Skúšal som preskenovať s Malwarebytes Anti-Malware a zo Spybotom, ale sken sa nedokončil, programy sa zasekávajú. Niekedy zamrzne obrazovka, systém nereaguje. Tu je log z RSIT. Vopred ďakujem za pomoc.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlado at 2011-10-09 02:09:39
Microsoft Windows 7 Ultimate
System drive C: has 61 GB (20%) free of 305 GB
Total RAM: 3948 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:10:23, on 9. 10. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\NetWorx\networx.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\trend micro\Vlado.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... 70cc462531
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1423695623-2137554875-172501308-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1423695623-2137554875-172501308-1006\..\Run: [CONNMGRTRAY] C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1423695623-2137554875-172501308-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nástrojová lišta RoboFormu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prispôsobiť menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Uložiť formulár - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplniť formulár - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložiť - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložiť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Nástrojová lišta RoboFormu - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13259 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 25535936
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\NetWorx\networx.exe" /auto
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000964
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
WLIDSvcM.exe 3472
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -service
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
taskmgr.exe /2
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=592.14a9e100.1873571988 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.7.0.1 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 592 "\\.\pipe\gecko-crash-server-pipe.592" plugin
"C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"D:\Downloads\Programy\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1423695623-2137554875-172501308-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1423695623-2137554875-172501308-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Vlado\AppData\Roaming\Mozilla\Firefox\Profiles\8ij7f0cx.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-09-29 414416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2011-08-16 15643128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-09-17 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2011-08-16 15643128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-11-12 2588968]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-10 415064]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-10-29 860040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-28 11786344]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-21 2207848]
"NetWorx"=C:\Program Files\NetWorx\networx.exe [2011-09-14 2871808]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-10 167256]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-10 391512]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2011-09-28 2775728]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-09-28 3609776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-07-29 377504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-07-29 594080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CONNMGRTRAY]
C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe [2010-10-30 363112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]
C:\Dolby PCEE4\pcee4.exe -autostart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1744152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.6\ICQ.exe [2011-08-29 127040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWirelessWiMAX]
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [2010-06-08 1441792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LFService]
C:\Program Files (x86)\Lock Folder XP\LFService.exe -start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-04-14 113288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2011-06-29 3992904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe [2011-09-27 5135416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-08-24 230696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2011-08-16 107000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-07-29 19558024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-07-25 433360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2011-09-22 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-10-02 5492096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-07-29 2280232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Intel(R) Turbo Boost Technology Monitor 2.0.lnk]
C:\PROGRA~1\Intel\TURBOB~1\SIGNAL~1.EXE [2010-10-08 198656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrácia výrobku.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Obrazovková spinka a spúšťač programu OneNote 2010.lnk]
C:\PROGRA~2\MICROS~1\Office14\ONENOTEM.EXE [2010-03-29 227712]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-12-09 1025616]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2011-03-18 1043968]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... 70cc462531 []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-10 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 68376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMR210]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-10-09 02:09:46 ----D---- C:\Program Files\trend micro
2011-10-09 02:09:39 ----D---- C:\rsit
2011-10-09 01:51:05 ----A---- C:\ComboFix.txt
2011-10-09 00:46:09 ----A---- C:\Windows\SWSC.exe
2011-10-09 00:46:09 ----A---- C:\Windows\SWREG.exe
2011-10-09 00:46:09 ----A---- C:\Windows\PEV.exe
2011-10-09 00:46:09 ----A---- C:\Windows\NIRCMD.exe
2011-10-08 22:00:21 ----AD---- C:\Windows\rundll16.exe
2011-10-08 22:00:21 ----AD---- C:\Windows\logo1_.exe
2011-10-08 21:19:26 ----D---- C:\Users\Vlado\AppData\Roaming\Avira
2011-10-08 21:19:14 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2011-10-08 21:19:14 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-10-08 21:19:14 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-10-08 21:19:13 ----D---- C:\ProgramData\Avira
2011-10-08 21:19:13 ----D---- C:\Program Files (x86)\Avira
2011-10-08 21:12:42 ----A---- C:\Windows\SYSWOW64\vsregexp.dll
2011-10-08 21:12:38 ----A---- C:\Windows\SYSWOW64\zlcommdb.dll
2011-10-08 21:12:38 ----A---- C:\Windows\SYSWOW64\zlcomm.dll
2011-10-08 21:12:35 ----A---- C:\Windows\SYSWOW64\vswmi.dll
2011-10-08 21:12:32 ----D---- C:\Windows\SYSWOW64\ZoneLabs
2011-10-08 21:12:32 ----A---- C:\Windows\SYSWOW64\zpeng25.dll
2011-10-08 21:12:32 ----A---- C:\Windows\SYSWOW64\vsxml.dll
2011-10-08 21:12:32 ----A---- C:\Windows\SYSWOW64\vspubapi.dll
2011-10-08 21:12:32 ----A---- C:\Windows\SYSWOW64\vsmonapi.dll
2011-10-08 21:12:31 ----A---- C:\Windows\SYSWOW64\vsdata.dll
2011-10-08 21:12:27 ----D---- C:\Program Files (x86)\Zone Labs
2011-10-08 21:12:27 ----A---- C:\Windows\system32\drivers\vsdatant.sys
2011-10-08 21:11:52 ----D---- C:\ProgramData\CheckPoint
2011-10-08 21:11:51 ----D---- C:\Windows\Internet Logs
2011-10-08 21:11:51 ----A---- C:\Windows\SYSWOW64\vsutil.dll
2011-10-08 21:11:51 ----A---- C:\Windows\SYSWOW64\vsinit.dll
2011-10-08 20:08:37 ----D---- C:\ProgramData\Kaspersky Lab
2011-10-08 19:57:41 ----D---- C:\Users\Vlado\AppData\Roaming\Spyware Terminator
2011-10-08 19:57:41 ----D---- C:\ProgramData\Spyware Terminator
2011-10-08 19:55:01 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-10-08 19:53:03 ----A---- C:\Windows\ntbtlog.txt
2011-10-08 19:52:59 ----D---- C:\ProgramData\Norton
2011-10-08 19:45:46 ----D---- C:\Program Files (x86)\SpywareBlaster
2011-10-08 19:45:46 ----A---- C:\Windows\SYSWOW64\MSSTDFMT.DLL
2011-10-08 17:11:59 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-10-08 17:11:59 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-10-08 16:52:52 ----D---- C:\ProgramData\STOPzilla!
2011-10-08 14:49:21 ----D---- C:\Windows\temp
2011-10-08 13:59:28 ----D---- C:\Program Files (x86)\STOPZILLA!
2011-10-08 12:08:30 ----D---- C:\sh4ldr
2011-10-08 12:08:30 ----D---- C:\Program Files\Enigma Software Group
2011-10-08 12:08:13 ----D---- C:\Windows\14E9D3713DAD4A57B935577AB862F3B3.TMP
2011-10-08 01:52:52 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-10-06 18:22:41 ----D---- C:\ProgramData\WNR
2011-10-06 18:22:23 ----D---- C:\Users\Vlado\AppData\Roaming\WNR
2011-10-06 18:22:15 ----D---- C:\Program Files (x86)\Proxy Switcher Standard
2011-10-04 17:01:55 ----D---- C:\Program Files (x86)\Launch Manager
2011-10-03 18:27:30 ----D---- C:\Users\Vlado\AppData\Roaming\AVG2012
2011-10-03 18:24:34 ----D---- C:\ProgramData\AVG2012
2011-10-03 10:07:22 ----D---- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2011-10-02 22:56:42 ----D---- C:\Users\Vlado\AppData\Roaming\Malwarebytes
2011-10-02 22:56:32 ----D---- C:\ProgramData\Malwarebytes
2011-10-02 22:56:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-10-02 22:56:28 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-01 18:30:05 ----A---- C:\ProgramData\pn0N1bF45.dat
2011-09-29 21:30:32 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2011-09-29 21:30:32 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2011-09-29 21:30:26 ----D---- C:\Program Files (x86)\Real
2011-09-29 21:30:25 ----D---- C:\ProgramData\Real
2011-09-29 21:30:20 ----D---- C:\Users\Vlado\AppData\Roaming\Real
2011-09-27 23:32:24 ----D---- C:\Windows\SYSWOW64\NV
2011-09-27 23:32:24 ----D---- C:\Windows\system32\NV
2011-09-27 23:29:06 ----D---- C:\ProgramData\NVIDIA
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvvsvc.exe
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvsvcr.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvsvc64.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvshext.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvmctray.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvhotkey.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nvcpl.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nv3dappshextr.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\nv3dappshext.dll
2011-09-27 23:27:30 ----A---- C:\Windows\system32\easyupdatusapiu64.dll
2011-09-27 23:27:24 ----D---- C:\ProgramData\NVIDIA Corporation
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvoptimusmft.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-09-27 23:26:21 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\OpenCL.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvwgf2umx.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvumdshimx.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvoptimusmft.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvoglv64.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvinitx.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvgenco64.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvdispco64.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvdecodemft.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvcuvid.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvcuda.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvcompiler.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\nvapi64.dll
2011-09-27 23:26:21 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2011-09-27 23:26:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-09-27 22:54:53 ----HD---- C:\Windows\msdownld.tmp
2011-09-26 21:56:43 ----A---- C:\Windows\SYSWOW64\Access.dat
2011-09-26 21:53:52 ----D---- C:\Users\Vlado\AppData\Roaming\Tunngle
2011-09-26 21:53:52 ----D---- C:\ProgramData\Tunngle
2011-09-26 21:53:49 ----D---- C:\Program Files (x86)\Tunngle
2011-09-26 21:53:49 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2011-09-26 18:50:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-09-26 17:00:05 ----D---- C:\Program Files (x86)\T-Lexicon
2011-09-25 11:37:47 ----D---- C:\Users\Vlado\AppData\Roaming\NetMeter
2011-09-25 11:37:44 ----D---- C:\Program Files (x86)\NetMeter
2011-09-25 11:34:06 ----D---- C:\Program Files (x86)\NET Traffic Meter
2011-09-24 20:42:21 ----D---- C:\Program Files (x86)\Lock Folder XP
2011-09-24 20:11:55 ----D---- C:\found.000
2011-09-24 18:53:16 ----D---- C:\Program Files (x86)\vShare.tv plugin
2011-09-24 18:33:45 ----D---- C:\Program Files (x86)\Veetle
2011-09-23 20:24:10 ----A---- C:\Windows\system32\drivers\networx.sys
2011-09-23 20:24:09 ----D---- C:\ProgramData\SoftPerfect
2011-09-23 20:24:09 ----D---- C:\Program Files\NetWorx
2011-09-23 13:23:29 ----D---- C:\Users\Vlado\AppData\Roaming\ICQ
2011-09-23 13:23:17 ----D---- C:\Program Files (x86)\ICQ7.6
2011-09-23 08:48:19 ----D---- C:\Users\Vlado\AppData\Roaming\SUPERAntiSpyware.com
2011-09-23 08:47:55 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-09-23 08:47:55 ----D---- C:\Program Files\SUPERAntiSpyware
2011-09-22 21:25:19 ----D---- C:\Windows\Minidump
2011-09-22 21:13:37 ----A---- C:\Windows\zip.exe
2011-09-22 21:13:37 ----A---- C:\Windows\sed.exe
2011-09-22 21:13:37 ----A---- C:\Windows\MBR.exe
2011-09-22 21:13:37 ----A---- C:\Windows\grep.exe
2011-09-22 21:13:15 ----D---- C:\Windows\ERDNT
2011-09-22 21:13:08 ----D---- C:\Qoobox
2011-09-22 13:49:43 ----D---- C:\Config.Msi
2011-09-18 21:21:25 ----D---- C:\Program Files (x86)\Steam
2011-09-18 21:19:13 ----D---- C:\Program Files (x86)\Square Enix
2011-09-18 16:06:21 ----D---- C:\Windows\SYSWOW64\RTCOM
2011-09-18 16:05:35 ----A---- C:\Windows\system32\WavesGUILib.dll
2011-09-18 16:05:35 ----A---- C:\Windows\system32\SRSWOW64.dll
2011-09-18 16:05:35 ----A---- C:\Windows\system32\SRSTSX64.dll
2011-09-18 16:05:35 ----A---- C:\Windows\system32\SRSTSH64.dll
2011-09-18 16:05:35 ----A---- C:\Windows\system32\SRSHP64.dll
2011-09-18 16:05:35 ----A---- C:\Windows\system32\SFSS_APO.dll
2011-09-18 16:05:31 ----A---- C:\Windows\system32\SFNHK64.dll
2011-09-18 16:05:30 ----A---- C:\Windows\system32\SFCOM64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\SFAPO64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RtPgEx64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RtkCfg64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RtkAPO64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RtkApi64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RTEEP64A.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RTEEL64A.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RTEEG64A.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RTEED64A.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RTCOM64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RP3DHT64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RP3DAA64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RCoRes64.dat
2011-09-18 16:05:29 ----A---- C:\Windows\system32\RCoInst64.dll
2011-09-18 16:05:29 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2011-09-18 16:05:28 ----A---- C:\Windows\system32\R4EEP64A.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\R4EEL64A.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\R4EEG64A.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\R4EED64A.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\R4EEA64A.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2011-09-18 16:05:28 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2011-09-18 16:05:25 ----A---- C:\Windows\system32\FMAPO64.dll
2011-09-18 16:05:25 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2011-09-18 16:05:25 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\AERTAR64.dll
2011-09-18 16:05:24 ----A---- C:\Windows\system32\AERTAC64.dll
2011-09-17 23:19:29 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2011-09-17 23:19:13 ----D---- C:\Windows\Sun
2011-09-17 23:19:02 ----D---- C:\ProgramData\Sun
2011-09-17 23:18:22 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-09-17 23:18:22 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-09-17 23:18:22 ----A---- C:\Windows\SYSWOW64\java.exe
2011-09-17 23:18:22 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-09-17 23:17:48 ----D---- C:\Program Files (x86)\Java
2011-09-17 23:13:16 ----A---- C:\Windows\system32\drivers\athrx.sys
2011-09-17 23:13:16 ----A---- C:\Windows\system32\athrx.sys
2011-09-17 23:13:13 ----D---- C:\Program Files (x86)\Atheros WiFi Driver Installation
2011-09-17 23:08:27 ----D---- C:\ProgramData\Logitech
2011-09-17 23:05:56 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2011-09-17 23:04:36 ----D---- C:\ProgramData\Logishrd
2011-09-17 23:04:32 ----D---- C:\Program Files\Logitech
2011-09-17 23:03:07 ----D---- C:\Program Files\Common Files\LogiShrd
2011-09-17 23:02:53 ----D---- C:\Users\Vlado\AppData\Roaming\Logitech
2011-09-17 23:02:53 ----D---- C:\Users\Vlado\AppData\Roaming\Logishrd
2011-09-17 22:55:32 ----AD---- C:\Windows\VDLL.DLL
2011-09-17 22:55:32 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2011-09-17 22:55:32 ----AD---- C:\Windows\RUNDL132.EXE
2011-09-17 22:55:32 ----AD---- C:\Windows\logo_1.exe
2011-09-17 22:40:13 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2011-09-17 22:40:12 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2011-09-17 22:40:11 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2011-09-17 22:39:58 ----D---- C:\ProgramData\MicroWorld
2011-09-17 21:07:00 ----A---- C:\Program Files (x86)\e_fatibvl.exe
2011-09-17 20:36:04 ----D---- C:\Windows\SYSWOW64\Macromed
2011-09-14 17:47:25 ----D---- C:\ProgramData\Avanquest Bluetooth SDK
2011-09-14 17:31:10 ----D---- C:\ProgramData\Sony Ericsson
2011-09-14 17:31:10 ----D---- C:\Program Files (x86)\Sony Ericsson
2011-09-13 13:52:41 ----D---- C:\Program Files (x86)\CyberLink
2011-09-13 13:47:19 ----D---- C:\ProgramData\PDVD
2011-09-13 13:43:00 ----D---- C:\ProgramData\install_clap
======List of files/folders modified in the last 1 month======
2011-10-09 02:09:46 ----RD---- C:\Program Files
2011-10-09 02:03:41 ----D---- C:\Windows\system32\Tasks
2011-10-09 01:39:59 ----D---- C:\Windows
2011-10-09 01:39:59 ----A---- C:\Windows\system.ini
2011-10-09 01:15:41 ----D---- C:\Windows\SYSWOW64\drivers
2011-10-09 01:15:41 ----D---- C:\Windows\SysWOW64
2011-10-09 01:15:41 ----D---- C:\Windows\system32\drivers
2011-10-09 01:15:41 ----D---- C:\Windows\System32
2011-10-09 01:15:40 ----D---- C:\Windows\AppPatch
2011-10-09 01:15:39 ----D---- C:\Program Files\Common Files
2011-10-09 01:15:39 ----D---- C:\Program Files (x86)\Common Files
2011-10-09 01:00:00 ----SHD---- C:\System Volume Information
2011-10-09 00:45:01 ----D---- C:\Windows\Prefetch
2011-10-09 00:44:54 ----D---- C:\Windows\Tasks
2011-10-09 00:09:57 ----A---- C:\Windows\SYSWOW64\log.txt
2011-10-09 00:06:31 ----D---- C:\ProgramData\boost_interprocess
2011-10-08 23:30:51 ----SHD---- C:\Windows\Installer
2011-10-08 23:30:49 ----D---- C:\ProgramData\Microsoft Help
2011-10-08 22:23:41 ----D---- C:\Windows\SoftwareDistribution
2011-10-08 22:19:59 ----D---- C:\Program Files (x86)\SpeedFan
2011-10-08 21:59:55 ----A---- C:\Windows\win.ini
2011-10-08 21:19:24 ----D---- C:\Windows\system32\catroot
2011-10-08 21:19:21 ----D---- C:\Windows\system32\DriverStore
2011-10-08 21:19:21 ----D---- C:\Windows\inf
2011-10-08 21:19:13 ----RD---- C:\Program Files (x86)
2011-10-08 21:19:13 ----D---- C:\ProgramData
2011-10-08 20:36:11 ----AD---- C:\ProgramData\TEMP
2011-10-08 20:24:55 ----D---- C:\ProgramData\MFAData
2011-10-08 20:22:58 ----D---- C:\Windows\system32\drivers\AVG
2011-10-08 19:00:03 ----D---- C:\Program Files (x86)\Fraps
2011-10-08 18:10:51 ----D---- C:\Windows\system32\config
2011-10-08 16:54:30 ----D---- C:\Windows\winsxs
2011-10-08 03:03:49 ----D---- C:\Users\Vlado\AppData\Roaming\DAEMON Tools Lite
2011-10-08 03:03:48 ----D---- C:\Users\Vlado\AppData\Roaming\Winamp
2011-10-08 03:03:47 ----D---- C:\Users\Vlado\AppData\Roaming\Media Player Classic
2011-10-08 03:03:45 ----D---- C:\Users\Vlado\AppData\Roaming\Skype
2011-10-07 22:33:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-07 13:10:08 ----D---- C:\Windows\system32\catroot2
2011-10-05 16:53:28 ----D---- C:\ProgramData\KONAMI
2011-10-05 16:53:28 ----D---- C:\Program Files (x86)\KONAMI
2011-10-04 16:00:05 ----SD---- C:\Users\Vlado\AppData\Roaming\Microsoft
2011-10-03 18:23:12 ----D---- C:\Program Files (x86)\AVG
2011-10-03 10:28:20 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-10-01 18:30:16 ----RSD---- C:\Windows\Fonts
2011-10-01 18:30:16 ----D---- C:\Dolby PCEE4
2011-10-01 11:17:36 ----D---- C:\Windows\debug
2011-10-01 11:16:38 ----D---- C:\Windows\Downloaded Program Files
2011-10-01 11:09:56 ----D---- C:\Windows\Panther
2011-10-01 11:09:56 ----D---- C:\Windows\Logs
2011-10-01 11:06:50 ----D---- C:\Program Files\CCleaner
2011-09-30 23:21:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-29 21:30:42 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2011-09-29 21:30:30 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2011-09-29 21:30:30 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2011-09-28 01:49:43 ----D---- C:\Program Files (x86)\Codemasters
2011-09-27 23:29:06 ----RD---- C:\Users
2011-09-27 23:29:01 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-09-27 23:28:57 ----D---- C:\Program Files\NVIDIA Corporation
2011-09-27 23:28:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-27 23:27:29 ----D---- C:\Windows\Help
2011-09-27 23:09:32 ----D---- C:\Program Files (x86)\EA Sports
2011-09-27 22:55:02 ----D---- C:\Windows\SYSWOW64\directx
2011-09-26 22:01:05 ----D---- C:\Windows\pss
2011-09-26 18:50:14 ----SD---- C:\ProgramData\Microsoft
2011-09-26 10:19:15 ----D---- C:\ProgramData\Adobe
2011-09-24 19:50:13 ----D---- C:\Windows\system32\NDF
2011-09-23 06:16:22 ----D---- C:\Windows\system32\Boot
2011-09-23 06:14:44 ----D---- C:\Windows\system32\wfp
2011-09-23 06:14:44 ----D---- C:\Windows\system32\wbem
2011-09-23 06:14:44 ----D---- C:\Windows\ehome
2011-09-23 06:14:44 ----D---- C:\Program Files\Windows Media Player
2011-09-23 06:14:44 ----D---- C:\Program Files\Windows Mail
2011-09-23 06:14:44 ----D---- C:\Program Files\Internet Explorer
2011-09-23 06:14:44 ----D---- C:\Program Files (x86)\Windows Media Player
2011-09-23 06:14:44 ----D---- C:\Program Files (x86)\Windows Mail
2011-09-23 06:14:44 ----D---- C:\Program Files (x86)\Internet Explorer
2011-09-23 06:14:41 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-09-23 06:14:41 ----D---- C:\Windows\SYSWOW64\migration
2011-09-23 06:14:41 ----D---- C:\Windows\SYSWOW64\en-US
2011-09-23 06:14:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-09-23 06:14:41 ----D---- C:\Windows\system32\sk-SK
2011-09-23 06:14:41 ----D---- C:\Windows\system32\migration
2011-09-23 06:14:41 ----D---- C:\Windows\system32\en-US
2011-09-23 06:14:41 ----D---- C:\Windows\system32\cs-CZ
2011-09-23 06:14:25 ----D---- C:\Windows\servicing
2011-09-23 06:14:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-09-23 06:13:02 ----D---- C:\Windows\registration
2011-09-23 06:11:48 ----D---- C:\Windows\Microsoft.NET
2011-09-23 06:10:25 ----RSD---- C:\Windows\assembly
2011-09-23 01:24:17 ----D---- C:\Windows\system32\LogFiles
2011-09-19 11:36:28 ----HD---- C:\ProgramData\Common Files
2011-09-18 21:27:45 ----RD---- C:\Program Files (x86)\Left 4 Dead 2
2011-09-18 16:06:48 ----HD---- C:\Program Files (x86)\Temp
2011-09-17 23:12:03 ----D---- C:\ProgramData\Atheros
2011-09-17 23:10:28 ----D---- C:\Program Files\Broadcom
2011-09-17 22:59:50 ----D---- C:\Windows\system32\drivers\etc
2011-09-15 18:43:02 ----D---- C:\ProgramData\CyberLink
2011-09-13 13:49:38 ----D---- C:\Users\Vlado\AppData\Roaming\CyberLink
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-08-03 27240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-16 526392]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-09-18 130760]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 networx;networx; C:\Windows\system32\drivers\networx.sys [2011-09-14 57480]
R1 PStrip64;PStrip64; C:\Windows\system32\drivers\pstrip64.sys [2006-09-30 13008]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-08-31 230352]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 458840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-09-15 97312]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-21 2753536]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-20 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-20 19496]
R3 bpenum;bpenum; C:\Windows\system32\DRIVERS\bpenum.sys [2010-05-16 71168]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-01-19 52264]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-01-13 85544]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-07-29 28832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-10 12223936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-29 2819560]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-03-31 412712]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-06-10 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-06-10 208896]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-07-29 1383472]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S1 ntiomin;ntiomin; C:\Windows\system32\drivers\ntiomin.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-07-29 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-07-29 295072]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-07-29 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-07-29 51872]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-07-29 154272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-31 26752]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 140672]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-06-07 408576]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-08-03 980072]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-06-29 3246920]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2011-09-08 995232]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2011-03-18 2435592]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MSR Service;Virtual Disk Service Manager; C:\Program Files (x86)\Clarus\Samsung SecretZone\MSSvc.exe [2009-12-30 114688]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 359192]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalený NB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený NB
Dvouklikem na soubor: C:\Program Files\trend micro\Vlado.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve ve čtverečcích zaškrtněte:
PC restartujte do nouz. režimu a zkuste provést sken v něm. Dělal jste rovněž sken ComboFix. Rád bych viděl log. Je uložen v C:\combofix.txt .
a klikněte na >Fix checked<.O1 - Hosts: ::1 localhost
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... Mi1FRU1CUg"&"inst=NzYtOTM3NTkyMjcyLUQzODFMKzctSTEwKzEtU1QxMEFQUCsxLUREVCswLUxTRCsyLVNUMTJPSSsxLUVVTEErMS1JMTIrMS1TVDEyQVBQKzE"&"prod=94"&"ver=2012.0.1831"&"mid=348c6a7afe4c47d19878cd3c4e3e5001-0eef664be6c5876fa02ad3472257e670cc462531
PC restartujte do nouz. režimu a zkuste provést sken v něm. Dělal jste rovněž sken ComboFix. Rád bych viděl log. Je uložen v C:\combofix.txt .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomalený NB
ComboFix 11-10-08.04 - Vlado . 10. 2011 0:56.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3948.2122 [GMT 2:00]
Running from: c:\users\Vlado\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))))
.
.
2011-10-08 23:38 . 2011-10-08 23:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-08 22:10 . 2011-10-08 22:10 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B50D8E63-BEC2-43F6-B0AD-91F351E7856B}\offreg.dll
2011-10-08 20:00 . 2011-10-08 20:00 -------- d---a-w- c:\windows\rundll16.exe
2011-10-08 20:00 . 2011-10-08 20:00 -------- d---a-w- c:\windows\logo1_.exe
2011-10-08 19:19 . 2011-10-08 19:19 -------- d-----w- c:\users\Vlado\AppData\Roaming\Avira
2011-10-08 19:19 . 2011-09-18 06:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-08 19:19 . 2011-09-15 21:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-08 19:19 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-08 19:19 . 2011-10-08 19:19 -------- d-----w- c:\programdata\Avira
2011-10-08 19:19 . 2011-10-08 19:19 -------- d-----w- c:\program files (x86)\Avira
2011-10-08 19:12 . 2011-03-17 23:24 69120 ----a-w- c:\windows\SysWow64\zlcomm.dll
2011-10-08 19:12 . 2011-03-17 23:24 104448 ----a-w- c:\windows\SysWow64\zlcommdb.dll
2011-10-08 19:12 . 2011-10-08 19:12 -------- d-----w- c:\windows\SysWow64\ZoneLabs
2011-10-08 19:12 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\SysWow64\zpeng25.dll
2011-10-08 19:12 . 2011-10-08 19:12 -------- d-----w- c:\program files (x86)\Zone Labs
2011-10-08 19:12 . 2010-05-15 14:30 458840 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-10-08 19:11 . 2011-10-08 19:11 -------- d-----w- c:\programdata\CheckPoint
2011-10-08 19:11 . 2011-10-08 23:39 -------- d-----w- c:\windows\Internet Logs
2011-10-08 19:00 . 2011-09-21 07:00 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B50D8E63-BEC2-43F6-B0AD-91F351E7856B}\mpengine.dll
2011-10-08 18:08 . 2011-10-08 18:08 -------- d-----w- c:\programdata\Kaspersky Lab
2011-10-08 17:57 . 2011-10-08 18:01 -------- d-----w- c:\programdata\Spyware Terminator
2011-10-08 17:57 . 2011-10-08 17:57 -------- d-----w- c:\users\Vlado\AppData\Roaming\Spyware Terminator
2011-10-08 17:55 . 2011-10-08 17:57 -------- d-----w- c:\program files (x86)\Spyware Terminator
2011-10-08 17:52 . 2011-10-08 18:36 -------- d-----w- c:\users\Vlado\AppData\Local\NPE
2011-10-08 17:52 . 2011-10-08 17:53 -------- d-----w- c:\programdata\Norton
2011-10-08 17:45 . 2011-10-08 17:45 -------- d-----w- c:\program files (x86)\SpywareBlaster
2011-10-08 17:45 . 2010-01-10 17:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2011-10-08 15:11 . 2011-10-08 19:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-10-08 15:11 . 2011-10-08 15:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-10-08 14:52 . 2011-10-08 16:30 -------- d-----w- c:\programdata\STOPzilla!
2011-10-08 11:59 . 2011-10-08 16:30 -------- d-----w- c:\program files (x86)\STOPZILLA!
2011-10-08 11:59 . 2011-10-08 11:59 -------- d-----w- c:\program files (x86)\Common Files\IS3
2011-10-08 10:08 . 2011-10-08 10:08 110080 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconF7A21AF7.exe
2011-10-08 10:08 . 2011-10-08 10:08 110080 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconD7F16134.exe
2011-10-08 10:08 . 2011-10-08 10:08 110080 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\Icon1226A4C5.exe
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- C:\sh4ldr
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- c:\program files\Enigma Software Group
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- c:\windows\14E9D3713DAD4A57B935577AB862F3B3.TMP
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-10-07 23:52 . 2011-10-08 21:45 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-10-06 16:22 . 2011-10-06 16:22 -------- d-----w- c:\programdata\WNR
2011-10-06 16:22 . 2011-10-06 16:22 -------- d-----w- c:\users\Vlado\AppData\Roaming\WNR
2011-10-06 16:22 . 2011-10-06 16:22 -------- d-----w- c:\program files (x86)\Proxy Switcher Standard
2011-10-05 15:46 . 2011-10-05 15:46 -------- d-----w- c:\users\Vlado\AppData\Local\Diagnostics
2011-10-04 15:01 . 2011-10-04 15:01 -------- d-----w- c:\program files (x86)\Launch Manager
2011-10-03 16:27 . 2011-10-03 16:27 -------- d-----w- c:\users\Vlado\AppData\Roaming\AVG2012
2011-10-03 16:24 . 2011-10-08 18:33 -------- d-----w- c:\programdata\AVG2012
2011-10-03 08:07 . 2011-10-03 08:07 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2011-10-02 20:56 . 2011-10-02 20:56 -------- d-----w- c:\users\Vlado\AppData\Roaming\Malwarebytes
2011-10-02 20:56 . 2011-10-02 20:56 -------- d-----w- c:\programdata\Malwarebytes
2011-10-02 20:56 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-02 20:56 . 2011-10-03 19:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-09-29 19:31 . 2011-09-29 19:31 11776 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nprjplug.dll
2011-09-29 19:30 . 2011-09-29 19:30 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2011-09-29 19:30 . 2011-09-29 19:30 150696 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppl3260.dll
2011-09-29 19:30 . 2011-09-29 19:30 107008 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll
2011-09-29 19:30 . 2011-09-29 19:31 -------- d-----w- c:\program files (x86)\Real
2011-09-27 21:32 . 2011-09-28 09:17 -------- d-----w- c:\windows\SysWow64\NV
2011-09-27 21:32 . 2011-09-28 09:17 -------- d-----w- c:\windows\system32\NV
2011-09-27 21:29 . 2011-09-27 21:32 -------- d-----w- c:\programdata\NVIDIA
2011-09-27 21:29 . 2011-09-27 21:29 -------- d-----w- c:\users\UpdatusUser
2011-09-27 21:27 . 2011-08-03 11:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-09-27 21:27 . 2011-08-03 11:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-09-27 21:27 . 2011-08-03 11:50 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-09-27 21:27 . 2011-08-03 11:50 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-09-27 21:27 . 2011-08-03 11:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-09-27 21:27 . 2011-08-03 11:50 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-09-27 21:27 . 2011-08-03 11:50 335976 ----a-w- c:\windows\system32\nvhotkey.dll
2011-09-27 21:27 . 2011-08-03 11:50 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-09-27 21:27 . 2011-08-03 11:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-09-27 21:27 . 2011-08-03 11:50 1816324 ----a-w- c:\windows\system32\nvcoproc.bin
2011-09-27 21:27 . 2011-08-03 11:50 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-09-27 21:27 . 2011-09-27 21:27 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-09-27 20:54 . 2011-09-27 20:54 -------- d--h--w- c:\windows\msdownld.tmp
2011-09-26 19:53 . 2011-09-26 19:55 -------- d-----w- c:\users\Vlado\AppData\Roaming\Tunngle
2011-09-26 19:53 . 2011-09-26 19:53 -------- d-----w- c:\programdata\Tunngle
2011-09-26 19:53 . 2011-09-26 19:55 -------- d-----w- c:\program files (x86)\Tunngle
2011-09-26 19:53 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2011-09-26 16:50 . 2011-09-26 16:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-09-26 15:00 . 2011-09-26 15:00 -------- d-----w- c:\program files (x86)\T-Lexicon
2011-09-26 15:00 . 2000-07-09 18:15 106496 ----a-w- c:\windows\SysWow64\mbprgbar.ocx
2011-09-26 15:00 . 2000-05-21 23:00 140488 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2011-09-26 15:00 . 1998-06-23 23:00 244024 ----a-w- c:\windows\SysWow64\msflxgrd.ocx
2011-09-25 09:37 . 2011-09-25 09:42 -------- d-----w- c:\users\Vlado\AppData\Roaming\NetMeter
2011-09-25 09:37 . 2011-09-27 08:36 -------- d-----w- c:\program files (x86)\NetMeter
2011-09-25 09:34 . 2011-09-25 09:35 -------- d-----w- c:\program files (x86)\NET Traffic Meter
2011-09-24 18:42 . 2011-10-07 20:31 -------- d-----w- c:\program files (x86)\Lock Folder XP
2011-09-24 18:11 . 2011-09-24 18:11 -------- d-----w- C:\found.000
2011-09-24 16:53 . 2011-09-24 16:53 -------- d-----w- c:\program files (x86)\vShare.tv plugin
2011-09-24 16:33 . 2011-09-24 16:33 -------- d-----w- c:\program files (x86)\Veetle
2011-09-23 18:24 . 2011-09-14 15:36 57480 ----a-w- c:\windows\system32\drivers\networx.sys
2011-09-23 18:24 . 2011-09-23 18:24 -------- d-----w- c:\program files\NetWorx
2011-09-23 18:24 . 2011-09-23 18:24 -------- d-----w- c:\programdata\SoftPerfect
2011-09-23 11:23 . 2011-10-07 18:55 -------- d-----w- c:\users\Vlado\AppData\Roaming\ICQ
2011-09-23 11:23 . 2011-09-23 11:29 -------- d-----w- c:\program files (x86)\ICQ7.6
2011-09-23 06:48 . 2011-09-23 06:48 -------- d-----w- c:\users\Vlado\AppData\Roaming\SUPERAntiSpyware.com
2011-09-23 06:47 . 2011-10-02 13:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-23 06:47 . 2011-09-23 06:47 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-22 08:37 . 2011-09-22 08:37 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-22 08:36 . 2011-09-22 08:36 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-18 19:33 . 2011-09-18 20:10 -------- d-----w- c:\users\Vlado\AppData\Local\dxhr
2011-09-18 19:32 . 2011-09-18 19:32 -------- d-----w- c:\users\Vlado\AppData\Local\28050
2011-09-18 19:22 . 2011-09-18 19:22 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-09-18 19:21 . 2011-10-01 09:10 -------- d-----w- c:\program files (x86)\Steam
2011-09-18 19:19 . 2011-09-18 19:19 -------- d-----w- c:\program files (x86)\Square Enix
2011-09-18 14:06 . 2011-09-18 14:07 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-09-17 21:19 . 2011-09-27 21:00 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-09-17 21:19 . 2011-09-27 21:00 -------- d-----w- c:\users\Vlado\SystemRequirementsLab
2011-09-17 21:19 . 2011-09-17 21:19 -------- d-----w- c:\windows\Sun
2011-09-17 21:18 . 2011-09-17 21:18 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-09-17 21:18 . 2011-09-17 21:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-17 21:17 . 2011-09-17 21:17 -------- d-----w- c:\program files (x86)\Java
2011-09-17 21:13 . 2011-06-20 23:03 2753536 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-09-17 21:13 . 2011-06-20 23:03 2753536 ----a-w- c:\windows\system32\athrx.sys
2011-09-17 21:13 . 2011-09-17 21:13 -------- d-----w- c:\program files (x86)\Atheros WiFi Driver Installation
2011-09-17 21:08 . 2011-09-17 21:08 -------- d-----w- c:\programdata\Logitech
2011-09-17 21:06 . 2011-09-17 21:06 53248 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-09-17 21:06 . 2011-09-17 21:06 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-09-17 21:05 . 2011-09-17 21:05 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-09-17 21:04 . 2011-09-17 21:06 -------- d-----w- c:\programdata\Logishrd
2011-09-17 21:04 . 2011-09-17 21:04 -------- d-----w- c:\program files\Logitech
2011-09-17 21:03 . 2011-09-17 21:05 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-09-17 21:02 . 2011-09-17 21:06 -------- d-----w- c:\users\Vlado\AppData\Roaming\Logitech
2011-09-17 21:02 . 2011-09-17 21:03 -------- d-----w- c:\users\Vlado\AppData\Roaming\Logishrd
2011-09-17 20:55 . 2011-09-17 20:55 -------- d---a-w- c:\windows\VDLL.DLL
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 19:30 . 2011-08-16 16:58 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-09-29 19:30 . 2011-08-16 16:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-31 19:41 . 2011-08-27 15:42 230352 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2011-08-31 17:12 . 2011-08-16 16:04 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-22 16:28 . 2011-08-22 16:28 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-08-21 17:58 . 2011-08-17 10:58 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-21 17:58 . 2011-08-17 10:58 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-08-21 17:58 . 2011-08-17 10:58 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-21 17:58 . 2011-08-17 10:58 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-08-21 17:30 . 2011-08-17 08:10 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-08-17 08:10 . 2011-08-17 08:10 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-08-17 08:10 . 2011-08-17 08:10 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-08-17 06:53 . 2011-08-16 16:17 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2011-08-16 18:38 . 2011-08-16 18:38 111960 ----a-w- c:\windows\dxsdkuninst.exe
2011-08-08 08:00 . 2011-08-16 17:13 74752 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-07-16 14:17 . 2011-08-16 17:13 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-07-03 03:01 66048 --sh--w- c:\windows\kdhr.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-08_12.45.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-08 19:12 . 2011-03-17 23:24 99328 c:\windows\SysWOW64\ZoneLabs\zlquarantine.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 70656 c:\windows\SysWOW64\ZoneLabs\zatray.exe
+ 2011-10-08 19:12 . 2011-03-17 23:25 21504 c:\windows\SysWOW64\ZoneLabs\lib\zsys.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 14336 c:\windows\SysWOW64\ZoneLabs\lib\zmenu.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 48640 c:\windows\SysWOW64\ZoneLabs\lib\zfde.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 85504 c:\windows\SysWOW64\ZoneLabs\lib\ZAlert.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 37376 c:\windows\SysWOW64\ZoneLabs\lib\UpdateUI.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1488.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1487.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1486.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 20992 c:\windows\SysWOW64\ZoneLabs\lib\oem_1466.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1460.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 10240 c:\windows\SysWOW64\ZoneLabs\lib\oem_1454.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 11264 c:\windows\SysWOW64\ZoneLabs\lib\oem_1445.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 14336 c:\windows\SysWOW64\ZoneLabs\lib\oem_1440.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12288 c:\windows\SysWOW64\ZoneLabs\lib\oem_1413.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 11264 c:\windows\SysWOW64\ZoneLabs\lib\oem_1010.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 29184 c:\windows\SysWOW64\ZoneLabs\lib\NavBar.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 13312 c:\windows\SysWOW64\ZoneLabs\lib\MainLoop.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 35840 c:\windows\SysWOW64\ZoneLabs\lib\Alert.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 38912 c:\windows\SysWOW64\ZoneLabs\featuremap.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 75776 c:\windows\SysWOW64\ZoneLabs\camupd.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 43008 c:\windows\SysWOW64\vswmi.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 58368 c:\windows\SysWOW64\vsregexp.dll
- 2009-07-14 04:54 . 2011-10-08 11:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-08 11:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-08 11:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-10-08 22:10 20528 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:30 . 2011-09-27 21:27 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-10-08 19:19 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-08-16 21:53 . 2011-10-08 22:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-16 21:53 . 2011-10-08 11:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-16 21:53 . 2011-10-08 22:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-08-16 21:53 . 2011-10-08 11:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-08 11:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-10-08 20:24 72704 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-08-17 11:17 . 2011-10-08 11:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-17 11:17 . 2011-10-08 23:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-17 11:17 . 2011-10-08 11:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-17 11:17 . 2011-10-08 23:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-16 16:32 . 2011-10-08 22:10 6850 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2011-08-16 16:00 . 2011-10-08 22:10 2636 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1423695623-2137554875-172501308-1000_UserData.bin
+ 2011-10-08 22:47 . 2011-10-08 22:47 9560 c:\windows\system32\NetworkList\Icons\{C099B5AE-C5A3-4CBD-85B3-DDB62E723622}_48.bin
+ 2011-10-08 22:47 . 2011-10-08 22:47 4280 c:\windows\system32\NetworkList\Icons\{C099B5AE-C5A3-4CBD-85B3-DDB62E723622}_32.bin
+ 2011-10-08 22:47 . 2011-10-08 22:47 2456 c:\windows\system32\NetworkList\Icons\{C099B5AE-C5A3-4CBD-85B3-DDB62E723622}_24.bin
+ 2011-10-08 22:03 . 2011-10-08 22:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-08 12:01 . 2011-10-08 12:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-08 22:03 . 2011-10-08 22:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-08 12:01 . 2011-10-08 12:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-08 19:12 . 2011-03-17 23:24 141824 c:\windows\SysWOW64\ZoneLabs\zlupdate.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 173056 c:\windows\SysWOW64\ZoneLabs\vsvault.dll
+ 2011-10-08 19:11 . 2011-03-17 23:24 211456 c:\windows\SysWOW64\ZoneLabs\vsdb.dll
+ 2011-10-08 19:12 . 2007-10-11 14:51 832984 c:\windows\SysWOW64\ZoneLabs\updating.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 434688 c:\windows\SysWOW64\ZoneLabs\ssleay32.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 135680 c:\windows\SysWOW64\ZoneLabs\scheduler.dll
+ 2011-10-08 19:12 . 2009-07-13 21:58 722392 c:\windows\SysWOW64\ZoneLabs\qrbase.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 126976 c:\windows\SysWOW64\ZoneLabs\lib\zui.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 280064 c:\windows\SysWOW64\ZoneLabs\lib\TrayTest.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 225792 c:\windows\SysWOW64\ZoneLabs\lib\Overview.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 368640 c:\windows\SysWOW64\ZoneLabs\lib\LicenseUI.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 184832 c:\windows\SysWOW64\ZoneLabs\lib\DashBoard.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 375296 c:\windows\SysWOW64\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2011-10-08 19:11 . 2010-02-08 06:41 595432 c:\windows\SysWOW64\ZoneLabs\icslta.dll
+ 2011-10-08 19:12 . 2010-11-08 16:58 284136 c:\windows\SysWOW64\ZoneLabs\ffapi.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 169984 c:\windows\SysWOW64\ZoneLabs\fbl.dll
+ 2011-10-08 19:12 . 2008-03-17 14:52 813568 c:\windows\SysWOW64\ZoneLabs\dbghelp.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 110080 c:\windows\SysWOW64\vsxml.dll
+ 2011-10-08 19:11 . 2011-03-17 23:24 715264 c:\windows\SysWOW64\vsutil.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 302592 c:\windows\SysWOW64\vspubapi.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 108032 c:\windows\SysWOW64\vsmonapi.dll
+ 2011-10-08 19:11 . 2011-03-17 23:24 228864 c:\windows\SysWOW64\vsinit.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 112128 c:\windows\SysWOW64\vsdata.dll
- 2009-07-14 05:30 . 2011-09-27 21:27 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-10-08 19:19 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-09-27 21:27 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-10-08 19:19 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-10-08 19:12 . 2010-05-15 14:30 458840 c:\windows\system32\DriverStore\FileRepository\vsdatant.inf_amd64_neutral_f782e0172cdac971\vsdatant.sys
- 2009-07-14 05:01 . 2011-10-08 11:59 402784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-10-08 17:09 402784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-08 19:12 . 2011-03-17 23:24 1790464 c:\windows\SysWOW64\ZoneLabs\vsruledb.dll
+ 2011-10-08 19:12 . 2011-03-17 23:26 2435592 c:\windows\SysWOW64\ZoneLabs\vsmon.exe
+ 2011-10-08 19:12 . 2011-03-17 23:25 1536512 c:\windows\SysWOW64\ZoneLabs\lib\zpy.zip.dll
+ 2009-07-14 02:34 . 2011-10-08 16:11 9699328 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2011-10-08 11:59 9699328 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 04:45 . 2011-10-08 16:18 3632425 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-09-17 21:06 3632425 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-08-16 17:28 . 2011-10-08 17:10 30170542 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1423695623-2137554875-172501308-1000-12288.dat
- 2011-08-16 17:28 . 2011-10-08 11:59 30170542 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1423695623-2137554875-172501308-1000-12288.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.sk/sk.special-uninstalla ... 70cc462531" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
2;2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
R1 ntiomin;ntiomin; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MSR Service;Virtual Disk Service Manager;c:\program files (x86)\Clarus\Samsung SecretZone\MSSvc.exe [2009-12-30 114688]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [x]
S1 PStrip64;PStrip64;c:\windows\system32\drivers\pstrip64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/09/13 13:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-08-25 11:06 148976]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-06-29 3246920]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-06-07 911872]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1423695623-2137554875-172501308-1000Core.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 10:59]
.
2011-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1423695623-2137554875-172501308-1000UA.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 10:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2011-09-14 2871808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-09-28 2775728]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-09-28 3609776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nástrojová lišta RoboFormu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Prispôsobiť menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Uložiť formulár - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplniť formulár - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 147.251.197.1 147.251.4.33
FF - ProfilePath - c:\users\Vlado\AppData\Roaming\Mozilla\Firefox\Profiles\8ij7f0cx.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 9090
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9090
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9090
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9090
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-TaskTray - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1423695623-2137554875-172501308-1000\Software\SecuROM\License information*]
"datasecu"=hex:7d,85,c0,a2,23,37,95,87,d4,9a,4b,36,93,20,e5,91,70,d5,23,5e,71,
ba,7d,ca,77,27,40,51,68,44,89,82,a5,7b,23,e3,c0,42,ea,86,46,aa,af,ce,24,65,\
"rkeysecu"=hex:0c,bc,06,08,8d,d0,41,32,be,6f,10,02,dc,b0,be,e5
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="607ADA620A837EEB05DFB7291FF4B524A941F6CE5AC152E275196830B25510673CA124AAAFB86614FBF042648EB1AA04229FE9A7AA6C86A5A278AC5043413674634834C08B7BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933BA7FD869164D67945D575E7D6A3B9808AD49194FE441B35DDDB107656C76ABD8D6B8F7ED82EDDDA3B69F5B7958D28DBB342AACB95306E53066CCE4463A198FEED6722CF2AB5B0DA0684C65B5F070ED1E89B4831D197F4D67BA2436D663E9A635E13261C67D19ED986FA462300ED209A852192D64952E8AC0BBB0B0121682C54CB6D7929590F8AC2D889434E3D5267F9E68E990FD9CB4D140804FDE77711D5899492A8E0FF470864225690FD464B88385D820E7DCF65CEA2DD43FA08B0E1C5845C1D1FA69AB1B4D0167547B07C67E5DA7E6153FF7DE11B292B5A42756F084D9B979DCCE5B2BB5E8D72B6E5684818C68938609FAC887E118BE56887B6219FE81A883BB5623DC225277F9B051DA0C9E129A61A04ECF9184A0461CD8F5BF775987059F4331019E6718549679709C4F9460D2D5E0448D974EE47FA3E2C6037082B988482F523942ADDC29F38B0C5E2D6FE717F437BA0A243C10853ADDF0C25E91F9AE271C03148FC3D6F0BB0D523A7658D5060471E34F376E63B8E161CA990DBD3DB61D8A5D60BE1BCFEE490842CDF19767817DC4C36C46A9B13AD1E7FDA9BDE48C253CDF526B7ECA27272F6BB1BADC9EF22E8D4736F338D3E4F274D40B15A60884434DE5248C710B4DE22F8A482665FE5D7816F3E77C6879780D69EAC383EECAD89CCBC96D9BACBB4AAEC31A85BA2D6EA28CAD2C5A21294CFCF781D2CFA13477CB80E69E17753A5CB7DC19B4B6264CCAD15D1DB1E3003C9E17674319299D877AB80481D6637A199543828ED903984E110F21612CADBB5AE77E51EAAD9FACEEE40BFEB3CEE38E3A2FB0F7BAEAE248B16491D22CA737FA30457E71E4E4D38462EAC60E4941801B0417D4DAE42FA2F0690CA22FE39250E85DF5F8C656F73EE250667E11C1D1770E51E09A0D89D063CCDB72233921419F3475DDE1959203A90718D3DCABCF05D5D5EE4180B1D95D19A0E4A60836336B9E8E81054163270634338ED31FC65B4381681F12973339480D30545C54B198AA1BAE7B97337C5065D1B0FD2B960E015B30BD18D1883F41675C456BE82779097FB75056E4E86F816B47C923C4A8F10FFE6FD284A18B463D75772EE148AE9E6ECEE8B1F3E0258FE141B0CEAE2A4DA58A421D2981486F7DAF9024BCE31AAC7864DCF8152D2441F44B7AFC13458F1323291F6F44A2AE96DE4B3BF8C58E1FF920BDD786C1CDE929F8CB88EE6F81471BA4D6F2EB2CEAE477A57A5C64A3F640027301CC82819512DC3C2746"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-10-09 01:51:05
ComboFix-quarantined-files.txt 2011-10-08 23:50
ComboFix2.txt 2011-10-08 12:49
.
Pre-Run: 62 617 853 952 bytes free
Post-Run: 63 458 779 136 bytes free
.
- - End Of File - - C3FF36AE9C65CC4B19E7072CC073F2CB
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3948.2122 [GMT 2:00]
Running from: c:\users\Vlado\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))))
.
.
2011-10-08 23:38 . 2011-10-08 23:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-08 22:10 . 2011-10-08 22:10 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B50D8E63-BEC2-43F6-B0AD-91F351E7856B}\offreg.dll
2011-10-08 20:00 . 2011-10-08 20:00 -------- d---a-w- c:\windows\rundll16.exe
2011-10-08 20:00 . 2011-10-08 20:00 -------- d---a-w- c:\windows\logo1_.exe
2011-10-08 19:19 . 2011-10-08 19:19 -------- d-----w- c:\users\Vlado\AppData\Roaming\Avira
2011-10-08 19:19 . 2011-09-18 06:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-08 19:19 . 2011-09-15 21:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-08 19:19 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-08 19:19 . 2011-10-08 19:19 -------- d-----w- c:\programdata\Avira
2011-10-08 19:19 . 2011-10-08 19:19 -------- d-----w- c:\program files (x86)\Avira
2011-10-08 19:12 . 2011-03-17 23:24 69120 ----a-w- c:\windows\SysWow64\zlcomm.dll
2011-10-08 19:12 . 2011-03-17 23:24 104448 ----a-w- c:\windows\SysWow64\zlcommdb.dll
2011-10-08 19:12 . 2011-10-08 19:12 -------- d-----w- c:\windows\SysWow64\ZoneLabs
2011-10-08 19:12 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\SysWow64\zpeng25.dll
2011-10-08 19:12 . 2011-10-08 19:12 -------- d-----w- c:\program files (x86)\Zone Labs
2011-10-08 19:12 . 2010-05-15 14:30 458840 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-10-08 19:11 . 2011-10-08 19:11 -------- d-----w- c:\programdata\CheckPoint
2011-10-08 19:11 . 2011-10-08 23:39 -------- d-----w- c:\windows\Internet Logs
2011-10-08 19:00 . 2011-09-21 07:00 9049936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B50D8E63-BEC2-43F6-B0AD-91F351E7856B}\mpengine.dll
2011-10-08 18:08 . 2011-10-08 18:08 -------- d-----w- c:\programdata\Kaspersky Lab
2011-10-08 17:57 . 2011-10-08 18:01 -------- d-----w- c:\programdata\Spyware Terminator
2011-10-08 17:57 . 2011-10-08 17:57 -------- d-----w- c:\users\Vlado\AppData\Roaming\Spyware Terminator
2011-10-08 17:55 . 2011-10-08 17:57 -------- d-----w- c:\program files (x86)\Spyware Terminator
2011-10-08 17:52 . 2011-10-08 18:36 -------- d-----w- c:\users\Vlado\AppData\Local\NPE
2011-10-08 17:52 . 2011-10-08 17:53 -------- d-----w- c:\programdata\Norton
2011-10-08 17:45 . 2011-10-08 17:45 -------- d-----w- c:\program files (x86)\SpywareBlaster
2011-10-08 17:45 . 2010-01-10 17:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2011-10-08 15:11 . 2011-10-08 19:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-10-08 15:11 . 2011-10-08 15:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-10-08 14:52 . 2011-10-08 16:30 -------- d-----w- c:\programdata\STOPzilla!
2011-10-08 11:59 . 2011-10-08 16:30 -------- d-----w- c:\program files (x86)\STOPZILLA!
2011-10-08 11:59 . 2011-10-08 11:59 -------- d-----w- c:\program files (x86)\Common Files\IS3
2011-10-08 10:08 . 2011-10-08 10:08 110080 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconF7A21AF7.exe
2011-10-08 10:08 . 2011-10-08 10:08 110080 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconD7F16134.exe
2011-10-08 10:08 . 2011-10-08 10:08 110080 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\Icon1226A4C5.exe
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- C:\sh4ldr
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- c:\program files\Enigma Software Group
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- c:\windows\14E9D3713DAD4A57B935577AB862F3B3.TMP
2011-10-08 10:08 . 2011-10-08 10:08 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-10-07 23:52 . 2011-10-08 21:45 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-10-06 16:22 . 2011-10-06 16:22 -------- d-----w- c:\programdata\WNR
2011-10-06 16:22 . 2011-10-06 16:22 -------- d-----w- c:\users\Vlado\AppData\Roaming\WNR
2011-10-06 16:22 . 2011-10-06 16:22 -------- d-----w- c:\program files (x86)\Proxy Switcher Standard
2011-10-05 15:46 . 2011-10-05 15:46 -------- d-----w- c:\users\Vlado\AppData\Local\Diagnostics
2011-10-04 15:01 . 2011-10-04 15:01 -------- d-----w- c:\program files (x86)\Launch Manager
2011-10-03 16:27 . 2011-10-03 16:27 -------- d-----w- c:\users\Vlado\AppData\Roaming\AVG2012
2011-10-03 16:24 . 2011-10-08 18:33 -------- d-----w- c:\programdata\AVG2012
2011-10-03 08:07 . 2011-10-03 08:07 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2011-10-02 20:56 . 2011-10-02 20:56 -------- d-----w- c:\users\Vlado\AppData\Roaming\Malwarebytes
2011-10-02 20:56 . 2011-10-02 20:56 -------- d-----w- c:\programdata\Malwarebytes
2011-10-02 20:56 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-02 20:56 . 2011-10-03 19:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-09-29 19:31 . 2011-09-29 19:31 11776 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nprjplug.dll
2011-09-29 19:30 . 2011-09-29 19:30 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2011-09-29 19:30 . 2011-09-29 19:30 150696 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppl3260.dll
2011-09-29 19:30 . 2011-09-29 19:30 107008 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nprpjplug.dll
2011-09-29 19:30 . 2011-09-29 19:31 -------- d-----w- c:\program files (x86)\Real
2011-09-27 21:32 . 2011-09-28 09:17 -------- d-----w- c:\windows\SysWow64\NV
2011-09-27 21:32 . 2011-09-28 09:17 -------- d-----w- c:\windows\system32\NV
2011-09-27 21:29 . 2011-09-27 21:32 -------- d-----w- c:\programdata\NVIDIA
2011-09-27 21:29 . 2011-09-27 21:29 -------- d-----w- c:\users\UpdatusUser
2011-09-27 21:27 . 2011-08-03 11:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-09-27 21:27 . 2011-08-03 11:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-09-27 21:27 . 2011-08-03 11:50 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-09-27 21:27 . 2011-08-03 11:50 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-09-27 21:27 . 2011-08-03 11:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-09-27 21:27 . 2011-08-03 11:50 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-09-27 21:27 . 2011-08-03 11:50 335976 ----a-w- c:\windows\system32\nvhotkey.dll
2011-09-27 21:27 . 2011-08-03 11:50 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-09-27 21:27 . 2011-08-03 11:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-09-27 21:27 . 2011-08-03 11:50 1816324 ----a-w- c:\windows\system32\nvcoproc.bin
2011-09-27 21:27 . 2011-08-03 11:50 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-09-27 21:27 . 2011-09-27 21:27 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-09-27 20:54 . 2011-09-27 20:54 -------- d--h--w- c:\windows\msdownld.tmp
2011-09-26 19:53 . 2011-09-26 19:55 -------- d-----w- c:\users\Vlado\AppData\Roaming\Tunngle
2011-09-26 19:53 . 2011-09-26 19:53 -------- d-----w- c:\programdata\Tunngle
2011-09-26 19:53 . 2011-09-26 19:55 -------- d-----w- c:\program files (x86)\Tunngle
2011-09-26 19:53 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2011-09-26 16:50 . 2011-09-26 16:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-09-26 15:00 . 2011-09-26 15:00 -------- d-----w- c:\program files (x86)\T-Lexicon
2011-09-26 15:00 . 2000-07-09 18:15 106496 ----a-w- c:\windows\SysWow64\mbprgbar.ocx
2011-09-26 15:00 . 2000-05-21 23:00 140488 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2011-09-26 15:00 . 1998-06-23 23:00 244024 ----a-w- c:\windows\SysWow64\msflxgrd.ocx
2011-09-25 09:37 . 2011-09-25 09:42 -------- d-----w- c:\users\Vlado\AppData\Roaming\NetMeter
2011-09-25 09:37 . 2011-09-27 08:36 -------- d-----w- c:\program files (x86)\NetMeter
2011-09-25 09:34 . 2011-09-25 09:35 -------- d-----w- c:\program files (x86)\NET Traffic Meter
2011-09-24 18:42 . 2011-10-07 20:31 -------- d-----w- c:\program files (x86)\Lock Folder XP
2011-09-24 18:11 . 2011-09-24 18:11 -------- d-----w- C:\found.000
2011-09-24 16:53 . 2011-09-24 16:53 -------- d-----w- c:\program files (x86)\vShare.tv plugin
2011-09-24 16:33 . 2011-09-24 16:33 -------- d-----w- c:\program files (x86)\Veetle
2011-09-23 18:24 . 2011-09-14 15:36 57480 ----a-w- c:\windows\system32\drivers\networx.sys
2011-09-23 18:24 . 2011-09-23 18:24 -------- d-----w- c:\program files\NetWorx
2011-09-23 18:24 . 2011-09-23 18:24 -------- d-----w- c:\programdata\SoftPerfect
2011-09-23 11:23 . 2011-10-07 18:55 -------- d-----w- c:\users\Vlado\AppData\Roaming\ICQ
2011-09-23 11:23 . 2011-09-23 11:29 -------- d-----w- c:\program files (x86)\ICQ7.6
2011-09-23 06:48 . 2011-09-23 06:48 -------- d-----w- c:\users\Vlado\AppData\Roaming\SUPERAntiSpyware.com
2011-09-23 06:47 . 2011-10-02 13:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-23 06:47 . 2011-09-23 06:47 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-22 08:37 . 2011-09-22 08:37 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-22 08:36 . 2011-09-22 08:36 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-18 19:33 . 2011-09-18 20:10 -------- d-----w- c:\users\Vlado\AppData\Local\dxhr
2011-09-18 19:32 . 2011-09-18 19:32 -------- d-----w- c:\users\Vlado\AppData\Local\28050
2011-09-18 19:22 . 2011-09-18 19:22 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-09-18 19:21 . 2011-10-01 09:10 -------- d-----w- c:\program files (x86)\Steam
2011-09-18 19:19 . 2011-09-18 19:19 -------- d-----w- c:\program files (x86)\Square Enix
2011-09-18 14:06 . 2011-09-18 14:07 -------- d-----w- c:\windows\SysWow64\RTCOM
2011-09-17 21:19 . 2011-09-27 21:00 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-09-17 21:19 . 2011-09-27 21:00 -------- d-----w- c:\users\Vlado\SystemRequirementsLab
2011-09-17 21:19 . 2011-09-17 21:19 -------- d-----w- c:\windows\Sun
2011-09-17 21:18 . 2011-09-17 21:18 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-09-17 21:18 . 2011-09-17 21:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-17 21:17 . 2011-09-17 21:17 -------- d-----w- c:\program files (x86)\Java
2011-09-17 21:13 . 2011-06-20 23:03 2753536 ----a-w- c:\windows\system32\drivers\athrx.sys
2011-09-17 21:13 . 2011-06-20 23:03 2753536 ----a-w- c:\windows\system32\athrx.sys
2011-09-17 21:13 . 2011-09-17 21:13 -------- d-----w- c:\program files (x86)\Atheros WiFi Driver Installation
2011-09-17 21:08 . 2011-09-17 21:08 -------- d-----w- c:\programdata\Logitech
2011-09-17 21:06 . 2011-09-17 21:06 53248 ----a-r- c:\users\Vlado\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-09-17 21:06 . 2011-09-17 21:06 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-09-17 21:05 . 2011-09-17 21:05 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-09-17 21:04 . 2011-09-17 21:06 -------- d-----w- c:\programdata\Logishrd
2011-09-17 21:04 . 2011-09-17 21:04 -------- d-----w- c:\program files\Logitech
2011-09-17 21:03 . 2011-09-17 21:05 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-09-17 21:02 . 2011-09-17 21:06 -------- d-----w- c:\users\Vlado\AppData\Roaming\Logitech
2011-09-17 21:02 . 2011-09-17 21:03 -------- d-----w- c:\users\Vlado\AppData\Roaming\Logishrd
2011-09-17 20:55 . 2011-09-17 20:55 -------- d---a-w- c:\windows\VDLL.DLL
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 19:30 . 2011-08-16 16:58 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-09-29 19:30 . 2011-08-16 16:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-31 19:41 . 2011-08-27 15:42 230352 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2011-08-31 17:12 . 2011-08-16 16:04 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-22 16:28 . 2011-08-22 16:28 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-08-21 17:58 . 2011-08-17 10:58 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-21 17:58 . 2011-08-17 10:58 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-08-21 17:58 . 2011-08-17 10:58 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-21 17:58 . 2011-08-17 10:58 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-08-21 17:30 . 2011-08-17 08:10 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-08-17 08:10 . 2011-08-17 08:10 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-08-17 08:10 . 2011-08-17 08:10 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-08-17 06:53 . 2011-08-16 16:17 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2011-08-16 18:38 . 2011-08-16 18:38 111960 ----a-w- c:\windows\dxsdkuninst.exe
2011-08-08 08:00 . 2011-08-16 17:13 74752 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-07-16 14:17 . 2011-08-16 17:13 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-07-03 03:01 66048 --sh--w- c:\windows\kdhr.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-08_12.45.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-08 19:12 . 2011-03-17 23:24 99328 c:\windows\SysWOW64\ZoneLabs\zlquarantine.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 70656 c:\windows\SysWOW64\ZoneLabs\zatray.exe
+ 2011-10-08 19:12 . 2011-03-17 23:25 21504 c:\windows\SysWOW64\ZoneLabs\lib\zsys.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 14336 c:\windows\SysWOW64\ZoneLabs\lib\zmenu.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 48640 c:\windows\SysWOW64\ZoneLabs\lib\zfde.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 85504 c:\windows\SysWOW64\ZoneLabs\lib\ZAlert.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 37376 c:\windows\SysWOW64\ZoneLabs\lib\UpdateUI.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1488.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1487.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1486.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 20992 c:\windows\SysWOW64\ZoneLabs\lib\oem_1466.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12800 c:\windows\SysWOW64\ZoneLabs\lib\oem_1460.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 10240 c:\windows\SysWOW64\ZoneLabs\lib\oem_1454.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 11264 c:\windows\SysWOW64\ZoneLabs\lib\oem_1445.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 14336 c:\windows\SysWOW64\ZoneLabs\lib\oem_1440.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 12288 c:\windows\SysWOW64\ZoneLabs\lib\oem_1413.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 11264 c:\windows\SysWOW64\ZoneLabs\lib\oem_1010.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 29184 c:\windows\SysWOW64\ZoneLabs\lib\NavBar.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 13312 c:\windows\SysWOW64\ZoneLabs\lib\MainLoop.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 35840 c:\windows\SysWOW64\ZoneLabs\lib\Alert.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 38912 c:\windows\SysWOW64\ZoneLabs\featuremap.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 75776 c:\windows\SysWOW64\ZoneLabs\camupd.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 43008 c:\windows\SysWOW64\vswmi.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 58368 c:\windows\SysWOW64\vsregexp.dll
- 2009-07-14 04:54 . 2011-10-08 11:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-08 11:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-08 11:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-10-08 22:10 20528 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:30 . 2011-09-27 21:27 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-10-08 19:19 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-08-16 21:53 . 2011-10-08 22:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-16 21:53 . 2011-10-08 11:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-16 21:53 . 2011-10-08 22:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-08-16 21:53 . 2011-10-08 11:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-08 22:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-08 11:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-10-08 20:24 72704 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-08-17 11:17 . 2011-10-08 11:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-17 11:17 . 2011-10-08 23:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-17 11:17 . 2011-10-08 11:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-17 11:17 . 2011-10-08 23:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-16 16:32 . 2011-10-08 22:10 6850 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2011-08-16 16:00 . 2011-10-08 22:10 2636 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1423695623-2137554875-172501308-1000_UserData.bin
+ 2011-10-08 22:47 . 2011-10-08 22:47 9560 c:\windows\system32\NetworkList\Icons\{C099B5AE-C5A3-4CBD-85B3-DDB62E723622}_48.bin
+ 2011-10-08 22:47 . 2011-10-08 22:47 4280 c:\windows\system32\NetworkList\Icons\{C099B5AE-C5A3-4CBD-85B3-DDB62E723622}_32.bin
+ 2011-10-08 22:47 . 2011-10-08 22:47 2456 c:\windows\system32\NetworkList\Icons\{C099B5AE-C5A3-4CBD-85B3-DDB62E723622}_24.bin
+ 2011-10-08 22:03 . 2011-10-08 22:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-08 12:01 . 2011-10-08 12:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-08 22:03 . 2011-10-08 22:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-10-08 12:01 . 2011-10-08 12:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-08 19:12 . 2011-03-17 23:24 141824 c:\windows\SysWOW64\ZoneLabs\zlupdate.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 173056 c:\windows\SysWOW64\ZoneLabs\vsvault.dll
+ 2011-10-08 19:11 . 2011-03-17 23:24 211456 c:\windows\SysWOW64\ZoneLabs\vsdb.dll
+ 2011-10-08 19:12 . 2007-10-11 14:51 832984 c:\windows\SysWOW64\ZoneLabs\updating.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 434688 c:\windows\SysWOW64\ZoneLabs\ssleay32.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 135680 c:\windows\SysWOW64\ZoneLabs\scheduler.dll
+ 2011-10-08 19:12 . 2009-07-13 21:58 722392 c:\windows\SysWOW64\ZoneLabs\qrbase.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 126976 c:\windows\SysWOW64\ZoneLabs\lib\zui.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 280064 c:\windows\SysWOW64\ZoneLabs\lib\TrayTest.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:25 225792 c:\windows\SysWOW64\ZoneLabs\lib\Overview.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 368640 c:\windows\SysWOW64\ZoneLabs\lib\LicenseUI.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 184832 c:\windows\SysWOW64\ZoneLabs\lib\DashBoard.zip.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 375296 c:\windows\SysWOW64\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2011-10-08 19:11 . 2010-02-08 06:41 595432 c:\windows\SysWOW64\ZoneLabs\icslta.dll
+ 2011-10-08 19:12 . 2010-11-08 16:58 284136 c:\windows\SysWOW64\ZoneLabs\ffapi.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 169984 c:\windows\SysWOW64\ZoneLabs\fbl.dll
+ 2011-10-08 19:12 . 2008-03-17 14:52 813568 c:\windows\SysWOW64\ZoneLabs\dbghelp.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 110080 c:\windows\SysWOW64\vsxml.dll
+ 2011-10-08 19:11 . 2011-03-17 23:24 715264 c:\windows\SysWOW64\vsutil.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 302592 c:\windows\SysWOW64\vspubapi.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 108032 c:\windows\SysWOW64\vsmonapi.dll
+ 2011-10-08 19:11 . 2011-03-17 23:24 228864 c:\windows\SysWOW64\vsinit.dll
+ 2011-10-08 19:12 . 2011-03-17 23:24 112128 c:\windows\SysWOW64\vsdata.dll
- 2009-07-14 05:30 . 2011-09-27 21:27 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-10-08 19:19 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-09-27 21:27 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-10-08 19:19 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-10-08 19:12 . 2010-05-15 14:30 458840 c:\windows\system32\DriverStore\FileRepository\vsdatant.inf_amd64_neutral_f782e0172cdac971\vsdatant.sys
- 2009-07-14 05:01 . 2011-10-08 11:59 402784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-10-08 17:09 402784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-08 19:12 . 2011-03-17 23:24 1790464 c:\windows\SysWOW64\ZoneLabs\vsruledb.dll
+ 2011-10-08 19:12 . 2011-03-17 23:26 2435592 c:\windows\SysWOW64\ZoneLabs\vsmon.exe
+ 2011-10-08 19:12 . 2011-03-17 23:25 1536512 c:\windows\SysWOW64\ZoneLabs\lib\zpy.zip.dll
+ 2009-07-14 02:34 . 2011-10-08 16:11 9699328 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2011-10-08 11:59 9699328 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 04:45 . 2011-10-08 16:18 3632425 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-09-17 21:06 3632425 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-08-16 17:28 . 2011-10-08 17:10 30170542 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1423695623-2137554875-172501308-1000-12288.dat
- 2011-08-16 17:28 . 2011-10-08 11:59 30170542 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1423695623-2137554875-172501308-1000-12288.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.sk/sk.special-uninstalla ... 70cc462531" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
2;2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
R1 ntiomin;ntiomin; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MSR Service;Virtual Disk Service Manager;c:\program files (x86)\Clarus\Samsung SecretZone\MSSvc.exe [2009-12-30 114688]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [x]
S1 PStrip64;PStrip64;c:\windows\system32\drivers\pstrip64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/09/13 13:55];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-08-25 11:06 148976]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-06-29 3246920]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-08-09 741224]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-06-07 911872]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1423695623-2137554875-172501308-1000Core.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 10:59]
.
2011-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1423695623-2137554875-172501308-1000UA.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 10:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2011-09-14 2871808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-09-28 2775728]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-09-28 3609776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nástrojová lišta RoboFormu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Prispôsobiť menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Uložiť formulár - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplniť formulár - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 147.251.197.1 147.251.4.33
FF - ProfilePath - c:\users\Vlado\AppData\Roaming\Mozilla\Firefox\Profiles\8ij7f0cx.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: network.proxy.ftp - localhost
FF - prefs.js: network.proxy.ftp_port - 9090
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9090
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9090
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9090
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-TaskTray - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1423695623-2137554875-172501308-1000\Software\SecuROM\License information*]
"datasecu"=hex:7d,85,c0,a2,23,37,95,87,d4,9a,4b,36,93,20,e5,91,70,d5,23,5e,71,
ba,7d,ca,77,27,40,51,68,44,89,82,a5,7b,23,e3,c0,42,ea,86,46,aa,af,ce,24,65,\
"rkeysecu"=hex:0c,bc,06,08,8d,d0,41,32,be,6f,10,02,dc,b0,be,e5
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="607ADA620A837EEB05DFB7291FF4B524A941F6CE5AC152E275196830B25510673CA124AAAFB86614FBF042648EB1AA04229FE9A7AA6C86A5A278AC5043413674634834C08B7BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933BA7FD869164D67945D575E7D6A3B9808AD49194FE441B35DDDB107656C76ABD8D6B8F7ED82EDDDA3B69F5B7958D28DBB342AACB95306E53066CCE4463A198FEED6722CF2AB5B0DA0684C65B5F070ED1E89B4831D197F4D67BA2436D663E9A635E13261C67D19ED986FA462300ED209A852192D64952E8AC0BBB0B0121682C54CB6D7929590F8AC2D889434E3D5267F9E68E990FD9CB4D140804FDE77711D5899492A8E0FF470864225690FD464B88385D820E7DCF65CEA2DD43FA08B0E1C5845C1D1FA69AB1B4D0167547B07C67E5DA7E6153FF7DE11B292B5A42756F084D9B979DCCE5B2BB5E8D72B6E5684818C68938609FAC887E118BE56887B6219FE81A883BB5623DC225277F9B051DA0C9E129A61A04ECF9184A0461CD8F5BF775987059F4331019E6718549679709C4F9460D2D5E0448D974EE47FA3E2C6037082B988482F523942ADDC29F38B0C5E2D6FE717F437BA0A243C10853ADDF0C25E91F9AE271C03148FC3D6F0BB0D523A7658D5060471E34F376E63B8E161CA990DBD3DB61D8A5D60BE1BCFEE490842CDF19767817DC4C36C46A9B13AD1E7FDA9BDE48C253CDF526B7ECA27272F6BB1BADC9EF22E8D4736F338D3E4F274D40B15A60884434DE5248C710B4DE22F8A482665FE5D7816F3E77C6879780D69EAC383EECAD89CCBC96D9BACBB4AAEC31A85BA2D6EA28CAD2C5A21294CFCF781D2CFA13477CB80E69E17753A5CB7DC19B4B6264CCAD15D1DB1E3003C9E17674319299D877AB80481D6637A199543828ED903984E110F21612CADBB5AE77E51EAAD9FACEEE40BFEB3CEE38E3A2FB0F7BAEAE248B16491D22CA737FA30457E71E4E4D38462EAC60E4941801B0417D4DAE42FA2F0690CA22FE39250E85DF5F8C656F73EE250667E11C1D1770E51E09A0D89D063CCDB72233921419F3475DDE1959203A90718D3DCABCF05D5D5EE4180B1D95D19A0E4A60836336B9E8E81054163270634338ED31FC65B4381681F12973339480D30545C54B198AA1BAE7B97337C5065D1B0FD2B960E015B30BD18D1883F41675C456BE82779097FB75056E4E86F816B47C923C4A8F10FFE6FD284A18B463D75772EE148AE9E6ECEE8B1F3E0258FE141B0CEAE2A4DA58A421D2981486F7DAF9024BCE31AAC7864DCF8152D2441F44B7AFC13458F1323291F6F44A2AE96DE4B3BF8C58E1FF920BDD786C1CDE929F8CB88EE6F81471BA4D6F2EB2CEAE477A57A5C64A3F640027301CC82819512DC3C2746"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-10-09 01:51:05
ComboFix-quarantined-files.txt 2011-10-08 23:50
ComboFix2.txt 2011-10-08 12:49
.
Pre-Run: 62 617 853 952 bytes free
Post-Run: 63 458 779 136 bytes free
.
- - End Of File - - C3FF36AE9C65CC4B19E7072CC073F2CB
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomalený NB
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\kdhr.exe
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?