Setup.exe"
    mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    MediaCoder 0.5.1 --> C:\Program Files\MediaCoder\uninst.exe
    MemoQ --> MsiExec.exe /I{7A3B15FE-EB76-4ADD-9FB0-525538351EC1}
    Metamail (Toshiba Registration Utility) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE3F89C0-42D5-11D5-A40A-00105AC8331A}\setup.exe" -l0x9
    mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office XP Professional és FrontPage --> MsiExec.exe /I{9028040E-6000-11D3-8CFE-0050048383C9}
    Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
    mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    Msxml4 SP2 --> MsiExec.exe /I{955D8242-B99E-4A9A-80C4-3FF7D7587EA3}
    MUSTEK 1200 CU PLUS v1.2 --> C:\WINDOWS\twain_32\1200CU~1\UNINST.EXE
    mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    MyConnect Special Offer --> MsiExec.exe /I{97D8751D-18A4-482B-9E9C-31DAD9BEC1EC}
    mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
    Need for Speed™ Most Wanted --> C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
    Nero 7 Demo --> MsiExec.exe /I{46A2406A-C964-A97E-4ED8-C2E75CE71038}
    Nero Reloaded PlugIn Pack 2.0.4 by GEAR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3D7915D-6B42-49FA-9FC8-5020479A6A57}\setup.exe" -l0x9 -removeonly
    NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
    NOD32 FiX v2.1 --> "C:\Program Files\Eset\unins000.exe"
    Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
    OpenOffice.org 2.3 --> MsiExec.exe /I{4C85FCF9-534A-4435-9065-AEE8BB2B8C05}
    P900 ThemeEditor 1.60 --> "C:\Program Files\VITO Technology\P900 ThemeEditor\unins000.exe"
    Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
    Penguins! --> "C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe"
    Polar Golfer --> "C:\Program Files\Toshiba Games\Polar Golfer\Uninstall.exe"
    PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Pure Networks Port Magic --> C:\Program Files\Pure Networks\Port Magic\PortAOL.exe -Uninstall -ShowUI
    QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    Radio Decoder --> C:\WINDOWS\iun6002.exe "C:\Program Files\Radio Decoder2\irunin.ini"
    Radio Decoder Pro --> C:\WINDOWS\iun6002.exe "C:\Program Files\Radio Decoder Pro\irunin.ini"
    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
    SCRABBLE --> "C:\Program Files\Toshiba Games\SCRABBLE\Uninstall.exe"
    SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    SEMC DSS-20 SyncStation Driver --> C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini
    Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
    Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Sony Ericsson PC Suite 3.2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC18114B-05A0-11D6-8140-000102E745A6}\Setup.exe" -l0xe
    Sony Ericsson Themes Creator 3.17 --> C:\Program Files\Sony Ericsson\Themes Creator\Uninstall.exe
    SWiSH Max2 --> C:\WINDOWS\unvise32.exe C:\Program Files\SWiSH Max2\uninstal.log
    Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Szótár program eltávolítása --> "C:\Program Files\Jómagam\Szótár\unins000.exe"
    Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1033
    TopStyle Lite (Version 2) --> C:\WINDOWS\unlite2.exe "C:\Program Files\Bradbury\TopStyle2"
    TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9
    TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
    TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
    TOSHIBA Game Console --> "C:\Program Files\WildTangent\Apps\TOSHIBA Game Console\Uninstall.exe"
    TOSHIBA Hotkey Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x9
    TOSHIBA PC Diagnostic Tool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
    TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
    TOSHIBA SD Memory Card Format --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe"
    TOSHIBA Software Modem --> Tosmreg -U
    TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
    TOSHIBA Speech System Applications --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
    TOSHIBA Speech System SR Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
    TOSHIBA TouchPad ON/Off Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x9
    TOSHIBA TV Tuner 4.0.12.73 --> C:\Program Files\AVerMedia\TOSHIBA TV Tuner\uninst.exe
    TOSHIBA Utilities --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x9
    TOSHIBA Virtual Sound --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall
    TOSHIBA Zooming Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe"
    Total Commander (Remove or Repair) --> c:\totalcmd\tcuninst.exe
    TypingMaster Pro --> "C:\Program Files\TypingMaster\unins000.exe"
    Ubuntu --> C:\ubuntu\Uninstall-Ubuntu.exe
    Uniblue RegistryBooster 2 --> "C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
    Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
    Update Service --> C:\Program Files\Sony Ericsson\Update Service\uninst.exe
    VeryPDF PDF2Word v3.0 --> "C:\Program Files\VeryPDF PDF2Word v3.0\unins000.exe"
    Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Virtual Earth 3D (Beta) --> MsiExec.exe /I{39CE3C17-846D-4D9B-8B3E-C01A4B90FB73}
    Voipwise --> "C:\Program Files\Voipwise.com\Voipwise\unins000.exe"
    web'n'walk Manager --> MsiExec.exe /X{04579255-0717-44B2-96D9-97E8750D6D67}
    Web Photo Album 0.9 Beta --> "C:\Program Files\Web Photo Album\unins000.exe"
    WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
    Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live bejelentkezési segéd --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Windows Live Fotótár --> MsiExec.exe /X{C7A4D259-C9DF-44F4-A0C2-EA5D6F323B1A}
    Windows Live installer --> MsiExec.exe /X{999CE3F5-C179-4607-BEDF-B9544B0DD232}
    Windows Live Mail --> MsiExec.exe /I{114C7913-FC33-41E7-839B-51042BDF3D9C}
    Windows Live Messenger --> MsiExec.exe /X{AF2815A6-0573-45A4-BAE3-3194C1D4393C}
    Windows Live Writer --> MsiExec.exe /X{C5401ABF-5175-4E69-9849-EAA397952111}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB888316 --> C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe
    Windows XP Media Center Edition 2005 KB894553 --> C:\WINDOWS\$NtUninstallKB894553$\spuninst\spuninst.exe
    Windows XP Media Center Edition 2005 KB895678 --> C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe
    Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
    Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinRAR archiváló --> C:\Program Files\WinRAR\uninstall.exe
    XnView 1.92.1 --> "C:\Program Files\XnView\unins000.exe"
    Yahoo! Music Engine --> "C:\Program Files\Yahoo!\Yahoo! Music Engine\Uninstall.exe"


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type2017 / Error
    Event Submitted/Written: 05/27/2008 08:50:11 PM
    Event ID/Source: 0 / Media Center Scheduler
    Event Description:
    Flush: RecordingFile failed to write Invalid XML Operation.

    Event Record #/Type2012 / Error
    Event Submitted/Written: 05/26/2008 10:16:14 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Faulting application firefox.exe, version 1.8.20080.40413, faulting module unknown, version 0.0.0.0, fault address 0x0000001f.
    Processing media-specific event for [firefox.exe!ws!]

    Event Record #/Type2011 / Error
    Event Submitted/Written: 05/26/2008 10:11:45 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Faulting application iexplore.exe, version 7.0.6000.16640, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x0001b1fa.
    Processing media-specific event for [iexplore.exe!ws!]

    Event Record #/Type1984 / Error
    Event Submitted/Written: 05/21/2008 10:42:22 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Faulting application iexplore.exe, version 7.0.6000.16640, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x0001b1fa.
    Processing media-specific event for [iexplore.exe!ws!]

    Event Record #/Type1983 / Error
    Event Submitted/Written: 05/21/2008 10:41:50 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Faulting application iexplore.exe, version 7.0.6000.16640, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x0001b1fa.
    Processing media-specific event for [iexplore.exe!ws!]



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type3698 / Warning
    Event Submitted/Written: 05/31/2008 07:25:08 PM
    Event ID/Source: 2504 / Server
    Event Description:
    The server could not bind to the transport \Device\NetBT_Tcpip_{AF78CD34-CB51-41E3-XXXX-XXXXXXXXXXXX}.

    Event Record #/Type3697 / Warning
    Event Submitted/Written: 05/31/2008 07:25:06 PM
    Event ID/Source: 1007 / Dhcp
    Event Description:
    Your computer has automatically configured the IP address for the Network
    Card with network address XXXXXXXXXXXX. The IP address being used is XXX.XXX.XX.XX.

    Event Record #/Type3696 / Warning
    Event Submitted/Written: 05/31/2008 07:24:56 PM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Your computer was not able to renew its address from the network (from the
    DHCP Server) for the Network Card with network address XXXXXXXXXXXX. The following
    error occurred:
    %%121.
    Your computer will continue to try and obtain an address on its own from
    the network address (DHCP) server.

    Event Record #/Type3670 / Warning
    Event Submitted/Written: 05/30/2008 09:16:19 PM
    Event ID/Source: 2504 / Server
    Event Description:
    The server could not bind to the transport \Device\NetBT_Tcpip_{AF78CD34-CB51-41E3-XXXX-XXXXXXXXXXXX}.

    Event Record #/Type3669 / Warning
    Event Submitted/Written: 05/30/2008 09:16:17 PM
    Event ID/Source: 1007 / Dhcp
    Event Description:
    Your computer has automatically configured the IP address for the Network
    Card with network address XXXXXXXXXXXX. The IP address being used is XXX.XXX.XX.XX.



    -- End of Deckard's System Scanner: finished at 2008-05-31 22:20:55 ------------

  6. #6
    Retired Security Volunteer
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,620

    Default

    Hello

    1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [SBI] C:\Documents and Settings\Csima Zoli\Local Settings\Temporary Internet Files\Content.IE5\L9MENZKE\install_sbd_en[1].exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZJxdm131YYHU
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/noc...1.0.0.15-3.cab
    O20 - Winlogon Notify: winmmt32 - C:\WINDOWS\system32\winmmt32.dll (file missing)


    2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.



    Please download the OTMoveIt2 by OldTimer.
    • Save it to your desktop.
    • Please double-click OTMoveIt2.exe to run it.
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

      Code:
      [kill explorer]
      HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deed624a-de38-11dc-a2d9-00f1d000f1d0}
      E:\AutoRun.exe
      HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deed624c-de38-11dc-a2d9-00038a000015}
      E:\AutoRun.exe
      purity 
      [start explorer]
    • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt2
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.




    Please download Malwarebytes' Anti-Malware from Here or Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.

    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



    Reboot and post a new DSS log
    Who watches The Watchmen?

    It's like you said. All I am is what I'm going after.

    ~Scratch~

  7. #7
    Retired Security Volunteer
    Join Date
    Sep 2007
    Location
    Ireland
    Posts
    1,620

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

    If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.
    Who watches The Watchmen?

    It's like you said. All I am is what I'm going after.

    ~Scratch~

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •