Prosím o kontrolu logu, zmenilo mi domovskú adresu

Zpráva

michajlo · #1 Příspěvek od **michajlo** » 30 lis 2009 15:46

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:45:33, on 30. 11. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: tom for ie - {8AA217B9-D729-4ee0-AED7-E93D695E94A2} - C:\Program Files\Stylish Profile\tom4ie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E7532CE-EE46-4735-BEC1-40CECF5761DC}: NameServer = 10.0.0.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Služba Google Update (gupdate1ca5670872813c8) (gupdate1ca5670872813c8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9062 bytes

michajlo · #2 Příspěvek od **michajlo** » 30 lis 2009 16:13

Pardon, až teraz mi došlo...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Andrejko at 2009-11-30 15:55:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 29 GB (24%) free of 119 GB
Total RAM: 3069 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:55:49, on 30. 11. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Andrejko\Downloads\RSIT(2).exe
C:\Program Files\Trend Micro\HijackThis\Andrejko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: tom for ie - {8AA217B9-D729-4ee0-AED7-E93D695E94A2} - C:\Program Files\Stylish Profile\tom4ie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E7532CE-EE46-4735-BEC1-40CECF5761DC}: NameServer = 10.0.0.254
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Služba Google Update (gupdate1ca5670872813c8) (gupdate1ca5670872813c8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9143 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2009-10-04 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL [2009-10-04 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AA217B9-D729-4ee0-AED7-E93D695E94A2}]
TomBHO Class - C:\Program Files\Stylish Profile\tom4ie.dll [2009-09-24 213504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2009-10-04 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-03-07 198160]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-01-29 430080]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe [2006-12-06 366400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5aa4244b-f6db-11dd-9395-00037a8dd304}]
shell\AutoRun\command - D:\vlvtdflx.exe
shell\open\command - D:\vlvtdflx.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87e15f13-02a9-11de-8b33-00037a8dd304}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{984f055b-ac2d-11dd-862d-00037a8dd304}]
shell\AutoRun\command - D:\LaunchU3.exe -a

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-11-30 15:55:40 ----D---- C:\rsit
2009-11-27 11:11:17 ----A---- C:\Windows\system32\tzres.dll
2009-11-26 11:34:00 ----A---- C:\Windows\system32\XAudio2_5.dll
2009-11-26 11:33:59 ----A---- C:\Windows\system32\xactengine3_5.dll
2009-11-26 11:33:59 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2009-11-26 11:33:58 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-11-26 11:33:58 ----A---- C:\Windows\system32\d3dx11_42.dll
2009-11-26 11:33:58 ----A---- C:\Windows\system32\d3dx10_42.dll
2009-11-26 11:33:58 ----A---- C:\Windows\system32\d3dcsx_42.dll
2009-11-26 11:33:52 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-11-26 11:33:52 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-11-26 11:33:51 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-11-26 11:33:51 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-11-26 11:33:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-11-26 11:33:51 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-11-26 11:33:51 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-11-26 11:33:50 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-11-26 11:33:50 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-11-26 11:33:49 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-11-26 11:33:49 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-11-26 11:33:49 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-11-26 11:33:47 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-11-26 11:33:47 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-11-26 11:33:47 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-11-26 11:33:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-11-26 11:33:46 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-11-26 11:33:46 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-11-26 11:33:45 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-11-26 11:33:44 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-11-26 11:33:44 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-11-26 11:33:44 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-11-26 11:33:42 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-11-26 11:33:41 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-11-26 11:33:41 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-11-26 11:33:39 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-11-26 11:33:39 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-11-26 11:33:38 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-11-26 11:33:38 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-11-26 11:33:37 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-11-26 11:33:36 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-11-26 11:33:36 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-11-26 10:43:55 ----D---- C:\Program Files\Activision
2009-11-25 13:11:17 ----D---- C:\Program Files\DAEMON Tools Lite
2009-11-25 13:10:47 ----D---- C:\Users\Andrejko\AppData\Roaming\DAEMON Tools Lite
2009-11-25 13:10:41 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-11-25 08:37:46 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 08:37:44 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 20:57:52 ----D---- C:\SAVE
2009-11-23 09:28:07 ----A---- C:\Windows\system32\javaws.exe
2009-11-23 09:28:07 ----A---- C:\Windows\system32\javaw.exe
2009-11-23 09:28:07 ----A---- C:\Windows\system32\java.exe
2009-11-18 08:12:04 ----D---- C:\Program Files\Windows Portable Devices
2009-11-18 01:23:00 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-18 01:22:59 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-18 01:22:59 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-18 01:22:16 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-18 01:22:15 ----A---- C:\Windows\system32\cdd.dll
2009-11-18 01:22:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-18 01:22:14 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-18 01:22:14 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-18 01:22:14 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-18 01:22:13 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\FntCache.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-18 01:22:13 ----A---- C:\Windows\system32\DWrite.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\d3d11.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-18 01:22:13 ----A---- C:\Windows\system32\d2d1.dll
2009-11-18 01:22:12 ----A---- C:\Windows\system32\dxgi.dll
2009-11-18 01:22:12 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-18 01:22:12 ----A---- C:\Windows\system32\d3d10.dll
2009-11-18 01:21:27 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-18 01:21:26 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-18 01:21:26 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-18 01:21:22 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-18 01:21:20 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-18 01:19:49 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-18 01:19:48 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-18 01:19:48 ----A---- C:\Windows\system32\oleacc.dll
2009-11-16 01:07:57 ----A---- C:\Windows\patchw32.dll
2009-11-16 01:07:56 ----D---- C:\Program Files\Common Files\PocketSoft
2009-11-16 01:01:54 ----D---- C:\Unreal2
2009-11-15 16:59:11 ----D---- C:\ProgramData\PopCap Games
2009-11-12 11:23:22 ----D---- C:\Downloads
2009-11-11 22:59:13 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-11 20:36:11 ----D---- C:\ProgramData\DVD Shrink
2009-11-11 20:36:10 ----D---- C:\Program Files\DVD Shrink
2009-11-06 13:43:14 ----D---- C:\Program Files\Stylish Profile
2009-11-04 21:36:55 ----D---- C:\Program Files\directx
2009-11-04 21:34:32 ----D---- C:\UnrealTournament
2009-11-04 15:35:24 ----RHD---- C:\Users\Andrejko\AppData\Roaming\SecuROM
2009-11-04 08:16:16 ----A---- C:\Windows\system32\mshtml.dll
2009-11-04 00:06:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-11-04 00:06:49 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-11-04 00:06:49 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-11-04 00:06:46 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-11-04 00:06:45 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-11-04 00:05:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-11-04 00:05:56 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-11-04 00:05:54 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-11-04 00:03:30 ----D---- C:\Windows\system32\xlive
2009-11-04 00:03:29 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE

======List of files/folders modified in the last 1 months======

2009-11-30 15:55:49 ----D---- C:\Windows\Prefetch
2009-11-30 15:55:45 ----D---- C:\Windows\temp
2009-11-30 15:53:57 ----AD---- C:\Windows\System32
2009-11-30 15:53:56 ----D---- C:\Windows\inf
2009-11-30 15:53:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-30 09:39:53 ----D---- C:\Windows\system32\catroot2
2009-11-30 09:39:47 ----SHD---- C:\System Volume Information
2009-11-27 21:56:09 ----D---- C:\Windows\rescache
2009-11-27 11:13:49 ----D---- C:\Windows\system32\sk-SK
2009-11-27 11:13:08 ----D---- C:\Windows\winsxs
2009-11-27 11:12:18 ----D---- C:\Windows\system32\catroot
2009-11-26 21:54:37 ----SHD---- C:\Windows\Installer
2009-11-26 21:54:26 ----D---- C:\Program Files\Electronic Arts
2009-11-26 11:33:26 ----RSD---- C:\Windows\assembly
2009-11-26 10:43:55 ----RD---- C:\Program Files
2009-11-26 10:11:06 ----D---- C:\Windows
2009-11-25 13:10:41 ----HD---- C:\ProgramData
2009-11-24 07:08:59 ----D---- C:\Windows\system32\WDI
2009-11-23 20:54:00 ----A---- C:\Windows\SIERRA.INI
2009-11-23 20:52:25 ----D---- C:\SIERRA
2009-11-23 09:28:04 ----D---- C:\Program Files\Java
2009-11-18 08:26:59 ----D---- C:\Windows\system32\Tasks
2009-11-18 08:12:04 ----D---- C:\Windows\system32\wbem
2009-11-18 08:12:04 ----D---- C:\Windows\system32\drivers
2009-11-18 08:12:02 ----D---- C:\Windows\system32\zh-HK
2009-11-18 08:12:02 ----D---- C:\Windows\system32\uk-UA
2009-11-18 08:12:02 ----D---- C:\Windows\system32\sl-SI
2009-11-18 08:12:02 ----D---- C:\Windows\system32\pt-PT
2009-11-18 08:12:02 ----D---- C:\Windows\system32\pt-BR
2009-11-18 08:12:02 ----D---- C:\Windows\system32\pl-PL
2009-11-18 08:12:02 ----D---- C:\Windows\system32\nl-NL
2009-11-18 08:12:02 ----D---- C:\Windows\system32\ko-KR
2009-11-18 08:12:02 ----D---- C:\Windows\system32\it-IT
2009-11-18 08:12:02 ----D---- C:\Windows\system32\hu-HU
2009-11-18 08:12:02 ----D---- C:\Windows\system32\hr-HR
2009-11-18 08:12:02 ----D---- C:\Windows\system32\he-IL
2009-11-18 08:12:02 ----D---- C:\Windows\system32\fr-FR
2009-11-18 08:12:02 ----D---- C:\Windows\system32\el-GR
2009-11-18 08:12:02 ----D---- C:\Windows\system32\bg-BG
2009-11-18 08:12:01 ----D---- C:\Windows\system32\zh-TW
2009-11-18 08:12:01 ----D---- C:\Windows\system32\zh-CN
2009-11-18 08:12:01 ----D---- C:\Windows\system32\tr-TR
2009-11-18 08:12:01 ----D---- C:\Windows\system32\th-TH
2009-11-18 08:12:01 ----D---- C:\Windows\system32\sv-SE
2009-11-18 08:12:01 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-18 08:12:01 ----D---- C:\Windows\system32\lv-LV
2009-11-18 08:12:01 ----D---- C:\Windows\system32\lt-LT
2009-11-18 08:12:01 ----D---- C:\Windows\system32\ja-JP
2009-11-18 08:12:01 ----D---- C:\Windows\system32\fi-FI
2009-11-18 08:12:01 ----D---- C:\Windows\system32\et-EE
2009-11-18 08:12:01 ----D---- C:\Windows\system32\es-ES
2009-11-18 08:12:01 ----D---- C:\Windows\system32\de-DE
2009-11-18 08:12:01 ----D---- C:\Windows\system32\cs-CZ
2009-11-18 08:12:00 ----D---- C:\Windows\system32\ru-RU
2009-11-18 08:12:00 ----D---- C:\Windows\system32\ro-RO
2009-11-18 08:12:00 ----D---- C:\Windows\system32\nb-NO
2009-11-18 08:12:00 ----D---- C:\Windows\system32\en-US
2009-11-18 08:12:00 ----D---- C:\Windows\system32\da-DK
2009-11-18 08:12:00 ----D---- C:\Windows\system32\ar-SA
2009-11-16 01:07:56 ----D---- C:\Program Files\Common Files
2009-11-16 01:01:51 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-12 16:18:52 ----D---- C:\games
2009-11-12 07:13:32 ----D---- C:\Program Files\Mozilla Firefox
2009-11-12 06:58:29 ----D---- C:\Windows\Debug
2009-11-12 06:47:03 ----D---- C:\Program Files\Windows Mail
2009-11-11 12:25:01 ----D---- C:\Users\Andrejko\AppData\Roaming\Skype
2009-11-11 10:58:34 ----D---- C:\Users\Andrejko\AppData\Roaming\dvdcss
2009-11-06 13:43:15 ----D---- C:\Program Files\Opera
2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe
2009-11-04 18:52:20 ----D---- C:\Windows\WindowsMobile

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\system32\drivers\N360\0305020.00B\BHDrvx86.sys [2009-10-04 259632]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0305020.00B\ccHPx86.sys [2009-10-04 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-10-04 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-10-28 343088]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0305020.00B\SRTSPX.SYS [2009-10-04 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-10-04 25648]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\system32\drivers\N360\0305020.00B\SYMTDI.SYS [2009-10-04 217136]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-30 3483648]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-10-04 102448]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-10-04 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091129.020\NAVENG.SYS [2009-10-04 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091129.020\NAVEX15.SYS [2009-10-04 1323568]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-12-28 104448]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\drivers\N360\0305020.00B\SRTSP.SYS [2009-10-04 308272]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-10-04 124976]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\system32\drivers\N360\0305020.00B\SYMFW.SYS [2009-10-04 89904]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\system32\drivers\N360\0305020.00B\SYMNDISV.SYS [2009-10-04 48688]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-12-26 131584]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-11-29 74240]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 avveasg1;avveasg1; C:\Windows\system32\drivers\avveasg1.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-30 643072]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [2009-10-04 117640]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate1ca5670872813c8;Služba Google Update (gupdate1ca5670872813c8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-26 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-24 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

#3 Příspěvek od **motji** » 30 lis 2009 21:48

Dobrý večer

Co je jednotka D?

Zapojte do pc všechny usb klíče, flashky...co používáte

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

michajlo · #4 Příspěvek od **michajlo** » 01 pro 2009 15:20

Tu je:

ComboFix 09-11-30.05 - Andrejko . 12. 2009 15:07.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3069.2394 [GMT 1:00]
Running from: c:\users\Andrejko\Downloads\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Andrejko\AppData\Roaming\Desktopicon
c:\users\Andrejko\AppData\Roaming\Desktopicon\eBay.ico
c:\users\Andrejko\AppData\Roaming\Desktopicon\uninst.exe

.
((((((((((((((((((((((((( Files Created from 2009-11-01 to 2009-12-01 )))))))))))))))))))))))))))))))
.

2009-12-01 14:16 . 2009-12-01 14:16 -------- d-----w- c:\users\Andrejko\AppData\Local\temp
2009-12-01 14:16 . 2009-12-01 14:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-01 14:03 . 2009-12-01 14:03 24576 d-----w- C:\32788R22FWJFW
2009-12-01 13:51 . 2009-10-04 01:05 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\NAVENG.SYS
2009-12-01 13:51 . 2009-10-04 01:05 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\EECTRL.SYS
2009-12-01 13:51 . 2009-10-04 01:05 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\NAVENG32.DLL
2009-12-01 13:51 . 2009-10-04 01:05 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\NAVEX32A.DLL
2009-12-01 13:51 . 2009-10-04 01:05 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\NAVEX15.SYS
2009-12-01 13:51 . 2009-10-04 01:05 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\ERASER.SYS
2009-12-01 13:51 . 2009-10-04 01:05 2747952 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\CCERASER.DLL
2009-12-01 13:51 . 2009-10-04 01:05 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091130.040\ECMSVR32.DLL
2009-12-01 07:31 . 2009-12-01 07:31 -------- d-----w- c:\users\Andrejko\AppData\Local\Symantec
2009-11-30 14:55 . 2009-11-30 14:55 -------- d-----w- C:\rsit
2009-11-27 10:11 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-26 10:34 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-26 09:43 . 2009-11-26 09:43 -------- d-----w- c:\program files\Activision
2009-11-25 12:11 . 2009-11-25 12:12 4096 d-----w- c:\program files\DAEMON Tools Lite
2009-11-25 12:10 . 2009-11-25 12:47 -------- d-----w- c:\users\Andrejko\AppData\Roaming\DAEMON Tools Lite
2009-11-25 12:10 . 2009-11-25 12:10 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-25 07:37 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 07:37 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-23 19:57 . 2009-11-23 19:57 -------- d-----w- C:\SAVE
2009-11-18 07:12 . 2009-11-18 07:12 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 00:23 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-18 00:21 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-11-18 00:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-18 00:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-18 00:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-16 00:08 . 2009-11-16 00:08 0 ----a-w- c:\windows\PowerReg.dat
2009-11-16 00:07 . 2002-02-27 16:50 197120 ----a-w- c:\windows\patchw32.dll
2009-11-16 00:07 . 2009-11-16 00:07 -------- d-----w- c:\program files\Common Files\PocketSoft
2009-11-16 00:01 . 2009-11-16 00:15 4096 d-----w- C:\Unreal2
2009-11-15 15:59 . 2009-11-15 16:01 4096 d-----w- c:\programdata\PopCap Games
2009-11-13 08:46 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys
2009-11-13 08:46 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys
2009-11-13 08:46 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll
2009-11-13 08:46 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll
2009-11-13 08:46 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys
2009-11-12 23:13 . 2009-10-16 14:50 2520888 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2009-11-12 23:13 . 2006-10-16 17:44 196608 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\ssleay32.dll
2009-11-12 23:13 . 2008-03-04 17:52 286720 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libcurl.dll
2009-11-12 23:13 . 2007-10-31 08:39 59904 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\zlib1.dll
2009-11-12 23:13 . 2007-05-17 12:58 143360 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libexpatw.dll
2009-11-12 23:13 . 2006-10-18 16:32 499712 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\msvcp71.dll
2009-11-12 23:13 . 2006-10-18 16:32 348160 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\msvcr71.dll
2009-11-12 23:13 . 2006-10-16 17:44 1028096 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libeay32.dll
2009-11-12 10:23 . 2009-12-01 09:01 8192 d-----w- C:\Downloads
2009-11-11 23:09 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\Scxpx86.dll
2009-11-11 23:09 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSvix86.sys
2009-11-11 23:09 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSXpx86.sys
2009-11-11 23:09 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSxpx86.dll
2009-11-11 23:09 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSviA64.sys
2009-11-11 21:59 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 21:59 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 19:36 . 2009-11-11 19:38 -------- d-----w- c:\programdata\DVD Shrink
2009-11-11 19:36 . 2009-11-11 19:36 4096 d-----w- c:\program files\DVD Shrink
2009-11-06 12:43 . 2009-11-06 12:43 4096 d-----w- c:\program files\Stylish Profile
2009-11-04 20:36 . 2009-11-04 20:36 -------- d-----w- c:\program files\directx
2009-11-04 20:34 . 2009-11-04 20:39 4096 d-----w- C:\UnrealTournament
2009-11-04 14:35 . 2009-11-04 14:35 -------- d--h--r- c:\users\Andrejko\AppData\Roaming\SecuROM
2009-11-03 23:38 . 2009-11-03 23:38 -------- d-----w- c:\users\Andrejko\AppData\Local\CAPCOM
2009-11-03 23:06 . 2009-03-09 14:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-03 23:06 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-03 23:06 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-03 23:06 . 2009-03-16 13:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-03 23:06 . 2009-03-16 13:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-03 23:05 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-11-03 23:05 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-11-03 23:05 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-11-03 23:03 . 2009-11-03 23:03 -------- d-----w- c:\windows\system32\xlive
2009-11-03 23:03 . 2009-11-03 23:06 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-01 10:50 . 2008-11-28 14:33 8192 d-----w- c:\users\Andrejko\AppData\Roaming\dvdcss
2009-11-26 20:54 . 2009-05-11 18:06 4096 d-----w- c:\program files\Electronic Arts
2009-11-25 12:11 . 2009-07-14 10:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-23 08:28 . 2008-04-24 06:33 4096 d-----w- c:\program files\Java
2009-11-23 05:37 . 2009-03-25 14:18 117760 ----a-w- c:\users\Andrejko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-18 07:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 07:03 . 2009-11-18 07:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 07:02 . 2009-11-18 07:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-16 00:01 . 2008-04-24 06:44 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 05:47 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-11 11:25 . 2008-10-27 18:44 4096 d-----w- c:\users\Andrejko\AppData\Roaming\Skype
2009-11-06 12:43 . 2009-03-14 14:00 4096 d-----w- c:\program files\Opera
2009-11-03 22:25 . 2008-10-22 13:53 1 ----a-w- c:\users\Andrejko\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-10-26 19:16 . 2008-04-24 07:18 4096 d-----w- c:\program files\Google
2009-10-26 19:14 . 2009-02-11 14:49 8192 d-----w- c:\program files\DivX
2009-10-26 19:14 . 2009-10-26 19:14 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-10-23 06:01 . 2008-04-24 07:14 4096 d-----w- c:\programdata\McAfee
2009-10-20 23:14 . 2009-10-20 22:51 4096 d-----w- c:\programdata\NOS
2009-10-20 23:03 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-10-20 22:52 . 2009-10-20 22:52 -------- d-----w- c:\programdata\McAfee Security Scan
2009-10-20 22:52 . 2009-10-20 22:52 -------- d-----w- c:\program files\McAfee Security Scan
2009-10-20 22:51 . 2009-10-20 22:51 -------- d-----w- c:\program files\NOS
2009-10-17 20:51 . 2008-10-26 15:59 12288 d-----w- c:\program files\AGEIA Technologies
2009-10-17 20:50 . 2008-10-22 13:45 4096 d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-17 20:12 . 2009-10-01 07:15 -------- d-----w- c:\program files\Sins of a Solar Empire
2009-10-15 18:41 . 2009-09-28 15:25 12288 d-----w- c:\program files\Valve
2009-10-14 17:17 . 2009-10-14 17:17 489720 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-12 14:28 . 2009-10-12 14:27 4096 d-----w- c:\program files\K-Lite Codec Pack
2009-10-12 09:13 . 2009-10-12 09:05 4096 d-----w- c:\users\Andrejko\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2009-10-11 03:17 . 2009-03-30 09:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-05 17:15 . 2009-04-22 10:09 16384 d-----w- c:\program files\Common Files\Symantec Shared
2009-10-05 13:36 . 2009-10-05 13:36 -------- d-----w- c:\program files\Alcohol Soft
2009-10-04 18:37 . 2009-10-04 18:31 -------- d-----w- c:\programdata\Norton
2009-10-04 18:36 . 2009-10-04 18:36 -------- d-----w- c:\program files\Symantec
2009-10-04 18:36 . 2009-10-04 18:36 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-10-04 18:36 . 2009-10-04 18:36 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-10-04 18:36 . 2009-10-04 18:36 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-10-04 18:36 . 2009-10-04 18:36 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-04 18:36 . 2009-10-04 18:36 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-10-04 18:36 . 2009-10-04 18:36 1291104 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-10-04 18:36 . 2009-10-04 18:36 136840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-10-04 18:35 . 2009-10-04 18:35 165240 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2009-10-04 18:35 . 2009-10-04 18:36 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2009-10-04 18:35 . 2009-10-04 18:37 554352 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
2009-10-04 18:35 . 2009-10-04 18:35 771440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-10-04 18:35 . 2009-10-04 18:35 -------- d-----w- c:\program files\Norton 360
2009-10-04 18:35 . 2009-10-04 18:31 -------- d-----w- c:\programdata\NortonInstaller
2009-10-04 18:33 . 2009-04-22 10:09 4096 d-----w- c:\programdata\Symantec
2009-10-04 18:31 . 2009-10-04 18:31 -------- d-----w- c:\programdata\PCSettings
2009-10-04 18:31 . 2009-10-04 18:31 -------- d-----w- c:\program files\NortonInstaller
2009-10-04 18:31 . 2009-10-04 18:25 83208672 ----a-w- c:\programdata\Symantec Temporary Files\N360S300CZ.exe
2009-10-04 18:25 . 2009-10-04 18:25 -------- d-----w- c:\programdata\Symantec Temporary Files
2009-10-01 01:02 . 2009-11-18 00:21 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-18 00:21 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-18 00:21 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-18 00:21 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-18 00:21 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-18 00:21 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-18 00:21 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-18 00:21 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-18 00:21 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-18 00:21 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-18 00:21 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-18 00:21 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-18 00:21 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-18 00:21 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-18 00:21 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-28 09:58 . 2009-09-28 09:58 26 ----a-w- c:\windows\winstart.bat
2009-09-28 09:58 . 2009-09-28 09:58 144 ----a-w- c:\windows\tmpcpyis.bat
2009-09-28 09:58 . 2009-09-28 09:58 122 ----a-w- c:\windows\tmpdelis.bat
2009-09-25 02:10 . 2009-11-18 00:22 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-18 00:22 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-18 00:22 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-18 00:22 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-18 00:22 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-18 00:22 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-18 00:22 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-18 00:22 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-18 00:22 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-11-18 00:22 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-11-18 00:22 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-11-18 00:22 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-18 00:22 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-18 00:22 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-18 00:22 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-18 00:22 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-18 00:22 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-18 00:22 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-18 00:22 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:30 . 2009-11-18 00:22 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-03-31 20:47 . 2009-04-22 10:33 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2009-03-01 22:08 . 2009-03-01 21:15 895008 --sha-w- c:\windows\System32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-01-29 430080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-07 198160]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-29 4911104]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-25 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-1-25 2938184]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):91,64,a1,74,da,51,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2706454667-533331120-2221285752-1000]
"EnableNotificationsRef"=dword:00000001

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360\0305020.00B\SymEFA.sys [4. 10. 2009 19:36 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\N360\0305020.00B\BHDrvx86.sys [4. 10. 2009 19:36 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\N360\0305020.00B\cchpx86.sys [4. 10. 2009 19:36 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys [13. 11. 2009 9:46 343088]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [25. 12. 2007 12:07 40960]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [4. 10. 2009 19:36 117640]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [3. 12. 2007 16:03 126976]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [24. 4. 2008 8:02 7168]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\N360\0305020.00B\symndisv.sys [4. 10. 2009 19:36 48688]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [14. 7. 2009 11:02 691696]
S2 gupdate1ca5670872813c8;Služba Google Update (gupdate1ca5670872813c8);c:\program files\Google\Update\GoogleUpdate.exe [26. 10. 2009 20:14 133104]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:23 21504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17. 2. 2009 11:43 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-26 19:14]

2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-26 19:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk
uDefault_Search_URL = hxxp://search13.net/
mStart Page = about:blank
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
TCP: {4E7532CE-EE46-4735-BEC1-40CECF5761DC} = 10.0.0.254
FF - ProfilePath - c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-eBay Icon - c:\users\Andrejko\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
AddRemove-Sierra Utilities - c:\program files\Sierra On-Line\sutil32.exe uninstall
AddRemove-UnrealTournament - c:\unrealtournament\System\Setup.exe uninstall UnrealTournament

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-01 15:16
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-12-01 15:19
ComboFix-quarantined-files.txt 2009-12-01 14:19
ComboFix2.txt 2009-04-27 20:05

Pre-Run: 27 682 390 016 bytes free
Post-Run: 27 399 409 664 bytes free

- - End Of File - - 5DAA63D697722DFD43F1C4C3B78462E1

#5 Příspěvek od **motji** » 01 pro 2009 16:07

Co je ta jednotka D?

michajlo · #6 Příspěvek od **michajlo** » 01 pro 2009 18:02

Neviem, ktorú myslíte? Netuším, sa v tom veľmi nevyznám.. Ale fakt

#7 Příspěvek od **motji** » 01 pro 2009 20:48

Většinou to bývá cd romka nebo fleška.
Když kliknete na tento počítač, je tam vypsáno, co je pod kterou jednotkou

michajlo · #8 Příspěvek od **michajlo** » 01 pro 2009 21:13

Už som na to prišiel, je to čítačka kariet, je tam SD-karta...

#9 Příspěvek od **motji** » 01 pro 2009 21:43

Fajn, připojte ji k pc

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Collect::
D:\vlvtdflx.exe
C:\vlvtdflx.exe
D:\AdobeR.exe 

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5aa4244b-f6db-11dd-9395-00037a8dd304}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87e15f13-02a9-11de-8b33-00037a8dd304}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=""
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Search Page"=""
[HKCU\Software\Microsoft\Internet Explorer\SearchURL]
"(Default)"=""
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Search Bar"=""
[HKCU\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"=""

Extra::

Firefox::
FF - ProfilePath - c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=

DDS::
uDefault_Search_URL = hxxp://search13.net/

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Znáte tyto soubory?
c:\windows\winstart.bat
c:\windows\tmpcpyis.bat
c:\windows\tmpdelis.bat

Prosím klikněte na ně pravým myšítkenm - otevřít v notepadu - obsah vložte zde

michajlo · #10 Příspěvek od **michajlo** » 01 pro 2009 22:40

Tie súbory nepoznám..

ComboFix 09-11-30.05 - Andrejko . 12. 2009 22:14.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3069.1890 [GMT 1:00]
Running from: c:\users\Andrejko\Desktop\ComboFix.exe
Command switches used :: c:\users\Andrejko\Desktop\CFScript.txt.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-11-01 to 2009-12-01 )))))))))))))))))))))))))))))))
.

2009-12-01 21:25 . 2009-12-01 21:26 -------- d-----w- c:\users\Andrejko\AppData\Local\temp
2009-12-01 21:25 . 2009-12-01 21:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-01 21:25 . 2009-12-01 21:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-01 21:10 . 2009-12-01 21:11 24576 d-----w- C:\32788R22FWJFW
2009-12-01 16:20 . 2009-10-04 01:05 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVENG.SYS
2009-12-01 16:20 . 2009-10-04 01:05 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\EECTRL.SYS
2009-12-01 16:20 . 2009-10-04 01:05 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\ECMSVR32.DLL
2009-12-01 16:20 . 2009-10-04 01:05 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVENG32.DLL
2009-12-01 16:20 . 2009-10-04 01:05 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVEX32A.DLL
2009-12-01 16:20 . 2009-10-04 01:05 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVEX15.SYS
2009-12-01 16:20 . 2009-10-04 01:05 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\ERASER.SYS
2009-12-01 16:20 . 2009-10-04 01:05 2747952 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\CCERASER.DLL
2009-12-01 07:31 . 2009-12-01 07:31 -------- d-----w- c:\users\Andrejko\AppData\Local\Symantec
2009-11-30 14:55 . 2009-11-30 14:55 -------- d-----w- C:\rsit
2009-11-27 10:11 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-26 10:34 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-26 09:43 . 2009-11-26 09:43 -------- d-----w- c:\program files\Activision
2009-11-25 12:11 . 2009-11-25 12:12 4096 d-----w- c:\program files\DAEMON Tools Lite
2009-11-25 12:10 . 2009-11-25 12:47 -------- d-----w- c:\users\Andrejko\AppData\Roaming\DAEMON Tools Lite
2009-11-25 12:10 . 2009-11-25 12:10 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-25 07:37 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 07:37 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-23 19:57 . 2009-11-23 19:57 -------- d-----w- C:\SAVE
2009-11-18 07:12 . 2009-11-18 07:12 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 00:23 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-18 00:21 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-11-18 00:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-18 00:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-18 00:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-16 00:08 . 2009-11-16 00:08 0 ----a-w- c:\windows\PowerReg.dat
2009-11-16 00:07 . 2002-02-27 16:50 197120 ----a-w- c:\windows\patchw32.dll
2009-11-16 00:07 . 2009-11-16 00:07 -------- d-----w- c:\program files\Common Files\PocketSoft
2009-11-16 00:01 . 2009-11-16 00:15 4096 d-----w- C:\Unreal2
2009-11-15 15:59 . 2009-11-15 16:01 4096 d-----w- c:\programdata\PopCap Games
2009-11-13 08:46 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys
2009-11-13 08:46 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys
2009-11-13 08:46 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll
2009-11-13 08:46 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll
2009-11-13 08:46 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys
2009-11-12 23:13 . 2009-10-16 14:50 2520888 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2009-11-12 23:13 . 2006-10-16 17:44 196608 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\ssleay32.dll
2009-11-12 23:13 . 2008-03-04 17:52 286720 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libcurl.dll
2009-11-12 23:13 . 2007-10-31 08:39 59904 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\zlib1.dll
2009-11-12 23:13 . 2007-05-17 12:58 143360 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libexpatw.dll
2009-11-12 23:13 . 2006-10-18 16:32 499712 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\msvcp71.dll
2009-11-12 23:13 . 2006-10-18 16:32 348160 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\msvcr71.dll
2009-11-12 23:13 . 2006-10-16 17:44 1028096 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libeay32.dll
2009-11-12 10:23 . 2009-12-01 09:01 8192 d-----w- C:\Downloads
2009-11-11 23:09 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\Scxpx86.dll
2009-11-11 23:09 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSvix86.sys
2009-11-11 23:09 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSXpx86.sys
2009-11-11 23:09 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSxpx86.dll
2009-11-11 23:09 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSviA64.sys
2009-11-11 21:59 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 21:59 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 19:36 . 2009-11-11 19:38 -------- d-----w- c:\programdata\DVD Shrink
2009-11-11 19:36 . 2009-11-11 19:36 4096 d-----w- c:\program files\DVD Shrink
2009-11-06 12:43 . 2009-11-06 12:43 4096 d-----w- c:\program files\Stylish Profile
2009-11-04 20:36 . 2009-11-04 20:36 -------- d-----w- c:\program files\directx
2009-11-04 20:34 . 2009-11-04 20:39 4096 d-----w- C:\UnrealTournament
2009-11-04 14:35 . 2009-11-04 14:35 -------- d--h--r- c:\users\Andrejko\AppData\Roaming\SecuROM
2009-11-03 23:38 . 2009-11-03 23:38 -------- d-----w- c:\users\Andrejko\AppData\Local\CAPCOM
2009-11-03 23:06 . 2009-03-09 14:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-03 23:06 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-03 23:06 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-03 23:06 . 2009-03-16 13:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-03 23:06 . 2009-03-16 13:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-03 23:05 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-11-03 23:05 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-11-03 23:05 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-11-03 23:03 . 2009-11-03 23:03 -------- d-----w- c:\windows\system32\xlive
2009-11-03 23:03 . 2009-11-03 23:06 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-01 10:50 . 2008-11-28 14:33 8192 d-----w- c:\users\Andrejko\AppData\Roaming\dvdcss
2009-11-26 20:54 . 2009-05-11 18:06 4096 d-----w- c:\program files\Electronic Arts
2009-11-25 12:11 . 2009-07-14 10:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-23 08:28 . 2008-04-24 06:33 4096 d-----w- c:\program files\Java
2009-11-23 05:37 . 2009-03-25 14:18 117760 ----a-w- c:\users\Andrejko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-18 07:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 07:03 . 2009-11-18 07:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 07:02 . 2009-11-18 07:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-16 00:01 . 2008-04-24 06:44 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 05:47 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-11 11:25 . 2008-10-27 18:44 4096 d-----w- c:\users\Andrejko\AppData\Roaming\Skype
2009-11-06 12:43 . 2009-03-14 14:00 4096 d-----w- c:\program files\Opera
2009-11-03 22:25 . 2008-10-22 13:53 1 ----a-w- c:\users\Andrejko\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-10-26 19:16 . 2008-04-24 07:18 4096 d-----w- c:\program files\Google
2009-10-26 19:14 . 2009-02-11 14:49 8192 d-----w- c:\program files\DivX
2009-10-26 19:14 . 2009-10-26 19:14 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-10-23 06:01 . 2008-04-24 07:14 4096 d-----w- c:\programdata\McAfee
2009-10-20 23:14 . 2009-10-20 22:51 4096 d-----w- c:\programdata\NOS
2009-10-20 23:03 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-10-20 22:52 . 2009-10-20 22:52 -------- d-----w- c:\programdata\McAfee Security Scan
2009-10-20 22:52 . 2009-10-20 22:52 -------- d-----w- c:\program files\McAfee Security Scan
2009-10-20 22:51 . 2009-10-20 22:51 -------- d-----w- c:\program files\NOS
2009-10-17 20:51 . 2008-10-26 15:59 12288 d-----w- c:\program files\AGEIA Technologies
2009-10-17 20:50 . 2008-10-22 13:45 4096 d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-17 20:12 . 2009-10-01 07:15 -------- d-----w- c:\program files\Sins of a Solar Empire
2009-10-15 18:41 . 2009-09-28 15:25 12288 d-----w- c:\program files\Valve
2009-10-14 17:17 . 2009-10-14 17:17 489720 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-12 14:28 . 2009-10-12 14:27 4096 d-----w- c:\program files\K-Lite Codec Pack
2009-10-12 09:13 . 2009-10-12 09:05 4096 d-----w- c:\users\Andrejko\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2009-10-11 03:17 . 2009-03-30 09:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-05 17:15 . 2009-04-22 10:09 16384 d-----w- c:\program files\Common Files\Symantec Shared
2009-10-05 13:36 . 2009-10-05 13:36 -------- d-----w- c:\program files\Alcohol Soft
2009-10-04 18:37 . 2009-10-04 18:31 -------- d-----w- c:\programdata\Norton
2009-10-04 18:36 . 2009-10-04 18:36 -------- d-----w- c:\program files\Symantec
2009-10-04 18:36 . 2009-10-04 18:36 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-10-04 18:36 . 2009-10-04 18:36 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-10-04 18:36 . 2009-10-04 18:36 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-10-04 18:36 . 2009-10-04 18:36 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-04 18:36 . 2009-10-04 18:36 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-10-04 18:36 . 2009-10-04 18:36 1291104 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-10-04 18:36 . 2009-10-04 18:36 136840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-10-04 18:35 . 2009-10-04 18:35 165240 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2009-10-04 18:35 . 2009-10-04 18:36 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2009-10-04 18:35 . 2009-10-04 18:37 554352 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
2009-10-04 18:35 . 2009-10-04 18:35 771440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-10-04 18:35 . 2009-10-04 18:35 -------- d-----w- c:\program files\Norton 360
2009-10-04 18:35 . 2009-10-04 18:31 -------- d-----w- c:\programdata\NortonInstaller
2009-10-04 18:33 . 2009-04-22 10:09 4096 d-----w- c:\programdata\Symantec
2009-10-04 18:31 . 2009-10-04 18:31 -------- d-----w- c:\programdata\PCSettings
2009-10-04 18:31 . 2009-10-04 18:31 -------- d-----w- c:\program files\NortonInstaller
2009-10-04 18:31 . 2009-10-04 18:25 83208672 ----a-w- c:\programdata\Symantec Temporary Files\N360S300CZ.exe
2009-10-04 18:25 . 2009-10-04 18:25 -------- d-----w- c:\programdata\Symantec Temporary Files
2009-10-01 01:02 . 2009-11-18 00:21 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-18 00:21 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-18 00:21 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-18 00:21 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-18 00:21 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-18 00:21 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-18 00:21 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-18 00:21 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-18 00:21 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-18 00:21 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-18 00:21 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-18 00:21 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-18 00:21 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-18 00:21 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-18 00:21 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-28 09:58 . 2009-09-28 09:58 26 ----a-w- c:\windows\winstart.bat
2009-09-28 09:58 . 2009-09-28 09:58 144 ----a-w- c:\windows\tmpcpyis.bat
2009-09-28 09:58 . 2009-09-28 09:58 122 ----a-w- c:\windows\tmpdelis.bat
2009-09-25 02:10 . 2009-11-18 00:22 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-18 00:22 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-18 00:22 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-18 00:22 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-18 00:22 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-18 00:22 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-18 00:22 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-18 00:22 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-18 00:22 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-11-18 00:22 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-11-18 00:22 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-11-18 00:22 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-18 00:22 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-18 00:22 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-18 00:22 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-18 00:22 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-18 00:22 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-18 00:22 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-18 00:22 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:30 . 2009-11-18 00:22 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-03-31 20:47 . 2009-04-22 10:33 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2009-03-01 22:08 . 2009-03-01 21:15 895008 --sha-w- c:\windows\System32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-12-01_14.16.17 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-18 09:49 . 2009-12-01 13:40 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-18 09:49 . 2009-12-01 17:38 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-18 09:49 . 2009-12-01 13:40 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-18 09:49 . 2009-12-01 17:38 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-10-18 09:49 . 2009-12-01 13:40 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-18 09:49 . 2009-12-01 17:38 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-28 15:41 . 2009-11-30 12:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-28 15:41 . 2009-12-01 14:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-28 15:41 . 2009-12-01 14:04 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-28 15:41 . 2009-11-30 12:58 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-28 15:41 . 2009-11-30 12:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-28 15:41 . 2009-12-01 14:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 10:33 . 2009-12-01 21:22 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-01 14:12 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-01 14:12 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-12-01 21:22 101250 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-01-29 430080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-07 198160]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-29 4911104]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-25 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-1-25 2938184]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):91,64,a1,74,da,51,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2706454667-533331120-2221285752-1000]
"EnableNotificationsRef"=dword:00000001

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360\0305020.00B\SymEFA.sys [4. 10. 2009 19:36 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\N360\0305020.00B\BHDrvx86.sys [4. 10. 2009 19:36 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\N360\0305020.00B\cchpx86.sys [4. 10. 2009 19:36 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys [13. 11. 2009 9:46 343088]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [25. 12. 2007 12:07 40960]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [4. 10. 2009 19:36 117640]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [3. 12. 2007 16:03 126976]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [24. 4. 2008 8:02 7168]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\N360\0305020.00B\symndisv.sys [4. 10. 2009 19:36 48688]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [14. 7. 2009 11:02 691696]
S2 gupdate1ca5670872813c8;Služba Google Update (gupdate1ca5670872813c8);c:\program files\Google\Update\GoogleUpdate.exe [26. 10. 2009 20:14 133104]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:23 21504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17. 2. 2009 11:43 7408]

--- Other Services/Drivers In Memory ---

*Deregistered* - EraserUtilDrvI9

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-26 19:14]

2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-26 19:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk
uDefault_Search_URL = hxxp://search13.net/
mStart Page = about:blank
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
TCP: {4E7532CE-EE46-4735-BEC1-40CECF5761DC} = 10.0.0.254
FF - ProfilePath - c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486
FF - prefs.js: keyword.URL - hxxp://search13.net/search.php?clid=486&q=
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-01 22:25
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\users\Andrejko\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(480)
c:\windows\System32\NLSLexicons001b.dll
c:\windows\system32\MLANG.dll
c:\program files\Norton 360\Engine\3.5.2.11\ccVrTrst.dll
c:\program files\Norton 360\Engine\3.5.2.11\ccSet.dll
c:\windows\System32\SndVolSSO.dll
.
Completion time: 2009-12-01 22:29
ComboFix-quarantined-files.txt 2009-12-01 21:29
ComboFix2.txt 2009-12-01 14:19
ComboFix3.txt 2009-04-27 20:05

Pre-Run: 64 324 583 424 bytes free
Post-Run: 64 418 574 336 bytes free

- - End Of File - - 6208A04E11FB39837381C22E3F6387BD

#11 Příspěvek od **motji** » 01 pro 2009 22:43

Měl jste špatně uložený skript, musí být CFScript.txt

michajlo · #12 Příspěvek od **michajlo** » 02 pro 2009 01:09

Tu to je:

ComboFix 09-12-01.01 - Andrejko . 12. 2009 0:50.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3069.2111 [GMT 1:00]
Running from: c:\users\Andrejko\Desktop\ComboFix.exe
Command switches used :: c:\users\Andrejko\Desktop\CFScript.txt.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-11-02 to 2009-12-02 )))))))))))))))))))))))))))))))
.

2009-12-02 00:01 . 2009-12-02 00:01 -------- d-----w- c:\users\Andrejko\AppData\Local\temp
2009-12-02 00:01 . 2009-12-02 00:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-02 00:01 . 2009-12-02 00:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-01 23:48 . 2009-12-01 23:48 24576 d-----w- C:\32788R22FWJFW
2009-12-01 16:20 . 2009-10-04 01:05 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVENG.SYS
2009-12-01 16:20 . 2009-10-04 01:05 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\EECTRL.SYS
2009-12-01 16:20 . 2009-10-04 01:05 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\ECMSVR32.DLL
2009-12-01 16:20 . 2009-10-04 01:05 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVENG32.DLL
2009-12-01 16:20 . 2009-10-04 01:05 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVEX32A.DLL
2009-12-01 16:20 . 2009-10-04 01:05 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\NAVEX15.SYS
2009-12-01 16:20 . 2009-10-04 01:05 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\ERASER.SYS
2009-12-01 16:20 . 2009-10-04 01:05 2747952 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091201.006\CCERASER.DLL
2009-12-01 07:31 . 2009-12-01 07:31 -------- d-----w- c:\users\Andrejko\AppData\Local\Symantec
2009-11-30 14:55 . 2009-11-30 14:55 -------- d-----w- C:\rsit
2009-11-27 10:11 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-26 10:34 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-26 09:43 . 2009-11-26 09:43 -------- d-----w- c:\program files\Activision
2009-11-25 12:11 . 2009-11-25 12:12 4096 d-----w- c:\program files\DAEMON Tools Lite
2009-11-25 12:10 . 2009-11-25 12:47 -------- d-----w- c:\users\Andrejko\AppData\Roaming\DAEMON Tools Lite
2009-11-25 12:10 . 2009-11-25 12:10 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-25 07:37 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 07:37 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-23 19:57 . 2009-11-23 19:57 -------- d-----w- C:\SAVE
2009-11-18 07:12 . 2009-11-18 07:12 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-18 00:23 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-18 00:21 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-11-18 00:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-18 00:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-18 00:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-16 00:08 . 2009-11-16 00:08 0 ----a-w- c:\windows\PowerReg.dat
2009-11-16 00:07 . 2002-02-27 16:50 197120 ----a-w- c:\windows\patchw32.dll
2009-11-16 00:07 . 2009-11-16 00:07 -------- d-----w- c:\program files\Common Files\PocketSoft
2009-11-16 00:01 . 2009-11-16 00:15 4096 d-----w- C:\Unreal2
2009-11-15 15:59 . 2009-11-15 16:01 4096 d-----w- c:\programdata\PopCap Games
2009-11-13 08:46 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys
2009-11-13 08:46 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSXpx86.sys
2009-11-13 08:46 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\Scxpx86.dll
2009-11-13 08:46 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSxpx86.dll
2009-11-13 08:46 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys
2009-11-12 23:13 . 2009-10-16 14:50 2520888 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
2009-11-12 23:13 . 2006-10-16 17:44 196608 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\ssleay32.dll
2009-11-12 23:13 . 2008-03-04 17:52 286720 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libcurl.dll
2009-11-12 23:13 . 2007-10-31 08:39 59904 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\zlib1.dll
2009-11-12 23:13 . 2007-05-17 12:58 143360 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libexpatw.dll
2009-11-12 23:13 . 2006-10-18 16:32 499712 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\msvcp71.dll
2009-11-12 23:13 . 2006-10-18 16:32 348160 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\msvcr71.dll
2009-11-12 23:13 . 2006-10-16 17:44 1028096 ----a-w- c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\libeay32.dll
2009-11-12 10:23 . 2009-12-01 09:01 8192 d-----w- C:\Downloads
2009-11-11 23:09 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\Scxpx86.dll
2009-11-11 23:09 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSvix86.sys
2009-11-11 23:09 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSXpx86.sys
2009-11-11 23:09 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSxpx86.dll
2009-11-11 23:09 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091107.001\IDSviA64.sys
2009-11-11 21:59 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 21:59 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 19:36 . 2009-11-11 19:38 -------- d-----w- c:\programdata\DVD Shrink
2009-11-11 19:36 . 2009-11-11 19:36 4096 d-----w- c:\program files\DVD Shrink
2009-11-06 12:43 . 2009-11-06 12:43 4096 d-----w- c:\program files\Stylish Profile
2009-11-04 20:36 . 2009-11-04 20:36 -------- d-----w- c:\program files\directx
2009-11-04 20:34 . 2009-11-04 20:39 4096 d-----w- C:\UnrealTournament
2009-11-04 14:35 . 2009-11-04 14:35 -------- d--h--r- c:\users\Andrejko\AppData\Roaming\SecuROM
2009-11-03 23:38 . 2009-11-03 23:38 -------- d-----w- c:\users\Andrejko\AppData\Local\CAPCOM
2009-11-03 23:06 . 2009-03-09 14:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-11-03 23:06 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-11-03 23:06 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-11-03 23:06 . 2009-03-16 13:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-11-03 23:06 . 2009-03-16 13:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-11-03 23:05 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-11-03 23:05 . 2008-02-05 22:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-11-03 23:05 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-11-03 23:03 . 2009-11-03 23:03 -------- d-----w- c:\windows\system32\xlive
2009-11-03 23:03 . 2009-11-03 23:06 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-01 10:50 . 2008-11-28 14:33 8192 d-----w- c:\users\Andrejko\AppData\Roaming\dvdcss
2009-11-26 20:54 . 2009-05-11 18:06 -------- d-----w- c:\program files\Electronic Arts
2009-11-25 12:11 . 2009-07-14 10:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-23 08:28 . 2008-04-24 06:33 4096 d-----w- c:\program files\Java
2009-11-23 05:37 . 2009-03-25 14:18 117760 ----a-w- c:\users\Andrejko\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-18 07:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 07:03 . 2009-11-18 07:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 07:02 . 2009-11-18 07:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-16 00:01 . 2008-04-24 06:44 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 05:47 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-11 11:25 . 2008-10-27 18:44 4096 d-----w- c:\users\Andrejko\AppData\Roaming\Skype
2009-11-06 12:43 . 2009-03-14 14:00 4096 d-----w- c:\program files\Opera
2009-11-03 22:25 . 2008-10-22 13:53 1 ----a-w- c:\users\Andrejko\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-10-26 19:16 . 2008-04-24 07:18 4096 d-----w- c:\program files\Google
2009-10-26 19:14 . 2009-02-11 14:49 8192 d-----w- c:\program files\DivX
2009-10-26 19:14 . 2009-10-26 19:14 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-10-23 06:01 . 2008-04-24 07:14 4096 d-----w- c:\programdata\McAfee
2009-10-20 23:14 . 2009-10-20 22:51 4096 d-----w- c:\programdata\NOS
2009-10-20 23:03 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-10-20 23:03 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-10-20 22:52 . 2009-10-20 22:52 -------- d-----w- c:\programdata\McAfee Security Scan
2009-10-20 22:52 . 2009-10-20 22:52 -------- d-----w- c:\program files\McAfee Security Scan
2009-10-20 22:51 . 2009-10-20 22:51 -------- d-----w- c:\program files\NOS
2009-10-17 20:51 . 2008-10-26 15:59 12288 d-----w- c:\program files\AGEIA Technologies
2009-10-17 20:50 . 2008-10-22 13:45 4096 d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-17 20:12 . 2009-10-01 07:15 -------- d-----w- c:\program files\Sins of a Solar Empire
2009-10-15 18:41 . 2009-09-28 15:25 12288 d-----w- c:\program files\Valve
2009-10-14 17:17 . 2009-10-14 17:17 489720 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-10-12 14:28 . 2009-10-12 14:27 4096 d-----w- c:\program files\K-Lite Codec Pack
2009-10-12 09:13 . 2009-10-12 09:05 4096 d-----w- c:\users\Andrejko\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2009-10-11 03:17 . 2009-03-30 09:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-05 17:15 . 2009-04-22 10:09 16384 d-----w- c:\program files\Common Files\Symantec Shared
2009-10-05 13:36 . 2009-10-05 13:36 -------- d-----w- c:\program files\Alcohol Soft
2009-10-04 18:37 . 2009-10-04 18:31 -------- d-----w- c:\programdata\Norton
2009-10-04 18:36 . 2009-10-04 18:36 -------- d-----w- c:\program files\Symantec
2009-10-04 18:36 . 2009-10-04 18:36 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-10-04 18:36 . 2009-10-04 18:36 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-10-04 18:36 . 2009-10-04 18:36 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-10-04 18:36 . 2009-10-04 18:36 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-10-04 18:36 . 2009-10-04 18:36 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-10-04 18:36 . 2009-10-04 18:36 1291104 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-10-04 18:36 . 2009-10-04 18:36 136840 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-10-04 18:35 . 2009-10-04 18:35 165240 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2009-10-04 18:35 . 2009-10-04 18:36 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2009-10-04 18:35 . 2009-10-04 18:37 554352 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
2009-10-04 18:35 . 2009-10-04 18:35 771440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-10-04 18:35 . 2009-10-04 18:35 -------- d-----w- c:\program files\Norton 360
2009-10-04 18:35 . 2009-10-04 18:31 -------- d-----w- c:\programdata\NortonInstaller
2009-10-04 18:33 . 2009-04-22 10:09 4096 d-----w- c:\programdata\Symantec
2009-10-04 18:31 . 2009-10-04 18:31 -------- d-----w- c:\programdata\PCSettings
2009-10-04 18:31 . 2009-10-04 18:31 -------- d-----w- c:\program files\NortonInstaller
2009-10-04 18:31 . 2009-10-04 18:25 83208672 ----a-w- c:\programdata\Symantec Temporary Files\N360S300CZ.exe
2009-10-04 18:25 . 2009-10-04 18:25 -------- d-----w- c:\programdata\Symantec Temporary Files
2009-10-01 01:02 . 2009-11-18 00:21 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-18 00:21 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-18 00:21 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-18 00:21 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-18 00:21 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-18 00:21 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-18 00:21 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-18 00:21 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-18 00:21 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-18 00:21 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-18 00:21 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-18 00:21 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-18 00:21 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-18 00:21 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-18 00:21 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-28 09:58 . 2009-09-28 09:58 26 ----a-w- c:\windows\winstart.bat
2009-09-28 09:58 . 2009-09-28 09:58 144 ----a-w- c:\windows\tmpcpyis.bat
2009-09-28 09:58 . 2009-09-28 09:58 122 ----a-w- c:\windows\tmpdelis.bat
2009-09-25 02:10 . 2009-11-18 00:22 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-18 00:22 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-18 00:22 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-18 00:22 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-18 00:22 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-18 00:22 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-18 00:22 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-18 00:22 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-18 00:22 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33 . 2009-11-18 00:22 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33 . 2009-11-18 00:22 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32 . 2009-11-18 00:22 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-18 00:22 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-18 00:22 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-18 00:22 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-18 00:22 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-18 00:22 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-18 00:22 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-18 00:22 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:30 . 2009-11-18 00:22 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-03-31 20:47 . 2009-04-22 10:33 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2009-03-01 22:08 . 2009-03-01 21:15 895008 --sha-w- c:\windows\System32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-12-01_14.16.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-12-01 23:35 57306 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-12-01 23:35 90796 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-18 10:00 . 2009-12-01 23:35 17502 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2706454667-533331120-2221285752-1000_UserData.bin
- 2008-10-18 09:49 . 2009-12-01 13:40 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-18 09:49 . 2009-12-01 17:38 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-18 09:49 . 2009-12-01 13:40 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-18 09:49 . 2009-12-01 17:38 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-10-18 09:49 . 2009-12-01 13:40 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-18 09:49 . 2009-12-01 17:38 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-29 10:50 . 2009-12-01 21:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-29 10:50 . 2009-11-30 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-29 10:50 . 2009-11-30 14:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-29 10:50 . 2009-12-01 21:48 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-29 10:50 . 2009-12-01 21:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-05-29 10:50 . 2009-11-30 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-28 15:41 . 2009-11-30 12:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-28 15:41 . 2009-12-01 21:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-28 15:41 . 2009-11-30 12:58 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-28 15:41 . 2009-12-01 21:35 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-28 15:41 . 2009-11-30 12:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-28 15:41 . 2009-12-01 21:35 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-01 23:34 . 2009-12-01 23:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-12-01 14:04 . 2009-12-01 14:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-12-01 14:04 . 2009-12-01 14:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-01 23:34 . 2009-12-01 23:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-12-01 23:41 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-01 14:12 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-01 14:12 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-12-01 23:41 101250 c:\windows\System32\perfc009.dat
- 2008-10-18 13:57 . 2009-12-01 14:03 2752280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2008-10-18 13:57 . 2009-12-01 23:32 2752280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-01-29 430080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-07 198160]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-29 4911104]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-25 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-1-25 2938184]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):91,64,a1,74,da,51,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2706454667-533331120-2221285752-1000]
"EnableNotificationsRef"=dword:00000001

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360\0305020.00B\SymEFA.sys [4. 10. 2009 19:36 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\N360\0305020.00B\BHDrvx86.sys [4. 10. 2009 19:36 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\N360\0305020.00B\cchpx86.sys [4. 10. 2009 19:36 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSvix86.sys [13. 11. 2009 9:46 343088]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [25. 12. 2007 12:07 40960]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [4. 10. 2009 19:36 117640]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [3. 12. 2007 16:03 126976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1. 12. 2009 17:20 102448]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [24. 4. 2008 8:02 7168]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\N360\0305020.00B\symndisv.sys [4. 10. 2009 19:36 48688]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [14. 7. 2009 11:02 691696]
S2 gupdate1ca5670872813c8;Služba Google Update (gupdate1ca5670872813c8);c:\program files\Google\Update\GoogleUpdate.exe [26. 10. 2009 20:14 133104]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:23 21504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17. 2. 2009 11:43 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-26 19:14]

2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-26 19:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk
mStart Page = about:blank
uInternet Settings,ProxyOverride = local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Stylish Profile\ct.htm
TCP: {4E7532CE-EE46-4735-BEC1-40CECF5761DC} = 10.0.0.254
FF - ProfilePath - c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\Andrejko\AppData\Roaming\Mozilla\Firefox\Profiles\vyyfj8i8.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-02 01:01
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-12-02 01:05
ComboFix-quarantined-files.txt 2009-12-02 00:04
ComboFix2.txt 2009-12-01 21:29
ComboFix3.txt 2009-12-01 14:19
ComboFix4.txt 2009-04-27 20:05

Pre-Run: 63 583 006 720 bytes free
Post-Run: 63 543 468 032 bytes free

- - End Of File - - E93EFE5D2E1169B03360BE9DE50AF3AC

#13 Příspěvek od **motji** » 02 pro 2009 06:50

zase špatně.
Máte zdvojenou koncovku, musíte dát zložit jako - název CFScript.txt, typ - všechny soubory

michajlo · #14 Příspěvek od **michajlo** » 23 úno 2010 12:22

Ospravedlňujem sa, ale bol som dlhšie mimo pripojenia k internetu...

Súbor je veľmi veľký a nechce ho odoslať...

#15 Příspěvek od **motji** » 23 úno 2010 12:30

Který soubor

VIRY.CZ

Prosím o kontrolu logu, zmenilo mi domovskú adresu

Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu

Re: Prosím o kontrolu logu, zmenilo mi domovskú adresu