Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

MWAV vyhadzuje chyby

Moderátoři: james008, JaRon, Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

MWAV vyhadzuje chyby

#1 Příspěvek od korzar »

Zdravim, len sa chcem spytat, mam plnu verziu MWAV a ked ju spustim, najprv vyhadzuje neustale chyby - hlavne pri systemovych suboroch. Vyzera to asi takto:
"24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\System32\smss.exe
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:23 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:23 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\ntdll.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Once. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Twice. Trying to scan again...
24 X 2009 20:22:24 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
24 X 2009 20:22:24 => ERROR!!! ScanFile Failed Thrice!!!"
a celkovo 1500 krat ERROR. Kontroluje az jednotlive polozky. Lenze jua sa obavam, ze virus mam prave vo system32... neviem, je to v poriadku?
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#2 Příspěvek od korzar »

fuha, to nikto nevie poradit?
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: MWAV vyhadzuje chyby

#3 Příspěvek od motji »

Dobrý večer :)
Můžu Vás porposit o log ze Rsitu, viz můj podpis? :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#4 Příspěvek od korzar »

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2009-11-18 23:22:06
Microsoft Windows XP Professional Service Pack 3
System drive C: has 115 GB (75%) free of 153 GB
Total RAM: 511 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:22:52, on 18.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Register Genuine Fractals 6.0 Professional Edition.lnk = C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 5885 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"365dnk"= []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-11-11 3055616]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-12 2001648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Register Genuine Fractals 6.0 Professional Edition.lnk - C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Documents and Settings\Administrator\Desktop\Internet TV & Radio Player.exe"="C:\Documents and Settings\Administrator\Desktop\Internet TV & Radio Player.exe:*:Enabled:Internet TV & Radio Player"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-11-18 23:22:12 ----D---- C:\Program Files\trend micro
2009-11-18 23:22:06 ----D---- C:\rsit
2009-11-18 12:04:45 ----AD---- C:\WINDOWS\system32\runouce.exe
2009-11-18 11:33:44 ----A---- C:\gfrgdv.exe
2009-11-18 11:33:11 ----A---- C:\hqcqje.exe
2009-11-18 11:33:10 ----A---- C:\iqnafa.exe
2009-11-18 11:33:06 ----A---- C:\xqwhd.exe
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTTextToAudio3.dll
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTAudioDTMFSignals3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-11-18 11:30:38 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-11-18 11:30:09 ----D---- C:\Program Files\Audio Editor Gold
2009-11-18 11:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 11:22:37 ----D---- C:\Program Files\NCH Swift Sound
2009-11-14 21:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-11-14 18:32:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2009-11-11 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-11 17:53:49 ----D---- C:\Program Files\WinZip
2009-11-11 15:47:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:41 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-11 15:47:40 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-11 15:28:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-11-11 15:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-11-11 15:28:05 ----D---- C:\Program Files\Spyware Terminator
2009-11-11 13:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 02:39:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\px.dll
2009-11-11 02:38:55 ----D---- C:\Program Files\Winamp
2009-11-11 02:38:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2009-11-05 03:45:59 ----A---- C:\WINDOWS\imsins.BAK
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 09:56:48 ----D---- C:\Program Files\ESET
2009-11-02 14:53:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-02 14:53:38 ----D---- C:\Program Files\DivX
2009-11-02 14:44:40 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-11-02 14:11:34 ----D---- C:\Documents and Settings\All Users\Application Data\Readon
2009-11-02 14:05:07 ----D---- C:\Program Files\Readon Technology
2009-11-02 13:10:25 ----D---- C:\WINDOWS\system32\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\Program Files\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\My Saved Files
2009-11-02 13:10:25 ----D---- C:\My Recorded Files
2009-10-31 19:09:12 ----D---- C:\Program Files\uTorrent
2009-10-31 19:08:09 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixpsets.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixjpeg.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixio130.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixguid.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixexif.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixaudio.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\F210.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC265.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC240.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC210.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Roboex32.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\lwf214p.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\ldf252.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgst500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgpl500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgme500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgid500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgdw500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgar500.dll
2009-10-30 11:58:58 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:10:54 ----D---- C:\Documents and Settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 16:10:42 ----D---- C:\Program Files\FLVPlayer4Free
2009-10-26 17:03:42 ----D---- C:\WINDOWS\Minidump
2009-10-26 15:38:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-10-24 20:30:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-24 20:30:01 ----D---- C:\Program Files\Common Files\xing shared
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-24 20:29:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-24 20:29:36 ----D---- C:\Program Files\Real
2009-10-24 20:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-24 19:20:49 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2009-10-24 19:20:49 ----A---- C:\WINDOWS\REGEDIT.COM
2009-10-24 18:49:14 ----D---- C:\WINDOWS\temp
2009-10-24 18:49:11 ----A---- C:\log.txt
2009-10-24 18:49:11 ----A---- C:\ComboFix.txt
2009-10-24 18:38:46 ----A---- C:\WINDOWS\NIRCMD.exe
2009-10-24 18:38:40 ----D---- C:\Combo-Fix
2009-10-24 18:34:02 ----A---- C:\WINDOWS\zip.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\sed.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\PEV.exe
2009-10-24 18:34:02 ----A---- C:\WINDOWS\grep.exe
2009-10-24 18:33:53 ----D---- C:\WINDOWS\ERDNT
2009-10-24 18:29:59 ----D---- C:\Qoobox
2009-10-24 17:54:10 ----A---- C:\WINDOWS\ScanSpyware.INI
2009-10-24 17:44:46 ----D---- C:\Documents and Settings\Administrator\Application Data\ScanSpyware
2009-10-24 17:10:27 ----D---- C:\Program Files\Common Files\Real
2009-10-24 17:09:19 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2009-10-24 14:48:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2009-10-22 09:45:56 ----D---- C:\Program Files\Audacity
2009-10-22 09:17:59 ----D---- C:\Converted Audio Files
2009-10-22 09:16:50 ----D---- C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2009-10-21 17:27:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Nik Software
2009-10-21 17:19:00 ----A---- C:\WINDOWS\system32\Deco_32.dll
2009-10-21 17:18:59 ----A---- C:\WINDOWS\system32\ASTSRV.EXE
2009-10-21 17:16:24 ----D---- C:\WINDOWS\MSSecurityNS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\MSSecurityNi
2009-10-20 23:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-10-20 21:03:07 ----D---- C:\Program Files\directx
2009-10-20 20:57:04 ----D---- C:\Sierra
2009-10-20 20:57:04 ----A---- C:\WINDOWS\SIERRA.INI
2009-10-20 19:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-10-20 19:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 21:51:28 ----D---- C:\Program Files\WAS

======List of files/folders modified in the last 1 months======

2009-11-18 23:22:12 ----RD---- C:\Program Files
2009-11-18 23:21:55 ----D---- C:\WINDOWS\Prefetch
2009-11-18 21:54:28 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2009-11-18 20:54:01 ----D---- C:\Program Files\Mozilla Firefox
2009-11-18 18:40:15 ----AD---- C:\WINDOWS
2009-11-18 16:32:04 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2009-11-18 13:46:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-18 13:42:41 ----D---- C:\WINDOWS\inf
2009-11-18 13:31:43 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-18 12:04:45 ----D---- C:\WINDOWS\system32
2009-11-18 11:33:54 ----D---- C:\WINDOWS\system32\drivers
2009-11-18 11:33:09 ----SHD---- C:\RECYCLER
2009-11-18 11:31:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 19:06:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-16 19:46:36 ----D---- C:\Documents and Settings\Administrator\Application Data\365dni
2009-11-15 10:13:35 ----DC---- C:\WINDOWS\system32\dllcache
2009-11-13 12:08:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-13 11:30:02 ----D---- C:\WINDOWS\Help
2009-11-11 17:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-11-11 17:55:17 ----SHD---- C:\WINDOWS\Installer
2009-11-11 16:08:21 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 16:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-11 16:08:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files
2009-11-11 14:49:55 ----D---- C:\Program Files\Your Uninstaller
2009-11-11 13:17:23 ----D---- C:\WINDOWS\$hf_mig$
2009-11-11 03:15:04 ----D---- C:\WINDOWS\security
2009-11-11 02:40:47 ----D---- C:\Program Files\Windows Media Player
2009-11-11 02:40:46 ----D---- C:\WINDOWS\Debug
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:21:49 ----D---- C:\Program Files\Java
2009-11-02 14:11:44 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-10-30 11:57:25 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-26 18:42:38 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-10-26 18:42:37 ----D---- C:\Program Files\Adobe
2009-10-26 18:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-26 18:38:33 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 21:31:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-25 09:32:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 20:37:45 ----D---- C:\Program Files\AskBarDis
2009-10-24 18:47:45 ----A---- C:\WINDOWS\system.ini
2009-10-24 18:44:29 ----D---- C:\WINDOWS\AppPatch
2009-10-21 17:15:21 ----D---- C:\WINDOWS\Registration
2009-10-21 05:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 21:52:24 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-07 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 astcc;AST Service; C:\WINDOWS\SYSTEM32\astsrv.exe [2008-11-26 57344]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-11 487936]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: MWAV vyhadzuje chyby

#5 Příspěvek od motji »

Koukneme pořádně, ale až zítra, dnes už jdu spát :D

:arrow: Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



:arrow: Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry





:arrow: Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna :!:

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#6 Příspěvek od korzar »

diky moc, idem to urobit
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#7 Příspěvek od korzar »

ComboFix 09-11-18.06 - Administrator 19.11.2009 0:19.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.511.108 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988\Desktop.ini
c:\recycler\S-1-5-21-2364337424-6277086660-140735018-7988\wnzip32.exe
c:\recycler\S-1-5-21-9817978872-4228745943-561314372-5514

.
((((((((((((((((((((((((( Files Created from 2009-10-18 to 2009-11-18 )))))))))))))))))))))))))))))))
.

2009-11-18 22:22 . 2009-11-18 22:22 -------- d-----w- c:\program files\trend micro
2009-11-18 11:25 . 2009-11-18 11:26 5237930 ----a-w- c:\windows\REGBK02.ZIP
2009-11-18 10:33 . 2009-11-18 10:33 208384 ----a-w- C:\gfrgdv.exe
2009-11-18 10:33 . 2009-11-18 10:33 38912 ----a-w- C:\hqcqje.exe
2009-11-18 10:33 . 2009-11-18 10:33 38912 ----a-w- C:\iqnafa.exe
2009-11-18 10:33 . 2009-11-18 10:33 93696 ----a-w- C:\xqwhd.exe
2009-11-18 10:31 . 2005-06-02 16:57 335872 ----a-w- c:\windows\system32\NCTAudioDTMFSignals3.dll
2009-11-18 10:31 . 2005-06-02 16:54 331776 ----a-w- c:\windows\system32\NCTTextToAudio3.dll
2009-11-18 10:30 . 2005-06-02 15:54 331776 ----a-w- c:\windows\system32\NCTAudioPlayer3.dll
2009-11-18 10:30 . 2005-06-02 02:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-11-18 10:30 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-11-18 10:30 . 2005-02-25 05:21 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-11-18 10:30 . 2005-04-16 02:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-11-18 10:30 . 2005-03-29 05:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-11-18 10:30 . 2005-03-29 05:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2009-11-18 10:30 . 2007-10-12 08:09 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-11-18 10:30 . 2002-01-06 04:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-11-18 10:30 . 2009-11-18 10:32 -------- d-----w- c:\program files\Audio Editor Gold
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-14 20:31 . 2009-11-14 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2009-11-14 17:32 . 2009-11-14 17:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-13 13:47 . 2009-11-13 13:47 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-13 13:46 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-13 13:46 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-13 13:46 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 14:48 . 2009-11-18 12:30 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 65024 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-11-11 14:47 . 2009-11-11 14:47 5120 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-11-11 14:47 . 2009-11-11 14:47 18944 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-11-11 14:47 . 2009-11-12 07:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-11 14:28 . 2009-11-11 14:28 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-11 14:28 . 2009-11-11 14:28 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-11 14:28 . 2009-11-11 14:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-11 14:28 . 2009-11-18 12:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\program files\Spyware Terminator
2009-11-03 22:20 . 2009-11-03 22:20 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 08:56 . 2009-11-03 08:56 -------- d-----w- c:\program files\ESET
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\DivX
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_E9E3E8815ADBA390949375.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_6FEFF9B68218417F98F549.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_0276E7E570CBB4EA97FB0F.exe
2009-11-02 13:44 . 2009-11-02 13:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\program files\Readon Technology
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut3_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut1_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\ARPPRODUCTICON.exe
2009-11-02 12:10 . 2009-11-13 11:10 -------- d-----w- c:\program files\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- c:\windows\system32\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Saved Files
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Recorded Files
2009-10-31 18:09 . 2009-10-31 18:09 -------- d-----w- c:\program files\uTorrent
2009-10-31 18:08 . 2009-11-15 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-10-30 10:59 . 2000-09-06 09:20 97280 ----a-w- c:\windows\system32\ekfpixjpeg.dll
2009-10-30 10:59 . 2000-09-06 09:20 68096 ----a-w- c:\windows\system32\ekfpixpsets.dll
2009-10-30 10:59 . 2000-09-06 09:20 4608 ----a-w- c:\windows\system32\ekfpixguid.dll
2009-10-30 10:59 . 2000-09-06 09:20 446976 ----a-w- c:\windows\system32\ekfpixio130.dll
2009-10-30 10:59 . 2000-09-06 09:20 43520 ----a-w- c:\windows\system32\ekfpixaudio.dll
2009-10-30 10:59 . 2000-09-06 09:20 138240 ----a-w- c:\windows\system32\ekfpixexif.dll
2009-10-30 10:59 . 2000-09-06 09:20 230400 ----a-w- c:\windows\system32\DC265.dll
2009-10-30 10:59 . 2000-09-06 09:20 6688 ----a-w- c:\windows\system32\Digita.sys
2009-10-30 10:59 . 2000-09-06 09:20 45568 ----a-w- c:\windows\system32\DC210.dll
2009-10-30 10:59 . 2000-09-06 09:20 32768 ----a-w- c:\windows\system32\F210.dll
2009-10-30 10:59 . 2000-09-06 09:20 110592 ----a-w- c:\windows\system32\DC240.dll
2009-10-30 10:58 . 2000-09-06 09:20 317952 ----a-w- c:\windows\system32\Roboex32.dll
2009-10-30 10:58 . 2000-09-06 09:20 335872 ----a-w- c:\windows\system32\ldf252.dll
2009-10-30 10:58 . 2000-09-06 09:20 126976 ----a-w- c:\windows\system32\lwf214p.dll
2009-10-30 10:58 . 2000-09-06 09:20 7168 ----a-w- c:\windows\system32\Jgme500.dll
2009-10-30 10:58 . 2000-09-06 09:20 15872 ----a-w- c:\windows\system32\Jgpl500.dll
2009-10-30 10:58 . 2000-09-06 09:20 144896 ----a-w- c:\windows\system32\Jgdw500.dll
2009-10-30 10:58 . 2000-09-06 09:20 13312 ----a-w- c:\windows\system32\Jgst500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgid500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgar500.dll
2009-10-30 10:58 . 2009-10-30 10:58 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:10 . 2009-10-28 15:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 15:10 . 2009-10-28 15:13 -------- d-----w- c:\program files\FLVPlayer4Free
2009-10-26 14:38 . 2009-10-26 14:38 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-24 19:30 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-24 19:29 . 2009-10-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-24 19:29 . 2009-10-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-24 19:29 . 2009-10-24 19:29 -------- d-----w- c:\program files\Real
2009-10-24 18:46 . 2009-10-24 18:47 5076770 ----a-w- c:\windows\REGBK01.ZIP
2009-10-24 17:38 . 2009-10-24 17:49 -------- d-----w- C:\Combo-Fix
2009-10-24 16:44 . 2009-10-24 16:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2009-10-24 16:27 . 2009-10-24 16:28 17212912 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-24 16:27 . 2009-10-24 16:27 8406648 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-24 16:26 . 2009-10-24 16:26 10309448 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-24 16:25 . 2009-10-24 16:25 64000 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-24 16:25 . 2009-10-24 16:25 52288 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 50688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 114688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-24 16:10 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\Real
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Thinstall
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2009-10-22 08:45 . 2009-10-22 08:45 -------- d-----w- c:\program files\Audacity
2009-10-22 08:17 . 2009-10-22 08:18 -------- d-----w- C:\Converted Audio Files
2009-10-22 08:16 . 2009-10-22 08:17 -------- d-----w- c:\program files\Acoustica MP3 To Wave Converter PLUS
2009-10-22 08:04 . 2009-10-22 08:04 -------- d-----w- c:\documents and settings\Administrator\dwhelper
2009-10-21 16:27 . 2009-10-21 16:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nik Software
2009-10-21 16:19 . 2008-11-26 10:12 227840 ----a-w- c:\windows\system32\Deco_32.dll
2009-10-21 16:18 . 2008-11-26 10:12 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-10-21 16:16 . 2009-10-21 16:16 -------- d-----w- c:\windows\MSSecurityNS
2009-10-21 16:15 . 2009-10-21 16:15 -------- d-----w- c:\windows\MSSecurityNi
2009-10-20 22:25 . 2009-10-20 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:06 . 2009-10-20 20:06 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-10-20 20:06 . 2009-10-20 20:06 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-10-20 20:06 . 2009-10-20 20:06 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-10-20 20:03 . 2009-10-20 20:03 -------- d-----w- c:\program files\directx
2009-10-20 19:57 . 2009-10-20 19:57 -------- d-----w- C:\Sierra
2009-10-20 18:16 . 2009-10-20 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-20 18:16 . 2009-11-15 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 20:54 . 2009-10-13 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-11-18 15:32 . 2009-10-13 16:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-17 18:06 . 2009-10-02 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 18:46 . 2009-10-12 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\365dni
2009-11-13 11:08 . 2009-10-11 09:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-11 16:55 . 2009-10-04 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-11 15:08 . 2009-10-11 09:30 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 15:08 . 2009-10-11 08:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-11 13:49 . 2009-10-11 09:20 -------- d-----w- c:\program files\Your Uninstaller
2009-11-11 01:46 . 2009-11-11 01:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-11 01:41 . 2009-11-11 01:38 -------- d-----w- c:\program files\Winamp
2009-11-03 22:21 . 2009-10-03 08:26 -------- d-----w- c:\program files\Java
2009-10-30 10:57 . 2009-10-03 09:04 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-26 18:27 . 2009-10-03 09:06 19880 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-26 17:38 . 2009-10-03 22:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-24 19:37 . 2009-10-18 13:38 -------- d-----w- c:\program files\AskBarDis
2009-10-24 07:28 . 2009-10-19 20:51 -------- d-----w- c:\program files\WAS
2009-10-21 16:15 . 2009-10-21 16:15 2004 ----a-w- c:\windows\Registration\e10f24f0-652e-11dd-ad8b-0800200c9a66.dll
2009-10-18 15:18 . 2009-10-13 15:57 -------- d-----r- c:\program files\Skype
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\program files\Foxit Software
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-10-18 13:05 . 2009-10-18 13:04 -------- d-----w- c:\program files\Fox Audio Recorder
2009-10-18 10:01 . 2009-10-10 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-10-17 22:28 . 2009-10-17 22:28 -------- d-----w- c:\program files\Intel
2009-10-17 18:05 . 2009-10-17 18:05 -------- d-----w- c:\program files\IrfanView
2009-10-13 18:29 . 2009-10-13 18:29 -------- d-----w- c:\program files\mms
2009-10-13 16:05 . 2009-10-13 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-13 15:58 . 2009-10-13 15:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-13 15:57 . 2009-10-13 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 14:19 . 2009-10-13 14:18 4980306 ----a-w- c:\windows\REGBK00.ZIP
2009-10-13 13:51 . 2009-10-13 13:51 -------- d-----w- c:\program files\CCleaner
2009-10-12 19:35 . 2009-10-12 19:35 -------- d-----w- c:\program files\365dn?NET
2009-10-12 19:28 . 2009-10-12 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\365dni
2009-10-12 11:08 . 2009-10-12 11:08 -------- d-----w- c:\program files\MWSnap
2009-10-11 09:06 . 2009-10-11 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-11 03:17 . 2009-10-03 08:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 18:41 . 2009-10-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\RapidSolution
2009-10-10 18:39 . 2009-10-10 18:39 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-10-10 15:48 . 2009-10-10 15:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sierra
2009-10-07 23:43 . 2009-10-07 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 18:04 . 2009-10-06 18:03 -------- d-----w- c:\program files\QuickTime
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Apple Software Update
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-06 14:40 . 2009-10-02 08:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-06 14:40 . 2009-10-02 08:40 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-10-04 17:02 . 2009-10-04 17:02 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 13:38 . 2009-10-04 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Alien Skin
2009-10-04 13:36 . 2009-10-04 13:36 -------- d-----w- c:\program files\Alien Skin
2009-10-04 11:25 . 2009-10-04 11:25 -------- d-----w- c:\program files\Common Files\NSV
2009-10-04 11:02 . 2009-10-04 10:58 -------- d-----w- c:\program files\Speed Video Splitter
2009-10-04 10:40 . 2009-10-04 10:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\GeoVid
2009-10-04 10:36 . 2009-10-04 10:36 -------- d-----w- c:\program files\Common Files\GeoVid
2009-10-04 10:34 . 2009-10-04 10:34 -------- d-----w- c:\program files\GeoVid
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\MSBuild
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\Reference Assemblies
2009-10-04 00:37 . 2009-10-04 00:37 -------- d-----w- c:\program files\MSXML 6.0
2009-10-03 23:03 . 2009-10-03 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-03 22:41 . 2009-10-03 22:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-03 22:09 . 2009-10-03 22:09 -------- d-----w- c:\program files\Archiving
2009-10-03 11:15 . 2009-10-02 08:41 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-10-03 10:45 . 2009-10-03 10:45 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\FlashGot.exe
2009-10-03 09:06 . 2009-10-03 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-10-03 09:04 . 2009-10-03 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-03 08:26 . 2009-10-03 08:26 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-02 10:43 . 2009-10-02 10:42 -------- d-----w- c:\program files\QIP Infium
2009-10-02 10:00 . 2009-10-02 10:00 -------- d-----w- c:\program files\Microsoft Works
2009-10-02 09:19 . 2009-10-02 09:19 -------- d-----w- c:\program files\ASUSTeK
2009-10-02 09:16 . 2009-10-02 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-02 09:13 . 2009-10-02 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-02 09:12 . 2009-10-02 09:12 -------- d-----w- c:\program files\ASUS
2009-10-02 09:09 . 2009-10-02 09:09 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 09:08 . 2009-10-02 09:03 -------- d-----w- c:\program files\Realtek
2009-10-02 09:05 . 2009-10-02 09:05 -------- d-----w- c:\program files\Analog Devices
2009-10-02 08:41 . 2009-10-02 08:41 -------- d-----w- c:\program files\microsoft frontpage
2009-10-02 08:38 . 2009-10-02 08:38 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-29 12:05 . 2009-09-29 12:05 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-09-29 12:02 . 2009-09-29 12:02 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-29 11:56 . 2009-09-29 11:56 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 14:12 . 2009-10-11 08:43 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-10-11 08:43 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-10-11 08:43 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-10-11 08:43 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 14:12 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2005-12-14 06:51 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2005-12-14 06:51 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2005-12-14 06:51 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2005-12-14 06:51 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-24 07:24 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-11 14:18 . 2004-08-04 04:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 04:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-04 04:56 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 10:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-11 3055616]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-12 2001648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-24 198160]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.11.2009 15:28 142592]
R2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 11:00 277504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-365dnk - (no file)
AddRemove-365dnk6.0.7 - c:\windows\365dnk\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 00:28
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(680)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(3620)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\SYSTEM32\astsrv.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-11-19 00:35 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-18 23:35

Pre-Run: 124 489 027 584 bytes free
Post-Run: 125 284 782 080 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 75BC6DE26B12291471CC04A03DB729EE
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: MWAV vyhadzuje chyby

#8 Příspěvek od motji »

:arrow: Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše


Collect::
C:\gfrgdv.exe
C:\hqcqje.exe
C:\iqnafa.exe
C:\xqwhd.exe
Registry::
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
Folder::
c:\program files\AskBarDis
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek


-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#9 Příspěvek od korzar »

ComboFix 09-11-18.06 - Administrator 19.11.2009 8:47.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.511.251 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

file zipped: C:\gfrgdv.exe
file zipped: C:\hqcqje.exe
file zipped: C:\iqnafa.exe
file zipped: C:\xqwhd.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\gfrgdv.exe
C:\hqcqje.exe
C:\iqnafa.exe
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\01FA161B
c:\program files\AskBarDis\bar\Cache\01FA1ADD
c:\program files\AskBarDis\bar\Cache\01FA1F42.bin
c:\program files\AskBarDis\bar\Cache\01FA2127.bin
c:\program files\AskBarDis\bar\Cache\01FA250F.bin
c:\program files\AskBarDis\bar\Cache\01FA287A.bin
c:\program files\AskBarDis\bar\Cache\01FA2A00.bin
c:\program files\AskBarDis\bar\Cache\01FA2BF4.bin
c:\program files\AskBarDis\bar\Cache\01FA2DC9.bin
c:\program files\AskBarDis\bar\Cache\01FA2FBD.bin
c:\program files\AskBarDis\bar\Cache\01FA31A1.bin
c:\program files\AskBarDis\bar\Cache\01FA3403.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\PopSwatter\History\notallow
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
C:\xqwhd.exe

.
((((((((((((((((((((((((( Files Created from 2009-10-19 to 2009-11-19 )))))))))))))))))))))))))))))))
.

2009-11-18 22:22 . 2009-11-18 22:22 -------- d-----w- c:\program files\trend micro
2009-11-18 11:25 . 2009-11-18 11:26 5237930 ----a-w- c:\windows\REGBK02.ZIP
2009-11-18 10:31 . 2005-06-02 16:57 335872 ----a-w- c:\windows\system32\NCTAudioDTMFSignals3.dll
2009-11-18 10:31 . 2005-06-02 16:54 331776 ----a-w- c:\windows\system32\NCTTextToAudio3.dll
2009-11-18 10:30 . 2005-06-02 15:54 331776 ----a-w- c:\windows\system32\NCTAudioPlayer3.dll
2009-11-18 10:30 . 2005-06-02 02:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-11-18 10:30 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-11-18 10:30 . 2005-02-25 05:21 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-11-18 10:30 . 2005-04-16 02:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-11-18 10:30 . 2005-03-29 05:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-11-18 10:30 . 2005-03-29 05:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2009-11-18 10:30 . 2007-10-12 08:09 1164728 ----a-w- c:\windows\system32\NMSDVDXU.dll
2009-11-18 10:30 . 2002-01-06 04:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-11-18 10:30 . 2009-11-18 10:32 -------- d-----w- c:\program files\Audio Editor Gold
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-14 20:31 . 2009-11-14 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2009-11-14 17:32 . 2009-11-14 17:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-13 13:47 . 2009-11-13 13:47 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-11-13 13:46 . 2009-11-06 08:20 34112 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-13 13:46 . 2009-11-06 08:20 32448 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-13 13:46 . 2009-11-06 08:20 22352 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-11-11 14:48 . 2009-11-18 12:30 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 65024 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-11-11 14:47 . 2009-11-11 14:47 5120 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2009-11-11 14:47 . 2009-11-11 14:47 18944 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-11-11 14:47 . 2009-11-12 07:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 14:47 . 2009-11-11 14:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-11 14:28 . 2009-11-11 14:28 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-11 14:28 . 2009-11-11 14:28 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-11 14:28 . 2009-11-11 14:28 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-11 14:28 . 2009-11-18 12:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-11 14:28 . 2009-11-18 13:23 -------- d-----w- c:\program files\Spyware Terminator
2009-11-03 22:20 . 2009-11-03 22:20 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 08:56 . 2009-11-03 08:56 -------- d-----w- c:\program files\ESET
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-02 13:53 . 2009-11-02 13:53 -------- d-----w- c:\program files\DivX
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_E9E3E8815ADBA390949375.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_6FEFF9B68218417F98F549.exe
2009-11-02 13:45 . 2009-11-02 13:45 5430 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{846E11C7-4E39-469C-8469-569E7DE9C5CD}\_0276E7E570CBB4EA97FB0F.exe
2009-11-02 13:44 . 2009-11-02 13:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Readon_Technology
2009-11-02 13:05 . 2009-11-02 13:45 -------- d-----w- c:\program files\Readon Technology
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut3_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 126976 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\NewShortcut1_3578F861852C40E8B00D3E8FBA99B79A.exe
2009-11-02 12:10 . 2009-11-02 12:10 10134 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E1C51E3E-983C-4373-B740-177E28B4DFD0}\ARPPRODUCTICON.exe
2009-11-02 12:10 . 2009-11-13 11:10 -------- d-----w- c:\program files\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- c:\windows\system32\Nexus Radio
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Saved Files
2009-11-02 12:10 . 2009-11-02 12:10 -------- d-----w- C:\My Recorded Files
2009-10-31 18:09 . 2009-10-31 18:09 -------- d-----w- c:\program files\uTorrent
2009-10-31 18:08 . 2009-11-15 01:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-10-30 10:59 . 2000-09-06 09:20 97280 ----a-w- c:\windows\system32\ekfpixjpeg.dll
2009-10-30 10:59 . 2000-09-06 09:20 68096 ----a-w- c:\windows\system32\ekfpixpsets.dll
2009-10-30 10:59 . 2000-09-06 09:20 4608 ----a-w- c:\windows\system32\ekfpixguid.dll
2009-10-30 10:59 . 2000-09-06 09:20 446976 ----a-w- c:\windows\system32\ekfpixio130.dll
2009-10-30 10:59 . 2000-09-06 09:20 43520 ----a-w- c:\windows\system32\ekfpixaudio.dll
2009-10-30 10:59 . 2000-09-06 09:20 138240 ----a-w- c:\windows\system32\ekfpixexif.dll
2009-10-30 10:59 . 2000-09-06 09:20 230400 ----a-w- c:\windows\system32\DC265.dll
2009-10-30 10:59 . 2000-09-06 09:20 6688 ----a-w- c:\windows\system32\Digita.sys
2009-10-30 10:59 . 2000-09-06 09:20 45568 ----a-w- c:\windows\system32\DC210.dll
2009-10-30 10:59 . 2000-09-06 09:20 32768 ----a-w- c:\windows\system32\F210.dll
2009-10-30 10:59 . 2000-09-06 09:20 110592 ----a-w- c:\windows\system32\DC240.dll
2009-10-30 10:58 . 2000-09-06 09:20 317952 ----a-w- c:\windows\system32\Roboex32.dll
2009-10-30 10:58 . 2000-09-06 09:20 335872 ----a-w- c:\windows\system32\ldf252.dll
2009-10-30 10:58 . 2000-09-06 09:20 126976 ----a-w- c:\windows\system32\lwf214p.dll
2009-10-30 10:58 . 2000-09-06 09:20 7168 ----a-w- c:\windows\system32\Jgme500.dll
2009-10-30 10:58 . 2000-09-06 09:20 15872 ----a-w- c:\windows\system32\Jgpl500.dll
2009-10-30 10:58 . 2000-09-06 09:20 144896 ----a-w- c:\windows\system32\Jgdw500.dll
2009-10-30 10:58 . 2000-09-06 09:20 13312 ----a-w- c:\windows\system32\Jgst500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgid500.dll
2009-10-30 10:58 . 2000-09-06 09:20 11264 ----a-w- c:\windows\system32\Jgar500.dll
2009-10-30 10:58 . 2009-10-30 10:58 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:10 . 2009-10-28 15:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 15:10 . 2009-10-28 15:13 -------- d-----w- c:\program files\FLVPlayer4Free
2009-10-26 14:38 . 2009-10-26 14:38 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-10-24 19:30 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-24 19:29 . 2009-10-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-24 19:29 . 2009-10-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-24 19:29 . 2009-10-24 19:29 -------- d-----w- c:\program files\Real
2009-10-24 18:46 . 2009-10-24 18:47 5076770 ----a-w- c:\windows\REGBK01.ZIP
2009-10-24 17:38 . 2009-10-24 17:49 -------- d-----w- C:\Combo-Fix
2009-10-24 16:44 . 2009-10-24 16:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\ScanSpyware
2009-10-24 16:27 . 2009-10-24 16:28 17212912 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\rp\RealPlayerSPGold.exe
2009-10-24 16:27 . 2009-10-24 16:27 8406648 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\gtb_us\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-10-24 16:26 . 2009-10-24 16:26 10309448 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\chr\ChromeInstaller.exe
2009-10-24 16:25 . 2009-10-24 16:25 64000 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gcapi_dll.dll
2009-10-24 16:25 . 2009-10-24 16:25 52288 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\gtapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 50688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\fftbapi.dll
2009-10-24 16:25 . 2009-10-24 16:25 114688 ----a-w- c:\documents and settings\Administrator\Application Data\Real\Update\setup\RUP\inst_config\compat.dll
2009-10-24 16:10 . 2009-10-24 19:30 -------- d-----w- c:\program files\Common Files\Real
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Thinstall
2009-10-24 13:48 . 2009-10-24 13:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Thinstall
2009-10-22 08:45 . 2009-10-22 08:45 -------- d-----w- c:\program files\Audacity
2009-10-22 08:17 . 2009-10-22 08:18 -------- d-----w- C:\Converted Audio Files
2009-10-22 08:16 . 2009-10-22 08:17 -------- d-----w- c:\program files\Acoustica MP3 To Wave Converter PLUS
2009-10-22 08:04 . 2009-10-22 08:04 -------- d-----w- c:\documents and settings\Administrator\dwhelper
2009-10-21 16:27 . 2009-10-21 16:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nik Software
2009-10-21 16:19 . 2008-11-26 10:12 227840 ----a-w- c:\windows\system32\Deco_32.dll
2009-10-21 16:18 . 2008-11-26 10:12 57344 ----a-w- c:\windows\system32\ASTSRV.EXE
2009-10-21 16:16 . 2009-10-21 16:16 -------- d-----w- c:\windows\MSSecurityNS
2009-10-21 16:15 . 2009-10-21 16:15 -------- d-----w- c:\windows\MSSecurityNi
2009-10-20 22:25 . 2009-10-20 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-20 20:06 . 2009-10-20 20:06 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-10-20 20:06 . 2009-10-20 20:06 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-10-20 20:06 . 2009-10-20 20:06 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-10-20 20:03 . 2009-10-20 20:03 -------- d-----w- c:\program files\directx
2009-10-20 19:57 . 2009-10-20 19:57 -------- d-----w- C:\Sierra
2009-10-20 18:16 . 2009-10-20 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-20 18:16 . 2009-11-15 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 20:54 . 2009-10-13 15:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-11-18 15:32 . 2009-10-13 16:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2009-11-18 10:22 . 2009-11-18 10:22 -------- d-----w- c:\program files\NCH Swift Sound
2009-11-17 18:06 . 2009-10-02 09:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 18:46 . 2009-10-12 19:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\365dni
2009-11-13 11:08 . 2009-10-11 09:06 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-11 16:55 . 2009-10-04 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-11 15:08 . 2009-10-11 09:30 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 15:08 . 2009-10-11 08:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-11 13:49 . 2009-10-11 09:20 -------- d-----w- c:\program files\Your Uninstaller
2009-11-11 01:46 . 2009-11-11 01:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-11 01:41 . 2009-11-11 01:38 -------- d-----w- c:\program files\Winamp
2009-11-03 22:21 . 2009-10-03 08:26 -------- d-----w- c:\program files\Java
2009-10-30 10:57 . 2009-10-03 09:04 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-26 18:27 . 2009-10-03 09:06 19880 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-26 17:38 . 2009-10-03 22:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-24 07:28 . 2009-10-19 20:51 -------- d-----w- c:\program files\WAS
2009-10-21 16:15 . 2009-10-21 16:15 2004 ----a-w- c:\windows\Registration\e10f24f0-652e-11dd-ad8b-0800200c9a66.dll
2009-10-18 15:18 . 2009-10-13 15:57 -------- d-----r- c:\program files\Skype
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\program files\Foxit Software
2009-10-18 13:38 . 2009-10-18 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-10-18 13:05 . 2009-10-18 13:04 -------- d-----w- c:\program files\Fox Audio Recorder
2009-10-18 10:01 . 2009-10-10 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-10-17 22:28 . 2009-10-17 22:28 -------- d-----w- c:\program files\Intel
2009-10-17 18:05 . 2009-10-17 18:05 -------- d-----w- c:\program files\IrfanView
2009-10-13 18:29 . 2009-10-13 18:29 -------- d-----w- c:\program files\mms
2009-10-13 16:05 . 2009-10-13 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-13 15:58 . 2009-10-13 15:58 -------- d-----w- c:\program files\Common Files\Skype
2009-10-13 15:57 . 2009-10-13 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 14:19 . 2009-10-13 14:18 4980306 ----a-w- c:\windows\REGBK00.ZIP
2009-10-13 13:51 . 2009-10-13 13:51 -------- d-----w- c:\program files\CCleaner
2009-10-12 19:35 . 2009-10-12 19:35 -------- d-----w- c:\program files\365dn?NET
2009-10-12 19:28 . 2009-10-12 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\365dni
2009-10-12 11:08 . 2009-10-12 11:08 -------- d-----w- c:\program files\MWSnap
2009-10-11 09:06 . 2009-10-11 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\program files\NVIDIA Corporation
2009-10-11 08:45 . 2009-10-11 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-10-11 03:17 . 2009-10-03 08:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 18:41 . 2009-10-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\RapidSolution
2009-10-10 18:39 . 2009-10-10 18:39 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-10-10 15:48 . 2009-10-10 15:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sierra
2009-10-07 23:43 . 2009-10-07 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-10-06 18:04 . 2009-10-06 18:03 -------- d-----w- c:\program files\QuickTime
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Common Files\Apple
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\program files\Apple Software Update
2009-10-06 18:03 . 2009-10-06 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-06 14:40 . 2009-10-02 08:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-06 14:40 . 2009-10-02 08:40 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-10-04 17:02 . 2009-10-04 17:02 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 13:38 . 2009-10-04 13:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Alien Skin
2009-10-04 13:36 . 2009-10-04 13:36 -------- d-----w- c:\program files\Alien Skin
2009-10-04 11:25 . 2009-10-04 11:25 -------- d-----w- c:\program files\Common Files\NSV
2009-10-04 11:02 . 2009-10-04 10:58 -------- d-----w- c:\program files\Speed Video Splitter
2009-10-04 10:40 . 2009-10-04 10:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\GeoVid
2009-10-04 10:36 . 2009-10-04 10:36 -------- d-----w- c:\program files\Common Files\GeoVid
2009-10-04 10:34 . 2009-10-04 10:34 -------- d-----w- c:\program files\GeoVid
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\MSBuild
2009-10-04 00:41 . 2009-10-04 00:41 -------- d-----w- c:\program files\Reference Assemblies
2009-10-04 00:37 . 2009-10-04 00:37 -------- d-----w- c:\program files\MSXML 6.0
2009-10-03 23:03 . 2009-10-03 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-10-03 22:41 . 2009-10-03 22:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-10-03 22:09 . 2009-10-03 22:09 -------- d-----w- c:\program files\Archiving
2009-10-03 11:15 . 2009-10-02 08:41 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-10-03 10:45 . 2009-10-03 10:45 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\FlashGot.exe
2009-10-03 09:06 . 2009-10-03 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-10-03 09:04 . 2009-10-03 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-03 08:26 . 2009-10-03 08:26 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-02 10:43 . 2009-10-02 10:42 -------- d-----w- c:\program files\QIP Infium
2009-10-02 10:00 . 2009-10-02 10:00 -------- d-----w- c:\program files\Microsoft Works
2009-10-02 09:19 . 2009-10-02 09:19 -------- d-----w- c:\program files\ASUSTeK
2009-10-02 09:16 . 2009-10-02 09:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-02 09:13 . 2009-10-02 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-02 09:12 . 2009-10-02 09:12 -------- d-----w- c:\program files\ASUS
2009-10-02 09:09 . 2009-10-02 09:09 0 ----a-w- c:\windows\nsreg.dat
2009-10-02 09:08 . 2009-10-02 09:03 -------- d-----w- c:\program files\Realtek
2009-10-02 09:05 . 2009-10-02 09:05 -------- d-----w- c:\program files\Analog Devices
2009-10-02 08:41 . 2009-10-02 08:41 -------- d-----w- c:\program files\microsoft frontpage
2009-10-02 08:38 . 2009-10-02 08:38 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-29 12:05 . 2009-09-29 12:05 96408 ----a-w- c:\windows\system32\drivers\epfwtdir.sys
2009-09-29 12:02 . 2009-09-29 12:02 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-29 11:56 . 2009-09-29 11:56 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 14:12 . 2009-10-11 08:43 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 14:12 . 2009-10-11 08:43 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2009-10-11 08:43 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 14:12 . 2009-10-11 08:43 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 14:12 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2005-12-14 06:51 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2005-12-14 06:51 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2005-12-14 06:51 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2005-12-14 06:51 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2005-12-14 06:51 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-24 07:24 . 2009-10-02 09:17 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-11 14:18 . 2004-08-04 04:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-04 04:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-08-04 04:56 832512 ------w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-08-04 04:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2004-08-04 04:56 17408 ------w- c:\windows\system32\corpol.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-18_23.28.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-19 07:37 . 2009-11-19 07:37 16384 c:\windows\temp\Perflib_Perfdata_69c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-11 3055616]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-12 2001648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-24 198160]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"365dnk"="" [BU]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Sierra\\Empire Earth\\Empire Earth.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11.11.2009 15:28 142592]
R2 713xTVCard;SAA7134 TV Card;c:\windows\system32\drivers\SAA713x.sys [15.3.2005 11:00 277504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr
*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1v0u31ok.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

AddRemove-365dnk6.0.7 - c:\windows\365dnk\uninstall.exe
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 08:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|˙˙˙˙Ŕ•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2009-11-19 09:01
ComboFix-quarantined-files.txt 2009-11-19 08:01
ComboFix2.txt 2009-11-18 23:35

Pre-Run: 125 287 759 872 bytes free
Post-Run: 125 253 029 888 bytes free

- - End Of File - - A64D6811D2C3EA4D8905002C48B9E829
Upload was successful
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: MWAV vyhadzuje chyby

#10 Příspěvek od motji »

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

:arrow: tento program znáte, používáte?
c:\program files\365dn?NET

Jak to vypadá s pc?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#11 Příspěvek od korzar »

ano 365 dni je elektronicky TV program, sice robustny ale super
PC vyzera byt OK, ale radsej to dokocime, lebo je lenive. Zrejme programy na pozadi, ale neviem, ktore a ako vypnut.
Idem stiahnut ten BAM
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#12 Příspěvek od korzar »

Malwarebytes' Anti-Malware 1.41
Verze databáze: 3195
Windows 5.1.2600 Service Pack 3

19.11.2009 14:57:25
mbam-log-2009-11-19 (14-57-05).txt

Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 177732
Uplynulý čas: 33 minute(s), 12 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Qoobox\Quarantine\C\RECYCLER\S-1-5-21-2364337424-6277086660-140735018-7988\wnzip32.exe.vir (Worm.Autorun.B) -> No action taken.
C:\System Volume Information\_restore{F080BF88-6240-4BAC-8BA4-1200CA88C98E}\RP1\A0000111.exe (Worm.Kolab) -> No action taken.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: MWAV vyhadzuje chyby

#13 Příspěvek od motji »

Co našel mbam, smažte.

:arrow: Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



:arrow: Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

:arrow: Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
korzar
Návštěvník
Návštěvník
Příspěvky: 88
Registrován: 01 kvě 2007 14:25

Re: MWAV vyhadzuje chyby

#14 Příspěvek od korzar »

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2009-11-19 15:30:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 120 GB (78%) free of 153 GB
Total RAM: 511 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:30:50, on 19.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT(2).exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Register Genuine Fractals 6.0 Professional Edition.lnk = C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6093 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-06-23 847872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"365dnk"= []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-10-24 198160]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-11-11 3055616]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-12 2001648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Register Genuine Fractals 6.0 Professional Edition.lnk - C:\Program Files\onOne Software\Genuine Fractals 6.0 Professional Edition\Register Genuine Fractals 6.0 Professional Edition.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-11-19 15:30:46 ----D---- C:\rsit
2009-11-19 15:27:18 ----SD---- C:\Combo-Fix6792C
2009-11-19 14:17:13 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2009-11-19 14:17:05 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-19 14:17:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-19 00:16:22 ----A---- C:\Boot.bak
2009-11-19 00:16:15 ----RASHD---- C:\cmdcons
2009-11-18 23:22:12 ----D---- C:\Program Files\trend micro
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTTextToAudio3.dll
2009-11-18 11:31:04 ----A---- C:\WINDOWS\system32\NCTAudioDTMFSignals3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer3.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-11-18 11:30:39 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-11-18 11:30:38 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2009-11-18 11:30:24 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2009-11-18 11:30:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-11-18 11:30:09 ----D---- C:\Program Files\Audio Editor Gold
2009-11-18 11:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2009-11-18 11:22:37 ----D---- C:\Program Files\NCH Swift Sound
2009-11-14 21:31:59 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-11-14 18:32:17 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2009-11-11 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-11 17:53:49 ----D---- C:\Program Files\WinZip
2009-11-11 15:47:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:41 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-11 15:47:40 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-11-11 15:47:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-11 15:28:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2009-11-11 15:28:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-11-11 15:28:05 ----D---- C:\Program Files\Spyware Terminator
2009-11-11 13:19:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 02:39:53 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-11 02:38:58 ----N---- C:\WINDOWS\system32\px.dll
2009-11-11 02:38:55 ----D---- C:\Program Files\Winamp
2009-11-11 02:38:55 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-03 23:21:55 ----A---- C:\WINDOWS\system32\java.exe
2009-11-03 09:56:48 ----D---- C:\Program Files\ESET
2009-11-02 14:53:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-02 14:53:38 ----D---- C:\Program Files\DivX
2009-11-02 14:44:40 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc
2009-11-02 14:11:34 ----D---- C:\Documents and Settings\All Users\Application Data\Readon
2009-11-02 14:05:07 ----D---- C:\Program Files\Readon Technology
2009-11-02 13:10:25 ----D---- C:\WINDOWS\system32\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\Program Files\Nexus Radio
2009-11-02 13:10:25 ----D---- C:\My Saved Files
2009-11-02 13:10:25 ----D---- C:\My Recorded Files
2009-10-31 19:09:12 ----D---- C:\Program Files\uTorrent
2009-10-31 19:08:09 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixpsets.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixjpeg.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixio130.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixguid.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixexif.dll
2009-10-30 11:59:01 ----A---- C:\WINDOWS\system32\ekfpixaudio.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\F210.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC265.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC240.dll
2009-10-30 11:59:00 ----A---- C:\WINDOWS\system32\DC210.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Roboex32.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\lwf214p.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\ldf252.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgst500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgpl500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgme500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgid500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgdw500.dll
2009-10-30 11:58:59 ----A---- C:\WINDOWS\system32\Jgar500.dll
2009-10-30 11:58:58 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:10:54 ----D---- C:\Documents and Settings\Administrator\Application Data\FLVPlayer4Free
2009-10-28 16:10:42 ----D---- C:\Program Files\FLVPlayer4Free
2009-10-26 17:03:42 ----D---- C:\WINDOWS\Minidump
2009-10-26 15:38:51 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-10-24 20:30:16 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-10-24 20:30:04 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-10-24 20:30:01 ----D---- C:\Program Files\Common Files\xing shared
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-10-24 20:29:38 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-10-24 20:29:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-10-24 20:29:36 ----D---- C:\Program Files\Real
2009-10-24 20:29:34 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2009-10-24 18:49:14 ----D---- C:\WINDOWS\temp
2009-10-24 18:49:11 ----A---- C:\log.txt
2009-10-24 18:38:40 ----D---- C:\Combo-Fix
2009-10-24 17:54:10 ----A---- C:\WINDOWS\ScanSpyware.INI
2009-10-24 17:44:46 ----D---- C:\Documents and Settings\Administrator\Application Data\ScanSpyware
2009-10-24 17:10:27 ----D---- C:\Program Files\Common Files\Real
2009-10-24 17:09:19 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2009-10-24 14:48:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2009-10-22 09:45:56 ----D---- C:\Program Files\Audacity
2009-10-22 09:17:59 ----D---- C:\Converted Audio Files
2009-10-22 09:16:50 ----D---- C:\Program Files\Acoustica MP3 To Wave Converter PLUS
2009-10-21 17:27:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Nik Software
2009-10-21 17:19:00 ----A---- C:\WINDOWS\system32\Deco_32.dll
2009-10-21 17:18:59 ----A---- C:\WINDOWS\system32\ASTSRV.EXE
2009-10-21 17:16:24 ----D---- C:\WINDOWS\MSSecurityNS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\MSSecurityNi
2009-10-20 23:25:15 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-10-20 21:06:01 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-10-20 21:03:07 ----D---- C:\Program Files\directx
2009-10-20 20:57:04 ----D---- C:\Sierra
2009-10-20 20:57:04 ----A---- C:\WINDOWS\SIERRA.INI
2009-10-20 19:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-10-20 19:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\NOS

======List of files/folders modified in the last 1 months======

2009-11-19 15:29:25 ----AD---- C:\WINDOWS
2009-11-19 15:28:01 ----D---- C:\WINDOWS\Prefetch
2009-11-19 15:27:56 ----SHD---- C:\System Volume Information
2009-11-19 15:27:56 ----D---- C:\WINDOWS\system32\Restore
2009-11-19 15:27:41 ----D---- C:\WINDOWS\system32
2009-11-19 15:25:16 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 15:19:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-11-19 14:17:07 ----D---- C:\WINDOWS\system32\drivers
2009-11-19 14:17:04 ----RD---- C:\Program Files
2009-11-19 08:58:03 ----A---- C:\WINDOWS\system.ini
2009-11-19 08:56:14 ----D---- C:\WINDOWS\AppPatch
2009-11-19 08:56:11 ----D---- C:\Program Files\Common Files
2009-11-19 08:46:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-19 00:35:28 ----SD---- C:\WINDOWS\Tasks
2009-11-19 00:26:43 ----SHD---- C:\RECYCLER
2009-11-19 00:16:22 ----RASH---- C:\boot.ini
2009-11-19 00:05:44 ----D---- C:\WINDOWS\Debug
2009-11-18 21:54:28 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2009-11-18 16:32:04 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2009-11-18 13:42:41 ----D---- C:\WINDOWS\inf
2009-11-18 11:31:29 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 19:06:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-16 19:46:36 ----D---- C:\Documents and Settings\Administrator\Application Data\365dni
2009-11-15 10:13:35 ----DC---- C:\WINDOWS\system32\dllcache
2009-11-13 12:08:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-13 11:30:02 ----D---- C:\WINDOWS\Help
2009-11-11 17:55:36 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-11-11 17:55:17 ----SHD---- C:\WINDOWS\Installer
2009-11-11 16:08:21 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-11 16:08:11 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-11 16:08:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-11 14:49:55 ----D---- C:\Program Files\Your Uninstaller
2009-11-11 13:17:23 ----D---- C:\WINDOWS\$hf_mig$
2009-11-11 03:15:04 ----D---- C:\WINDOWS\security
2009-11-11 02:40:47 ----D---- C:\Program Files\Windows Media Player
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-03 23:21:49 ----D---- C:\Program Files\Java
2009-11-02 14:11:44 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-10-30 11:57:25 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-26 18:42:38 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-10-26 18:42:37 ----D---- C:\Program Files\Adobe
2009-10-26 18:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-26 18:38:33 ----D---- C:\Program Files\Common Files\Adobe
2009-10-25 21:31:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-25 09:32:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-24 08:28:14 ----D---- C:\Program Files\WAS
2009-10-21 17:15:21 ----D---- C:\WINDOWS\Registration
2009-10-21 05:08:54 ----N---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 713xTVCard;SAA7134 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-27 245760]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-07 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 astcc;AST Service; C:\WINDOWS\SYSTEM32\astsrv.exe [2008-11-26 57344]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-11 487936]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-10-26 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: MWAV vyhadzuje chyby

#15 Příspěvek od motji »

:arrow: Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"365dnk"=-
"Malwarebytes Anti-Malware (reboot)"=-
-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.




:arrow: smažte
C:\Combo-Fix
C:\Combo-Fix6792C

:arrow: Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)
:arrow: Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980

:arrow: Jak to vypadá s počítačem? Pokud nejsou problémy, je to vše :)
Ještě zkuste ten mwaw.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Diskuze, řešení problémů“