zasekava sa notebook

Zpráva

Milanco · #1 Příspěvek od **Milanco** » 27 pro 2011 12:40

Dobry den, mam problem s notebookom, po spusteni sa mi nenacitaju vsetky programy a ked chcem nieco spustit tak my vyhodi chybu. To aj ked spustim napriklad spravcu uloh. Ked som dal restart tak sa mi zobrazila len tmava obrazovka a dalej nic, pomohol len tvrdy reset. Potom to uz fungovalo vsetko ako malo. Alebo dlho nacitava nejaky program a az potom ho spusti. Windows Update sa nedari nainstalovat aktualizaciu zabezpecenia pre redistribuovatelny balik Microsoft Visual C++ 2008 Service Pack 1 (KB2538243). Spustil som uplnu kontrolu notebooku Avastom a SAS, ale nic nenasli. Este som spustil uplnu kontrolu MBAM, ten nasiel vela infikovanych objektov. Prikladam log z RSIT a MBAM:

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Milan at 2011-12-27 12:41:57
Microsoft Windows 7 Home Premium
System drive C: has 58 GB (49%) free of 119 GB
Total RAM: 4095 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:37, on 27. 12. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Milan\Desktop\setup_11.0.0.1245.x01_2011_12_27_10_29.exe
C:\Users\Milan\AppData\Local\Temp\RarSFX0\3017267.exe
C:\Users\Milan\AppData\Local\Temp\3761380\3017267.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files (x86)\trend micro\Milan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: _uninst_98375963.lnk = Milan\AppData\Local\Temp\_uninst_98375963.bat
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files (x86)\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\Windows\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - c:\xampp\filezillaftp\filezillaserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\Windows\SysWOW64\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\Windows\SysWOW64\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14191 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 4247360
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"c:\xampp\filezillaftp\filezillaserver.exe"
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lkads.exe
C:\Windows\SysWOW64\lktsrv.exe
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
C:\Windows\SysWOW64\nisvcloc.exe -s
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
WLIDSvcM.exe 3372
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
taskeng.exe {917713FD-9875-4C9B-A3C9-94972198AEA9}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Microsoft LifeChat\LifeChat.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Windows\system32\wuauclt.exe"
ctfmon.exe
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Milan\Desktop\setup_11.0.0.1245.x01_2011_12_27_10_29.exe"
"C:\Users\Milan\AppData\Local\Temp\RarSFX0\3017267.exe"
C:\Users\Milan\AppData\Local\Temp\3761380\3017267.exe
"C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"
"taskhost.exe"
"C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe" Object -Embedding
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Milan\Desktop\mbam-log-2011-12-27 (12-24-47).txt
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 596 600 608 65536 604
"C:\Users\Milan\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\m5wtn61d.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2, cssreloader@kenneth.io:1.0.2, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10"
prefs.js - "keyword.URL" - "http://www.google.com/cse?cx=partner-pu ... -8859-1&q="

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npDivxPlayerPlugin.dll
NPLV80Win32.dll
NPLV82Win32.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\m5wtn61d.default\searchplugins\
conduit.xml
search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-12-23 79240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597A9974-8CB0-4f41-B61F-ED065738A397}]
RewardsArcade - C:\Program Files (x86)\RewardsArcade\RewardsArcade.dll [2011-11-03 528216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-12-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-11-28 963064]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 904832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 1125504]
"LifeChat"=C:\Program Files\Microsoft LifeChat\LifeChat.exe [2009-09-24 371712]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 16330272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-11-30 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Users\Milan\Program Files (x86)\DNA\btdna.exe [2010-12-29 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2007-09-29 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup]
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.2\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-11-02 1933584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWirelessWiMAX]
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe /tasktray /nosplash []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2009-07-02 16330272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-29 8123936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Scartel_YotaAccess]
C:\Program Files\Yota\Yota Access\YotaAccess.exe /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC]
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe delay 20000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-12-09 5486464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-01 1079584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{F0DF4~1\_A1DDD~1.EXE [2011-01-14 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
C:\PROGRA~2\APACHE~1\Apache2.2\bin\APACHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
C:\PROGRA~2\Secunia\PSI\psi_tray.exe [2011-04-19 291896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\INSTAL~1\{E5CF6~1\NEWSHO~4.EXE [2009-11-30 156952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinMySQLadmin.lnk]
C:\Program Files (x86)\PHP Home Edition 2\mysql\bin\winmysqladmin.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-09 6937216]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2011-11-09 73360]
"MDS_Menu"=C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"RemoteControl9"=C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [2009-04-27 87336]
"PDVD9LanguageShortcut"=C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"UpdatePSTShortCut"=C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-09-03 210216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"=grpconv -o []

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
_uninst_98375963.lnk - C:\Users\Milan\AppData\Local\Temp\_uninst_98375963.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-12-27 09:33:30 ----A---- C:\Windows\system32\drivers\98375963.sys
2011-12-26 22:23:48 ----D---- C:\ProgramData\SUPERSetup
2011-12-25 09:11:49 ----A---- C:\Windows\system32\drivers\iaStor.sys
2011-12-25 08:29:23 ----D---- C:\ProgramData\AmUStor
2011-12-25 08:26:19 ----D---- C:\Program Files\Elantech
2011-12-25 08:10:36 ----D---- C:\Users\Milan\AppData\Roaming\InstallShield
2011-12-24 19:16:01 ----D---- C:\Program Files\WIDCOMM
2011-12-24 18:43:34 ----D---- C:\ProgramData\Sony Corporation
2011-12-24 18:43:34 ----D---- C:\Program Files (x86)\Sony
2011-12-24 18:40:43 ----D---- C:\Program Files (x86)\Sony Media Go Install
2011-12-23 10:56:14 ----D---- C:\Program Files (x86)\Stellarium
2011-12-23 10:55:35 ----A---- C:\Windows\system32\npdeployJava1.dll
2011-12-23 10:55:35 ----A---- C:\Windows\system32\javaws.exe
2011-12-23 10:55:35 ----A---- C:\Windows\system32\javaw.exe
2011-12-23 10:55:35 ----A---- C:\Windows\system32\java.exe
2011-12-23 10:35:40 ----D---- C:\ProgramData\Uniblue
2011-12-23 10:23:24 ----D---- C:\Program Files\Microsoft Silverlight
2011-12-23 10:23:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-12-23 10:18:08 ----D---- C:\Windows\Downloaded Program Files
2011-12-20 10:37:51 ----D---- C:\Program Files\MATLAB
2011-12-16 19:31:05 ----D---- C:\Program Files\SUPERAntiSpyware
2011-12-16 15:30:57 ----D---- C:\Program Files (x86)\RewardsArcade
2011-12-12 18:47:18 ----D---- C:\Program Files (x86)\Dia
2011-12-07 23:45:56 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-12-07 23:45:56 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-12-07 23:45:56 ----A---- C:\Windows\SYSWOW64\java.exe
2011-12-06 11:18:40 ----D---- C:\ProgramData\EA Core
2011-12-06 11:18:38 ----D---- C:\ProgramData\Electronic Arts
2011-12-06 11:01:55 ----D---- C:\Program Files (x86)\FIFA 12
2011-12-06 10:58:44 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-12-06 10:58:07 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-12-04 17:26:55 ----D---- C:\Program Files\glassfish-3.1.1
2011-12-04 17:11:36 ----D---- C:\Program Files\NetBeans 7.0.1
2011-11-28 16:35:06 ----D---- C:\Program Files\Microsoft LifeChat
2011-11-28 16:35:06 ----D---- C:\Program Files (x86)\Microsoft LifeChat
2011-11-28 16:33:59 ----D---- C:\Windows\sk
2011-11-28 16:31:22 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-11-28 16:28:55 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-11-28 16:28:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-11-28 16:28:54 ----A---- C:\Windows\system32\d3dx10_42.dll

======List of files/folders modified in the last 1 month======

2011-12-27 12:42:30 ----D---- C:\Windows\temp
2011-12-27 12:42:04 ----D---- C:\Program Files (x86)\trend micro
2011-12-27 12:26:02 ----D---- C:\Windows\SYSWOW64\drivers
2011-12-27 12:08:23 ----D---- C:\Windows\Internet Logs
2011-12-27 09:37:29 ----SHD---- C:\System Volume Information
2011-12-27 09:35:13 ----D---- C:\Windows\system32\drivers
2011-12-27 09:34:50 ----D---- C:\Windows\inf
2011-12-27 09:20:16 ----SHD---- C:\Windows\Installer
2011-12-27 09:19:48 ----D---- C:\Windows\System32
2011-12-27 09:19:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-27 09:16:47 ----D---- C:\Windows\system32\Tasks
2011-12-27 09:13:37 ----D---- C:\ProgramData\NVIDIA
2011-12-26 22:23:48 ----D---- C:\ProgramData
2011-12-26 16:18:47 ----D---- C:\Windows\pss
2011-12-26 12:22:00 ----D---- C:\Windows\Prefetch
2011-12-25 18:55:27 ----D---- C:\Users\Milan\AppData\Roaming\Azureus
2011-12-25 12:32:52 ----D---- C:\Windows
2011-12-25 09:52:27 ----D---- C:\Windows\system32\catroot2
2011-12-25 09:37:50 ----D---- C:\Windows\system32\catroot
2011-12-25 09:35:35 ----D---- C:\Program Files (x86)\CyberLink
2011-12-25 09:32:42 ----D---- C:\Windows\SysWOW64
2011-12-25 09:30:14 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2011-12-25 09:20:34 ----D---- C:\ProgramData\CyberLink
2011-12-25 09:11:58 ----D---- C:\Windows\system32\DriverStore
2011-12-25 08:40:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2011-12-25 08:29:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-12-25 08:29:25 ----D---- C:\Program Files (x86)\AmIcoSingLun
2011-12-25 08:26:19 ----RD---- C:\Program Files
2011-12-25 08:09:12 ----HD---- C:\Program Files (x86)\Temp
2011-12-24 19:13:31 ----RD---- C:\Program Files (x86)
2011-12-24 18:46:05 ----D---- C:\Users\Milan\AppData\Roaming\Sony
2011-12-24 18:45:29 ----D---- C:\Program Files (x86)\Common Files
2011-12-24 18:44:28 ----RSD---- C:\Windows\assembly
2011-12-23 19:24:34 ----SD---- C:\ProgramData\Microsoft
2011-12-23 19:22:46 ----D---- C:\Windows\system32\NDF
2011-12-23 11:03:56 ----D---- C:\Users\Milan\AppData\Roaming\DAEMON Tools Lite
2011-12-23 11:03:27 ----D---- C:\Windows\ModemLogs
2011-12-23 10:58:15 ----D---- C:\Windows\Tasks
2011-12-23 10:55:15 ----A---- C:\Windows\system32\deployJava1.dll
2011-12-23 10:55:13 ----D---- C:\Program Files\Java
2011-12-23 10:37:26 ----D---- C:\Program Files (x86)\SlimDrivers
2011-12-23 10:35:11 ----D---- C:\ProgramData\DivX
2011-12-23 10:35:10 ----D---- C:\Program Files (x86)\DivX
2011-12-23 10:32:25 ----D---- C:\Program Files\DivX
2011-12-23 10:22:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-12-23 10:17:36 ----D---- C:\Users\Milan\AppData\Roaming\Software Informer
2011-12-23 10:12:37 ----D---- C:\Program Files (x86)\CCleaner
2011-12-16 20:15:44 ----D---- C:\Windows\debug
2011-12-16 19:20:24 ----D---- C:\ProgramData\Sony
2011-12-16 18:52:14 ----D---- C:\Users\Milan\AppData\Roaming\Clone2Go Video Converter Professional
2011-12-16 18:51:38 ----AD---- C:\ProgramData\Temp
2011-12-16 15:21:33 ----D---- C:\Program Files (x86)\Vuze
2011-12-15 03:08:06 ----D---- C:\ProgramData\Microsoft Help
2011-12-15 03:04:25 ----A---- C:\Windows\system32\MRT.exe
2011-12-11 17:39:30 ----D---- C:\Program Files (x86)\SpeedFan
2011-12-07 23:45:38 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-12-07 07:47:13 ----D---- C:\Program Files (x86)\Opera
2011-12-04 15:03:51 ----D---- C:\Windows\SoftwareDistribution
2011-12-04 09:05:37 ----D---- C:\Program Files (x86)\Clone2Go Video Converter Professional
2011-12-04 08:48:50 ----D---- C:\Program Files\Defraggler
2011-11-29 20:02:07 ----D---- C:\Windows\Minidump
2011-11-29 20:02:07 ----D---- C:\Windows\Logs
2011-11-28 19:53:27 ----D---- C:\Windows\Microsoft.NET
2011-11-28 19:01:23 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-11-28 19:01:14 ----A---- C:\Windows\system32\aswBoot.exe
2011-11-28 16:34:23 ----D---- C:\Program Files\Windows Live
2011-11-28 16:34:08 ----D---- C:\Program Files (x86)\Windows Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 98375963;98375963; C:\Windows\system32\DRIVERS\98375963.sys [2011-12-27 460888]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-19 526392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-06 279616]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
R3 bpenum;Intel(R) WiMAX Link Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2009-12-22 71168]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2000-01-01 946688]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 34032]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 asuskbnt;Enhanced Display Driver Helper Service; C:\Windows\system32\drivers\atkkbnt.sys [2005-10-18 16896]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys []
S2 ASInsHelp;ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys []
S2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-11-09 8500736]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2011-12-22 15672]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-03-07 408576]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-11-02 1515792]
R2 FileZilla Server;FileZilla Server FTP server; c:\xampp\filezillaftp\filezillaserver.exe [2010-10-17 742912]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\SysWOW64\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\SysWOW64\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2006-07-25 57344]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 niSvcLoc;NI Service Locator; C:\Windows\SysWOW64\nisvcloc.exe [2006-02-06 49152]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 382496]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-11-02 836880]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-07 378472]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2011-11-09 2420616]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-03-07 911360]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 ATKKeyboardService;ATK Keyboard Service; C:\Windows\ATKKBService.exe [2006-04-10 252416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 135664]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 135664]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 340240]
S3 NILM License Manager;NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-29 1255736]
S4 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

MBAM:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verzia databázy: 911122305

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27. 12. 2011 12:24:54
mbam-log-2011-12-27 (12-24-47).txt

Typ kontroly: Úplná kontrola (C:\|D:\|E:\|)
Objektov kontrolovaných: 606628
Uplynutý čas: 3 hod, 2 min, 12 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 11
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 15
Infikované súbory: 59

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CLASSES_ROOT\CLSID\{597A9974-8CB0-4f41-B61F-ED065738A397} (PUP.RewardsArcade) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25514C64-8321-494e-BD3E-3DBAB3F8CEBA} (PUP.RewardsArcade) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{60BE6B2E-F2F5-4404-AA1E-4381D4A6EEA2} (PUP.RewardsArcade) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB} (PUP.RewardsArcade) -> No action taken.
HKEY_CLASSES_ROOT\RewardsArcade.FBApi.1 (PUP.RewardsArcade) -> No action taken.
HKEY_CLASSES_ROOT\RewardsArcade.FBApi (PUP.RewardsArcade) -> No action taken.
HKEY_CLASSES_ROOT\RewardsArcade.BHO.1 (PUP.RewardsArcade) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{597A9974-8CB0-4F41-B61F-ED065738A397} (PUP.RewardsArcade) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcade (PUP.RewardsArcade) -> No action taken.

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
c:\program files (x86)\rewardsarcade (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498 (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Chrome (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\defaults (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\defaults\preferences (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\locale (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\locale\en-US (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin (PUP.RewardsArcade) -> No action taken.

Infikované súbory:
c:\program files (x86)\rewardsarcade\rewardsarcade.dll (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\Desktop\Záloha 2\UKF\aplikovaná informatika\1.ročník\2 letný semester\študijné materiály\operačné systémy 1\1\winxp_simulator.exe (Trojan.Logger) -> No action taken.
c:\Users\Milan\Desktop\Záloha 2\UKF\aplikovaná informatika\1.ročník\2 letný semester\študijné materiály\operačné systémy 1\1\xp_simulation_setup\Tutorial.exe (Trojan.Keylogger) -> No action taken.
c:\Users\Milan\Desktop\Záloha 2\UKF\aplikovaná informatika\bakalárska práca\matlab-7-\matlab 7 iso\keygen.exe (RiskWare.Tool.CK) -> No action taken.
c:\program files (x86)\rewardsarcade\fb.js (PUP.RewardsArcade) -> No action taken.
c:\program files (x86)\rewardsarcade\appapiinternalwrapper.js (PUP.RewardsArcade) -> No action taken.
c:\program files (x86)\rewardsarcade\jquery.js (PUP.RewardsArcade) -> No action taken.
c:\program files (x86)\rewardsarcade\json.js (PUP.RewardsArcade) -> No action taken.
c:\program files (x86)\rewardsarcade\rewardsarcade.exe (PUP.RewardsArcade) -> No action taken.
c:\program files (x86)\rewardsarcade\uninstall.exe (PUP.RewardsArcade) -> No action taken.
c:\program files (x86)\rewardsarcade\userconfirmation.exe (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\uninstall.ico (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Chrome\rewardsarcade.crx (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome.manifest (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\install.rdf (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\background.html (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\browser.xul (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\crossrider.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\crossriderapi.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\dialog.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\manage-apps-style.css (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\manage-apps.html (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\messaging.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\options.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\options.xul (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\push.html (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\search_dialog.xul (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\socialapi.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\update.html (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\utilityapi.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\workers_chain.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\faye-browser-min.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\jquery-1.4.2.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\facebox.css (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\facebox.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\b.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\bl.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\br.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\closelabel.gif (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\loading.gif (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\tl.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\chrome\content\lib\facebox\Images\tr.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\defaults\preferences\prefs.js (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\locale\en-US\translations.dtd (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\button1.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\button2.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\button3.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\button4.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\button5.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\crossrider_statusbar.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\icon16.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\icon24.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\icon48.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\panelarrow-up.png (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\popup.css (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\popup.html (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\popup_binding.xml (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\skin.css (PUP.RewardsArcade) -> No action taken.
c:\Users\Milan\AppData\Local\rewardsarcade\498\Firefox\skin\update.css (PUP.RewardsArcade) -> No action taken.

chodnik74 · #2 Příspěvek od **chodnik74** » 27 pro 2011 14:45

Ahoj

Nalezené položky MBAM dej smazat...

Stáhněte program RogueKiller

Spuste program
Stiskněte klávesu 2 a enter
Objeví se vám log a ten sem vložte
Stějně tak opakujte s volbou 3 a 4 a vložte logy

Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!

Stáhneme si Combofix
Program uložíme nejlépe na Plochu
Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,)
Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
(Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )

Milanco · #3 Příspěvek od **Milanco** » 27 pro 2011 16:57

Vymazal som polozky ktore nasiel MBAM, restartoval som. Teraz sa nemozem dostat do konta, pise mi ze je zablokovane a ze sa mam obratit na spravcu systemu

chodnik74 · #4 Příspěvek od **chodnik74** » 27 pro 2011 23:04

Do jakého konta myslíte?

nebojte, něco vymyslíme...

Milanco · #5 Příspěvek od **Milanco** » 27 pro 2011 23:11

Pred tym som tam mal len svoj ucet na heslo. Teraz po zapnuti mi napise ze moje konto je zablokovane a ze sa mam obratit na spravcu systemu, potom stlacim OK, zobrazia sa mi dve konta Guest a Iny pouzivatel.
Konto Guest je na heslo, ale heslo nepoznam.
A teraz som prisiel na to ze ked dam iny pouzivatel a zadam tam moje meno a heslo, tak sa dostanem do mojho uctu. Pred tym som zadal zle meno asi
Preco to robi?

chodnik74 · #6 Příspěvek od **chodnik74** » 27 pro 2011 23:14

Nejspíše jste zadal chybné jméno, protože máte asi vašeho uživatele + guest ( výchozí pro hosta ). Teď už se přihlásíte ke svému uživ. účtu?

Milanco · #7 Příspěvek od **Milanco** » 27 pro 2011 23:17

Ale ucet Guest som mal vypnuty, toto predsa nemalo robit.

Ano da sa mi prohlasit do mojho uctu, mam pokracovat s RogueKiller, ...?

chodnik74 · #8 Příspěvek od **chodnik74** » 27 pro 2011 23:28

Ano pokračujte dále

Milanco · #9 Příspěvek od **Milanco** » 27 pro 2011 23:34

log 1

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Milan [Admin rights]
Mode: Remove -- Date : 12/27/2011 23:34:26

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 3 ¤¤¤
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤
--- User ---
[MBR] 0cd6ad52f5165f1aee84dad147ddf121
[BSP] 430eaf6ed8558d670d2c84579f07828f : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 [HIDDEN!] Offset (sectors): 2048 | Size: 15725 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 30716280 | Size: 125024 Mo
2 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 274904280 | Size: 359354 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

log 2

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Milan [Admin rights]
Mode: HOSTSFix -- Date : 12/27/2011 23:34:59

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost

¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

log 3

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Milan [Admin rights]
Mode: ProxyFix -- Date : 12/27/2011 23:35:13

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

chodnik74 · #10 Příspěvek od **chodnik74** » 27 pro 2011 23:43

Pokračujte Combofixem...

Milanco · #11 Příspěvek od **Milanco** » 28 pro 2011 00:02

ComboFix 11-12-27.01 - Milan . 12. 2011 23:42:54.8.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.4095.2494 [GMT 1:00]
Running from: c:\users\Milan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-27 to 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-27 22:55 . 2011-12-27 22:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-27 22:55 . 2011-12-27 22:55 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-12-27 22:55 . 2011-12-27 22:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-27 22:13 . 2011-12-27 22:13 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BAC8541-82D0-4501-84DF-7B594C101D2C}\offreg.dll
2011-12-27 08:21 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BAC8541-82D0-4501-84DF-7B594C101D2C}\mpengine.dll
2011-12-26 21:23 . 2011-12-26 21:26 -------- d-----w- c:\programdata\SUPERSetup
2011-12-25 08:11 . 2009-08-07 04:24 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-12-25 07:29 . 2011-12-25 07:29 -------- d-----w- c:\programdata\AmUStor
2011-12-25 07:26 . 2011-12-25 07:26 -------- d-----w- c:\program files\Elantech
2011-12-25 07:17 . 2011-12-25 07:17 -------- d-----w- c:\users\Guest\AppData\Roaming\SUPERAntiSpyware.com
2011-12-25 07:10 . 2011-12-25 07:10 -------- d-----w- c:\users\Milan\AppData\Roaming\InstallShield
2011-12-24 18:25 . 2011-12-24 18:25 -------- d-----w- c:\users\Guest\AppData\Local\Broadcom
2011-12-24 18:19 . 2011-12-24 18:19 -------- d-----w- c:\users\Milan\AppData\Local\Broadcom
2011-12-24 18:16 . 2011-12-24 18:16 -------- d-----w- c:\program files\WIDCOMM
2011-12-24 17:46 . 2011-12-24 17:46 -------- d-----w- c:\users\Milan\Podcasts
2011-12-24 17:45 . 2011-12-24 17:45 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2011-12-24 17:44 . 2011-12-24 17:44 -------- d-----w- c:\users\Milan\AppData\Local\Downloaded Installations
2011-12-24 17:43 . 2011-12-25 08:14 -------- d-----w- c:\program files (x86)\Sony
2011-12-24 17:43 . 2011-12-24 17:43 -------- d-----w- c:\programdata\Sony Corporation
2011-12-24 17:40 . 2011-12-24 17:43 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2011-12-23 09:56 . 2011-12-23 09:56 -------- d-----w- c:\program files (x86)\Stellarium
2011-12-23 09:55 . 2011-12-23 09:55 750488 ----a-w- c:\windows\system32\npdeployJava1.dll
2011-12-23 09:35 . 2011-12-23 09:35 -------- d-----w- c:\programdata\Uniblue
2011-12-23 09:23 . 2011-12-23 09:23 -------- d-----w- c:\program files\Microsoft Silverlight
2011-12-23 09:23 . 2011-12-23 09:23 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-12-23 09:22 . 2011-12-21 07:24 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-23 09:22 . 2011-12-21 04:30 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-23 09:22 . 2011-12-21 04:30 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-23 09:22 . 2011-12-21 04:30 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-23 09:18 . 2011-12-23 09:49 -------- d-----w- c:\windows\Downloaded Program Files
2011-12-20 09:37 . 2011-12-20 09:37 -------- d-----w- c:\program files\MATLAB
2011-12-16 18:31 . 2011-12-16 18:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-12-12 17:48 . 2011-12-12 17:49 -------- d-----w- c:\users\Milan\.dia
2011-12-12 17:47 . 2011-12-12 17:48 -------- d-----w- c:\program files (x86)\Dia
2011-12-07 22:46 . 2011-12-07 22:46 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-12-06 10:18 . 2011-12-06 10:18 -------- d-----w- c:\programdata\EA Core
2011-12-06 10:18 . 2011-12-06 10:18 -------- d-----w- c:\programdata\Electronic Arts
2011-12-06 10:01 . 2011-12-23 09:43 -------- d-----w- c:\program files (x86)\FIFA 12
2011-12-06 09:58 . 2011-12-06 09:58 279616 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-06 09:58 . 2011-12-06 09:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-12-04 16:26 . 2011-12-04 16:29 -------- d-----w- c:\program files\glassfish-3.1.1
2011-12-04 16:11 . 2011-12-04 16:26 -------- d-----w- c:\program files\NetBeans 7.0.1
2011-11-28 15:35 . 2011-11-28 15:35 -------- d-----w- c:\program files\Microsoft LifeChat
2011-11-28 15:35 . 2011-11-28 15:35 -------- d-----w- c:\program files (x86)\Microsoft LifeChat
2011-11-28 15:33 . 2011-11-28 15:33 -------- d-----w- c:\windows\sk
2011-11-28 15:31 . 2011-11-28 15:31 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-28 15:28 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-11-28 15:28 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-11-28 15:28 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-25 08:30 . 2009-11-30 08:12 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-12-23 10:00 . 2011-05-15 16:16 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-23 09:55 . 2010-12-25 18:46 660368 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-22 21:44 . 2011-03-19 22:02 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-12-14 13:40 . 2010-06-16 18:42 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-07 22:45 . 2011-09-06 17:21 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-12-04 07:44 . 2011-02-28 22:10 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-11-28 18:01 . 2011-08-17 06:24 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-08-17 06:24 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-01-13 20:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-08-17 06:24 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-08-17 06:24 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-08-17 06:24 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-08-17 06:24 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-08-17 06:24 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-08-17 06:24 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-21 21:56 . 2011-02-28 22:10 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-11-16 14:40 . 2010-06-16 18:42 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-23 14:06 . 2011-10-23 14:06 81920 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\rhapsody.exe1_ABE627FE53A04245AC369EBB886F4C3C.exe
2011-10-23 14:06 . 2011-10-23 14:06 81920 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\rhapsody.exe_8FE58AAA5EAC44F694BEBFC4D9448CD8.exe
2011-10-23 14:06 . 2011-10-23 14:06 81920 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\DiffMerge.exe_CD7C7D093BE1420581EA420D2F575D76.exe
2011-10-23 14:06 . 2011-10-23 14:06 40960 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\HostDetails.exe_29E957E2771C4A4190F21E9691A5D617.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2009-04-08 09:31 . 2009-04-08 09:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-26_06.34.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-13 16:40 . 2003-08-19 03:31 52736 c:\windows\SysWOW64\viscomwave.dll
+ 2011-11-13 16:40 . 2006-05-02 21:16 60416 c:\windows\SysWOW64\viscomtran.dll
+ 2011-11-13 16:40 . 2007-10-16 16:21 76800 c:\windows\SysWOW64\viscomrmencoder.dll
+ 2011-11-13 16:39 . 2007-03-04 16:54 54272 c:\windows\SysWOW64\viscomframe.dll
+ 2011-11-13 16:39 . 2006-12-05 15:19 59904 c:\windows\SysWOW64\viscomaudioencoder.dll
+ 2011-11-13 16:39 . 2006-12-06 11:59 59904 c:\windows\SysWOW64\viscomaudiodata.dll
+ 2011-11-13 16:39 . 2007-02-26 15:13 17920 c:\windows\SysWOW64\videocore.dll
+ 2011-05-13 15:03 . 2011-05-13 15:03 49016 c:\windows\SysWOW64\sirenacm.dll
+ 2011-11-13 16:39 . 2007-08-08 11:25 61440 c:\windows\SysWOW64\imgscaler.dll
+ 2011-11-13 16:39 . 2007-08-08 11:26 22016 c:\windows\SysWOW64\img_utils.dll
- 2010-02-18 14:00 . 2011-10-26 06:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-02-18 14:00 . 2011-12-27 22:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-10-26 06:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 22:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 22:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-26 06:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-13 14:23 . 2011-10-12 04:52 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2010-03-13 14:23 . 2011-12-15 02:07 16384 c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2009-11-30 08:46 . 2011-12-27 22:12 85076 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-27 22:12 55112 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-21 08:31 . 2011-12-27 22:12 31156 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-357352677-1046695373-1979520801-1000_UserData.bin
+ 2010-05-29 10:50 . 2009-02-27 02:42 66440 c:\windows\system32\spool\drivers\x64\msonpui.dll
+ 2009-07-02 01:20 . 2009-07-02 01:20 82464 c:\windows\system32\nvmctray.dll
+ 2009-07-02 01:20 . 2009-07-02 01:20 93728 c:\windows\system32\nvhotkey.dll
- 2011-07-17 08:26 . 2009-08-21 20:23 22528 c:\windows\system32\nvhdap64.dll
+ 2009-06-26 20:24 . 2009-06-26 20:24 22528 c:\windows\system32\nvhdap64.dll
+ 2009-06-26 20:25 . 2009-06-26 20:25 62976 c:\windows\system32\nvapo64v.dll
- 2011-07-17 08:26 . 2009-08-21 20:23 62976 c:\windows\system32\nvapo64v.dll
+ 2011-11-21 16:51 . 2011-11-21 07:27 67584 c:\windows\system32\LogFiles\Srt\bootstat.dat
- 2009-07-14 05:30 . 2011-07-17 08:26 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-12-25 08:13 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-08-21 06:48 . 2009-08-21 06:48 44032 c:\windows\system32\DriverStore\FileRepository\amustor.inf_amd64_neutral_9030ef94ecb94c19\AmUStor.sys
+ 2009-08-21 13:48 . 2009-08-21 13:48 44032 c:\windows\system32\DriverStore\FileRepository\amustor.inf_amd64_neutral_9030ef94ecb94c19\AmUStor.sys
- 2009-05-05 06:08 . 2009-05-05 06:08 10752 c:\windows\system32\DriverStore\FileRepository\amustor.inf_amd64_neutral_9030ef94ecb94c19\AmUStor.dll
+ 2009-05-05 13:08 . 2009-05-05 13:08 10752 c:\windows\system32\DriverStore\FileRepository\amustor.inf_amd64_neutral_9030ef94ecb94c19\AmUStor.dll
+ 2010-01-11 16:25 . 2009-03-25 16:48 15912 c:\windows\system32\drivers\s1018whnt.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 15912 c:\windows\system32\drivers\s1018wh.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 19496 c:\windows\system32\drivers\s1018mdfl.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 13864 c:\windows\system32\drivers\s1018cr.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 14888 c:\windows\system32\drivers\s1018cmnt.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 14888 c:\windows\system32\drivers\s1018cm.sys
+ 2009-06-26 20:25 . 2009-06-26 20:25 83488 c:\windows\system32\drivers\nvhda64v.sys
+ 2009-11-30 08:48 . 2009-07-01 04:46 21160 c:\windows\system32\drivers\btwrchid.sys
+ 2009-11-30 08:48 . 2009-04-07 07:33 35104 c:\windows\system32\drivers\btwl2cap.sys
+ 2009-11-30 08:48 . 2009-07-01 04:46 98344 c:\windows\system32\drivers\btwaudio.sys
+ 2009-12-22 00:22 . 2011-12-27 22:09 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-22 00:22 . 2011-10-26 06:16 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-10-26 06:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 22:09 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-18 13:13 . 2011-12-27 22:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-18 13:13 . 2011-12-27 22:13 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-18 13:13 . 2011-12-27 22:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-21 08:32 . 2011-10-26 06:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-21 08:32 . 2011-12-27 22:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-21 08:32 . 2011-10-26 06:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-21 08:32 . 2011-12-27 22:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-17 06:51 . 2011-08-17 06:51 25600 c:\windows\Installer\ed707.msp
+ 2011-04-17 09:22 . 2011-04-17 09:22 57344 c:\windows\Installer\ed701.msi
+ 2011-08-17 06:51 . 2011-08-17 06:51 31744 c:\windows\Installer\ed6fc.msp
+ 2011-04-17 09:21 . 2011-04-17 09:21 80896 c:\windows\Installer\ed6f7.msi
+ 2011-08-17 06:50 . 2011-08-17 06:50 23552 c:\windows\Installer\ed6ee.msp
+ 2011-04-17 09:20 . 2011-04-17 09:20 29696 c:\windows\Installer\ed6e9.msi
+ 2011-08-17 06:49 . 2011-08-17 06:49 61952 c:\windows\Installer\ed6e3.msp
+ 2011-08-17 06:46 . 2011-08-17 06:46 30208 c:\windows\Installer\ed69b.msp
+ 2011-04-17 09:12 . 2011-04-17 09:12 70144 c:\windows\Installer\ed695.msi
+ 2011-08-17 06:43 . 2011-08-17 06:43 37888 c:\windows\Installer\ed3f6.msi
+ 2011-08-17 06:43 . 2011-08-17 06:43 53760 c:\windows\Installer\ed3f2.msi
+ 2011-08-17 06:37 . 2011-08-17 06:37 26112 c:\windows\Installer\ed3c9.msi
+ 2011-11-18 12:04 . 2011-11-18 12:04 39936 c:\windows\Installer\27de1b6.msi
+ 2011-12-04 08:05 . 2011-12-04 08:05 32256 c:\windows\Installer\1391fb.msi
+ 2011-12-25 07:29 . 2011-12-25 07:29 10134 c:\windows\Installer\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\ARPPRODUCTICON.exe
+ 2011-11-28 15:30 . 2011-11-28 15:30 80395 c:\windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
- 2011-02-27 10:10 . 2011-02-27 10:10 69461 c:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe
+ 2011-12-25 08:25 . 2011-12-25 08:25 69461 c:\windows\Installer\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\ARPPRODUCTICON.exe
- 2011-05-03 14:19 . 2011-05-03 14:19 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe
+ 2011-12-25 07:34 . 2011-12-25 07:34 10134 c:\windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}\ARPPRODUCTICON.exe
+ 2011-12-24 17:43 . 2011-12-24 17:43 59320 c:\windows\Installer\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}\ARPPRODUCTICON.exe
+ 2011-12-25 08:32 . 2011-12-25 08:32 75497 c:\windows\Installer\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\ARPPRODUCTICON.exe
- 2011-02-27 10:16 . 2011-02-27 10:16 75497 c:\windows\Installer\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\ARPPRODUCTICON.exe
+ 2011-12-24 18:16 . 2011-12-24 18:16 33982 c:\windows\Installer\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}\ARPPRODUCTICON.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-11-30 08:08 . 2011-12-25 08:20 10134 c:\windows\Installer\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\ARPPRODUCTICON.exe
- 2009-11-30 08:08 . 2011-02-27 10:07 10134 c:\windows\Installer\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\ARPPRODUCTICON.exe
+ 2011-12-25 07:06 . 2011-12-25 07:06 36934 c:\windows\Installer\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}\_294823.exe
- 2011-01-13 20:11 . 2011-01-13 20:11 36934 c:\windows\Installer\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}\_294823.exe
+ 2011-12-25 08:35 . 2011-12-25 08:35 27006 c:\windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
- 2011-02-27 10:17 . 2011-02-27 10:17 27006 c:\windows\Installer\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe
+ 2011-12-24 17:44 . 2011-12-24 17:44 10134 c:\windows\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
+ 2010-09-22 23:17 . 2010-09-22 23:17 86376 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\startuplang.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 93552 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WLXImageTranscode.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 56176 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WindowsLivePhotoViewer.exe
+ 2010-09-22 23:37 . 2010-09-22 23:37 12144 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\Microsoft.WindowsLive.SubscribePlugins.dll
+ 2010-09-22 23:37 . 2010-09-22 23:37 11632 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\Microsoft.WindowsLive.PublishPlugins.dll
+ 2010-09-22 23:33 . 2010-09-22 23:33 68976 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXVideoCameraAutoPlayManager.exe
+ 2010-09-22 23:33 . 2010-09-22 23:33 98160 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXVideoAcquireWizardResources.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 49008 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXQuickTimeShellExt.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 18288 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXQuickTimeControlHostPS.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 19312 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoGalleryRepair.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 78704 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoClassic.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 82288 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoCinematic.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 19824 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXCodecHostPS.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 46960 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXCodecHost.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 51568 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\PhotoViewerShimx64.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 43376 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\PhotoViewerShim.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 14704 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\NPWLPG.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 42864 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\AlbumDownloadProtocolHandler.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 55136 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\utilclasses.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 91488 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\TesClient.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 34144 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\SqmWrapper.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 71520 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\MOE.exe
+ 2010-09-22 15:32 . 2010-09-22 15:32 40800 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\logging.dll
+ 2010-09-22 15:32 . 2010-09-22 15:32 77152 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\lkrhwlc.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 97120 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\esestore.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 17264 c:\windows\Installer\$PatchCache$\Managed\4314AE291D01A814191EA5403531A183\15.4.3502\MovieMakerPreviewClient.dll
+ 2009-02-26 11:09 . 2009-02-26 11:09 10120 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XLCALL32.DLL
+ 2009-02-26 16:43 . 2009-02-26 16:43 71520 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XL12CNVP.DLL
+ 2009-02-26 15:45 . 2009-02-26 15:45 20808 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\WRD12EXE.EXE
+ 2006-07-24 08:50 . 2006-07-24 08:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VBAME.DLL
+ 2009-02-26 13:24 . 2009-02-26 13:24 71536 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONFILTER.DLL
+ 2009-02-26 13:24 . 2009-02-26 13:24 97680 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\ONENOTEM.EXE
+ 2006-07-24 08:50 . 2006-07-24 08:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\MSADDNDR.DLL
+ 2009-04-02 10:01 . 2009-04-02 10:01 56680 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\EXP_XPS.DLL
+ 2009-04-03 16:46 . 2009-04-03 16:46 97640 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\EXP_PDF.DLL
+ 2006-10-26 18:13 . 2006-10-26 18:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACECNFLT.EXE
+ 2011-11-28 18:50 . 2011-11-28 18:50 61440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\e7d8ccf2f1c2420cdea9c7276ffe5089\WindowsLiveWriter.ni.exe
+ 2011-11-28 18:50 . 2011-11-28 18:50 80896 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3ab84b0f9ab7baab1ff7147ee01ab094\WindowsLive.Writer.Passport.ni.dll
+ 2011-12-23 09:42 . 2011-12-23 09:42 94208 c:\windows\assembly\GAC_64\MWArray\2.10.0.0__e1d84a0da19db86f\MWArray.dll
+ 2011-12-24 17:44 . 2011-12-24 17:44 12928 c:\windows\assembly\GAC_32\StorePluginInterface\1.1.0.0__7010de4470b07f04\StorePluginInterface.dll
+ 2011-12-24 17:44 . 2011-12-24 17:44 11392 c:\windows\assembly\GAC_32\policy.1.0.StorePluginInterface\1.0.0.0__7010de4470b07f04\policy.1.0.StorePluginInterface.dll
+ 2011-10-31 11:01 . 2011-10-31 11:01 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2011-10-31 11:01 . 2011-10-31 11:01 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
- 2010-05-29 11:24 . 2010-05-29 11:24 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2009-12-23 19:57 . 2011-12-26 06:06 3590 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-11-18 13:53 . 2011-12-23 18:24 9560 c:\windows\system32\NetworkList\Icons\{FF41E9B2-65C0-4121-B353-BFBE26D770C4}_48.bin
+ 2011-11-18 13:53 . 2011-12-23 18:24 4280 c:\windows\system32\NetworkList\Icons\{FF41E9B2-65C0-4121-B353-BFBE26D770C4}_32.bin
+ 2011-11-18 13:53 . 2011-12-23 18:24 2456 c:\windows\system32\NetworkList\Icons\{FF41E9B2-65C0-4121-B353-BFBE26D770C4}_24.bin
+ 2011-10-25 21:52 . 2011-11-18 13:13 9560 c:\windows\system32\NetworkList\Icons\{9A0ED59A-8D28-4D68-AA98-2AA28F5F12A3}_48.bin
- 2011-10-25 21:52 . 2011-10-25 21:52 9560 c:\windows\system32\NetworkList\Icons\{9A0ED59A-8D28-4D68-AA98-2AA28F5F12A3}_48.bin
+ 2011-10-25 21:52 . 2011-11-18 13:13 4280 c:\windows\system32\NetworkList\Icons\{9A0ED59A-8D28-4D68-AA98-2AA28F5F12A3}_32.bin
- 2011-10-25 21:52 . 2011-10-25 21:52 4280 c:\windows\system32\NetworkList\Icons\{9A0ED59A-8D28-4D68-AA98-2AA28F5F12A3}_32.bin
- 2011-10-25 21:52 . 2011-10-25 21:52 2456 c:\windows\system32\NetworkList\Icons\{9A0ED59A-8D28-4D68-AA98-2AA28F5F12A3}_24.bin
+ 2011-10-25 21:52 . 2011-11-18 13:13 2456 c:\windows\system32\NetworkList\Icons\{9A0ED59A-8D28-4D68-AA98-2AA28F5F12A3}_24.bin
+ 2009-11-30 07:47 . 2011-12-27 15:46 6374 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-12-27 22:08 . 2011-12-27 22:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-25 08:33 . 2011-10-26 06:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-25 08:33 . 2011-10-26 06:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-27 22:08 . 2011-12-27 22:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-22 23:17 . 2010-09-22 23:17 9576 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsettingslang.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 9064 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\LangSelectorLang.dll
+ 2011-05-13 14:42 . 2011-05-13 14:42 302448 c:\windows\WLXPGSS.SCR
+ 2011-11-13 16:38 . 2004-04-05 12:36 217088 c:\windows\SysWOW64\xvidcore.dll
+ 2011-11-13 16:38 . 2004-02-10 18:15 128512 c:\windows\SysWOW64\xvid.dll
+ 2011-11-13 16:39 . 2008-03-31 13:08 140288 c:\windows\SysWOW64\viscomqtde.dll
+ 2011-11-13 16:39 . 2008-03-17 21:18 713728 c:\windows\SysWOW64\viscommpgenc.dll
+ 2011-11-13 16:39 . 2007-12-05 12:48 117760 c:\windows\SysWOW64\viscommpgdec.dll
+ 2011-11-13 16:39 . 2008-01-26 21:48 712704 c:\windows\SysWOW64\viscomflvenc.dll
+ 2011-11-13 16:39 . 2008-03-21 14:09 387584 c:\windows\SysWOW64\viscomflvdec.dll
+ 2011-11-13 16:39 . 2008-02-28 15:20 712192 c:\windows\SysWOW64\viscomflashenc.dll
+ 2011-11-13 16:39 . 2007-09-21 23:00 705536 c:\windows\SysWOW64\viscomdata2.dll
+ 2011-11-13 16:39 . 2008-03-21 13:00 706560 c:\windows\SysWOW64\viscomdata1.dll
+ 2011-11-13 16:39 . 2007-02-26 15:13 215040 c:\windows\SysWOW64\videoformat.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 256544 c:\windows\SysWOW64\nvdecodemft.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 678432 c:\windows\SysWOW64\nvcuvid.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 991232 c:\windows\SysWOW64\nvapi.dll
+ 2011-11-12 13:12 . 2011-12-11 16:21 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2011-12-23 09:26 . 2011-12-23 10:00 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
+ 2011-12-23 09:26 . 2011-12-23 10:00 335520 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.dll
+ 2011-12-07 22:45 . 2011-12-07 22:45 157472 c:\windows\SysWOW64\javaws.exe
- 2011-10-23 06:15 . 2011-10-03 03:06 157472 c:\windows\SysWOW64\javaws.exe
+ 2011-12-07 22:45 . 2011-12-07 22:45 145184 c:\windows\SysWOW64\javaw.exe
- 2011-10-23 06:15 . 2011-10-03 03:06 145184 c:\windows\SysWOW64\javaw.exe
+ 2011-12-07 22:45 . 2011-12-07 22:45 145184 c:\windows\SysWOW64\java.exe
- 2011-10-23 06:15 . 2011-10-03 03:06 145184 c:\windows\SysWOW64\java.exe
+ 2009-07-14 04:54 . 2011-12-27 22:32 131072 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-26 06:16 131072 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-21 08:58 . 2011-12-26 02:00 317332 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-12-23 22:05 . 2011-12-25 19:41 405504 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2010-05-29 10:50 . 2009-02-27 02:42 863128 c:\windows\system32\spool\drivers\x64\msonpdrv.dll
+ 2009-08-03 19:55 . 2011-12-27 22:15 692630 c:\windows\system32\perfh015.dat
- 2009-08-03 19:55 . 2011-10-25 08:40 692630 c:\windows\system32\perfh015.dat
- 2009-08-03 20:06 . 2011-10-25 08:40 635084 c:\windows\system32\perfh00E.dat
+ 2009-08-03 20:06 . 2011-12-27 22:15 635084 c:\windows\system32\perfh00E.dat
+ 2009-07-14 02:36 . 2011-12-27 22:15 618912 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-10-25 08:40 618912 c:\windows\system32\perfh009.dat
- 2009-08-03 20:00 . 2011-10-25 08:40 626048 c:\windows\system32\perfh005.dat
+ 2009-08-03 20:00 . 2011-12-27 22:15 626048 c:\windows\system32\perfh005.dat
+ 2009-08-03 19:55 . 2011-12-27 22:15 135684 c:\windows\system32\perfc015.dat
- 2009-08-03 19:55 . 2011-10-25 08:40 135684 c:\windows\system32\perfc015.dat
- 2009-08-03 20:06 . 2011-10-25 08:40 149154 c:\windows\system32\perfc00E.dat
+ 2009-08-03 20:06 . 2011-12-27 22:15 149154 c:\windows\system32\perfc00E.dat
+ 2009-07-14 02:36 . 2011-12-27 22:15 107232 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-10-25 08:40 107232 c:\windows\system32\perfc009.dat
+ 2009-08-03 20:00 . 2011-12-27 22:15 122632 c:\windows\system32\perfc005.dat
- 2009-08-03 20:00 . 2011-10-25 08:40 122632 c:\windows\system32\perfc005.dat
+ 2009-07-02 01:20 . 2009-07-02 01:20 382496 c:\windows\system32\nvvsvc.exe
+ 2009-06-24 19:37 . 2000-01-01 00:00 659048 c:\windows\system32\nvuhda6.exe
- 2011-07-17 08:26 . 2000-01-01 00:00 659048 c:\windows\system32\nvuhda6.exe
+ 2009-07-02 03:58 . 2009-07-02 03:58 539168 c:\windows\system32\nvudisp.exe
+ 2009-07-02 01:20 . 2009-07-02 01:20 871968 c:\windows\system32\nvsvc64.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 322080 c:\windows\system32\nvdecodemft.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 733728 c:\windows\system32\nvcuvid.dll
+ 2011-07-17 08:26 . 2009-06-24 19:37 167936 c:\windows\system32\nvcohda6.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 167936 c:\windows\system32\nvcod.dll
+ 2011-11-12 13:12 . 2011-12-11 16:21 461984 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe
+ 2011-12-23 09:26 . 2011-12-23 09:59 461984 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe
+ 2011-12-23 09:26 . 2011-12-23 09:59 376480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll
+ 2011-12-23 09:55 . 2011-12-23 09:55 263560 c:\windows\system32\javaws.exe
- 2011-08-17 06:36 . 2011-10-23 07:02 188808 c:\windows\system32\javaw.exe
+ 2011-12-23 09:55 . 2011-12-23 09:55 188808 c:\windows\system32\javaw.exe
- 2011-08-17 06:36 . 2011-10-23 07:02 188808 c:\windows\system32\java.exe
+ 2011-12-23 09:55 . 2011-12-23 09:55 188808 c:\windows\system32\java.exe
+ 2009-07-14 04:45 . 2011-10-31 15:05 458736 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:30 . 2011-12-25 08:13 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-07-17 08:26 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-12-25 08:11 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-07-17 08:26 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-05-07 16:51 . 2011-05-07 16:51 454232 c:\windows\system32\DriverStore\FileRepository\vsdatant.inf_amd64_neutral_0a0e8d9d2ce16ccc\vsdatant.sys
+ 2010-01-25 20:22 . 2009-09-15 19:18 787456 c:\windows\system32\DriverStore\FileRepository\netw5v64.inf_amd64_neutral_747e30ce4a72b604\NETw5c64.dll
+ 2010-01-25 20:22 . 2009-09-15 19:18 787456 c:\windows\system32\DriverStore\FileRepository\netw5s64.inf_amd64_neutral_66ab2620a4a2e64e\NETw5c64.dll
+ 2011-12-25 08:11 . 2009-08-07 04:24 408600 c:\windows\system32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys
+ 2011-12-06 09:58 . 2011-12-06 09:58 279616 c:\windows\system32\DriverStore\FileRepository\dtsoftbus01.inf_amd64_neutral_4ac220a6c52452a8\dtsoftbus01.sys
+ 2011-05-07 16:51 . 2011-05-07 16:51 454232 c:\windows\system32\drivers\vsdatant.sys
+ 2009-07-14 00:06 . 2009-07-14 00:06 109568 c:\windows\system32\drivers\USBAUDIO.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 146472 c:\windows\system32\drivers\s1018unic.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 128552 c:\windows\system32\drivers\s1018obex.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 133160 c:\windows\system32\drivers\s1018mgmt.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 153128 c:\windows\system32\drivers\s1018mdm.sys
+ 2010-01-11 16:25 . 2009-03-25 16:48 113704 c:\windows\system32\drivers\s1018bus.sys
+ 2009-11-30 08:48 . 2009-07-01 04:46 132648 c:\windows\system32\drivers\btwavdt.sys
- 2009-07-14 05:38 . 2011-09-08 17:43 262144 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-07-14 05:38 . 2011-11-21 16:51 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2009-07-14 05:12 . 2011-03-15 08:01 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-11-30 15:42 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-03-15 08:21 . 2011-12-27 22:09 114688 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-15 08:21 . 2011-10-26 06:16 114688 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-18 13:13 . 2011-11-18 13:13 245760 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-12-08 22:03 . 2011-12-08 22:03 236904 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\reliability\Sqm\Manifest\Sqm25.bin
+ 2009-07-14 05:01 . 2011-12-27 15:46 461544 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-09-28 11:13 . 2011-11-12 19:32 916312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-357352677-1046695373-1979520801-1000-12288.dat
+ 2011-04-17 09:19 . 2011-04-17 09:19 161792 c:\windows\Installer\ed6de.msi
+ 2011-08-17 06:47 . 2011-08-17 06:47 666112 c:\windows\Installer\ed6c8.msp
+ 2011-08-17 06:46 . 2011-08-17 06:46 470528 c:\windows\Installer\ed6b8.msp
+ 2011-08-17 06:46 . 2011-08-17 06:46 632832 c:\windows\Installer\ed6a9.msp
+ 2011-08-17 06:50 . 2011-08-17 06:50 113664 c:\windows\Installer\ed672.msp
+ 2011-08-17 06:50 . 2011-08-17 06:50 205824 c:\windows\Installer\ed630.msp
+ 2011-04-17 09:20 . 2011-04-17 09:20 775168 c:\windows\Installer\ed627.msi
+ 2011-08-17 06:44 . 2011-08-17 06:44 715264 c:\windows\Installer\ed47b.msp
+ 2011-08-17 06:44 . 2011-08-17 06:44 136704 c:\windows\Installer\ed44d.msp
+ 2011-04-17 09:04 . 2011-04-17 09:04 429056 c:\windows\Installer\ed448.msi
+ 2011-04-17 09:04 . 2011-04-17 09:04 147968 c:\windows\Installer\ed443.msi
+ 2009-07-21 23:01 . 2009-07-21 23:01 251904 c:\windows\Installer\b5e8f.msi
+ 2011-12-24 17:43 . 2011-12-24 17:43 866304 c:\windows\Installer\b1c9d.msi
+ 2009-07-12 11:16 . 2009-07-12 11:16 223232 c:\windows\Installer\b1c96.msi
+ 2011-12-23 09:53 . 2011-12-23 09:53 973312 c:\windows\Installer\27de439.msi
+ 2011-12-07 22:46 . 2011-12-07 22:46 207360 c:\windows\Installer\1b7dff.msi
+ 2011-12-04 08:03 . 2011-12-04 08:03 559104 c:\windows\Installer\1391e0.msi
+ 2011-12-25 07:10 . 2011-12-25 07:10 114734 c:\windows\Installer\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}\_294823.exe
- 2011-01-13 20:11 . 2011-01-13 20:11 114734 c:\windows\Installer\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}\_294823.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-10-31 10:59 . 2011-10-31 10:59 220504 c:\windows\Installer\{90120000-006E-041B-0000-0000000FF1CE}\misc.exe
- 2010-05-29 11:23 . 2010-05-29 11:23 220504 c:\windows\Installer\{90120000-006E-041B-0000-0000000FF1CE}\misc.exe
+ 2010-09-22 23:17 . 2010-09-22 23:17 827240 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlupdate.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 618856 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlstartup.exe
+ 2010-09-22 23:17 . 2010-09-22 23:17 138600 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsres.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 552296 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlshim.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 265576 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsettingsres.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 493928 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlsettings.exe
+ 2010-09-22 23:17 . 2010-09-22 23:17 166248 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\wlbici.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 476008 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\LangSelectorRes.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 345960 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\LangSelector.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 822128 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WindowsLivePhotoViewerCore.dll
+ 2010-09-22 23:37 . 2010-09-22 23:37 104304 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\SubscribePluginsInterop.dll
+ 2010-09-22 23:37 . 2010-09-22 23:37 103792 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\PublishPluginsInterop.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 489840 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXVideoTrim.dll
+ 2010-09-22 23:33 . 2010-09-22 23:33 684400 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXVideoAcquireWizard.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 139120 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXVAFilt.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 501616 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXSlideshow.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 117616 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXQuickTimeControlHost.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 731504 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPipetran.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 745328 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPipeline.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 785264 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoLibraryDatabase.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 131440 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoGallery.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 246640 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoAcquireWizard.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 301936 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPGSS.SCR
+ 2010-09-22 23:32 . 2010-09-22 23:32 173424 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXMP4Parser.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 130928 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXGrinderScheduler.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 191344 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXDSPA.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 237936 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\wlxclip.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 383344 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXAlbumDownloadWizard.exe
+ 2010-09-22 15:31 . 2010-09-22 15:31 108384 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\Microsoft.Web.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 953696 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\MeshSessions.dll
+ 2010-09-22 15:33 . 2010-09-22 15:33 117600 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\encoders.dll
+ 2010-09-22 15:32 . 2010-09-22 15:32 160608 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\commengine.dll
+ 2010-09-22 15:32 . 2010-09-22 15:32 438112 c:\windows\Installer\$PatchCache$\Managed\6116D6C8427B0184F8D20D746E7B6DE8\15.4.5722\bitswarm.dll
+ 2011-05-31 14:58 . 2011-05-31 14:58 521080 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\POWERPNT.EXE
+ 2007-06-07 17:51 . 2007-06-07 17:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL
+ 2008-03-19 04:27 . 2008-03-19 04:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\OGALEGIT.DLL
+ 2008-10-25 04:18 . 2008-10-25 04:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\IEAWSDC.DLL
+ 2006-10-26 18:13 . 2006-10-26 18:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\ACECNF.DLL
+ 2011-11-28 18:51 . 2011-11-28 18:51 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\437e93dfa3a6e95198cc26c14097f152\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 156672 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fa90639e3541f50d0cb39fd41db771c2\WindowsLive.Writer.HtmlParser.ni.dll
+ 2011-11-28 18:51 . 2011-11-28 18:51 890880 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f86a17b5db17bf9d67578cf35d66dc21\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 101376 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d8c2006252a263793f93cc685730db15\WindowsLive.Writer.Api.ni.dll
+ 2011-11-28 18:51 . 2011-11-28 18:51 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b66c4827b1522a455e82f5526745abbe\WindowsLive.Writer.BlogClient.ni.dll
+ 2011-11-28 18:51 . 2011-11-28 18:51 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b63d10d5cd9b8c0f895c9594f19a567f\WindowsLive.Writer.FileDestinations.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8ea48160b03845ccd9506560167b07bd\WindowsLive.Writer.BrowserControl.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 122368 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\89df1a44918e3760bf9bf97a75ff0d9c\WindowsLive.Writer.Extensibility.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\75b66e2b185f7d57da3849d65b5aef49\WindowsLive.Writer.Mshtml.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54e4530e0ae06b705790d7f99dd79fcb\WindowsLive.Writer.Interop.SHDocVw.ni.dll
- 2011-08-17 08:21 . 2011-08-17 08:21 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54e4530e0ae06b705790d7f99dd79fcb\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2011-11-28 18:51 . 2011-11-28 18:51 326144 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5033a441b980ee4b3a7b2f0b6e333035\WindowsLive.Writer.SpellChecker.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 665600 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\468c17bb4749ef2c8b1a67ae21d779e4\WindowsLive.Writer.Interop.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 146432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2eebe355ff38140f686391ab2ee569ba\WindowsLive.Writer.Instrumentation.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 780800 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2af52f7732256598b20e77a32c855db7\WindowsLive.Writer.Controls.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 374272 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1cb7521a76476af1f13c0122f8a70a7e\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2011-11-28 18:51 . 2011-11-28 18:51 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\1638eda71bdd01199e0c0a5b21c73ae1\WindowsLive.Client.ni.dll
+ 2011-11-28 15:31 . 2011-11-28 15:31 236392 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2011-12-23 09:42 . 2011-12-23 09:42 946176 c:\windows\assembly\GAC_64\WebFiguresService\2.10.0.0__e1d84a0da19db86f\WebFiguresService.dll
+ 2011-10-31 11:01 . 2011-10-31 11:01 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2010-05-29 11:24 . 2010-05-29 11:24 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2011-10-31 11:01 . 2011-10-31 11:01 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2011-10-31 11:01 . 2011-10-31 11:01 149368 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2011-11-13 16:39 . 2007-02-26 15:13 2392064 c:\windows\SysWOW64\videotrans.dll
+ 2011-05-03 14:17 . 2009-07-02 03:58 3155456 c:\windows\SysWOW64\nvwgf2um.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 1530400 c:\windows\SysWOW64\nvencodemft.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 7621120 c:\windows\SysWOW64\nvd3dum.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 1317408 c:\windows\SysWOW64\nvcuvenc.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 1705984 c:\windows\SysWOW64\nvcuda.dll
+ 2010-01-27 01:07 . 2011-12-11 16:21 8527008 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2011-11-13 16:39 . 2005-02-02 15:07 1709568 c:\windows\SysWOW64\gdiplus.dll
+ 2011-07-07 01:28 . 2011-07-07 01:28 1193320 c:\windows\SysWOW64\FM20.DLL
+ 2009-07-02 03:58 . 2009-07-02 03:58 4363776 c:\windows\system32\nvwgf2umx.dll
+ 2009-07-02 01:20 . 2009-07-02 01:20 1087488 c:\windows\system32\nvsvcr.dll
+ 2011-03-19 22:14 . 2009-07-02 03:58 9480192 c:\windows\system32\nvd3dumx.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 2304000 c:\windows\system32\nvcuda.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 1229312 c:\windows\system32\nvapi64.dll
+ 2010-01-25 20:22 . 2010-01-13 16:30 7520256 c:\windows\system32\DriverStore\FileRepository\netw5v64.inf_amd64_neutral_747e30ce4a72b604\NETw5v64.sys
+ 2010-01-25 20:22 . 2009-09-15 19:19 2747904 c:\windows\system32\DriverStore\FileRepository\netw5v64.inf_amd64_neutral_747e30ce4a72b604\NETw5r64.dll
+ 2010-01-25 20:22 . 2010-01-13 16:37 7675392 c:\windows\system32\DriverStore\FileRepository\netw5s64.inf_amd64_neutral_66ab2620a4a2e64e\NETw5s64.sys
+ 2010-01-25 20:22 . 2009-09-15 19:19 2747904 c:\windows\system32\DriverStore\FileRepository\netw5s64.inf_amd64_neutral_66ab2620a4a2e64e\NETw5r64.dll
+ 2010-01-25 20:22 . 2010-01-13 16:37 7675392 c:\windows\system32\drivers\NETw5s64.sys
+ 2009-12-21 22:28 . 2011-12-26 14:28 1429184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-11-27 10:10 . 2011-12-25 07:16 1789930 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-357352677-1046695373-1979520801-501-8192.dat
+ 2011-04-08 21:24 . 2011-12-27 15:46 9728533 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-357352677-1046695373-1979520801-1000-8192.dat
+ 2011-11-28 15:35 . 2011-11-28 15:35 7682560 c:\windows\Installer\ed71d.msi
+ 2011-08-17 06:51 . 2011-08-17 06:51 2633728 c:\windows\Installer\ed6f2.msi
+ 2011-08-17 06:49 . 2011-08-17 06:49 2149376 c:\windows\Installer\ed6d8.msp
+ 2011-04-17 09:19 . 2011-04-17 09:19 4271104 c:\windows\Installer\ed6cd.msi
+ 2011-04-17 09:16 . 2011-04-17 09:16 4079104 c:\windows\Installer\ed6c2.msi
+ 2011-08-17 06:46 . 2011-08-17 06:46 6683136 c:\windows\Installer\ed6bd.msi
+ 2011-04-17 09:12 . 2011-04-17 09:12 1074176 c:\windows\Installer\ed6ae.msi
+ 2011-04-17 09:12 . 2011-04-17 09:12 1526784 c:\windows\Installer\ed6a0.msi
+ 2011-08-17 06:51 . 2011-08-17 06:51 1828864 c:\windows\Installer\ed690.msp
+ 2011-04-17 09:21 . 2011-04-17 09:21 3454976 c:\windows\Installer\ed687.msi
+ 2011-08-17 06:50 . 2011-08-17 06:50 3103744 c:\windows\Installer\ed682.msp
+ 2011-04-17 09:21 . 2011-04-17 09:21 6195200 c:\windows\Installer\ed677.msi
+ 2011-08-17 06:50 . 2011-08-17 06:50 6363136 c:\windows\Installer\ed635.msi
+ 2011-08-17 06:49 . 2011-08-17 06:49 3731968 c:\windows\Installer\ed621.msp
+ 2011-08-17 06:47 . 2011-08-17 06:47 1819136 c:\windows\Installer\ed50c.msi
+ 2011-08-17 06:47 . 2011-08-17 06:47 2956288 c:\windows\Installer\ed508.msp
+ 2011-04-17 09:15 . 2011-04-17 09:15 8313856 c:\windows\Installer\ed4ee.msi
+ 2011-08-17 06:45 . 2011-08-17 06:45 3313152 c:\windows\Installer\ed4a3.msp
+ 2011-04-17 09:10 . 2011-04-17 09:10 8332288 c:\windows\Installer\ed487.msi
+ 2011-04-17 09:04 . 2011-04-17 09:04 2310656 c:\windows\Installer\ed473.msi
+ 2011-08-17 06:44 . 2011-08-17 06:44 1139200 c:\windows\Installer\ed46e.msp
+ 2011-04-17 09:04 . 2011-04-17 09:04 4004864 c:\windows\Installer\ed457.msi
+ 2011-04-17 09:10 . 2011-04-17 09:10 2343936 c:\windows\Installer\ed43f.msi
+ 2011-04-17 09:04 . 2011-04-17 09:04 4680704 c:\windows\Installer\ed431.msi
+ 2011-08-17 06:45 . 2011-08-17 06:45 2933248 c:\windows\Installer\ed42d.msp
+ 2011-04-17 09:09 . 2011-04-17 09:09 7710720 c:\windows\Installer\ed411.msi
+ 2011-08-17 06:44 . 2011-08-17 06:44 4425728 c:\windows\Installer\ed40a.msp
+ 2011-04-17 09:09 . 2011-04-17 09:09 9433088 c:\windows\Installer\ed3fb.msi
+ 2011-08-17 06:43 . 2011-08-17 06:43 2856448 c:\windows\Installer\ed3d7.msi
+ 2011-08-17 06:37 . 2011-08-17 06:37 4227072 c:\windows\Installer\ed3c5.msi
+ 2011-09-15 18:29 . 2011-09-15 18:29 1287680 c:\windows\Installer\d65eca.msp
+ 2011-09-15 18:28 . 2011-09-15 18:28 2756608 c:\windows\Installer\d65ec3.msp
+ 2011-09-15 18:26 . 2011-09-15 18:26 2681344 c:\windows\Installer\d65ea5.msp
+ 2011-09-15 17:34 . 2011-09-15 17:34 8499712 c:\windows\Installer\d65e9e.msp
+ 2009-09-08 15:55 . 2009-09-08 15:55 1452032 c:\windows\Installer\b8411.msi
+ 2011-12-24 17:44 . 2011-12-24 17:44 8773120 c:\windows\Installer\b1ca4.msi
+ 2009-11-24 11:25 . 2009-11-24 11:25 2433024 c:\windows\Installer\ac4d9.msi
+ 2009-11-24 10:48 . 2009-11-24 10:48 6490624 c:\windows\Installer\ac3fd.msi
+ 2009-11-24 10:21 . 2009-11-24 10:21 1400320 c:\windows\Installer\abc77.msi
+ 2009-11-24 10:11 . 2009-11-24 10:11 5663744 c:\windows\Installer\ab649.msi
+ 2011-11-27 07:42 . 2011-11-27 07:42 7357440 c:\windows\Installer\620eb.msi
+ 2011-11-10 23:00 . 2011-11-10 23:00 4893696 c:\windows\Installer\36e86.msi
+ 2011-11-10 23:00 . 2011-11-10 23:00 9885696 c:\windows\Installer\36e80.msi
+ 2011-11-01 12:34 . 2011-11-01 12:34 4250112 c:\windows\Installer\2ab5bc0.msp
+ 2011-11-01 12:34 . 2011-11-01 12:34 2247168 c:\windows\Installer\2ab5b9f.msp
+ 2011-11-11 15:14 . 2011-11-11 15:14 9096192 c:\windows\Installer\2ab5b8d.msp
+ 2011-11-01 12:34 . 2011-11-01 12:34 2531840 c:\windows\Installer\2ab5b7b.msp
+ 2011-11-11 15:15 . 2011-11-11 15:15 1795584 c:\windows\Installer\2ab5b69.msp
+ 2011-11-11 15:16 . 2011-11-11 15:16 8458240 c:\windows\Installer\2ab5b57.msp
+ 2009-07-02 07:46 . 2009-07-02 07:46 4832076 c:\windows\Installer\270612.msi
+ 2011-11-27 07:43 . 2011-11-27 07:43 3274752 c:\windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
+ 2010-05-29 10:50 . 2011-12-15 02:08 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-05-29 10:50 . 2011-09-16 10:23 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-09-22 23:17 . 2010-09-22 23:17 2668392 c:\windows\Installer\$PatchCache$\Managed\F132F0B0A6ECD384AA32773B467F9571\15.4.3502\startupres.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 1378160 c:\windows\Installer\$PatchCache$\Managed\B6ACDB9A3563B764CA384963D73AFB3E\15.4.3502\WLXMediaPublishSubscribe.dll
+ 2010-09-22 23:17 . 2010-09-22 23:17 1204584 c:\windows\Installer\$PatchCache$\Managed\99BA1946E11ADF145A7E23EDA890B7E8\15.4.3502\wlarp.exe
+ 2010-09-22 23:32 . 2010-09-22 23:32 1245552 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoVoyager.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 1342320 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoViewer.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 1877872 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXPhotoAcq.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 4824432 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXFaceRecognition.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 1507184 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\WLXAlbumDownloadWizardResources.dll
+ 2010-09-22 23:32 . 2010-09-22 23:32 7559024 c:\windows\Installer\$PatchCache$\Managed\766F6333940964D4896BC447E3BE5C1B\15.4.3502\Imaging.dll
+ 2010-09-22 22:28 . 2010-09-22 22:28 1043312 c:\windows\Installer\$PatchCache$\Managed\3D04254D3B6B9FF42B3445CE3E1E0066\15.4.3502\LivePlatform.dll
+ 2009-10-09 21:10 . 2009-10-09 21:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\VBE6.DLL
+ 2011-05-31 16:24 . 2011-05-31 16:24 2014592 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\PPTVIEW.EXE
+ 2011-07-27 03:44 . 2011-07-27 03:44 8494968 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\PPCORE.DLL
+ 2011-07-27 04:47 . 2011-07-27 04:47 2532736 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\GRAPH.EXE
+ 2006-10-26 18:25 . 2006-10-26 18:25 2172688 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\PSRCHFEA.DLL
+ 2011-11-28 18:50 . 2011-11-28 18:50 2193408 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ef144e85beeb01bc843f53fbe76f7c8f\WindowsLive.Writer.CoreServices.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 1284608 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cd940487fd82b84d8e0d2b589feae521\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 1346560 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\af05154ca46c0e06ff7e3656c9c579ed\WindowsLive.Writer.Localization.ni.dll
+ 2011-11-28 18:50 . 2011-11-28 18:50 7023616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\95eaea21d3a16f6aa7efb0fa341ba26c\WindowsLive.Writer.PostEditor.ni.dll
+ 2011-10-31 11:01 . 2011-10-31 11:01 1279864 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 10383360 c:\windows\SysWOW64\nvoglv32.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 14290944 c:\windows\system32\nvoglv64.dll
+ 2009-07-02 01:20 . 2009-07-02 01:20 16330272 c:\windows\system32\nvcpl.dll
+ 2009-12-23 19:50 . 2011-12-15 02:04 54867776 c:\windows\system32\MRT.exe
+ 2011-11-12 13:12 . 2011-12-11 16:21 11336864 c:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
+ 2009-07-02 03:58 . 2009-07-02 03:58 11528096 c:\windows\system32\drivers\nvlddmkm.sys
+ 2011-04-17 09:19 . 2011-04-17 09:19 11846656 c:\windows\Installer\ed618.msi
+ 2011-08-17 06:48 . 2011-08-17 06:48 14623744 c:\windows\Installer\ed576.msp
+ 2011-04-17 09:17 . 2011-04-17 09:17 34193408 c:\windows\Installer\ed54a.msi
+ 2011-08-17 06:46 . 2011-08-17 06:46 22647296 c:\windows\Installer\ed4a8.msi
+ 2011-09-15 17:38 . 2011-09-15 17:38 10838528 c:\windows\Installer\d65ebc.msp
+ 2011-09-15 17:37 . 2011-09-15 17:37 14140416 c:\windows\Installer\d65eb1.msp
+ 2011-09-15 18:30 . 2011-09-15 18:30 32539136 c:\windows\Installer\d65d9a.msp
+ 2011-09-15 18:30 . 2011-09-15 18:30 15096320 c:\windows\Installer\d65d74.msp
+ 2011-10-24 14:43 . 2011-10-24 14:43 26820096 c:\windows\Installer\c4b347.msi
+ 2011-12-23 09:23 . 2011-12-23 09:23 52920320 c:\windows\Installer\27de1be.msp
+ 2011-12-07 22:44 . 2011-12-07 22:44 12863488 c:\windows\Installer\1b7df9.msi
+ 2011-08-30 07:40 . 2011-08-30 07:40 15145832 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\XL12CNV.EXE
+ 2011-08-30 19:25 . 2011-08-30 19:25 18367336 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6612\EXCEL.EXE
+ 2011-09-15 17:34 . 2011-09-15 17:34 428804608 c:\windows\Installer\d65e90.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-09 6937216]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-09 73360]
"MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-03 210216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
2;2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
R1 SABKUTIL;SABKUTIL;c:\program files\SUPERAntiSpyware\SABKUTIL.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 135664]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 340240]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-07 378472]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-03-06 911360]
S3 bpenum;Intel(R) WiMAX Link Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
........

Milanco · #12 Příspěvek od **Milanco** » 28 pro 2011 00:02

........

Contents of the 'Scheduled Tasks' folder
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 14:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 14:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-25 10:47 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-25 10:47 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 16330272]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.10.10.1
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\m5wtn61d.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-54624 ... -8859-1&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 9666
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 9666
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9666
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-ISW - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-357352677-1046695373-1979520801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-357352677-1046695373-1979520801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-12-28 00:01:36
ComboFix-quarantined-files.txt 2011-12-27 23:01
ComboFix2.txt 2011-10-27 10:59
ComboFix3.txt 2011-10-26 06:40
ComboFix4.txt 2011-09-02 09:15
.
Pre-Run: 61 235 691 520 bytes free
Post-Run: 60 754 997 248 bytes free
.
- - End Of File - - 0B19E5F6C1A8FD7F7133168319773EA6

chodnik74 · #13 Příspěvek od **chodnik74** » 28 pro 2011 00:15

Otevřeme si Poznámkový blok Obrázek

(stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)

Vložíme do něj následující script:

Kód: Vybrat vše

KillAll::

Driver::
gupdatem
gupdate

Firefox::
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\m5wtn61d.default\
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 9666
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 9666
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9666
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 0

RegLock::
[HKEY_USERS\S-1-5-21-357352677-1046695373-1979520801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-357352677-1046695373-1979520801-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

Reboot::

Soubor uložíme na Plochu jako CFScript.txt
Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
Poté Combofix provede všechny operace a udělá nový log,který sem vložte

Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfigurace

Poté bych poprosil o Úplnou kontrolu MBAM

Milanco · #14 Příspěvek od **Milanco** » 28 pro 2011 00:46

Tu je log z ComboFix, log z MBAM poslem v priebehu dna:

ComboFix 11-12-27.01 - Milan . 12. 2011 0:23.9.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.4095.2005 [GMT 1:00]
Running from: c:\users\Milan\Desktop\ComboFix.exe
Command switches used :: c:\users\Milan\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-11-27 to 2011-12-27 )))))))))))))))))))))))))))))))
.
.
2011-12-27 23:34 . 2011-12-27 23:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-27 23:34 . 2011-12-27 23:34 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-12-27 23:34 . 2011-12-27 23:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-27 08:21 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BAC8541-82D0-4501-84DF-7B594C101D2C}\mpengine.dll
2011-12-26 21:23 . 2011-12-26 21:26 -------- d-----w- c:\programdata\SUPERSetup
2011-12-25 08:11 . 2009-08-07 04:24 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-12-25 07:29 . 2011-12-25 07:29 -------- d-----w- c:\programdata\AmUStor
2011-12-25 07:26 . 2011-12-25 07:26 -------- d-----w- c:\program files\Elantech
2011-12-25 07:17 . 2011-12-25 07:17 -------- d-----w- c:\users\Guest\AppData\Roaming\SUPERAntiSpyware.com
2011-12-25 07:10 . 2011-12-25 07:10 -------- d-----w- c:\users\Milan\AppData\Roaming\InstallShield
2011-12-24 18:25 . 2011-12-24 18:25 -------- d-----w- c:\users\Guest\AppData\Local\Broadcom
2011-12-24 18:19 . 2011-12-24 18:19 -------- d-----w- c:\users\Milan\AppData\Local\Broadcom
2011-12-24 18:16 . 2011-12-24 18:16 -------- d-----w- c:\program files\WIDCOMM
2011-12-24 17:46 . 2011-12-24 17:46 -------- d-----w- c:\users\Milan\Podcasts
2011-12-24 17:45 . 2011-12-24 17:45 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2011-12-24 17:44 . 2011-12-24 17:44 -------- d-----w- c:\users\Milan\AppData\Local\Downloaded Installations
2011-12-24 17:43 . 2011-12-25 08:14 -------- d-----w- c:\program files (x86)\Sony
2011-12-24 17:43 . 2011-12-24 17:43 -------- d-----w- c:\programdata\Sony Corporation
2011-12-24 17:40 . 2011-12-24 17:43 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2011-12-23 09:56 . 2011-12-23 09:56 -------- d-----w- c:\program files (x86)\Stellarium
2011-12-23 09:55 . 2011-12-23 09:55 750488 ----a-w- c:\windows\system32\npdeployJava1.dll
2011-12-23 09:35 . 2011-12-23 09:35 -------- d-----w- c:\programdata\Uniblue
2011-12-23 09:23 . 2011-12-23 09:23 -------- d-----w- c:\program files\Microsoft Silverlight
2011-12-23 09:23 . 2011-12-23 09:23 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-12-23 09:22 . 2011-12-21 07:24 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-23 09:22 . 2011-12-21 04:30 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-23 09:22 . 2011-12-21 04:30 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-23 09:22 . 2011-12-21 04:30 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-23 09:18 . 2011-12-23 09:49 -------- d-----w- c:\windows\Downloaded Program Files
2011-12-20 09:37 . 2011-12-20 09:37 -------- d-----w- c:\program files\MATLAB
2011-12-16 18:31 . 2011-12-16 18:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-12-12 17:48 . 2011-12-12 17:49 -------- d-----w- c:\users\Milan\.dia
2011-12-12 17:47 . 2011-12-12 17:48 -------- d-----w- c:\program files (x86)\Dia
2011-12-07 22:46 . 2011-12-07 22:46 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-12-06 10:18 . 2011-12-06 10:18 -------- d-----w- c:\programdata\EA Core
2011-12-06 10:18 . 2011-12-06 10:18 -------- d-----w- c:\programdata\Electronic Arts
2011-12-06 10:01 . 2011-12-23 09:43 -------- d-----w- c:\program files (x86)\FIFA 12
2011-12-06 09:58 . 2011-12-06 09:58 279616 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-06 09:58 . 2011-12-06 09:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-12-04 16:26 . 2011-12-04 16:29 -------- d-----w- c:\program files\glassfish-3.1.1
2011-12-04 16:11 . 2011-12-04 16:26 -------- d-----w- c:\program files\NetBeans 7.0.1
2011-11-28 15:35 . 2011-11-28 15:35 -------- d-----w- c:\program files\Microsoft LifeChat
2011-11-28 15:35 . 2011-11-28 15:35 -------- d-----w- c:\program files (x86)\Microsoft LifeChat
2011-11-28 15:33 . 2011-11-28 15:33 -------- d-----w- c:\windows\sk
2011-11-28 15:31 . 2011-11-28 15:31 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-11-28 15:28 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-11-28 15:28 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-11-28 15:28 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-27 23:40 . 2011-12-27 23:40 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BAC8541-82D0-4501-84DF-7B594C101D2C}\offreg.dll
2011-12-25 08:30 . 2009-11-30 08:12 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-12-23 10:00 . 2011-05-15 16:16 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-23 09:55 . 2010-12-25 18:46 660368 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-22 21:44 . 2011-03-19 22:02 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-12-14 13:40 . 2010-06-16 18:42 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-07 22:45 . 2011-09-06 17:21 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-12-04 07:44 . 2011-02-28 22:10 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-11-28 18:01 . 2011-08-17 06:24 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-08-17 06:24 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-01-13 20:01 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-08-17 06:24 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-08-17 06:24 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-08-17 06:24 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-08-17 06:24 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-08-17 06:24 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-08-17 06:24 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-21 21:56 . 2011-02-28 22:10 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-11-16 14:40 . 2010-06-16 18:42 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-23 14:06 . 2011-10-23 14:06 81920 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\rhapsody.exe1_ABE627FE53A04245AC369EBB886F4C3C.exe
2011-10-23 14:06 . 2011-10-23 14:06 81920 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\rhapsody.exe_8FE58AAA5EAC44F694BEBFC4D9448CD8.exe
2011-10-23 14:06 . 2011-10-23 14:06 81920 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\DiffMerge.exe_CD7C7D093BE1420581EA420D2F575D76.exe
2011-10-23 14:06 . 2011-10-23 14:06 40960 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{A47E6C5B-713F-4BC3-98AE-BE2BB796F491}\HostDetails.exe_29E957E2771C4A4190F21E9691A5D617.exe
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2009-04-08 09:31 . 2009-04-08 09:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-12-27_22.55.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-02-18 14:00 . 2011-12-27 22:09 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-02-18 14:00 . 2011-12-27 23:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-12-27 22:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-27 22:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-22 00:22 . 2011-12-27 22:09 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-22 00:22 . 2011-12-27 23:36 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:36 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-27 22:09 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-30 07:47 . 2011-12-27 23:35 6374 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2009-11-30 07:47 . 2011-12-27 15:46 6374 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-12-27 22:08 . 2011-12-27 22:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 23:36 . 2011-12-27 23:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 23:36 . 2011-12-27 23:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-27 22:08 . 2011-12-27 22:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2011-12-27 22:32 131072 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:36 131072 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-08-03 19:55 . 2011-12-27 22:15 692630 c:\windows\system32\perfh015.dat
+ 2009-08-03 19:55 . 2011-12-27 23:23 692630 c:\windows\system32\perfh015.dat
+ 2009-08-03 20:06 . 2011-12-27 23:23 635084 c:\windows\system32\perfh00E.dat
- 2009-08-03 20:06 . 2011-12-27 22:15 635084 c:\windows\system32\perfh00E.dat
- 2009-07-14 02:36 . 2011-12-27 22:15 618912 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-12-27 23:23 618912 c:\windows\system32\perfh009.dat
- 2009-08-03 20:00 . 2011-12-27 22:15 626048 c:\windows\system32\perfh005.dat
+ 2009-08-03 20:00 . 2011-12-27 23:23 626048 c:\windows\system32\perfh005.dat
- 2009-08-03 19:55 . 2011-12-27 22:15 135684 c:\windows\system32\perfc015.dat
+ 2009-08-03 19:55 . 2011-12-27 23:23 135684 c:\windows\system32\perfc015.dat
- 2009-08-03 20:06 . 2011-12-27 22:15 149154 c:\windows\system32\perfc00E.dat
+ 2009-08-03 20:06 . 2011-12-27 23:23 149154 c:\windows\system32\perfc00E.dat
+ 2009-07-14 02:36 . 2011-12-27 23:23 107232 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-12-27 22:15 107232 c:\windows\system32\perfc009.dat
- 2009-08-03 20:00 . 2011-12-27 22:15 122632 c:\windows\system32\perfc005.dat
+ 2009-08-03 20:00 . 2011-12-27 23:23 122632 c:\windows\system32\perfc005.dat
+ 2011-03-15 08:21 . 2011-12-27 23:36 114688 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-03-15 08:21 . 2011-12-27 22:09 114688 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-09 6937216]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-09 73360]
"MDS_Menu"="c:\program files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\Cyberlink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-03 210216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
2;2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
R1 SABKUTIL;SABKUTIL;c:\program files\SUPERAntiSpyware\SABKUTIL.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 340240]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 33672]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 827520]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-07 378472]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-03-06 911360]
S3 bpenum;Intel(R) WiMAX Link Enumerator;c:\windows\system32\DRIVERS\bpenum.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 14:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-12 14:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-11-25 10:47 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-11-25 10:47 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISW"="" [BU]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2009-09-24 371712]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-02 16330272]
"combofix"="c:\combofix\CF2392.3XE" [2009-07-14 344576]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.10.10.1
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\m5wtn61d.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-54624 ... -8859-1&q=
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\xampp\filezillaftp\filezillaserver.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\SysWOW64\nisvcloc.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Completion time: 2011-12-28 00:46:18 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-27 23:46
ComboFix2.txt 2011-12-27 23:01
ComboFix3.txt 2011-10-27 10:59
ComboFix4.txt 2011-10-26 06:40
ComboFix5.txt 2011-12-27 23:21
.
Pre-Run: 60 815 077 376 bytes free
Post-Run: 60 498 710 528 bytes free
.
- - End Of File - - F2705F80540C53D96C9875A3904139FE

chodnik74 · #15 Příspěvek od **chodnik74** » 28 pro 2011 00:49

Fajn, odinstalovat BingBar, co vidím na první pohled než usnu

Zítra doděláme zbytek...

VIRY.CZ

zasekava sa notebook

zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook

Re: zasekava sa notebook