taktez s virem z FB....

Zpráva

#16 Příspěvek od **Caroprd111** » 26 črc 2011 22:35

Porposím Vás o nový log z RSIT.

ddduda · #17 Příspěvek od **ddduda** » 26 črc 2011 22:38

Logfile of random's system information tool 1.09 (written by random/random)
Run by Caleb at 2011-07-26 22:39:23
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 138 GB (60%) free of 229 GB
Total RAM: 2938 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:39:27 PM , on 26/07/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\notepad.exe
C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\_OTL\MovedFiles\07262011_204640\C_Windows\update.tray-7-0-lnk\svchost.exe
C:\_OTL\MovedFiles\07262011_204640\C_Windows\update.tray-0-0-lnk\svchost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Caleb\Desktop\RSIT.exe
C:\Program Files\trend micro\Caleb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2550700
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 123 port st:12334
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShoppingReport2 - {258C9770-1713-4021-8D7E-1F184A2BD754} - C:\Program Files\ShoppingReport2\Bin\2.7.12\ShoppingReport.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: (no name) - {d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab} - (no file)
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [1702885.exe] "C:\Users\Caleb\AppData\Local\Temp\1702885.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [3215506.exe] "C:\Users\Caleb\AppData\Local\Temp\3215506.exe"
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe" -auto
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - C:\Program Files\ShoppingReport2\Bin\2.7.12\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {EB620C54-E229-4942-87CE-E717109FC8C6} - C:\Program Files\ShoppingReport2\Bin\2.7.12\ShoppingReport.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0284821271673283) (0284821271673283mcinstcleanup) - Unknown owner - C:\Users\Caleb\AppData\Local\Temp\028482~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

--
End of file - 9877 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3799059190-483588289-3117201309-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3799059190-483588289-3117201309-1003UA.job
C:\Windows\tasks\Norton Security Scan for Caleb.job
C:\Windows\tasks\PCConfidential.job
C:\Windows\tasks\Regwork.job
C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2, Hotbar@Hotbar.com:11.0.0.0, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0, {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.6.0.15, linkfilter@kaspersky.ru:11.0.1.400, {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.2.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3"
prefs.js - "keyword.URL" - "http://search.alot.com/web?&src_id=1151 ... pr=auto&q="

"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG8\Firefox
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"Hotbar@Hotbar.com"=C:\Program Files\Hotbar\bin\11.0.175.0\firefox\extensions
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
linkfilter@kaspersky.ru
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npclntax_HotbarSA.dll
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_gp.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazon-en-GB.xml
answers.xml
avg_igeared.xml
chambers-en-GB.xml
creativecommons.xml
eBay-en-GB.xml
google.xml
wikipedia.xml
yahoo-en-GB.xml

C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{ba14329e-9550-4989-b3f2-9732e92d17cc}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{e2c58150-9d72-11dd-ad8b-0800200c9a66}
{EF522540-89F5-46b9-B6FE-1829E2B572C6}

C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default\searchplugins\
alot-search.xml
conduit.xml
imdb.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
PriceGongBHO Class - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll [2010-03-28 353656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754}]
ShoppingReport2 - C:\Program Files\ShoppingReport2\Bin\2.7.12\ShoppingReport.dll [2010-05-12 1144096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll [2010-04-01 537904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-27 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-04-27 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-04-15 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-27 263280]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-04-15 2515552]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.175.0\HostIE.dll [2010-04-01 537904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.175.0\HotbarSA.exe [2010-04-01 769328]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"1702885.exe"=C:\Users\Caleb\AppData\Local\Temp\1702885.exe [2011-07-26 256000]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe rezerv []
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe rezerv []
"3215506.exe"=C:\Users\Caleb\AppData\Local\Temp\3215506.exe [2011-07-26 256000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.175.0\Weather.exe [2010-04-01 353584]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9451089.exe]
C:\Windows\Temp\9451089.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9593303.exe]
C:\Users\Caleb\AppData\Local\Temp\9593303.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CD Autorun]
C:\Program Files\TweakNow PowerPack 2009\CDAuto.exe [2009-10-06 429312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Caleb\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-28 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-08-22 170520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-08-22 150040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSUFloatingUI]
C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-11-06 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-08-22 145944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-10-17 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-27 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Agent.lnk]
C:\PROGRA~1\3\3Connect\AUTOUP~1.EXE []

C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-08-22 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2010-07-01 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2008-11-06 98304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"DisallowRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.dvsd"=C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.JPEG"=JpegCode.dll
"VIDC.MJPG"=JpegCode.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 2 months======

2011-07-26 20:46:40 ----D---- C:\_OTL
2011-07-26 19:22:30 ----D---- C:\Users\Caleb\AppData\Roaming\Malwarebytes
2011-07-26 19:22:26 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-07-26 19:22:25 ----D---- C:\ProgramData\Malwarebytes
2011-07-26 19:22:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-26 19:22:23 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-07-26 15:19:08 ----D---- C:\rsit
2011-07-26 15:19:08 ----D---- C:\Program Files\trend micro
2011-07-26 14:34:51 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2011-07-26 14:10:37 ----A---- C:\Windows\system32\drivers\klin.dat
2011-07-26 14:10:37 ----A---- C:\Windows\system32\drivers\klick.dat
2011-07-26 14:10:27 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-26 14:08:50 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-26 14:07:09 ----A---- C:\Windows\system32\drivers\klif.sys
2011-07-26 14:03:48 ----A---- C:\Windows\iplist.txt
2011-07-26 13:09:32 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-07-26 13:09:32 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-07-26 13:09:32 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-07-26 13:09:32 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-07-26 13:09:31 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-26 13:09:31 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-07-26 13:08:35 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-26 13:08:35 ----A---- C:\Windows\avastSS.scr
2011-07-26 12:54:30 ----A---- C:\Windows\front_ip_list.txt
2011-07-26 00:05:34 ----A---- C:\Windows\winlog-ids.txt
2011-07-26 00:05:34 ----A---- C:\Windows\winlog-dirs.txt
2011-06-08 16:50:04 ----A---- C:\Windows\system32\wups2.dll
2011-06-08 16:50:04 ----A---- C:\Windows\system32\wucltux.dll
2011-06-08 16:50:04 ----A---- C:\Windows\system32\wuaueng.dll
2011-06-08 16:50:04 ----A---- C:\Windows\system32\wuauclt.exe
2011-06-08 16:49:41 ----A---- C:\Windows\system32\wups.dll
2011-06-08 16:49:41 ----A---- C:\Windows\system32\wudriver.dll
2011-06-08 16:49:41 ----A---- C:\Windows\system32\wuapi.dll
2011-06-08 16:49:28 ----A---- C:\Windows\system32\wuwebv.dll
2011-06-08 16:49:28 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 2 months======

2011-07-26 22:39:18 ----D---- C:\Windows\Temp
2011-07-26 22:27:19 ----D---- C:\Windows
2011-07-26 22:25:54 ----D---- C:\ProgramData\HotbarSA
2011-07-26 21:54:38 ----D---- C:\Users\Caleb\AppData\Roaming\Skype
2011-07-26 20:59:54 ----D---- C:\Windows\System32
2011-07-26 20:59:54 ----D---- C:\Windows\inf
2011-07-26 20:59:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-26 20:46:42 ----D---- C:\Windows\system32\drivers\etc
2011-07-26 19:22:26 ----D---- C:\Windows\system32\drivers
2011-07-26 19:22:25 ----D---- C:\ProgramData
2011-07-26 19:22:23 ----RD---- C:\Program Files
2011-07-26 19:17:36 ----D---- C:\Users\Caleb\AppData\Roaming\skypePM
2011-07-26 15:02:05 ----D---- C:\Program Files\Mozilla Firefox
2011-07-26 14:48:02 ----D---- C:\Windows\Minidump
2011-07-26 14:39:11 ----SHD---- C:\Windows\Installer
2011-07-26 14:24:43 ----SHD---- C:\$RECYCLE.BIN
2011-07-26 14:22:13 ----D---- C:\Windows\Logs
2011-07-26 14:11:08 ----SHD---- C:\System Volume Information
2011-07-26 14:10:29 ----D---- C:\Windows\system32\catroot
2011-07-26 14:04:59 ----D---- C:\Windows\system32\drivers\Avg
2011-07-26 14:04:04 ----D---- C:\Windows\system32\catroot2
2011-07-26 13:09:27 ----D---- C:\Windows\winsxs
2011-07-23 22:03:21 ----D---- C:\Windows\system32\Tasks
2011-07-05 21:36:10 ----D---- C:\Users\Caleb\AppData\Roaming\vlc
2011-06-16 23:11:58 ----D---- C:\Windows\rescache
2011-06-16 15:06:07 ----D---- C:\Windows\system32\en-US
2011-05-29 17:05:08 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-22 312344]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2008-08-23 10216]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-07-26 495192]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-25 12672]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-06-28 68608]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2008-10-03 46592]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-25 8192]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-06-10 909824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-25 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-25 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-08-22 2377216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-10-17 2149912]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2008-08-22 9344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-10 181560]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-25 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-05-28 310272]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-10-07 3847168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-06-07 131000]
S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-21 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-05-21 874768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NSUService;NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [2008-11-06 303104]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-05-21 473360]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [2008-11-06 203624]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2008-09-05 411488]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S2 0284821271673283mcinstcleanup;McAfee Application Installer Cleanup (0284821271673283); C:\Users\Caleb\AppData\Local\Temp\028482~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-12 446464]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-27 182768]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2008-05-20 53248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2008-05-20 53248]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2008-05-20 77824]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-12 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-12 83232]
S4 RtkAudioService;Realtek Audio Service; C:\Windows\RtkAudioService.exe [2008-10-17 104992]
S4 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-25 386560]

-----------------EOF-----------------

#18 Příspěvek od **Caroprd111** » 26 črc 2011 22:41

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
Log vložte sem.

ddduda · #19 Příspěvek od **ddduda** » 26 črc 2011 23:22

tak uz mi to konecne dochroustalo.....

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7285

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18813

26/07/2011 11:22:50 PM
mbam-log-2011-07-26 (23-22-36).txt

Typ: Úplná kontrola (C:\|D:\|E:\|F:\|)
Kontrolované objekty: 259138
Uplynulý èas: 38 minut, 45 sekund

Infikované procesy v pamìti: 4
Infikované moduly v pamìti: 2
Infikované klíèe v registru: 122
Infikované hodnoty v registru: 12
Infikované datové položky v registru: 4
Infikované složky: 21
Infikované soubory: 65

Infikované procesy v pamìti:
c:\program files\Hotbar\bin\11.0.175.0\HotbarSA.exe (Adware.Hotbar) -> 3404 -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> 3428 -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> 304 -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-0-0-lnk\svchost.exe (Trojan.Dropper) -> 3164 -> No action taken.

Infikované moduly v pamìti:
c:\program files\Hotbar\bin\11.0.175.0\hotbarsahook.dll (Adware.HotBar.Gen) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> No action taken.

Infikované klíèe v registru:
HKEY_CLASSES_ROOT\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{F244A744-534D-4A46-855F-C0C7E9F27DAA} (Adware.SmartShopper) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{030C9927-10FC-4169-97A2-55BECD5D88D8} (Adware.SmartShopper) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl.1 (Adware.SmartShopper) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl (Adware.SmartShopper) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.SmartShopper) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CntntCntr.CntntDic.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CntntCntr.CntntDic (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HbCoreSrv.DynamicProp.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HbCoreSrv.DynamicProp (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2F9AD413-2E0B-4a85-BB2A-CF961238262A} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3E2DFD6A-4E20-4D4C-AA8B-E1F9DBEF3C80} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton.1 (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Srv.CoreServices.1 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Srv.CoreServices (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{714E0876-FCEE-49CE-A429-B9AD8AEFCB56} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA.1 (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{86C5840B-80C4-4C30-A655-37344A542009} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8C788AA2-7530-43BE-97B7-4D491F13BEA3} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\HotbarWeather.WeatherController.1 (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\HotbarWeather.WeatherController (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A3E67DAA-DA01-4da5-98BE-3088B554A11E} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{76D54105-99EB-4ECB-95B2-A944F50CC566} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4DA5-98BE-3088B554A11E} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HostOL.MailAnim.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HostOL.MailAnim (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CntntCntr.CntntDisp.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CntntCntr.CntntDisp (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554} (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx.1 (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx (Adware.Zango) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand.1 (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand (Adware.ShoppingReport2) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HostOL.WebmailSend.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HostOL.WebmailSend (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{D95C7240-0282-4c01-93F5-673BCA03DA86} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HotbarAX.Info.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\HotbarAX.Info (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D95C7240-0282-4C01-93F5-673BCA03DA86} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4C01-93F5-673BCA03DA86} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{DD15BCC0-5FE9-4690-A957-99FA60ED9D26} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx.1 (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI.1 (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Hotbar (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HotbarSA (Adware.Hotbar) -> Value: HotbarSA -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WeatherDPA (Adware.Hotbar) -> Value: WeatherDPA -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1702885.exe (Trojan.Agent) -> Value: 1702885.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3215506.exe (Trojan.Agent) -> Value: 3215506.exe -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Hotbar) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Hotbar) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\Hotbar@Hotbar.com (Adware.Hotbar) -> Value: Hotbar@Hotbar.com -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x ... asp?Ext=%s) -> No action taken.

Infikované složky:
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\weather_xml (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weather_xml (Adware.Hotbar) -> No action taken.
c:\programdata\HotbarSA (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\weatherdpa (Adware.Hotbar) -> No action taken.
c:\program files\clickpotatolite (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> No action taken.
c:\program files\clickpotatolite\bin\10.0.536.0 (Adware.ClickPotato) -> No action taken.
c:\program files\Hotbar (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0 (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\firefox (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\plugins (Adware.Hotbar) -> No action taken.
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> No action taken.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> No action taken.
c:\program files\shoppingreport2\Bin\2.7.12 (Adware.ShoppingReport2) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar (Adware.Hotbar) -> No action taken.

Infikované soubory:
c:\program files\Hotbar\bin\11.0.175.0\HotbarSA.exe (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\hotbarsahook.dll (Adware.HotBar.Gen) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-0-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Users\Caleb\AppData\Local\Temp\1702885.exe (Trojan.Agent) -> No action taken.
c:\Users\Caleb\AppData\Local\Temp\3215506.exe (Trojan.Agent) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\HostIE.dll (Adware.Hotbar) -> No action taken.
c:\program files\shoppingreport2\Bin\2.7.12\shoppingreport.dll (Adware.SmartShopper) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\cntntcntr.dll (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\CoreSrv.dll (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\Toolbar.dll (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\Srv.exe (Adware.Softomate) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\hotbarsaax.dll (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\HostOL.dll (Adware.Hotbar) -> No action taken.
c:\program files\mozilla firefox\plugins\npclntax_hotbarsa.dll (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\hotbarsadf.exe (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\hotbaruninstaller.exe (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\launchhelp.dll (Adware.Seekmo) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_hotbarsa.dll (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\Desktop\rk_quarantine\l1rezerv.exe.vir (Trojan.Agent) -> No action taken.
c:\Users\Caleb\Desktop\rk_quarantine\services32.exe.vir (Trojan.Dropper) -> No action taken.
c:\Users\Caleb\Desktop\rk_quarantine\sysdriver32.exe.vir (Trojan.Agent) -> No action taken.
c:\Users\Caleb\Desktop\rk_quarantine\sysdriver32_.exe.vir (Trojan.Agent) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\C_Users\Caleb\Desktop\flash-player.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\l1rezerv.exe (Trojan.Agent) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\services32.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\sysdriver32.exe (Trojan.Agent) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\sysdriver32_.exe (Trojan.Agent) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-0-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-12-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-12-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-15-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-15-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\_OTL\movedfiles\07262011_204640\c_windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\history (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherstartup.xml (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\Links (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\weatherpreferences (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\weather_xml\Display (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\weather_xml\Loading (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\weather_xml\screen1 (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weatherdpa\weather_xml\screen2 (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weather_xml\Default (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weather_xml\Genera1 (Adware.Hotbar) -> No action taken.
c:\Users\Caleb\AppData\Roaming\Hotbar\Weather\weather_xml\General (Adware.Hotbar) -> No action taken.
c:\programdata\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> No action taken.
c:\programdata\HotbarSA\hotbarsaabout.mht (Adware.Hotbar) -> No action taken.
c:\programdata\HotbarSA\hotbarsaau.dat (Adware.Hotbar) -> No action taken.
c:\programdata\HotbarSA\hotbarsaeula.mht (Adware.Hotbar) -> No action taken.
c:\programdata\HotbarSA\hotbarsa_kyf.dat (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\arrow.ico (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\copyright.txt (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\chrome.manifest (Adware.Hotbar) -> No action taken.
c:\program files\Hotbar\bin\11.0.175.0\firefox\extensions\install.rdf (Adware.Hotbar) -> No action taken.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\about hotbar.lnk (Adware.Hotbar) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\hotbar customer support center.lnk (Adware.Hotbar) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\hotbar games!.lnk (Adware.Hotbar) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\hotbar uninstall instructions.lnk (Adware.Hotbar) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\hotbar videos!.lnk (Adware.Hotbar) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\reset cursor.lnk (Adware.Hotbar) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\Hotbar\Weather.lnk (Adware.Hotbar) -> No action taken.

#20 Příspěvek od **Caroprd111** » 27 črc 2011 10:06

Vše, co našel MBAM, smažte a přeinstalujte Avast. Pak napište stav PC.

ddduda · #21 Příspěvek od **ddduda** » 27 črc 2011 11:21

tak PC vypada ze je v pohode, antivir se nainstaloval ale vyhazuje mi to nejakou chybovou hlasku ...

#22 Příspěvek od **Caroprd111** » 27 črc 2011 11:41

Zkuste Avast odinstalovat, vyčistit PC CCleanerem a pak znovu nainstalovat.

ddduda · #23 Příspěvek od **ddduda** » 27 črc 2011 11:57

Tak pomohlo, moc dekuji za pomoc

#24 Příspěvek od **Caroprd111** » 27 črc 2011 12:01

Není zač, ještě vás poprosím o nový log z RSIT a ještě dočistíme.

ddduda · #25 Příspěvek od **ddduda** » 27 črc 2011 12:02

Logfile of random's system information tool 1.09 (written by random/random)
Run by Caleb at 2011-07-27 12:03:18
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 140 GB (61%) free of 229 GB
Total RAM: 2938 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:03:30 PM , on 27/07/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Caleb\Desktop\RSIT.exe
C:\Program Files\trend micro\Caleb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2550700
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 123 port st:12334
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: (no name) - {d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0284821271673283) (0284821271673283mcinstcleanup) - Unknown owner - C:\Users\Caleb\AppData\Local\Temp\028482~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

--
End of file - 8840 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3799059190-483588289-3117201309-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3799059190-483588289-3117201309-1003UA.job
C:\Windows\tasks\Norton Security Scan for Caleb.job
C:\Windows\tasks\PCConfidential.job
C:\Windows\tasks\Regwork.job
C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2, wrc@avast.com:6.0.1203, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, linkfilter@kaspersky.ru:11.0.1.400, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0, {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.6.0.15, {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.2.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3"
prefs.js - "keyword.URL" - "http://search.alot.com/web?&src_id=1151 ... pr=auto&q="

"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG8\Firefox
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
linkfilter@kaspersky.ru
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_gp.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazon-en-GB.xml
answers.xml
avg_igeared.xml
chambers-en-GB.xml
creativecommons.xml
eBay-en-GB.xml
google.xml
wikipedia.xml
yahoo-en-GB.xml

C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{ba14329e-9550-4989-b3f2-9732e92d17cc}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{e2c58150-9d72-11dd-ad8b-0800200c9a66}
{EF522540-89F5-46b9-B6FE-1829E2B572C6}

C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default\searchplugins\
alot-search.xml
conduit.xml
imdb.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
PriceGongBHO Class - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll [2010-03-28 353656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-27 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-04-27 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-04-15 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-27 263280]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-04-15 2515552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9451089.exe]
C:\Windows\Temp\9451089.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9593303.exe]
C:\Users\Caleb\AppData\Local\Temp\9593303.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CD Autorun]
C:\Program Files\TweakNow PowerPack 2009\CDAuto.exe [2009-10-06 429312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Caleb\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-28 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-08-22 170520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-08-22 150040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSUFloatingUI]
C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-11-06 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-08-22 145944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-10-17 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-27 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Agent.lnk]
C:\PROGRA~1\3\3Connect\AUTOUP~1.EXE []

C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-08-22 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2010-07-01 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2008-11-06 98304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"DisallowRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.dvsd"=C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.JPEG"=JpegCode.dll
"VIDC.MJPG"=JpegCode.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 month======

2011-07-27 11:54:34 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-07-27 11:54:34 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-07-27 11:53:50 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-27 11:53:50 ----A---- C:\Windows\avastSS.scr
2011-07-27 10:57:40 ----D---- C:\ProgramData\AVAST Software
2011-07-27 10:57:40 ----D---- C:\Program Files\AVAST Software
2011-07-26 20:46:40 ----D---- C:\_OTL
2011-07-26 19:22:30 ----D---- C:\Users\Caleb\AppData\Roaming\Malwarebytes
2011-07-26 19:22:26 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-07-26 19:22:25 ----D---- C:\ProgramData\Malwarebytes
2011-07-26 19:22:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-26 19:22:23 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-07-26 15:19:08 ----D---- C:\rsit
2011-07-26 15:19:08 ----D---- C:\Program Files\trend micro
2011-07-26 14:34:51 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2011-07-26 14:10:37 ----A---- C:\Windows\system32\drivers\klin.dat
2011-07-26 14:10:37 ----A---- C:\Windows\system32\drivers\klick.dat
2011-07-26 14:10:27 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-26 14:08:50 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-26 14:07:09 ----A---- C:\Windows\system32\drivers\klif.sys
2011-07-26 14:03:48 ----A---- C:\Windows\iplist.txt
2011-07-26 12:54:30 ----A---- C:\Windows\front_ip_list.txt
2011-07-26 00:05:34 ----A---- C:\Windows\winlog-ids.txt
2011-07-26 00:05:34 ----A---- C:\Windows\winlog-dirs.txt

======List of files/folders modified in the last 1 month======

2011-07-27 11:58:22 ----D---- C:\Windows\System32
2011-07-27 11:58:22 ----D---- C:\Windows\inf
2011-07-27 11:58:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-27 11:57:28 ----D---- C:\Program Files\Mozilla Firefox
2011-07-27 11:57:15 ----D---- C:\Windows\Temp
2011-07-27 11:54:34 ----D---- C:\Windows\system32\drivers
2011-07-27 11:54:26 ----SHD---- C:\Windows\Installer
2011-07-27 11:53:50 ----D---- C:\Windows
2011-07-27 11:53:27 ----SHD---- C:\System Volume Information
2011-07-27 11:52:33 ----D---- C:\Users\Caleb\AppData\Roaming\Skype
2011-07-27 10:57:40 ----RD---- C:\Program Files
2011-07-27 10:57:40 ----D---- C:\ProgramData
2011-07-27 10:50:42 ----D---- C:\Users\Caleb\AppData\Roaming\skypePM
2011-07-27 10:49:09 ----D---- C:\Windows\Sonysys
2011-07-26 20:46:42 ----D---- C:\Windows\system32\drivers\etc
2011-07-26 14:48:02 ----D---- C:\Windows\Minidump
2011-07-26 14:24:43 ----SHD---- C:\$RECYCLE.BIN
2011-07-26 14:22:13 ----D---- C:\Windows\Logs
2011-07-26 14:10:29 ----D---- C:\Windows\system32\catroot
2011-07-26 14:04:59 ----D---- C:\Windows\system32\drivers\Avg
2011-07-26 14:04:04 ----D---- C:\Windows\system32\catroot2
2011-07-26 13:09:27 ----D---- C:\Windows\winsxs
2011-07-23 22:03:21 ----D---- C:\Windows\system32\Tasks
2011-07-05 21:36:10 ----D---- C:\Users\Caleb\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-22 312344]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2008-08-23 10216]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-07-26 495192]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-25 12672]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-06-28 68608]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2008-10-03 46592]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-25 8192]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-06-10 909824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-25 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-25 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-08-22 2377216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-10-17 2149912]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2008-08-22 9344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-10 181560]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-25 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-05-28 310272]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-10-07 3847168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-06-07 131000]
S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-21 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-05-21 874768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NSUService;NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [2008-11-06 303104]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-05-21 473360]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [2008-11-06 203624]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2008-09-05 411488]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S2 0284821271673283mcinstcleanup;McAfee Application Installer Cleanup (0284821271673283); C:\Users\Caleb\AppData\Local\Temp\028482~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-12 446464]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-27 182768]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2008-05-20 53248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2008-05-20 53248]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2008-05-20 77824]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-12 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-12 83232]
S4 RtkAudioService;Realtek Audio Service; C:\Windows\RtkAudioService.exe [2008-10-17 104992]
S4 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-25 386560]

-----------------EOF-----------------

#26 Příspěvek od **Caroprd111** » 27 črc 2011 12:05

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
Obrázek

Záložka Čistič

Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.

OK

Zavřít

Po dokončení těchto kroků vás poprosím o další RSIT, potřebuji si něco ověřit.

ddduda · #27 Příspěvek od **ddduda** » 27 črc 2011 12:58

Logfile of random's system information tool 1.09 (written by random/random)
Run by Caleb at 2011-07-27 12:55:52
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 138 GB (60%) free of 229 GB
Total RAM: 2938 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:56:03 PM , on 27/07/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Caleb\Desktop\RSIT.exe
C:\Program Files\trend micro\Caleb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2550700
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 123 port st:12334
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: (no name) - {d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} (Diagnostics ActiveX WebControl) - http://support.microsoft.com/mats/DiagWebControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0284821271673283) (0284821271673283mcinstcleanup) - Unknown owner - C:\Users\Caleb\AppData\Local\Temp\028482~1.EXE (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

--
End of file - 8873 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3799059190-483588289-3117201309-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3799059190-483588289-3117201309-1003UA.job
C:\Windows\tasks\Norton Security Scan for Caleb.job
C:\Windows\tasks\PCConfidential.job
C:\Windows\tasks\Regwork.job
C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2, wrc@avast.com:6.0.1203, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, linkfilter@kaspersky.ru:11.0.1.400, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0, {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.6.0.15, {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.2.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2504091&q="

"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG8\Firefox
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
linkfilter@kaspersky.ru
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_gp.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazon-en-GB.xml
answers.xml
avg_igeared.xml
chambers-en-GB.xml
creativecommons.xml
eBay-en-GB.xml
google.xml
wikipedia.xml
yahoo-en-GB.xml

C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{ba14329e-9550-4989-b3f2-9732e92d17cc}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{e2c58150-9d72-11dd-ad8b-0800200c9a66}
{EF522540-89F5-46b9-B6FE-1829E2B572C6}

C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\3iht5vey.default\searchplugins\
alot-search.xml
conduit.xml
imdb.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
PriceGongBHO Class - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll [2010-03-28 353656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-27 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-04-27 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-04-15 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-27 263280]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-04-15 2515552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9451089.exe]
C:\Windows\Temp\9451089.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9593303.exe]
C:\Users\Caleb\AppData\Local\Temp\9593303.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CD Autorun]
C:\Program Files\TweakNow PowerPack 2009\CDAuto.exe [2009-10-06 429312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Caleb\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-28 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-08-22 170520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-08-22 150040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSUFloatingUI]
C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-11-06 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-08-22 145944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-10-17 6295552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-27 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Agent.lnk]
C:\PROGRA~1\3\3Connect\AUTOUP~1.EXE []

C:\Users\Caleb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-08-22 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2010-07-01 228024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2008-11-06 98304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"DisallowRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.dvsd"=C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.JPEG"=JpegCode.dll
"VIDC.MJPG"=JpegCode.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 month======

2011-07-27 12:55:52 ----D---- C:\rsit
2011-07-27 11:54:34 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-07-27 11:54:34 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-07-27 11:54:33 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-07-27 11:53:50 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-27 11:53:50 ----A---- C:\Windows\avastSS.scr
2011-07-27 10:57:40 ----D---- C:\ProgramData\AVAST Software
2011-07-27 10:57:40 ----D---- C:\Program Files\AVAST Software
2011-07-26 19:22:30 ----D---- C:\Users\Caleb\AppData\Roaming\Malwarebytes
2011-07-26 19:22:26 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-07-26 19:22:25 ----D---- C:\ProgramData\Malwarebytes
2011-07-26 19:22:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-26 19:22:23 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-07-26 15:19:08 ----D---- C:\Program Files\trend micro
2011-07-26 14:34:51 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2011-07-26 14:10:37 ----A---- C:\Windows\system32\drivers\klin.dat
2011-07-26 14:10:37 ----A---- C:\Windows\system32\drivers\klick.dat
2011-07-26 14:10:27 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-26 14:08:50 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-26 14:07:09 ----A---- C:\Windows\system32\drivers\klif.sys
2011-07-26 14:03:48 ----A---- C:\Windows\iplist.txt
2011-07-26 12:54:30 ----A---- C:\Windows\front_ip_list.txt
2011-07-26 00:05:34 ----A---- C:\Windows\winlog-ids.txt
2011-07-26 00:05:34 ----A---- C:\Windows\winlog-dirs.txt

======List of files/folders modified in the last 1 month======

2011-07-27 12:53:36 ----D---- C:\Windows\System32
2011-07-27 12:53:36 ----D---- C:\Windows\inf
2011-07-27 12:53:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-27 12:53:03 ----D---- C:\Windows\Temp
2011-07-27 12:51:03 ----D---- C:\Windows
2011-07-27 12:50:48 ----D---- C:\Windows\Minidump
2011-07-27 12:48:42 ----D---- C:\Users\Caleb\AppData\Roaming\Skype
2011-07-27 12:48:12 ----D---- C:\Program Files\Mozilla Firefox
2011-07-27 11:54:34 ----D---- C:\Windows\system32\drivers
2011-07-27 11:54:26 ----SHD---- C:\Windows\Installer
2011-07-27 11:53:27 ----SHD---- C:\System Volume Information
2011-07-27 10:57:40 ----RD---- C:\Program Files
2011-07-27 10:57:40 ----D---- C:\ProgramData
2011-07-27 10:50:42 ----D---- C:\Users\Caleb\AppData\Roaming\skypePM
2011-07-27 10:50:00 ----D---- C:\Windows\Sonysys
2011-07-26 20:46:42 ----D---- C:\Windows\system32\drivers\etc
2011-07-26 14:24:43 ----SHD---- C:\$RECYCLE.BIN
2011-07-26 14:22:13 ----D---- C:\Windows\Logs
2011-07-26 14:10:29 ----D---- C:\Windows\system32\catroot
2011-07-26 14:04:59 ----D---- C:\Windows\system32\drivers\Avg
2011-07-26 14:04:04 ----D---- C:\Windows\system32\catroot2
2011-07-26 13:09:27 ----D---- C:\Windows\winsxs
2011-07-23 22:03:21 ----D---- C:\Windows\system32\Tasks
2011-07-05 21:36:10 ----D---- C:\Users\Caleb\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-22 312344]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2010-06-09 132184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2008-08-23 10216]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-07-26 495192]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-25 12672]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-06-28 68608]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2008-10-03 46592]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-25 8192]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-06-10 909824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-25 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-25 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-08-22 2377216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-10-17 2149912]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2008-08-22 9344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-10 181560]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-25 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-05-28 310272]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-10-07 3847168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-21 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-06-07 131000]
S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-21 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-05-21 874768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NSUService;NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [2008-11-06 303104]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-05-21 473360]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [2008-11-06 203624]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2008-09-05 411488]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S2 0284821271673283mcinstcleanup;McAfee Application Installer Cleanup (0284821271673283); C:\Users\Caleb\AppData\Local\Temp\028482~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-12 446464]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-28 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-27 182768]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2008-05-20 53248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2008-05-20 53248]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2008-05-20 77824]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-12 337184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-06-12 83232]
S4 RtkAudioService;Realtek Audio Service; C:\Windows\RtkAudioService.exe [2008-10-17 104992]
S4 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-25 386560]

-----------------EOF-----------------

#28 Příspěvek od **Caroprd111** » 27 črc 2011 13:33

Doporučuji odisnatlovat toolbary.

Obrázek

Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9451089.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9593303.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CachemanTray]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Agent.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d3369e79-2009-4f8d-b7b7-b7a7f0c3bcab}"=-

Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.

ddduda · #29 Příspěvek od **ddduda** » 27 črc 2011 13:38

hotovo, mam poslat nejaky log?

#30 Příspěvek od **Caroprd111** » 27 črc 2011 13:52

Ne, je to vše.

VIRY.CZ

taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....

Re: taktez s virem z FB....