Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
MWAV vyhadzuje chyby
Moderátoři: james008, JaRon, Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
MWAV vyhadzuje chyby
Zdravim, len sa chcem spytat, mam plnu verziu MWAV a ked ju spustim, najprv vyhadzuje neustale chyby - hlavne pri systemovych suboroch. Vyzera to asi takto:
"24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!"
a celkovo 1500 krat ERROR. Kontroluje az jednotlive polozky. Lenze jua sa obavam, ze virus mam prave vo system32... neviem, je to v poriadku?
"24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!"
a celkovo 1500 krat ERROR. Kontroluje az jednotlive polozky. Lenze jua sa obavam, ze virus mam prave vo system32... neviem, je to v poriadku?
Re: MWAV vyhadzuje chyby
fuha, to nikto nevie poradit?
Re: MWAV vyhadzuje chyby
Dobrý večer
Můžu Vás porposit o log ze Rsitu, viz můj podpis?
Můžu Vás porposit o log ze Rsitu, viz můj podpis?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: MWAV vyhadzuje chyby
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2009-11-18 23:22:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 115 GB (75%) free of 153 GB
Total RAM: 511 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:22:52, on 18.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Register Genuine Fractals 6.0 Professional Edition.lnk = C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 5885 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-24 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"365dnk"= []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-11-11 3055616]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-12 2001648]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Register Genuine Fractals 6.0 Professional Edition.lnk - C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Documents and Settings\Administrator\Desktop\Internet TV & Radio Player.exe"="C:\Documents and Settings\Administrator\Desktop\Internet TV & Radio Player.exe:*:Enabled:Internet TV & Radio Player"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-11-18 23:22:12 ----D---- C:\Program Files\trend micro
2009-11-18 23:22:06 ----D---- C:\rsit
2009-11-18 12:04:45 ----AD---- C:\WINDOWS\system32\runouce.exe
2009-11-18 11:33:44 ----A---- C:\gfrgdv.exe
2009-11-18 11:33:11 ----A---- C:\hqcqje.exe
2009-11-18 11:33:10 ----A---- C:\iqnafa.exe
2009-11-18 11:33:06 ----A---- C:\xqwhd.exe
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTTextToAudio3.dll
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTAudioDTMFSignals3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-11-18 11:30:38 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-11-18 11:30:09 ----D---- C:\Program Files\Audio Editor Gold
2009-11-18 11:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 11:22:37 ----D---- C:\Program Files\NCH Swift Sound
2009-11-14 21:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-11-14 18:32:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2009-11-11 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-11 17:53:49 ----D---- C:\Program Files\WinZip
2009-11-11 15:47:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:41 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-11 15:47:40 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-11 15:28:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-11-11 15:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-11-11 15:28:05 ----D---- C:\Program Files\Spyware Terminator
2009-11-11 13:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 02:39:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\px.dll
2009-11-11 02:38:55 ----D---- C:\Program Files\Winamp
2009-11-11 02:38:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2009-11-05 03:45:59 ----A---- C:\WINDOWS\imsins.BAK
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 09:56:48 ----D---- C:\Program Files\ESET
2009-11-02 14:53:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-02 14:53:38 ----D---- C:\Program Files\DivX
2009-11-02 14:44:40 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-11-02 14:11:34 ----D---- C:\Documents and Settings\All Users\Application Data\Readon
2009-11-02 14:05:07 ----D---- C:\Program Files\Readon Technology
2009-11-02 13:10:25 ----D---- C:\WINDOWS\system32\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\Program Files\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\My Saved Files
2009-11-02 13:10:25 ----D---- C:\My Recorded Files
2009-10-31 19:09:12 ----D---- C:\Program Files\uTorrent
2009-10-31 19:08:09 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixpsets.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixjpeg.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixio130.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixguid.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixexif.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixaudio.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\F210.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC265.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC240.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC210.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Roboex32.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\lwf214p.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\ldf252.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgst500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgpl500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgme500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgid500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgdw500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgar500.dll
2009-10-30 11:58:58 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:10:54 ----D---- C:\Documents and Settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 16:10:42 ----D---- C:\Program Files\FLVPlayer4Free
2009-10-26 17:03:42 ----D---- C:\WINDOWS\Minidump
2009-10-26 15:38:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-10-24 20:30:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-24 20:30:01 ----D---- C:\Program Files\Common Files\xing shared
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-24 20:29:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-24 20:29:36 ----D---- C:\Program Files\Real
2009-10-24 20:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-24 19:20:49 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2009-10-24 19:20:49 ----A---- C:\WINDOWS\REGEDIT.COM
2009-10-24 18:49:14 ----D---- C:\WINDOWS\temp
2009-10-24 18:49:11 ----A---- C:\log.txt
2009-10-24 18:49:11 ----A---- C:\ComboFix.txt
2009-10-24 18:38:46 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-24 18:38:40 ----D---- C:\Combo-Fix
2009-10-24 18:34:02 ----A---- C:\WINDOWS\zip.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\sed.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\PEV.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\grep.exe
2009-10-24 18:33:53 ----D---- C:\WINDOWS\ERDNT
2009-10-24 18:29:59 ----D---- C:\Qoobox
2009-10-24 17:54:10 ----A---- C:\WINDOWS\ScanSpyware.INI
2009-10-24 17:44:46 ----D---- C:\Documents and Settings\Administrator\Application Data\ScanSpyware
2009-10-24 17:10:27 ----D---- C:\Program Files\Common Files\Real
2009-10-24 17:09:19 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2009-10-24 14:48:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2009-10-22 09:45:56 ----D---- C:\Program Files\Audacity
2009-10-22 09:17:59 ----D---- C:\Converted Audio Files
2009-10-22 09:16:50 ----D---- C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2009-10-21 17:27:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Nik Software
2009-10-21 17:19:00 ----A---- C:\WINDOWS\system32\Deco_32.dll
2009-10-21 17:18:59 ----A---- C:\WINDOWS\system32\ASTSRV.EXE
2009-10-21 17:16:24 ----D---- C:\WINDOWS\MSSecurityNS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\MSSecurityNi
2009-10-20 23:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-10-20 21:03:07 ----D---- C:\Program Files\directx
2009-10-20 20:57:04 ----D---- C:\Sierra
2009-10-20 20:57:04 ----A---- C:\WINDOWS\SIERRA.INI
2009-10-20 19:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-10-20 19:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 21:51:28 ----D---- C:\Program Files\WAS
======List of files/folders modified in the last 1 months======
2009-11-18 23:22:12 ----RD---- C:\Program Files
2009-11-18 23:21:55 ----D---- C:\WINDOWS\Prefetch
2009-11-18 21:54:28 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2009-11-18 20:54:01 ----D---- C:\Program Files\Mozilla Firefox
2009-11-18 18:40:15 ----AD---- C:\WINDOWS
2009-11-18 16:32:04 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2009-11-18 13:46:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-18 13:42:41 ----D---- C:\WINDOWS\inf
2009-11-18 13:31:43 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-18 12:04:45 ----D---- C:\WINDOWS\system32
2009-11-18 11:33:54 ----D---- C:\WINDOWS\system32\drivers
2009-11-18 11:33:09 ----SHD---- C:\RECYCLER
2009-11-18 11:31:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 19:06:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-16 19:46:36 ----D---- C:\Documents and Settings\Administrator\Application Data\365dni
2009-11-15 10:13:35 ----DC---- C:\WINDOWS\system32\dllcache
2009-11-13 12:08:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-13 11:30:02 ----D---- C:\WINDOWS\Help
2009-11-11 17:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-11-11 17:55:17 ----SHD---- C:\WINDOWS\Installer
2009-11-11 16:08:21 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 16:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-11 16:08:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files
2009-11-11 14:49:55 ----D---- C:\Program Files\Your Uninstaller
2009-11-11 13:17:23 ----D---- C:\WINDOWS\$hf_mig$
2009-11-11 03:15:04 ----D---- C:\WINDOWS\security
2009-11-11 02:40:47 ----D---- C:\Program Files\Windows Media Player
2009-11-11 02:40:46 ----D---- C:\WINDOWS\Debug
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:21:49 ----D---- C:\Program Files\Java
2009-11-02 14:11:44 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-10-30 11:57:25 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-26 18:42:38 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-10-26 18:42:37 ----D---- C:\Program Files\Adobe
2009-10-26 18:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-26 18:38:33 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 21:31:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-25 09:32:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 20:37:45 ----D---- C:\Program Files\AskBarDis
2009-10-24 18:47:45 ----A---- C:\WINDOWS\system.ini
2009-10-24 18:44:29 ----D---- C:\WINDOWS\AppPatch
2009-10-21 17:15:21 ----D---- C:\WINDOWS\Registration
2009-10-21 05:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 21:52:24 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-07 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 astcc;AST Service; C:\WINDOWS\SYSTEM32\astsrv.exe [2008-11-26 57344]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-11 487936]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Administrator at 2009-11-18 23:22:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 115 GB (75%) free of 153 GB
Total RAM: 511 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:22:52, on 18.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Register Genuine Fractals 6.0 Professional Edition.lnk = C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 5885 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-24 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"365dnk"= []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-11-11 3055616]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-12 2001648]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Register Genuine Fractals 6.0 Professional Edition.lnk - C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Documents and Settings\Administrator\Desktop\Internet TV & Radio Player.exe"="C:\Documents and Settings\Administrator\Desktop\Internet TV & Radio Player.exe:*:Enabled:Internet TV & Radio Player"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-11-18 23:22:12 ----D---- C:\Program Files\trend micro
2009-11-18 23:22:06 ----D---- C:\rsit
2009-11-18 12:04:45 ----AD---- C:\WINDOWS\system32\runouce.exe
2009-11-18 11:33:44 ----A---- C:\gfrgdv.exe
2009-11-18 11:33:11 ----A---- C:\hqcqje.exe
2009-11-18 11:33:10 ----A---- C:\iqnafa.exe
2009-11-18 11:33:06 ----A---- C:\xqwhd.exe
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTTextToAudio3.dll
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTAudioDTMFSignals3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-11-18 11:30:38 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-11-18 11:30:09 ----D---- C:\Program Files\Audio Editor Gold
2009-11-18 11:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 11:22:37 ----D---- C:\Program Files\NCH Swift Sound
2009-11-14 21:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-11-14 18:32:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2009-11-11 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-11 17:53:49 ----D---- C:\Program Files\WinZip
2009-11-11 15:47:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:41 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-11 15:47:40 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-11 15:28:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-11-11 15:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-11-11 15:28:05 ----D---- C:\Program Files\Spyware Terminator
2009-11-11 13:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 02:39:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\px.dll
2009-11-11 02:38:55 ----D---- C:\Program Files\Winamp
2009-11-11 02:38:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2009-11-05 03:45:59 ----A---- C:\WINDOWS\imsins.BAK
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 09:56:48 ----D---- C:\Program Files\ESET
2009-11-02 14:53:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-02 14:53:38 ----D---- C:\Program Files\DivX
2009-11-02 14:44:40 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-11-02 14:11:34 ----D---- C:\Documents and Settings\All Users\Application Data\Readon
2009-11-02 14:05:07 ----D---- C:\Program Files\Readon Technology
2009-11-02 13:10:25 ----D---- C:\WINDOWS\system32\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\Program Files\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\My Saved Files
2009-11-02 13:10:25 ----D---- C:\My Recorded Files
2009-10-31 19:09:12 ----D---- C:\Program Files\uTorrent
2009-10-31 19:08:09 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixpsets.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixjpeg.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixio130.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixguid.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixexif.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixaudio.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\F210.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC265.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC240.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC210.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Roboex32.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\lwf214p.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\ldf252.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgst500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgpl500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgme500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgid500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgdw500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgar500.dll
2009-10-30 11:58:58 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:10:54 ----D---- C:\Documents and Settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 16:10:42 ----D---- C:\Program Files\FLVPlayer4Free
2009-10-26 17:03:42 ----D---- C:\WINDOWS\Minidump
2009-10-26 15:38:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-10-24 20:30:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-24 20:30:01 ----D---- C:\Program Files\Common Files\xing shared
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-24 20:29:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-24 20:29:36 ----D---- C:\Program Files\Real
2009-10-24 20:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-24 19:20:49 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2009-10-24 19:20:49 ----A---- C:\WINDOWS\REGEDIT.COM
2009-10-24 18:49:14 ----D---- C:\WINDOWS\temp
2009-10-24 18:49:11 ----A---- C:\log.txt
2009-10-24 18:49:11 ----A---- C:\ComboFix.txt
2009-10-24 18:38:46 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-24 18:38:40 ----D---- C:\Combo-Fix
2009-10-24 18:34:02 ----A---- C:\WINDOWS\zip.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\sed.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\PEV.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\grep.exe
2009-10-24 18:33:53 ----D---- C:\WINDOWS\ERDNT
2009-10-24 18:29:59 ----D---- C:\Qoobox
2009-10-24 17:54:10 ----A---- C:\WINDOWS\ScanSpyware.INI
2009-10-24 17:44:46 ----D---- C:\Documents and Settings\Administrator\Application Data\ScanSpyware
2009-10-24 17:10:27 ----D---- C:\Program Files\Common Files\Real
2009-10-24 17:09:19 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2009-10-24 14:48:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2009-10-22 09:45:56 ----D---- C:\Program Files\Audacity
2009-10-22 09:17:59 ----D---- C:\Converted Audio Files
2009-10-22 09:16:50 ----D---- C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2009-10-21 17:27:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Nik Software
2009-10-21 17:19:00 ----A---- C:\WINDOWS\system32\Deco_32.dll
2009-10-21 17:18:59 ----A---- C:\WINDOWS\system32\ASTSRV.EXE
2009-10-21 17:16:24 ----D---- C:\WINDOWS\MSSecurityNS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\MSSecurityNi
2009-10-20 23:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-10-20 21:03:07 ----D---- C:\Program Files\directx
2009-10-20 20:57:04 ----D---- C:\Sierra
2009-10-20 20:57:04 ----A---- C:\WINDOWS\SIERRA.INI
2009-10-20 19:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-10-20 19:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 21:51:28 ----D---- C:\Program Files\WAS
======List of files/folders modified in the last 1 months======
2009-11-18 23:22:12 ----RD---- C:\Program Files
2009-11-18 23:21:55 ----D---- C:\WINDOWS\Prefetch
2009-11-18 21:54:28 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2009-11-18 20:54:01 ----D---- C:\Program Files\Mozilla Firefox
2009-11-18 18:40:15 ----AD---- C:\WINDOWS
2009-11-18 16:32:04 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2009-11-18 13:46:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-18 13:42:41 ----D---- C:\WINDOWS\inf
2009-11-18 13:31:43 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-18 12:04:45 ----D---- C:\WINDOWS\system32
2009-11-18 11:33:54 ----D---- C:\WINDOWS\system32\drivers
2009-11-18 11:33:09 ----SHD---- C:\RECYCLER
2009-11-18 11:31:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 19:06:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-16 19:46:36 ----D---- C:\Documents and Settings\Administrator\Application Data\365dni
2009-11-15 10:13:35 ----DC---- C:\WINDOWS\system32\dllcache
2009-11-13 12:08:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-13 11:30:02 ----D---- C:\WINDOWS\Help
2009-11-11 17:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-11-11 17:55:17 ----SHD---- C:\WINDOWS\Installer
2009-11-11 16:08:21 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 16:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-11 16:08:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files
2009-11-11 14:49:55 ----D---- C:\Program Files\Your Uninstaller
2009-11-11 13:17:23 ----D---- C:\WINDOWS\$hf_mig$
2009-11-11 03:15:04 ----D---- C:\WINDOWS\security
2009-11-11 02:40:47 ----D---- C:\Program Files\Windows Media Player
2009-11-11 02:40:46 ----D---- C:\WINDOWS\Debug
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:21:49 ----D---- C:\Program Files\Java
2009-11-02 14:11:44 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-10-30 11:57:25 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-26 18:42:38 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-10-26 18:42:37 ----D---- C:\Program Files\Adobe
2009-10-26 18:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-26 18:38:33 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 21:31:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-25 09:32:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 20:37:45 ----D---- C:\Program Files\AskBarDis
2009-10-24 18:47:45 ----A---- C:\WINDOWS\system.ini
2009-10-24 18:44:29 ----D---- C:\WINDOWS\AppPatch
2009-10-21 17:15:21 ----D---- C:\WINDOWS\Registration
2009-10-21 05:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 21:52:24 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-07 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 astcc;AST Service; C:\WINDOWS\SYSTEM32\astsrv.exe [2008-11-26 57344]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-11 487936]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: MWAV vyhadzuje chyby
Koukneme pořádně, ale až zítra, dnes už jdu spát
Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-souhlaste s instalací konzole pro zotavení
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem
Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-souhlaste s instalací konzole pro zotavení
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: MWAV vyhadzuje chyby
diky moc, idem to urobit
Re: MWAV vyhadzuje chyby
ComboFix 09-11-18.06 - Administrator 19.11.2009 0:19.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.511.108 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988\Desktop.ini
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988\wnzip32.exe
c:\recycler\S-1-5-21-9817978872-4228745943-561314372-5514
.
((((((((((((((((((((((((( Files Created from 2009-10-18 to 2009-11-18 )))))))))))))))))))))))))))))))
.
2009-11-18 22:22 . 2009-11-18 22:22 -------- d-----w- c:\program files\trend micro
2009-11-18 11:25 . 2009-11-18 11:26 5237930 ----a-w- c:\windows\REGBK02.ZIP
2009-11-18 10:33 . 2009-11-18 10:33 208384 ----a-w- C:\gfrgdv.exe
2009-11-18 10:33 . 2009-11-18 10:33 38912 ----a-w- C:\hqcqje.exe
2009-11-18 10:33 . 2009-11-18 10:33 38912 ----a-w- C:\iqnafa.exe
2009-11-18 10:33 . 2009-11-18 10:33 93696 ----a-w- C:\xqwhd.exe
2009-11-18 10:31 . 2005-06-02 16:57 335872 ----a-w- c:\windows\system32\NCTAudioDTMFSignals3.dll
2009-11-18 10:31 . 2005-06-02 16:54 331776 ----a-w- c:\windows\system32\NCTTextToAudio3.dll
2009-11-18 10:30 . 2005-06-02 15:54 331776 ----a-w- c:\windows\system32\NCTAudioPlayer3.dll
2009-11-18 10:30 . 2005-06-02 02:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-11-18 10:30 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-11-18 10:30 . 2005-02-25 05:21 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-11-18 10:30 . 2005-04-16 02:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-11-18 10:30 . 2005-03-29 05:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-11-18 10:30 . 2005-03-29 05:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2009-11-18 10:30 . 2007-10-12 08:09 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-11-18 10:30 . 2002-01-06 04:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-11-18 10:30 . 2009-11-18 10:32 -------- d-----w- c:\program files\Audio Editor Gold
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-14 20:31 . 2009-11-14 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2009-11-14 17:32 . 2009-11-14 17:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-13 13:47 . 2009-11-13 13:47 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-13 13:46 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-13 13:46 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-13 13:46 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 14:48 . 2009-11-18 12:30 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 65024 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-11-11 14:47 . 2009-11-11 14:47 5120 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-11-11 14:47 . 2009-11-11 14:47 18944 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-11-11 14:47 . 2009-11-12 07:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-11 14:28 . 2009-11-11 14:28 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-11 14:28 . 2009-11-11 14:28 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-11 14:28 . 2009-11-11 14:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-11 14:28 . 2009-11-18 12:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\program files\Spyware Terminator
2009-11-03 22:20 . 2009-11-03 22:20 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 08:56 . 2009-11-03 08:56 -------- d-----w- c:\program files\ESET
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\DivX
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_E9E3E8815ADBA390949375.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_6FEFF9B68218417F98F549.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_0276E7E570CBB4EA97FB0F.exe
2009-11-02 13:44 . 2009-11-02 13:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\program files\Readon Technology
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut3_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut1_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\ARPPRODUCTICON.exe
2009-11-02 12:10 . 2009-11-13 11:10 -------- d-----w- c:\program files\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- c:\windows\system32\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Saved Files
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Recorded Files
2009-10-31 18:09 . 2009-10-31 18:09 -------- d-----w- c:\program files\uTorrent
2009-10-31 18:08 . 2009-11-15 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-10-30 10:59 . 2000-09-06 09:20 97280 ----a-w- c:\windows\system32\ekfpixjpeg.dll
2009-10-30 10:59 . 2000-09-06 09:20 68096 ----a-w- c:\windows\system32\ekfpixpsets.dll
2009-10-30 10:59 . 2000-09-06 09:20 4608 ----a-w- c:\windows\system32\ekfpixguid.dll
2009-10-30 10:59 . 2000-09-06 09:20 446976 ----a-w- c:\windows\system32\ekfpixio130.dll
2009-10-30 10:59 . 2000-09-06 09:20 43520 ----a-w- c:\windows\system32\ekfpixaudio.dll
2009-10-30 10:59 . 2000-09-06 09:20 138240 ----a-w- c:\windows\system32\ekfpixexif.dll
2009-10-30 10:59 . 2000-09-06 09:20 230400 ----a-w- c:\windows\system32\DC265.dll
2009-10-30 10:59 . 2000-09-06 09:20 6688 ----a-w- c:\windows\system32\Digita.sys
2009-10-30 10:59 . 2000-09-06 09:20 45568 ----a-w- c:\windows\system32\DC210.dll
2009-10-30 10:59 . 2000-09-06 09:20 32768 ----a-w- c:\windows\system32\F210.dll
2009-10-30 10:59 . 2000-09-06 09:20 110592 ----a-w- c:\windows\system32\DC240.dll
2009-10-30 10:58 . 2000-09-06 09:20 317952 ----a-w- c:\windows\system32\Roboex32.dll
2009-10-30 10:58 . 2000-09-06 09:20 335872 ----a-w- c:\windows\system32\ldf252.dll
2009-10-30 10:58 . 2000-09-06 09:20 126976 ----a-w- c:\windows\system32\lwf214p.dll
2009-10-30 10:58 . 2000-09-06 09:20 7168 ----a-w- c:\windows\system32\Jgme500.dll
2009-10-30 10:58 . 2000-09-06 09:20 15872 ----a-w- c:\windows\system32\Jgpl500.dll
2009-10-30 10:58 . 2000-09-06 09:20 144896 ----a-w- c:\windows\system32\Jgdw500.dll
2009-10-30 10:58 . 2000-09-06 09:20 13312 ----a-w- c:\windows\system32\Jgst500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgid500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgar500.dll
2009-10-30 10:58 . 2009-10-30 10:58 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:10 . 2009-10-28 15:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 15:10 . 2009-10-28 15:13 -------- d-----w- c:\program files\FLVPlayer4Free
2009-10-26 14:38 . 2009-10-26 14:38 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-24 19:30 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-24 19:29 . 2009-10-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-24 19:29 . 2009-10-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-24 19:29 . 2009-10-24 19:29 -------- d-----w- c:\program files\Real
2009-10-24 18:46 . 2009-10-24 18:47 5076770 ----a-w- c:\windows\REGBK01.ZIP
2009-10-24 17:38 . 2009-10-24 17:49 -------- d-----w- C:\Combo-Fix
2009-10-24 16:44 . 2009-10-24 16:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2009-10-24 16:27 . 2009-10-24 16:28 17212912 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-24 16:27 . 2009-10-24 16:27 8406648 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-24 16:26 . 2009-10-24 16:26 10309448 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-24 16:25 . 2009-10-24 16:25 64000 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-24 16:25 . 2009-10-24 16:25 52288 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 50688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 114688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-24 16:10 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\Real
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Thinstall
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2009-10-22 08:45 . 2009-10-22 08:45 -------- d-----w- c:\program files\Audacity
2009-10-22 08:17 . 2009-10-22 08:18 -------- d-----w- C:\Converted Audio Files
2009-10-22 08:16 . 2009-10-22 08:17 -------- d-----w- c:\program files\Acoustica MP3 To Wave Converter PLUS
2009-10-22 08:04 . 2009-10-22 08:04 -------- d-----w- c:\documents and settings\Administrator\dwhelper
2009-10-21 16:27 . 2009-10-21 16:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nik Software
2009-10-21 16:19 . 2008-11-26 10:12 227840 ----a-w- c:\windows\system32\Deco_32.dll
2009-10-21 16:18 . 2008-11-26 10:12 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-10-21 16:16 . 2009-10-21 16:16 -------- d-----w- c:\windows\MSSecurityNS
2009-10-21 16:15 . 2009-10-21 16:15 -------- d-----w- c:\windows\MSSecurityNi
2009-10-20 22:25 . 2009-10-20 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:06 . 2009-10-20 20:06 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-10-20 20:06 . 2009-10-20 20:06 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-10-20 20:06 . 2009-10-20 20:06 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-10-20 20:03 . 2009-10-20 20:03 -------- d-----w- c:\program files\directx
2009-10-20 19:57 . 2009-10-20 19:57 -------- d-----w- C:\Sierra
2009-10-20 18:16 . 2009-10-20 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-20 18:16 . 2009-11-15 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 20:54 . 2009-10-13 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-11-18 15:32 . 2009-10-13 16:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-17 18:06 . 2009-10-02 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 18:46 . 2009-10-12 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\365dni
2009-11-13 11:08 . 2009-10-11 09:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-11 16:55 . 2009-10-04 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-11 15:08 . 2009-10-11 09:30 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 15:08 . 2009-10-11 08:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-11 13:49 . 2009-10-11 09:20 -------- d-----w- c:\program files\Your Uninstaller
2009-11-11 01:46 . 2009-11-11 01:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-11 01:41 . 2009-11-11 01:38 -------- d-----w- c:\program files\Winamp
2009-11-03 22:21 . 2009-10-03 08:26 -------- d-----w- c:\program files\Java
2009-10-30 10:57 . 2009-10-03 09:04 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-26 18:27 . 2009-10-03 09:06 19880 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-26 17:38 . 2009-10-03 22:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-24 19:37 . 2009-10-18 13:38 -------- d-----w- c:\program files\AskBarDis
2009-10-24 07:28 . 2009-10-19 20:51 -------- d-----w- c:\program files\WAS
2009-10-21 16:15 . 2009-10-21 16:15 2004 ----a-w- c:\windows\Registration\e10f24f0-652e-11dd-ad8b-0800200c9a66.dll
2009-10-18 15:18 . 2009-10-13 15:57 -------- d-----r- c:\program files\Skype
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\program files\Foxit Software
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-10-18 13:05 . 2009-10-18 13:04 -------- d-----w- c:\program files\Fox Audio Recorder
2009-10-18 10:01 . 2009-10-10 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-10-17 22:28 . 2009-10-17 22:28 -------- d-----w- c:\program files\Intel
2009-10-17 18:05 . 2009-10-17 18:05 -------- d-----w- c:\program files\IrfanView
2009-10-13 18:29 . 2009-10-13 18:29 -------- d-----w- c:\program files\mms
2009-10-13 16:05 . 2009-10-13 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-13 15:58 . 2009-10-13 15:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-13 15:57 . 2009-10-13 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 14:19 . 2009-10-13 14:18 4980306 ----a-w- c:\windows\REGBK00.ZIP
2009-10-13 13:51 . 2009-10-13 13:51 -------- d-----w- c:\program files\CCleaner
2009-10-12 19:35 . 2009-10-12 19:35 -------- d-----w- c:\program files\365dn?NET
2009-10-12 19:28 . 2009-10-12 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\365dni
2009-10-12 11:08 . 2009-10-12 11:08 -------- d-----w- c:\program files\MWSnap
2009-10-11 09:06 . 2009-10-11 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-11 03:17 . 2009-10-03 08:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 18:41 . 2009-10-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\RapidSolution
2009-10-10 18:39 . 2009-10-10 18:39 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-10-10 15:48 . 2009-10-10 15:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sierra
2009-10-07 23:43 . 2009-10-07 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 18:04 . 2009-10-06 18:03 -------- d-----w- c:\program files\QuickTime
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Apple Software Update
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-06 14:40 . 2009-10-02 08:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-06 14:40 . 2009-10-02 08:40 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-10-04 17:02 . 2009-10-04 17:02 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 13:38 . 2009-10-04 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Alien Skin
2009-10-04 13:36 . 2009-10-04 13:36 -------- d-----w- c:\program files\Alien Skin
2009-10-04 11:25 . 2009-10-04 11:25 -------- d-----w- c:\program files\Common Files\NSV
2009-10-04 11:02 . 2009-10-04 10:58 -------- d-----w- c:\program files\Speed Video Splitter
2009-10-04 10:40 . 2009-10-04 10:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\GeoVid
2009-10-04 10:36 . 2009-10-04 10:36 -------- d-----w- c:\program files\Common Files\GeoVid
2009-10-04 10:34 . 2009-10-04 10:34 -------- d-----w- c:\program files\GeoVid
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\MSBuild
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\Reference Assemblies
2009-10-04 00:37 . 2009-10-04 00:37 -------- d-----w- c:\program files\MSXML 6.0
2009-10-03 23:03 . 2009-10-03 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-03 22:41 . 2009-10-03 22:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-03 22:09 . 2009-10-03 22:09 -------- d-----w- c:\program files\Archiving
2009-10-03 11:15 . 2009-10-02 08:41 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-10-03 10:45 . 2009-10-03 10:45 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\FlashGot.exe
2009-10-03 09:06 . 2009-10-03 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-10-03 09:04 . 2009-10-03 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-03 08:26 . 2009-10-03 08:26 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-02 10:43 . 2009-10-02 10:42 -------- d-----w- c:\program files\QIP Infium
2009-10-02 10:00 . 2009-10-02 10:00 -------- d-----w- c:\program files\Microsoft Works
2009-10-02 09:19 . 2009-10-02 09:19 -------- d-----w- c:\program files\ASUSTeK
2009-10-02 09:16 . 2009-10-02 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-02 09:13 . 2009-10-02 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-02 09:12 . 2009-10-02 09:12 -------- d-----w- c:\program files\ASUS
2009-10-02 09:09 . 2009-10-02 09:09 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 09:08 . 2009-10-02 09:03 -------- d-----w- c:\program files\Realtek
2009-10-02 09:05 . 2009-10-02 09:05 -------- d-----w- c:\program files\Analog Devices
2009-10-02 08:41 . 2009-10-02 08:41 -------- d-----w- c:\program files\microsoft frontpage
2009-10-02 08:38 . 2009-10-02 08:38 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-29 12:05 . 2009-09-29 12:05 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-09-29 12:02 . 2009-09-29 12:02 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-29 11:56 . 2009-09-29 11:56 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 14:12 . 2009-10-11 08:43 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-10-11 08:43 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-10-11 08:43 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-10-11 08:43 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 14:12 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2005-12-14 06:51 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2005-12-14 06:51 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2005-12-14 06:51 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2005-12-14 06:51 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-24 07:24 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-11 14:18 . 2004-08-04 04:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 04:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-04 04:56 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 10:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-11 3055616]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-12 2001648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-24 198160]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.11.2009 15:28 142592]
R2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 11:00 277504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-365dnk - (no file)
AddRemove-365dnk6.0.7 - c:\windows\365dnk\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 00:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
- - - - - - - > 'explorer.exe'(3620)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\SYSTEM32\astsrv.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-11-19 00:35 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-18 23:35
Pre-Run: 124 489 027 584 bytes free
Post-Run: 125 284 782 080 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 75BC6DE26B12291471CC04A03DB729EE
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.511.108 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988\Desktop.ini
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988\wnzip32.exe
c:\recycler\S-1-5-21-9817978872-4228745943-561314372-5514
.
((((((((((((((((((((((((( Files Created from 2009-10-18 to 2009-11-18 )))))))))))))))))))))))))))))))
.
2009-11-18 22:22 . 2009-11-18 22:22 -------- d-----w- c:\program files\trend micro
2009-11-18 11:25 . 2009-11-18 11:26 5237930 ----a-w- c:\windows\REGBK02.ZIP
2009-11-18 10:33 . 2009-11-18 10:33 208384 ----a-w- C:\gfrgdv.exe
2009-11-18 10:33 . 2009-11-18 10:33 38912 ----a-w- C:\hqcqje.exe
2009-11-18 10:33 . 2009-11-18 10:33 38912 ----a-w- C:\iqnafa.exe
2009-11-18 10:33 . 2009-11-18 10:33 93696 ----a-w- C:\xqwhd.exe
2009-11-18 10:31 . 2005-06-02 16:57 335872 ----a-w- c:\windows\system32\NCTAudioDTMFSignals3.dll
2009-11-18 10:31 . 2005-06-02 16:54 331776 ----a-w- c:\windows\system32\NCTTextToAudio3.dll
2009-11-18 10:30 . 2005-06-02 15:54 331776 ----a-w- c:\windows\system32\NCTAudioPlayer3.dll
2009-11-18 10:30 . 2005-06-02 02:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-11-18 10:30 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-11-18 10:30 . 2005-02-25 05:21 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-11-18 10:30 . 2005-04-16 02:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-11-18 10:30 . 2005-03-29 05:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-11-18 10:30 . 2005-03-29 05:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2009-11-18 10:30 . 2007-10-12 08:09 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-11-18 10:30 . 2002-01-06 04:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-11-18 10:30 . 2009-11-18 10:32 -------- d-----w- c:\program files\Audio Editor Gold
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-14 20:31 . 2009-11-14 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2009-11-14 17:32 . 2009-11-14 17:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-13 13:47 . 2009-11-13 13:47 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-13 13:46 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-13 13:46 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-13 13:46 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 14:48 . 2009-11-18 12:30 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 65024 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-11-11 14:47 . 2009-11-11 14:47 5120 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-11-11 14:47 . 2009-11-11 14:47 18944 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-11-11 14:47 . 2009-11-12 07:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-11 14:28 . 2009-11-11 14:28 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-11 14:28 . 2009-11-11 14:28 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-11 14:28 . 2009-11-11 14:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-11 14:28 . 2009-11-18 12:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\program files\Spyware Terminator
2009-11-03 22:20 . 2009-11-03 22:20 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 08:56 . 2009-11-03 08:56 -------- d-----w- c:\program files\ESET
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\DivX
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_E9E3E8815ADBA390949375.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_6FEFF9B68218417F98F549.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_0276E7E570CBB4EA97FB0F.exe
2009-11-02 13:44 . 2009-11-02 13:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\program files\Readon Technology
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut3_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut1_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\ARPPRODUCTICON.exe
2009-11-02 12:10 . 2009-11-13 11:10 -------- d-----w- c:\program files\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- c:\windows\system32\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Saved Files
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Recorded Files
2009-10-31 18:09 . 2009-10-31 18:09 -------- d-----w- c:\program files\uTorrent
2009-10-31 18:08 . 2009-11-15 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-10-30 10:59 . 2000-09-06 09:20 97280 ----a-w- c:\windows\system32\ekfpixjpeg.dll
2009-10-30 10:59 . 2000-09-06 09:20 68096 ----a-w- c:\windows\system32\ekfpixpsets.dll
2009-10-30 10:59 . 2000-09-06 09:20 4608 ----a-w- c:\windows\system32\ekfpixguid.dll
2009-10-30 10:59 . 2000-09-06 09:20 446976 ----a-w- c:\windows\system32\ekfpixio130.dll
2009-10-30 10:59 . 2000-09-06 09:20 43520 ----a-w- c:\windows\system32\ekfpixaudio.dll
2009-10-30 10:59 . 2000-09-06 09:20 138240 ----a-w- c:\windows\system32\ekfpixexif.dll
2009-10-30 10:59 . 2000-09-06 09:20 230400 ----a-w- c:\windows\system32\DC265.dll
2009-10-30 10:59 . 2000-09-06 09:20 6688 ----a-w- c:\windows\system32\Digita.sys
2009-10-30 10:59 . 2000-09-06 09:20 45568 ----a-w- c:\windows\system32\DC210.dll
2009-10-30 10:59 . 2000-09-06 09:20 32768 ----a-w- c:\windows\system32\F210.dll
2009-10-30 10:59 . 2000-09-06 09:20 110592 ----a-w- c:\windows\system32\DC240.dll
2009-10-30 10:58 . 2000-09-06 09:20 317952 ----a-w- c:\windows\system32\Roboex32.dll
2009-10-30 10:58 . 2000-09-06 09:20 335872 ----a-w- c:\windows\system32\ldf252.dll
2009-10-30 10:58 . 2000-09-06 09:20 126976 ----a-w- c:\windows\system32\lwf214p.dll
2009-10-30 10:58 . 2000-09-06 09:20 7168 ----a-w- c:\windows\system32\Jgme500.dll
2009-10-30 10:58 . 2000-09-06 09:20 15872 ----a-w- c:\windows\system32\Jgpl500.dll
2009-10-30 10:58 . 2000-09-06 09:20 144896 ----a-w- c:\windows\system32\Jgdw500.dll
2009-10-30 10:58 . 2000-09-06 09:20 13312 ----a-w- c:\windows\system32\Jgst500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgid500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgar500.dll
2009-10-30 10:58 . 2009-10-30 10:58 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:10 . 2009-10-28 15:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 15:10 . 2009-10-28 15:13 -------- d-----w- c:\program files\FLVPlayer4Free
2009-10-26 14:38 . 2009-10-26 14:38 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-24 19:30 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-24 19:29 . 2009-10-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-24 19:29 . 2009-10-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-24 19:29 . 2009-10-24 19:29 -------- d-----w- c:\program files\Real
2009-10-24 18:46 . 2009-10-24 18:47 5076770 ----a-w- c:\windows\REGBK01.ZIP
2009-10-24 17:38 . 2009-10-24 17:49 -------- d-----w- C:\Combo-Fix
2009-10-24 16:44 . 2009-10-24 16:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2009-10-24 16:27 . 2009-10-24 16:28 17212912 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-24 16:27 . 2009-10-24 16:27 8406648 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-24 16:26 . 2009-10-24 16:26 10309448 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-24 16:25 . 2009-10-24 16:25 64000 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-24 16:25 . 2009-10-24 16:25 52288 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 50688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 114688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-24 16:10 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\Real
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Thinstall
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2009-10-22 08:45 . 2009-10-22 08:45 -------- d-----w- c:\program files\Audacity
2009-10-22 08:17 . 2009-10-22 08:18 -------- d-----w- C:\Converted Audio Files
2009-10-22 08:16 . 2009-10-22 08:17 -------- d-----w- c:\program files\Acoustica MP3 To Wave Converter PLUS
2009-10-22 08:04 . 2009-10-22 08:04 -------- d-----w- c:\documents and settings\Administrator\dwhelper
2009-10-21 16:27 . 2009-10-21 16:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nik Software
2009-10-21 16:19 . 2008-11-26 10:12 227840 ----a-w- c:\windows\system32\Deco_32.dll
2009-10-21 16:18 . 2008-11-26 10:12 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-10-21 16:16 . 2009-10-21 16:16 -------- d-----w- c:\windows\MSSecurityNS
2009-10-21 16:15 . 2009-10-21 16:15 -------- d-----w- c:\windows\MSSecurityNi
2009-10-20 22:25 . 2009-10-20 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:06 . 2009-10-20 20:06 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-10-20 20:06 . 2009-10-20 20:06 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-10-20 20:06 . 2009-10-20 20:06 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-10-20 20:03 . 2009-10-20 20:03 -------- d-----w- c:\program files\directx
2009-10-20 19:57 . 2009-10-20 19:57 -------- d-----w- C:\Sierra
2009-10-20 18:16 . 2009-10-20 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-20 18:16 . 2009-11-15 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 20:54 . 2009-10-13 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-11-18 15:32 . 2009-10-13 16:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-17 18:06 . 2009-10-02 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 18:46 . 2009-10-12 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\365dni
2009-11-13 11:08 . 2009-10-11 09:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-11 16:55 . 2009-10-04 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-11 15:08 . 2009-10-11 09:30 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 15:08 . 2009-10-11 08:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-11 13:49 . 2009-10-11 09:20 -------- d-----w- c:\program files\Your Uninstaller
2009-11-11 01:46 . 2009-11-11 01:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-11 01:41 . 2009-11-11 01:38 -------- d-----w- c:\program files\Winamp
2009-11-03 22:21 . 2009-10-03 08:26 -------- d-----w- c:\program files\Java
2009-10-30 10:57 . 2009-10-03 09:04 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-26 18:27 . 2009-10-03 09:06 19880 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-26 17:38 . 2009-10-03 22:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-24 19:37 . 2009-10-18 13:38 -------- d-----w- c:\program files\AskBarDis
2009-10-24 07:28 . 2009-10-19 20:51 -------- d-----w- c:\program files\WAS
2009-10-21 16:15 . 2009-10-21 16:15 2004 ----a-w- c:\windows\Registration\e10f24f0-652e-11dd-ad8b-0800200c9a66.dll
2009-10-18 15:18 . 2009-10-13 15:57 -------- d-----r- c:\program files\Skype
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\program files\Foxit Software
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-10-18 13:05 . 2009-10-18 13:04 -------- d-----w- c:\program files\Fox Audio Recorder
2009-10-18 10:01 . 2009-10-10 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-10-17 22:28 . 2009-10-17 22:28 -------- d-----w- c:\program files\Intel
2009-10-17 18:05 . 2009-10-17 18:05 -------- d-----w- c:\program files\IrfanView
2009-10-13 18:29 . 2009-10-13 18:29 -------- d-----w- c:\program files\mms
2009-10-13 16:05 . 2009-10-13 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-13 15:58 . 2009-10-13 15:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-13 15:57 . 2009-10-13 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 14:19 . 2009-10-13 14:18 4980306 ----a-w- c:\windows\REGBK00.ZIP
2009-10-13 13:51 . 2009-10-13 13:51 -------- d-----w- c:\program files\CCleaner
2009-10-12 19:35 . 2009-10-12 19:35 -------- d-----w- c:\program files\365dn?NET
2009-10-12 19:28 . 2009-10-12 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\365dni
2009-10-12 11:08 . 2009-10-12 11:08 -------- d-----w- c:\program files\MWSnap
2009-10-11 09:06 . 2009-10-11 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-11 03:17 . 2009-10-03 08:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 18:41 . 2009-10-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\RapidSolution
2009-10-10 18:39 . 2009-10-10 18:39 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-10-10 15:48 . 2009-10-10 15:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sierra
2009-10-07 23:43 . 2009-10-07 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 18:04 . 2009-10-06 18:03 -------- d-----w- c:\program files\QuickTime
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Apple Software Update
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-06 14:40 . 2009-10-02 08:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-06 14:40 . 2009-10-02 08:40 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-10-04 17:02 . 2009-10-04 17:02 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 13:38 . 2009-10-04 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Alien Skin
2009-10-04 13:36 . 2009-10-04 13:36 -------- d-----w- c:\program files\Alien Skin
2009-10-04 11:25 . 2009-10-04 11:25 -------- d-----w- c:\program files\Common Files\NSV
2009-10-04 11:02 . 2009-10-04 10:58 -------- d-----w- c:\program files\Speed Video Splitter
2009-10-04 10:40 . 2009-10-04 10:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\GeoVid
2009-10-04 10:36 . 2009-10-04 10:36 -------- d-----w- c:\program files\Common Files\GeoVid
2009-10-04 10:34 . 2009-10-04 10:34 -------- d-----w- c:\program files\GeoVid
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\MSBuild
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\Reference Assemblies
2009-10-04 00:37 . 2009-10-04 00:37 -------- d-----w- c:\program files\MSXML 6.0
2009-10-03 23:03 . 2009-10-03 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-03 22:41 . 2009-10-03 22:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-03 22:09 . 2009-10-03 22:09 -------- d-----w- c:\program files\Archiving
2009-10-03 11:15 . 2009-10-02 08:41 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-10-03 10:45 . 2009-10-03 10:45 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\FlashGot.exe
2009-10-03 09:06 . 2009-10-03 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-10-03 09:04 . 2009-10-03 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-03 08:26 . 2009-10-03 08:26 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-02 10:43 . 2009-10-02 10:42 -------- d-----w- c:\program files\QIP Infium
2009-10-02 10:00 . 2009-10-02 10:00 -------- d-----w- c:\program files\Microsoft Works
2009-10-02 09:19 . 2009-10-02 09:19 -------- d-----w- c:\program files\ASUSTeK
2009-10-02 09:16 . 2009-10-02 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-02 09:13 . 2009-10-02 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-02 09:12 . 2009-10-02 09:12 -------- d-----w- c:\program files\ASUS
2009-10-02 09:09 . 2009-10-02 09:09 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 09:08 . 2009-10-02 09:03 -------- d-----w- c:\program files\Realtek
2009-10-02 09:05 . 2009-10-02 09:05 -------- d-----w- c:\program files\Analog Devices
2009-10-02 08:41 . 2009-10-02 08:41 -------- d-----w- c:\program files\microsoft frontpage
2009-10-02 08:38 . 2009-10-02 08:38 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-29 12:05 . 2009-09-29 12:05 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-09-29 12:02 . 2009-09-29 12:02 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-29 11:56 . 2009-09-29 11:56 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 14:12 . 2009-10-11 08:43 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-10-11 08:43 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-10-11 08:43 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-10-11 08:43 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 14:12 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2005-12-14 06:51 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2005-12-14 06:51 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2005-12-14 06:51 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2005-12-14 06:51 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-24 07:24 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-11 14:18 . 2004-08-04 04:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 04:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-04 04:56 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 10:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-11 3055616]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-12 2001648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-24 198160]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.11.2009 15:28 142592]
R2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 11:00 277504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-365dnk - (no file)
AddRemove-365dnk6.0.7 - c:\windows\365dnk\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 00:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(680)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
- - - - - - - > 'explorer.exe'(3620)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\SYSTEM32\astsrv.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-11-19 00:35 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-18 23:35
Pre-Run: 124 489 027 584 bytes free
Post-Run: 125 284 782 080 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 75BC6DE26B12291471CC04A03DB729EE
Re: MWAV vyhadzuje chyby
Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
Collect::
C:\gfrgdv.exe
C:\hqcqje.exe
C:\iqnafa.exe
C:\xqwhd.exe
Registry::
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
Folder::
c:\program files\AskBarDis
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: MWAV vyhadzuje chyby
ComboFix 09-11-18.06 - Administrator 19.11.2009 8:47.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.511.251 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
file zipped: C:\gfrgdv.exe
file zipped: C:\hqcqje.exe
file zipped: C:\iqnafa.exe
file zipped: C:\xqwhd.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\gfrgdv.exe
C:\hqcqje.exe
C:\iqnafa.exe
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\01FA161B
c:\program files\AskBarDis\bar\Cache\01FA1ADD
c:\program files\AskBarDis\bar\Cache\01FA1F42.bin
c:\program files\AskBarDis\bar\Cache\01FA2127.bin
c:\program files\AskBarDis\bar\Cache\01FA250F.bin
c:\program files\AskBarDis\bar\Cache\01FA287A.bin
c:\program files\AskBarDis\bar\Cache\01FA2A00.bin
c:\program files\AskBarDis\bar\Cache\01FA2BF4.bin
c:\program files\AskBarDis\bar\Cache\01FA2DC9.bin
c:\program files\AskBarDis\bar\Cache\01FA2FBD.bin
c:\program files\AskBarDis\bar\Cache\01FA31A1.bin
c:\program files\AskBarDis\bar\Cache\01FA3403.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\PopSwatter\History\notallow
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
C:\xqwhd.exe
.
((((((((((((((((((((((((( Files Created from 2009-10-19 to 2009-11-19 )))))))))))))))))))))))))))))))
.
2009-11-18 22:22 . 2009-11-18 22:22 -------- d-----w- c:\program files\trend micro
2009-11-18 11:25 . 2009-11-18 11:26 5237930 ----a-w- c:\windows\REGBK02.ZIP
2009-11-18 10:31 . 2005-06-02 16:57 335872 ----a-w- c:\windows\system32\NCTAudioDTMFSignals3.dll
2009-11-18 10:31 . 2005-06-02 16:54 331776 ----a-w- c:\windows\system32\NCTTextToAudio3.dll
2009-11-18 10:30 . 2005-06-02 15:54 331776 ----a-w- c:\windows\system32\NCTAudioPlayer3.dll
2009-11-18 10:30 . 2005-06-02 02:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-11-18 10:30 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-11-18 10:30 . 2005-02-25 05:21 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-11-18 10:30 . 2005-04-16 02:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-11-18 10:30 . 2005-03-29 05:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-11-18 10:30 . 2005-03-29 05:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2009-11-18 10:30 . 2007-10-12 08:09 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-11-18 10:30 . 2002-01-06 04:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-11-18 10:30 . 2009-11-18 10:32 -------- d-----w- c:\program files\Audio Editor Gold
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-14 20:31 . 2009-11-14 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2009-11-14 17:32 . 2009-11-14 17:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-13 13:47 . 2009-11-13 13:47 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-13 13:46 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-13 13:46 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-13 13:46 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 14:48 . 2009-11-18 12:30 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 65024 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-11-11 14:47 . 2009-11-11 14:47 5120 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-11-11 14:47 . 2009-11-11 14:47 18944 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-11-11 14:47 . 2009-11-12 07:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-11 14:28 . 2009-11-11 14:28 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-11 14:28 . 2009-11-11 14:28 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-11 14:28 . 2009-11-11 14:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-11 14:28 . 2009-11-18 12:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\program files\Spyware Terminator
2009-11-03 22:20 . 2009-11-03 22:20 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 08:56 . 2009-11-03 08:56 -------- d-----w- c:\program files\ESET
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\DivX
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_E9E3E8815ADBA390949375.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_6FEFF9B68218417F98F549.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_0276E7E570CBB4EA97FB0F.exe
2009-11-02 13:44 . 2009-11-02 13:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\program files\Readon Technology
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut3_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut1_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\ARPPRODUCTICON.exe
2009-11-02 12:10 . 2009-11-13 11:10 -------- d-----w- c:\program files\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- c:\windows\system32\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Saved Files
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Recorded Files
2009-10-31 18:09 . 2009-10-31 18:09 -------- d-----w- c:\program files\uTorrent
2009-10-31 18:08 . 2009-11-15 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-10-30 10:59 . 2000-09-06 09:20 97280 ----a-w- c:\windows\system32\ekfpixjpeg.dll
2009-10-30 10:59 . 2000-09-06 09:20 68096 ----a-w- c:\windows\system32\ekfpixpsets.dll
2009-10-30 10:59 . 2000-09-06 09:20 4608 ----a-w- c:\windows\system32\ekfpixguid.dll
2009-10-30 10:59 . 2000-09-06 09:20 446976 ----a-w- c:\windows\system32\ekfpixio130.dll
2009-10-30 10:59 . 2000-09-06 09:20 43520 ----a-w- c:\windows\system32\ekfpixaudio.dll
2009-10-30 10:59 . 2000-09-06 09:20 138240 ----a-w- c:\windows\system32\ekfpixexif.dll
2009-10-30 10:59 . 2000-09-06 09:20 230400 ----a-w- c:\windows\system32\DC265.dll
2009-10-30 10:59 . 2000-09-06 09:20 6688 ----a-w- c:\windows\system32\Digita.sys
2009-10-30 10:59 . 2000-09-06 09:20 45568 ----a-w- c:\windows\system32\DC210.dll
2009-10-30 10:59 . 2000-09-06 09:20 32768 ----a-w- c:\windows\system32\F210.dll
2009-10-30 10:59 . 2000-09-06 09:20 110592 ----a-w- c:\windows\system32\DC240.dll
2009-10-30 10:58 . 2000-09-06 09:20 317952 ----a-w- c:\windows\system32\Roboex32.dll
2009-10-30 10:58 . 2000-09-06 09:20 335872 ----a-w- c:\windows\system32\ldf252.dll
2009-10-30 10:58 . 2000-09-06 09:20 126976 ----a-w- c:\windows\system32\lwf214p.dll
2009-10-30 10:58 . 2000-09-06 09:20 7168 ----a-w- c:\windows\system32\Jgme500.dll
2009-10-30 10:58 . 2000-09-06 09:20 15872 ----a-w- c:\windows\system32\Jgpl500.dll
2009-10-30 10:58 . 2000-09-06 09:20 144896 ----a-w- c:\windows\system32\Jgdw500.dll
2009-10-30 10:58 . 2000-09-06 09:20 13312 ----a-w- c:\windows\system32\Jgst500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgid500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgar500.dll
2009-10-30 10:58 . 2009-10-30 10:58 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:10 . 2009-10-28 15:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 15:10 . 2009-10-28 15:13 -------- d-----w- c:\program files\FLVPlayer4Free
2009-10-26 14:38 . 2009-10-26 14:38 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-24 19:30 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-24 19:29 . 2009-10-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-24 19:29 . 2009-10-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-24 19:29 . 2009-10-24 19:29 -------- d-----w- c:\program files\Real
2009-10-24 18:46 . 2009-10-24 18:47 5076770 ----a-w- c:\windows\REGBK01.ZIP
2009-10-24 17:38 . 2009-10-24 17:49 -------- d-----w- C:\Combo-Fix
2009-10-24 16:44 . 2009-10-24 16:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2009-10-24 16:27 . 2009-10-24 16:28 17212912 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-24 16:27 . 2009-10-24 16:27 8406648 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-24 16:26 . 2009-10-24 16:26 10309448 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-24 16:25 . 2009-10-24 16:25 64000 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-24 16:25 . 2009-10-24 16:25 52288 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 50688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 114688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-24 16:10 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\Real
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Thinstall
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2009-10-22 08:45 . 2009-10-22 08:45 -------- d-----w- c:\program files\Audacity
2009-10-22 08:17 . 2009-10-22 08:18 -------- d-----w- C:\Converted Audio Files
2009-10-22 08:16 . 2009-10-22 08:17 -------- d-----w- c:\program files\Acoustica MP3 To Wave Converter PLUS
2009-10-22 08:04 . 2009-10-22 08:04 -------- d-----w- c:\documents and settings\Administrator\dwhelper
2009-10-21 16:27 . 2009-10-21 16:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nik Software
2009-10-21 16:19 . 2008-11-26 10:12 227840 ----a-w- c:\windows\system32\Deco_32.dll
2009-10-21 16:18 . 2008-11-26 10:12 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-10-21 16:16 . 2009-10-21 16:16 -------- d-----w- c:\windows\MSSecurityNS
2009-10-21 16:15 . 2009-10-21 16:15 -------- d-----w- c:\windows\MSSecurityNi
2009-10-20 22:25 . 2009-10-20 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:06 . 2009-10-20 20:06 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-10-20 20:06 . 2009-10-20 20:06 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-10-20 20:06 . 2009-10-20 20:06 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-10-20 20:03 . 2009-10-20 20:03 -------- d-----w- c:\program files\directx
2009-10-20 19:57 . 2009-10-20 19:57 -------- d-----w- C:\Sierra
2009-10-20 18:16 . 2009-10-20 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-20 18:16 . 2009-11-15 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 20:54 . 2009-10-13 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-11-18 15:32 . 2009-10-13 16:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-17 18:06 . 2009-10-02 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 18:46 . 2009-10-12 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\365dni
2009-11-13 11:08 . 2009-10-11 09:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-11 16:55 . 2009-10-04 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-11 15:08 . 2009-10-11 09:30 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 15:08 . 2009-10-11 08:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-11 13:49 . 2009-10-11 09:20 -------- d-----w- c:\program files\Your Uninstaller
2009-11-11 01:46 . 2009-11-11 01:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-11 01:41 . 2009-11-11 01:38 -------- d-----w- c:\program files\Winamp
2009-11-03 22:21 . 2009-10-03 08:26 -------- d-----w- c:\program files\Java
2009-10-30 10:57 . 2009-10-03 09:04 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-26 18:27 . 2009-10-03 09:06 19880 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-26 17:38 . 2009-10-03 22:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-24 07:28 . 2009-10-19 20:51 -------- d-----w- c:\program files\WAS
2009-10-21 16:15 . 2009-10-21 16:15 2004 ----a-w- c:\windows\Registration\e10f24f0-652e-11dd-ad8b-0800200c9a66.dll
2009-10-18 15:18 . 2009-10-13 15:57 -------- d-----r- c:\program files\Skype
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\program files\Foxit Software
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-10-18 13:05 . 2009-10-18 13:04 -------- d-----w- c:\program files\Fox Audio Recorder
2009-10-18 10:01 . 2009-10-10 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-10-17 22:28 . 2009-10-17 22:28 -------- d-----w- c:\program files\Intel
2009-10-17 18:05 . 2009-10-17 18:05 -------- d-----w- c:\program files\IrfanView
2009-10-13 18:29 . 2009-10-13 18:29 -------- d-----w- c:\program files\mms
2009-10-13 16:05 . 2009-10-13 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-13 15:58 . 2009-10-13 15:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-13 15:57 . 2009-10-13 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 14:19 . 2009-10-13 14:18 4980306 ----a-w- c:\windows\REGBK00.ZIP
2009-10-13 13:51 . 2009-10-13 13:51 -------- d-----w- c:\program files\CCleaner
2009-10-12 19:35 . 2009-10-12 19:35 -------- d-----w- c:\program files\365dn?NET
2009-10-12 19:28 . 2009-10-12 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\365dni
2009-10-12 11:08 . 2009-10-12 11:08 -------- d-----w- c:\program files\MWSnap
2009-10-11 09:06 . 2009-10-11 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-11 03:17 . 2009-10-03 08:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 18:41 . 2009-10-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\RapidSolution
2009-10-10 18:39 . 2009-10-10 18:39 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-10-10 15:48 . 2009-10-10 15:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sierra
2009-10-07 23:43 . 2009-10-07 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 18:04 . 2009-10-06 18:03 -------- d-----w- c:\program files\QuickTime
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Apple Software Update
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-06 14:40 . 2009-10-02 08:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-06 14:40 . 2009-10-02 08:40 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-10-04 17:02 . 2009-10-04 17:02 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 13:38 . 2009-10-04 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Alien Skin
2009-10-04 13:36 . 2009-10-04 13:36 -------- d-----w- c:\program files\Alien Skin
2009-10-04 11:25 . 2009-10-04 11:25 -------- d-----w- c:\program files\Common Files\NSV
2009-10-04 11:02 . 2009-10-04 10:58 -------- d-----w- c:\program files\Speed Video Splitter
2009-10-04 10:40 . 2009-10-04 10:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\GeoVid
2009-10-04 10:36 . 2009-10-04 10:36 -------- d-----w- c:\program files\Common Files\GeoVid
2009-10-04 10:34 . 2009-10-04 10:34 -------- d-----w- c:\program files\GeoVid
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\MSBuild
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\Reference Assemblies
2009-10-04 00:37 . 2009-10-04 00:37 -------- d-----w- c:\program files\MSXML 6.0
2009-10-03 23:03 . 2009-10-03 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-03 22:41 . 2009-10-03 22:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-03 22:09 . 2009-10-03 22:09 -------- d-----w- c:\program files\Archiving
2009-10-03 11:15 . 2009-10-02 08:41 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-10-03 10:45 . 2009-10-03 10:45 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\FlashGot.exe
2009-10-03 09:06 . 2009-10-03 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-10-03 09:04 . 2009-10-03 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-03 08:26 . 2009-10-03 08:26 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-02 10:43 . 2009-10-02 10:42 -------- d-----w- c:\program files\QIP Infium
2009-10-02 10:00 . 2009-10-02 10:00 -------- d-----w- c:\program files\Microsoft Works
2009-10-02 09:19 . 2009-10-02 09:19 -------- d-----w- c:\program files\ASUSTeK
2009-10-02 09:16 . 2009-10-02 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-02 09:13 . 2009-10-02 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-02 09:12 . 2009-10-02 09:12 -------- d-----w- c:\program files\ASUS
2009-10-02 09:09 . 2009-10-02 09:09 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 09:08 . 2009-10-02 09:03 -------- d-----w- c:\program files\Realtek
2009-10-02 09:05 . 2009-10-02 09:05 -------- d-----w- c:\program files\Analog Devices
2009-10-02 08:41 . 2009-10-02 08:41 -------- d-----w- c:\program files\microsoft frontpage
2009-10-02 08:38 . 2009-10-02 08:38 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-29 12:05 . 2009-09-29 12:05 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-09-29 12:02 . 2009-09-29 12:02 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-29 11:56 . 2009-09-29 11:56 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 14:12 . 2009-10-11 08:43 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-10-11 08:43 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-10-11 08:43 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-10-11 08:43 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 14:12 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2005-12-14 06:51 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2005-12-14 06:51 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2005-12-14 06:51 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2005-12-14 06:51 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-24 07:24 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-11 14:18 . 2004-08-04 04:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 04:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-04 04:56 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-04 04:56 17408 ------w- c:\windows\system32\corpol.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-11-18_23.28.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-19 07:37 . 2009-11-19 07:37 16384 c:\windows\temp\Perflib_Perfdata_69c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-11 3055616]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-12 2001648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-24 198160]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"365dnk"="" [BU]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.11.2009 15:28 142592]
R2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 11:00 277504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
AddRemove-365dnk6.0.7 - c:\windows\365dnk\uninstall.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 08:58
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(676)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2009-11-19 09:01
ComboFix-quarantined-files.txt 2009-11-19 08:01
ComboFix2.txt 2009-11-18 23:35
Pre-Run: 125 287 759 872 bytes free
Post-Run: 125 253 029 888 bytes free
- - End Of File - - A64D6811D2C3EA4D8905002C48B9E829
Upload was successful
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.511.251 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
file zipped: C:\gfrgdv.exe
file zipped: C:\hqcqje.exe
file zipped: C:\iqnafa.exe
file zipped: C:\xqwhd.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\gfrgdv.exe
C:\hqcqje.exe
C:\iqnafa.exe
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\01FA161B
c:\program files\AskBarDis\bar\Cache\01FA1ADD
c:\program files\AskBarDis\bar\Cache\01FA1F42.bin
c:\program files\AskBarDis\bar\Cache\01FA2127.bin
c:\program files\AskBarDis\bar\Cache\01FA250F.bin
c:\program files\AskBarDis\bar\Cache\01FA287A.bin
c:\program files\AskBarDis\bar\Cache\01FA2A00.bin
c:\program files\AskBarDis\bar\Cache\01FA2BF4.bin
c:\program files\AskBarDis\bar\Cache\01FA2DC9.bin
c:\program files\AskBarDis\bar\Cache\01FA2FBD.bin
c:\program files\AskBarDis\bar\Cache\01FA31A1.bin
c:\program files\AskBarDis\bar\Cache\01FA3403.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\PopSwatter\History\notallow
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
C:\xqwhd.exe
.
((((((((((((((((((((((((( Files Created from 2009-10-19 to 2009-11-19 )))))))))))))))))))))))))))))))
.
2009-11-18 22:22 . 2009-11-18 22:22 -------- d-----w- c:\program files\trend micro
2009-11-18 11:25 . 2009-11-18 11:26 5237930 ----a-w- c:\windows\REGBK02.ZIP
2009-11-18 10:31 . 2005-06-02 16:57 335872 ----a-w- c:\windows\system32\NCTAudioDTMFSignals3.dll
2009-11-18 10:31 . 2005-06-02 16:54 331776 ----a-w- c:\windows\system32\NCTTextToAudio3.dll
2009-11-18 10:30 . 2005-06-02 15:54 331776 ----a-w- c:\windows\system32\NCTAudioPlayer3.dll
2009-11-18 10:30 . 2005-06-02 02:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-11-18 10:30 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-11-18 10:30 . 2005-02-25 05:21 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-11-18 10:30 . 2005-04-16 02:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-11-18 10:30 . 2005-03-29 05:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-11-18 10:30 . 2005-03-29 05:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2009-11-18 10:30 . 2007-10-12 08:09 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-11-18 10:30 . 2002-01-06 04:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-11-18 10:30 . 2009-11-18 10:32 -------- d-----w- c:\program files\Audio Editor Gold
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-14 20:31 . 2009-11-14 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2009-11-14 17:32 . 2009-11-14 17:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-13 13:47 . 2009-11-13 13:47 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-13 13:46 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-13 13:46 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-13 13:46 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 14:48 . 2009-11-18 12:30 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 65024 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-11-11 14:47 . 2009-11-11 14:47 5120 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-11-11 14:47 . 2009-11-11 14:47 18944 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-11-11 14:47 . 2009-11-12 07:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-11 14:28 . 2009-11-11 14:28 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-11 14:28 . 2009-11-11 14:28 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-11 14:28 . 2009-11-11 14:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-11 14:28 . 2009-11-18 12:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\program files\Spyware Terminator
2009-11-03 22:20 . 2009-11-03 22:20 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 08:56 . 2009-11-03 08:56 -------- d-----w- c:\program files\ESET
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\DivX
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_E9E3E8815ADBA390949375.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_6FEFF9B68218417F98F549.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_0276E7E570CBB4EA97FB0F.exe
2009-11-02 13:44 . 2009-11-02 13:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\program files\Readon Technology
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut3_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut1_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\ARPPRODUCTICON.exe
2009-11-02 12:10 . 2009-11-13 11:10 -------- d-----w- c:\program files\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- c:\windows\system32\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Saved Files
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Recorded Files
2009-10-31 18:09 . 2009-10-31 18:09 -------- d-----w- c:\program files\uTorrent
2009-10-31 18:08 . 2009-11-15 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-10-30 10:59 . 2000-09-06 09:20 97280 ----a-w- c:\windows\system32\ekfpixjpeg.dll
2009-10-30 10:59 . 2000-09-06 09:20 68096 ----a-w- c:\windows\system32\ekfpixpsets.dll
2009-10-30 10:59 . 2000-09-06 09:20 4608 ----a-w- c:\windows\system32\ekfpixguid.dll
2009-10-30 10:59 . 2000-09-06 09:20 446976 ----a-w- c:\windows\system32\ekfpixio130.dll
2009-10-30 10:59 . 2000-09-06 09:20 43520 ----a-w- c:\windows\system32\ekfpixaudio.dll
2009-10-30 10:59 . 2000-09-06 09:20 138240 ----a-w- c:\windows\system32\ekfpixexif.dll
2009-10-30 10:59 . 2000-09-06 09:20 230400 ----a-w- c:\windows\system32\DC265.dll
2009-10-30 10:59 . 2000-09-06 09:20 6688 ----a-w- c:\windows\system32\Digita.sys
2009-10-30 10:59 . 2000-09-06 09:20 45568 ----a-w- c:\windows\system32\DC210.dll
2009-10-30 10:59 . 2000-09-06 09:20 32768 ----a-w- c:\windows\system32\F210.dll
2009-10-30 10:59 . 2000-09-06 09:20 110592 ----a-w- c:\windows\system32\DC240.dll
2009-10-30 10:58 . 2000-09-06 09:20 317952 ----a-w- c:\windows\system32\Roboex32.dll
2009-10-30 10:58 . 2000-09-06 09:20 335872 ----a-w- c:\windows\system32\ldf252.dll
2009-10-30 10:58 . 2000-09-06 09:20 126976 ----a-w- c:\windows\system32\lwf214p.dll
2009-10-30 10:58 . 2000-09-06 09:20 7168 ----a-w- c:\windows\system32\Jgme500.dll
2009-10-30 10:58 . 2000-09-06 09:20 15872 ----a-w- c:\windows\system32\Jgpl500.dll
2009-10-30 10:58 . 2000-09-06 09:20 144896 ----a-w- c:\windows\system32\Jgdw500.dll
2009-10-30 10:58 . 2000-09-06 09:20 13312 ----a-w- c:\windows\system32\Jgst500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgid500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgar500.dll
2009-10-30 10:58 . 2009-10-30 10:58 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:10 . 2009-10-28 15:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 15:10 . 2009-10-28 15:13 -------- d-----w- c:\program files\FLVPlayer4Free
2009-10-26 14:38 . 2009-10-26 14:38 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-24 19:30 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-24 19:29 . 2009-10-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-24 19:29 . 2009-10-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-24 19:29 . 2009-10-24 19:29 -------- d-----w- c:\program files\Real
2009-10-24 18:46 . 2009-10-24 18:47 5076770 ----a-w- c:\windows\REGBK01.ZIP
2009-10-24 17:38 . 2009-10-24 17:49 -------- d-----w- C:\Combo-Fix
2009-10-24 16:44 . 2009-10-24 16:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2009-10-24 16:27 . 2009-10-24 16:28 17212912 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-24 16:27 . 2009-10-24 16:27 8406648 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-24 16:26 . 2009-10-24 16:26 10309448 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-24 16:25 . 2009-10-24 16:25 64000 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-24 16:25 . 2009-10-24 16:25 52288 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 50688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 114688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-24 16:10 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\Real
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Thinstall
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2009-10-22 08:45 . 2009-10-22 08:45 -------- d-----w- c:\program files\Audacity
2009-10-22 08:17 . 2009-10-22 08:18 -------- d-----w- C:\Converted Audio Files
2009-10-22 08:16 . 2009-10-22 08:17 -------- d-----w- c:\program files\Acoustica MP3 To Wave Converter PLUS
2009-10-22 08:04 . 2009-10-22 08:04 -------- d-----w- c:\documents and settings\Administrator\dwhelper
2009-10-21 16:27 . 2009-10-21 16:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nik Software
2009-10-21 16:19 . 2008-11-26 10:12 227840 ----a-w- c:\windows\system32\Deco_32.dll
2009-10-21 16:18 . 2008-11-26 10:12 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-10-21 16:16 . 2009-10-21 16:16 -------- d-----w- c:\windows\MSSecurityNS
2009-10-21 16:15 . 2009-10-21 16:15 -------- d-----w- c:\windows\MSSecurityNi
2009-10-20 22:25 . 2009-10-20 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:06 . 2009-10-20 20:06 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-10-20 20:06 . 2009-10-20 20:06 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-10-20 20:06 . 2009-10-20 20:06 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-10-20 20:03 . 2009-10-20 20:03 -------- d-----w- c:\program files\directx
2009-10-20 19:57 . 2009-10-20 19:57 -------- d-----w- C:\Sierra
2009-10-20 18:16 . 2009-10-20 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-20 18:16 . 2009-11-15 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 20:54 . 2009-10-13 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-11-18 15:32 . 2009-10-13 16:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-17 18:06 . 2009-10-02 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 18:46 . 2009-10-12 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\365dni
2009-11-13 11:08 . 2009-10-11 09:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-11 16:55 . 2009-10-04 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-11 15:08 . 2009-10-11 09:30 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 15:08 . 2009-10-11 08:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-11 13:49 . 2009-10-11 09:20 -------- d-----w- c:\program files\Your Uninstaller
2009-11-11 01:46 . 2009-11-11 01:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-11 01:41 . 2009-11-11 01:38 -------- d-----w- c:\program files\Winamp
2009-11-03 22:21 . 2009-10-03 08:26 -------- d-----w- c:\program files\Java
2009-10-30 10:57 . 2009-10-03 09:04 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-26 18:27 . 2009-10-03 09:06 19880 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-26 17:38 . 2009-10-03 22:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-24 07:28 . 2009-10-19 20:51 -------- d-----w- c:\program files\WAS
2009-10-21 16:15 . 2009-10-21 16:15 2004 ----a-w- c:\windows\Registration\e10f24f0-652e-11dd-ad8b-0800200c9a66.dll
2009-10-18 15:18 . 2009-10-13 15:57 -------- d-----r- c:\program files\Skype
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\program files\Foxit Software
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-10-18 13:05 . 2009-10-18 13:04 -------- d-----w- c:\program files\Fox Audio Recorder
2009-10-18 10:01 . 2009-10-10 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-10-17 22:28 . 2009-10-17 22:28 -------- d-----w- c:\program files\Intel
2009-10-17 18:05 . 2009-10-17 18:05 -------- d-----w- c:\program files\IrfanView
2009-10-13 18:29 . 2009-10-13 18:29 -------- d-----w- c:\program files\mms
2009-10-13 16:05 . 2009-10-13 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-13 15:58 . 2009-10-13 15:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-13 15:57 . 2009-10-13 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 14:19 . 2009-10-13 14:18 4980306 ----a-w- c:\windows\REGBK00.ZIP
2009-10-13 13:51 . 2009-10-13 13:51 -------- d-----w- c:\program files\CCleaner
2009-10-12 19:35 . 2009-10-12 19:35 -------- d-----w- c:\program files\365dn?NET
2009-10-12 19:28 . 2009-10-12 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\365dni
2009-10-12 11:08 . 2009-10-12 11:08 -------- d-----w- c:\program files\MWSnap
2009-10-11 09:06 . 2009-10-11 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-11 03:17 . 2009-10-03 08:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 18:41 . 2009-10-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\RapidSolution
2009-10-10 18:39 . 2009-10-10 18:39 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-10-10 15:48 . 2009-10-10 15:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sierra
2009-10-07 23:43 . 2009-10-07 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 18:04 . 2009-10-06 18:03 -------- d-----w- c:\program files\QuickTime
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Apple Software Update
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-06 14:40 . 2009-10-02 08:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-06 14:40 . 2009-10-02 08:40 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-10-04 17:02 . 2009-10-04 17:02 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 13:38 . 2009-10-04 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Alien Skin
2009-10-04 13:36 . 2009-10-04 13:36 -------- d-----w- c:\program files\Alien Skin
2009-10-04 11:25 . 2009-10-04 11:25 -------- d-----w- c:\program files\Common Files\NSV
2009-10-04 11:02 . 2009-10-04 10:58 -------- d-----w- c:\program files\Speed Video Splitter
2009-10-04 10:40 . 2009-10-04 10:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\GeoVid
2009-10-04 10:36 . 2009-10-04 10:36 -------- d-----w- c:\program files\Common Files\GeoVid
2009-10-04 10:34 . 2009-10-04 10:34 -------- d-----w- c:\program files\GeoVid
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\MSBuild
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\Reference Assemblies
2009-10-04 00:37 . 2009-10-04 00:37 -------- d-----w- c:\program files\MSXML 6.0
2009-10-03 23:03 . 2009-10-03 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-03 22:41 . 2009-10-03 22:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-03 22:09 . 2009-10-03 22:09 -------- d-----w- c:\program files\Archiving
2009-10-03 11:15 . 2009-10-02 08:41 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-10-03 10:45 . 2009-10-03 10:45 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\FlashGot.exe
2009-10-03 09:06 . 2009-10-03 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-10-03 09:04 . 2009-10-03 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-03 08:26 . 2009-10-03 08:26 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-02 10:43 . 2009-10-02 10:42 -------- d-----w- c:\program files\QIP Infium
2009-10-02 10:00 . 2009-10-02 10:00 -------- d-----w- c:\program files\Microsoft Works
2009-10-02 09:19 . 2009-10-02 09:19 -------- d-----w- c:\program files\ASUSTeK
2009-10-02 09:16 . 2009-10-02 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-02 09:13 . 2009-10-02 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-02 09:12 . 2009-10-02 09:12 -------- d-----w- c:\program files\ASUS
2009-10-02 09:09 . 2009-10-02 09:09 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 09:08 . 2009-10-02 09:03 -------- d-----w- c:\program files\Realtek
2009-10-02 09:05 . 2009-10-02 09:05 -------- d-----w- c:\program files\Analog Devices
2009-10-02 08:41 . 2009-10-02 08:41 -------- d-----w- c:\program files\microsoft frontpage
2009-10-02 08:38 . 2009-10-02 08:38 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-29 12:05 . 2009-09-29 12:05 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-09-29 12:02 . 2009-09-29 12:02 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-29 11:56 . 2009-09-29 11:56 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 14:12 . 2009-10-11 08:43 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-10-11 08:43 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-10-11 08:43 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-10-11 08:43 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 14:12 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2005-12-14 06:51 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2005-12-14 06:51 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2005-12-14 06:51 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2005-12-14 06:51 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-24 07:24 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-11 14:18 . 2004-08-04 04:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 04:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-04 04:56 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-04 04:56 17408 ------w- c:\windows\system32\corpol.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-11-18_23.28.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-19 07:37 . 2009-11-19 07:37 16384 c:\windows\temp\Perflib_Perfdata_69c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-11 3055616]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-12 2001648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-24 198160]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"365dnk"="" [BU]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.11.2009 15:28 142592]
R2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 11:00 277504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]
--- Other Services/Drivers In Memory ---
*Deregistered* - mbr
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
AddRemove-365dnk6.0.7 - c:\windows\365dnk\uninstall.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 08:58
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(676)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2009-11-19 09:01
ComboFix-quarantined-files.txt 2009-11-19 08:01
ComboFix2.txt 2009-11-18 23:35
Pre-Run: 125 287 759 872 bytes free
Post-Run: 125 253 029 888 bytes free
- - End Of File - - A64D6811D2C3EA4D8905002C48B9E829
Upload was successful
Re: MWAV vyhadzuje chyby
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
tento program znáte, používáte?
c:\program files\365dn?NET
Jak to vypadá s pc?
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
tento program znáte, používáte?
c:\program files\365dn?NET
Jak to vypadá s pc?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: MWAV vyhadzuje chyby
ano 365 dni je elektronicky TV program, sice robustny ale super
PC vyzera byt OK, ale radsej to dokocime, lebo je lenive. Zrejme programy na pozadi, ale neviem, ktore a ako vypnut.
Idem stiahnut ten BAM
PC vyzera byt OK, ale radsej to dokocime, lebo je lenive. Zrejme programy na pozadi, ale neviem, ktore a ako vypnut.
Idem stiahnut ten BAM
Re: MWAV vyhadzuje chyby
Malwarebytes' Anti-Malware 1.41
Verze databáze: 3195
Windows 5.1.2600 Service Pack 3
19.11.2009 14:57:25
mbam-log-2009-11-19 (14-57-05).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 177732
Uplynulý čas: 33 minute(s), 12 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> No action taken.
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\Qoobox\Quarantine\C\RECYCLER\S-1-5-21-2364337424-6277086660-140735018-7988\wnzip32.exe.vir (Worm.Autorun.B) -> No action taken.
C:\System Volume Information\_restore{F080BF88-6240-4BAC-8BA4-1200CA88C98E}\RP1\A0000111.exe (Worm.Kolab) -> No action taken.
Verze databáze: 3195
Windows 5.1.2600 Service Pack 3
19.11.2009 14:57:25
mbam-log-2009-11-19 (14-57-05).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 177732
Uplynulý čas: 33 minute(s), 12 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> No action taken.
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\Qoobox\Quarantine\C\RECYCLER\S-1-5-21-2364337424-6277086660-140735018-7988\wnzip32.exe.vir (Worm.Autorun.B) -> No action taken.
C:\System Volume Information\_restore{F080BF88-6240-4BAC-8BA4-1200CA88C98E}\RP1\A0000111.exe (Worm.Kolab) -> No action taken.
Re: MWAV vyhadzuje chyby
Co našel mbam, smažte.
Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry
Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?
Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry
Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: MWAV vyhadzuje chyby
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2009-11-19 15:30:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 120 GB (78%) free of 153 GB
Total RAM: 511 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:30:50, on 19.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT(2).exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Register Genuine Fractals 6.0 Professional Edition.lnk = C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 6093 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-24 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"365dnk"= []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-11-11 3055616]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-12 2001648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Register Genuine Fractals 6.0 Professional Edition.lnk - C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-11-19 15:30:46 ----D---- C:\rsit
2009-11-19 15:27:18 ----SD---- C:\Combo-Fix6792C
2009-11-19 14:17:13 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2009-11-19 14:17:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-19 14:17:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-19 00:16:22 ----A---- C:\Boot.bak
2009-11-19 00:16:15 ----RASHD---- C:\cmdcons
2009-11-18 23:22:12 ----D---- C:\Program Files\trend micro
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTTextToAudio3.dll
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTAudioDTMFSignals3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-11-18 11:30:38 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-11-18 11:30:09 ----D---- C:\Program Files\Audio Editor Gold
2009-11-18 11:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 11:22:37 ----D---- C:\Program Files\NCH Swift Sound
2009-11-14 21:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-11-14 18:32:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2009-11-11 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-11 17:53:49 ----D---- C:\Program Files\WinZip
2009-11-11 15:47:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:41 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-11 15:47:40 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-11 15:28:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-11-11 15:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-11-11 15:28:05 ----D---- C:\Program Files\Spyware Terminator
2009-11-11 13:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 02:39:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\px.dll
2009-11-11 02:38:55 ----D---- C:\Program Files\Winamp
2009-11-11 02:38:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 09:56:48 ----D---- C:\Program Files\ESET
2009-11-02 14:53:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-02 14:53:38 ----D---- C:\Program Files\DivX
2009-11-02 14:44:40 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-11-02 14:11:34 ----D---- C:\Documents and Settings\All Users\Application Data\Readon
2009-11-02 14:05:07 ----D---- C:\Program Files\Readon Technology
2009-11-02 13:10:25 ----D---- C:\WINDOWS\system32\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\Program Files\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\My Saved Files
2009-11-02 13:10:25 ----D---- C:\My Recorded Files
2009-10-31 19:09:12 ----D---- C:\Program Files\uTorrent
2009-10-31 19:08:09 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixpsets.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixjpeg.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixio130.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixguid.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixexif.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixaudio.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\F210.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC265.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC240.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC210.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Roboex32.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\lwf214p.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\ldf252.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgst500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgpl500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgme500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgid500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgdw500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgar500.dll
2009-10-30 11:58:58 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:10:54 ----D---- C:\Documents and Settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 16:10:42 ----D---- C:\Program Files\FLVPlayer4Free
2009-10-26 17:03:42 ----D---- C:\WINDOWS\Minidump
2009-10-26 15:38:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-10-24 20:30:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-24 20:30:01 ----D---- C:\Program Files\Common Files\xing shared
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-24 20:29:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-24 20:29:36 ----D---- C:\Program Files\Real
2009-10-24 20:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-24 18:49:14 ----D---- C:\WINDOWS\temp
2009-10-24 18:49:11 ----A---- C:\log.txt
2009-10-24 18:38:40 ----D---- C:\Combo-Fix
2009-10-24 17:54:10 ----A---- C:\WINDOWS\ScanSpyware.INI
2009-10-24 17:44:46 ----D---- C:\Documents and Settings\Administrator\Application Data\ScanSpyware
2009-10-24 17:10:27 ----D---- C:\Program Files\Common Files\Real
2009-10-24 17:09:19 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2009-10-24 14:48:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2009-10-22 09:45:56 ----D---- C:\Program Files\Audacity
2009-10-22 09:17:59 ----D---- C:\Converted Audio Files
2009-10-22 09:16:50 ----D---- C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2009-10-21 17:27:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Nik Software
2009-10-21 17:19:00 ----A---- C:\WINDOWS\system32\Deco_32.dll
2009-10-21 17:18:59 ----A---- C:\WINDOWS\system32\ASTSRV.EXE
2009-10-21 17:16:24 ----D---- C:\WINDOWS\MSSecurityNS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\MSSecurityNi
2009-10-20 23:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-10-20 21:03:07 ----D---- C:\Program Files\directx
2009-10-20 20:57:04 ----D---- C:\Sierra
2009-10-20 20:57:04 ----A---- C:\WINDOWS\SIERRA.INI
2009-10-20 19:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-10-20 19:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
======List of files/folders modified in the last 1 months======
2009-11-19 15:29:25 ----AD---- C:\WINDOWS
2009-11-19 15:28:01 ----D---- C:\WINDOWS\Prefetch
2009-11-19 15:27:56 ----SHD---- C:\System Volume Information
2009-11-19 15:27:56 ----D---- C:\WINDOWS\system32\Restore
2009-11-19 15:27:41 ----D---- C:\WINDOWS\system32
2009-11-19 15:25:16 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 15:19:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-11-19 14:17:07 ----D---- C:\WINDOWS\system32\drivers
2009-11-19 14:17:04 ----RD---- C:\Program Files
2009-11-19 08:58:03 ----A---- C:\WINDOWS\system.ini
2009-11-19 08:56:14 ----D---- C:\WINDOWS\AppPatch
2009-11-19 08:56:11 ----D---- C:\Program Files\Common Files
2009-11-19 08:46:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-19 00:35:28 ----SD---- C:\WINDOWS\Tasks
2009-11-19 00:26:43 ----SHD---- C:\RECYCLER
2009-11-19 00:16:22 ----RASH---- C:\boot.ini
2009-11-19 00:05:44 ----D---- C:\WINDOWS\Debug
2009-11-18 21:54:28 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2009-11-18 16:32:04 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2009-11-18 13:42:41 ----D---- C:\WINDOWS\inf
2009-11-18 11:31:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 19:06:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-16 19:46:36 ----D---- C:\Documents and Settings\Administrator\Application Data\365dni
2009-11-15 10:13:35 ----DC---- C:\WINDOWS\system32\dllcache
2009-11-13 12:08:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-13 11:30:02 ----D---- C:\WINDOWS\Help
2009-11-11 17:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-11-11 17:55:17 ----SHD---- C:\WINDOWS\Installer
2009-11-11 16:08:21 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 16:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-11 16:08:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 14:49:55 ----D---- C:\Program Files\Your Uninstaller
2009-11-11 13:17:23 ----D---- C:\WINDOWS\$hf_mig$
2009-11-11 03:15:04 ----D---- C:\WINDOWS\security
2009-11-11 02:40:47 ----D---- C:\Program Files\Windows Media Player
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:21:49 ----D---- C:\Program Files\Java
2009-11-02 14:11:44 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-10-30 11:57:25 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-26 18:42:38 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-10-26 18:42:37 ----D---- C:\Program Files\Adobe
2009-10-26 18:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-26 18:38:33 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 21:31:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-25 09:32:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 08:28:14 ----D---- C:\Program Files\WAS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\Registration
2009-10-21 05:08:54 ----N---- C:\WINDOWS\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-07 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 astcc;AST Service; C:\WINDOWS\SYSTEM32\astsrv.exe [2008-11-26 57344]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-11 487936]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Administrator at 2009-11-19 15:30:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 120 GB (78%) free of 153 GB
Total RAM: 511 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:30:50, on 19.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT(2).exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Register Genuine Fractals 6.0 Professional Edition.lnk = C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 6093 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-24 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"365dnk"= []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-11-11 3055616]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-12 2001648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Register Genuine Fractals 6.0 Professional Edition.lnk - C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-11-19 15:30:46 ----D---- C:\rsit
2009-11-19 15:27:18 ----SD---- C:\Combo-Fix6792C
2009-11-19 14:17:13 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2009-11-19 14:17:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-19 14:17:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-19 00:16:22 ----A---- C:\Boot.bak
2009-11-19 00:16:15 ----RASHD---- C:\cmdcons
2009-11-18 23:22:12 ----D---- C:\Program Files\trend micro
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTTextToAudio3.dll
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTAudioDTMFSignals3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-11-18 11:30:38 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-11-18 11:30:09 ----D---- C:\Program Files\Audio Editor Gold
2009-11-18 11:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 11:22:37 ----D---- C:\Program Files\NCH Swift Sound
2009-11-14 21:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-11-14 18:32:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2009-11-11 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-11 17:53:49 ----D---- C:\Program Files\WinZip
2009-11-11 15:47:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:41 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-11 15:47:40 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-11 15:28:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-11-11 15:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-11-11 15:28:05 ----D---- C:\Program Files\Spyware Terminator
2009-11-11 13:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 02:39:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\px.dll
2009-11-11 02:38:55 ----D---- C:\Program Files\Winamp
2009-11-11 02:38:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 09:56:48 ----D---- C:\Program Files\ESET
2009-11-02 14:53:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-02 14:53:38 ----D---- C:\Program Files\DivX
2009-11-02 14:44:40 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-11-02 14:11:34 ----D---- C:\Documents and Settings\All Users\Application Data\Readon
2009-11-02 14:05:07 ----D---- C:\Program Files\Readon Technology
2009-11-02 13:10:25 ----D---- C:\WINDOWS\system32\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\Program Files\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\My Saved Files
2009-11-02 13:10:25 ----D---- C:\My Recorded Files
2009-10-31 19:09:12 ----D---- C:\Program Files\uTorrent
2009-10-31 19:08:09 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixpsets.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixjpeg.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixio130.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixguid.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixexif.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixaudio.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\F210.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC265.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC240.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC210.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Roboex32.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\lwf214p.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\ldf252.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgst500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgpl500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgme500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgid500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgdw500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgar500.dll
2009-10-30 11:58:58 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:10:54 ----D---- C:\Documents and Settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 16:10:42 ----D---- C:\Program Files\FLVPlayer4Free
2009-10-26 17:03:42 ----D---- C:\WINDOWS\Minidump
2009-10-26 15:38:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-10-24 20:30:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-24 20:30:01 ----D---- C:\Program Files\Common Files\xing shared
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-24 20:29:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-24 20:29:36 ----D---- C:\Program Files\Real
2009-10-24 20:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-24 18:49:14 ----D---- C:\WINDOWS\temp
2009-10-24 18:49:11 ----A---- C:\log.txt
2009-10-24 18:38:40 ----D---- C:\Combo-Fix
2009-10-24 17:54:10 ----A---- C:\WINDOWS\ScanSpyware.INI
2009-10-24 17:44:46 ----D---- C:\Documents and Settings\Administrator\Application Data\ScanSpyware
2009-10-24 17:10:27 ----D---- C:\Program Files\Common Files\Real
2009-10-24 17:09:19 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2009-10-24 14:48:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2009-10-22 09:45:56 ----D---- C:\Program Files\Audacity
2009-10-22 09:17:59 ----D---- C:\Converted Audio Files
2009-10-22 09:16:50 ----D---- C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2009-10-21 17:27:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Nik Software
2009-10-21 17:19:00 ----A---- C:\WINDOWS\system32\Deco_32.dll
2009-10-21 17:18:59 ----A---- C:\WINDOWS\system32\ASTSRV.EXE
2009-10-21 17:16:24 ----D---- C:\WINDOWS\MSSecurityNS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\MSSecurityNi
2009-10-20 23:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-10-20 21:03:07 ----D---- C:\Program Files\directx
2009-10-20 20:57:04 ----D---- C:\Sierra
2009-10-20 20:57:04 ----A---- C:\WINDOWS\SIERRA.INI
2009-10-20 19:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-10-20 19:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
======List of files/folders modified in the last 1 months======
2009-11-19 15:29:25 ----AD---- C:\WINDOWS
2009-11-19 15:28:01 ----D---- C:\WINDOWS\Prefetch
2009-11-19 15:27:56 ----SHD---- C:\System Volume Information
2009-11-19 15:27:56 ----D---- C:\WINDOWS\system32\Restore
2009-11-19 15:27:41 ----D---- C:\WINDOWS\system32
2009-11-19 15:25:16 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 15:19:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-11-19 14:17:07 ----D---- C:\WINDOWS\system32\drivers
2009-11-19 14:17:04 ----RD---- C:\Program Files
2009-11-19 08:58:03 ----A---- C:\WINDOWS\system.ini
2009-11-19 08:56:14 ----D---- C:\WINDOWS\AppPatch
2009-11-19 08:56:11 ----D---- C:\Program Files\Common Files
2009-11-19 08:46:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-19 00:35:28 ----SD---- C:\WINDOWS\Tasks
2009-11-19 00:26:43 ----SHD---- C:\RECYCLER
2009-11-19 00:16:22 ----RASH---- C:\boot.ini
2009-11-19 00:05:44 ----D---- C:\WINDOWS\Debug
2009-11-18 21:54:28 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2009-11-18 16:32:04 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2009-11-18 13:42:41 ----D---- C:\WINDOWS\inf
2009-11-18 11:31:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 19:06:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-16 19:46:36 ----D---- C:\Documents and Settings\Administrator\Application Data\365dni
2009-11-15 10:13:35 ----DC---- C:\WINDOWS\system32\dllcache
2009-11-13 12:08:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-13 11:30:02 ----D---- C:\WINDOWS\Help
2009-11-11 17:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-11-11 17:55:17 ----SHD---- C:\WINDOWS\Installer
2009-11-11 16:08:21 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 16:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-11 16:08:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 14:49:55 ----D---- C:\Program Files\Your Uninstaller
2009-11-11 13:17:23 ----D---- C:\WINDOWS\$hf_mig$
2009-11-11 03:15:04 ----D---- C:\WINDOWS\security
2009-11-11 02:40:47 ----D---- C:\Program Files\Windows Media Player
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:21:49 ----D---- C:\Program Files\Java
2009-11-02 14:11:44 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-10-30 11:57:25 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-26 18:42:38 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-10-26 18:42:37 ----D---- C:\Program Files\Adobe
2009-10-26 18:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-26 18:38:33 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 21:31:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-25 09:32:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 08:28:14 ----D---- C:\Program Files\WAS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\Registration
2009-10-21 05:08:54 ----N---- C:\WINDOWS\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-07 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 astcc;AST Service; C:\WINDOWS\SYSTEM32\astsrv.exe [2008-11-26 57344]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-11 487936]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: MWAV vyhadzuje chyby
Otevřete si Poznámkový blok a zkopírujte do něj text
-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.
smažte
C:\Combo-Fix
C:\Combo-Fix6792C
Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)
Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980
Jak to vypadá s počítačem? Pokud nejsou problémy, je to vše
Ještě zkuste ten mwaw.
Kód: Vybrat vše
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"365dnk"=-
"Malwarebytes Anti-Malware (reboot)"=-
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.
smažte
C:\Combo-Fix
C:\Combo-Fix6792C
Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)
Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980
Jak to vypadá s počítačem? Pokud nejsou problémy, je to vše
Ještě zkuste ten mwaw.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.