win32:malware-gen
Napsal: 11 bře 2010 11:54
Zdravim
avastom najdeny win32:malware-gen
avast ho dal do truhly no clovek nikdy nevie...
Dakujem
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marco at 2010-03-11 11:44:29
Microsoft Windows 7 Ultimate
System drive C: has 25 GB (63%) free of 40 GB
Total RAM: 1024 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:44, on 11. 3. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnpstd3.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Marco\Desktop\RSIT.exe
C:\Program Files\trend micro\Marco.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
--
End of file - 9228 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-03-09 2769336]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-08 8120864]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"Device Detector"=DevDetect.exe -autorun []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]
"FixCamera"=C:\Windows\FixCamera.exe [2007-02-10 20480]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2007-02-07 262144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2009-12-22 38840]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-12-21 640440]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-10 133368]
C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-03-11 11:42:53 ----D---- C:\Program Files\trend micro
2010-03-11 11:42:50 ----D---- C:\rsit
2010-03-10 16:15:45 ----D---- C:\Windows\Sun
2010-03-04 16:44:04 ----D---- C:\Program Files\Winamp Detect
2010-02-28 16:58:38 ----A---- C:\Windows\cdplayer.ini
2010-02-28 16:58:05 ----D---- C:\Program Files\Audiograbber
2010-02-28 16:01:57 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2010-02-28 16:01:57 ----RA---- C:\Windows\system32\AdobePDF.dll
2010-02-26 12:03:01 ----D---- C:\Users\Marco\AppData\Roaming\BITS
2010-02-26 11:53:29 ----D---- C:\Program Files\Secunia
2010-02-26 11:38:41 ----D---- C:\ProgramData\FLEXnet
2010-02-26 11:37:37 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-02-26 11:33:11 ----D---- C:\ProgramData\Adobe
2010-02-26 11:33:11 ----D---- C:\Program Files\Common Files\Adobe
2010-02-26 11:33:10 ----D---- C:\Program Files\Adobe
2010-02-26 10:10:11 ----D---- C:\ProgramData\Sun
2010-02-26 10:10:10 ----D---- C:\Program Files\Common Files\Java
2010-02-26 10:07:12 ----A---- C:\Windows\system32\javaws.exe
2010-02-26 10:07:12 ----A---- C:\Windows\system32\javaw.exe
2010-02-26 10:07:12 ----A---- C:\Windows\system32\java.exe
2010-02-26 10:07:12 ----A---- C:\Windows\system32\deploytk.dll
2010-02-26 10:06:55 ----D---- C:\Program Files\Java
2010-02-26 10:04:20 ----D---- C:\Users\Marco\AppData\Roaming\ACD Systems
2010-02-25 16:07:14 ----D---- C:\Windows\system32\custom matrices
2010-02-25 16:07:10 ----D---- C:\Windows\system32\QuickTime
2010-02-25 16:07:10 ----D---- C:\Windows\system32\C2MP
2010-02-25 16:03:23 ----D---- C:\Users\Marco\AppData\Roaming\BSplayer Pro
2010-02-25 16:03:23 ----D---- C:\Users\Marco\AppData\Roaming\BSplayer
2010-02-25 16:03:22 ----D---- C:\Program Files\Webteh
2010-02-25 15:22:15 ----A---- C:\Windows\FixCamera.exe
2010-02-25 15:22:15 ----A---- C:\Windows\amcap.exe
2010-02-25 15:22:14 ----A---- C:\Windows\vsnpstd3.exe
2010-02-25 15:22:14 ----A---- C:\Windows\tsnpstd3.exe
2010-02-25 15:22:13 ----A---- C:\Windows\snpstd3.ini
2010-02-25 15:22:11 ----A---- C:\Windows\system32\vsnpstd3.dll
2010-02-25 15:22:11 ----A---- C:\Windows\system32\rsnpstd3.dll
2010-02-25 15:22:11 ----A---- C:\Windows\csnpstd3.dll
2010-02-25 15:22:10 ----D---- C:\Program Files\Common Files\snpstd3
2010-02-25 15:22:10 ----A---- C:\Windows\system32\csnpstd3.dll
2010-02-25 15:21:49 ----D---- C:\Users\Marco\AppData\Roaming\InstallShield
2010-02-25 15:06:58 ----A---- C:\Windows\wdict32.INI
2010-02-25 15:06:13 ----D---- C:\Program Files\Apple Software Update
2010-02-25 15:05:51 ----D---- C:\Program Files\Common Files\Apple
2010-02-25 15:05:34 ----D---- C:\Users\Marco\AppData\Roaming\Sony Corporation
2010-02-25 15:05:12 ----D---- C:\ProgramData\Apple Computer
2010-02-25 15:05:12 ----D---- C:\Program Files\QuickTime
2010-02-25 14:49:01 ----D---- C:\Drivers
2010-02-25 14:49:01 ----A---- C:\Windows\system32\SONYHCY.DLL
2010-02-25 14:47:49 ----D---- C:\Windows\system32\Iosubsys
2010-02-25 14:47:49 ----A---- C:\Windows\system32\PxInsI64.exe
2010-02-25 14:47:49 ----A---- C:\Windows\system32\PxCpyI64.exe
2010-02-25 14:45:11 ----D---- C:\Program Files\Sony
2010-02-25 13:50:14 ----D---- C:\Program Files\CCleaner
2010-02-25 13:47:11 ----D---- C:\ProgramData\ACD Systems
2010-02-25 13:47:09 ----D---- C:\Program Files\Common Files\ACD Systems
2010-02-25 13:47:09 ----D---- C:\Program Files\ACD Systems
2010-02-25 13:45:47 ----D---- C:\Windows\Downloaded Installations
2010-02-25 13:45:28 ----A---- C:\Windows\system32\BASSMOD.dll
2010-02-25 13:29:42 ----D---- C:\ProgramData\Apple
2010-02-25 13:28:33 ----D---- C:\Program Files\SuperDVD Player 5.0
2010-02-25 13:27:35 ----D---- C:\Program Files\WinRAR
2010-02-25 13:26:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-02-25 13:26:24 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-02-25 13:23:14 ----D---- C:\profiles
2010-02-25 13:22:53 ----D---- C:\Program Files\FlashGet Network
2010-02-25 13:04:46 ----A---- C:\Windows\wtran32.INI
2010-02-25 12:49:01 ----D---- C:\Users\Marco\AppData\Roaming\GHISLER
2010-02-25 12:49:01 ----D---- C:\totalcmd
2010-02-25 12:05:34 ----D---- C:\Users\Marco\AppData\Roaming\TrueCrypt
2010-02-25 12:05:25 ----D---- C:\ProgramData\TrueCrypt
2010-02-25 12:04:59 ----D---- C:\Program Files\TrueCrypt
2010-02-25 11:52:05 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-02-25 11:52:05 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-02-25 11:52:04 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-02-25 11:52:02 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-02-25 11:51:57 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-02-25 11:51:57 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-02-25 11:51:57 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\xinput1_3.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\d3dx10.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\xinput1_2.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-02-25 11:51:50 ----A---- C:\Windows\system32\xinput1_1.dll
2010-02-25 11:51:50 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-02-25 11:51:50 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-02-25 11:51:47 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-02-25 11:51:45 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-02-25 11:51:45 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-02-25 11:51:44 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-02-25 11:47:46 ----D---- C:\Program Files\PC Translator
2010-02-25 11:37:28 ----D---- C:\Users\Marco\AppData\Roaming\skypePM
2010-02-25 11:34:58 ----D---- C:\Users\Marco\AppData\Roaming\Skype
2010-02-25 11:34:49 ----D---- C:\Program Files\Common Files\Skype
2010-02-25 11:34:45 ----RD---- C:\Program Files\Skype
2010-02-25 11:34:43 ----D---- C:\ProgramData\Skype
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxinsa64.exe
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxhpinst.exe
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxcpya64.exe
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxafs.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\vxblock.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxwave.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxsfs.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxmas.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxdrv.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\px.dll
2010-02-25 11:33:08 ----D---- C:\Users\Marco\AppData\Roaming\Winamp
2010-02-25 11:33:08 ----D---- C:\Program Files\Winamp
2010-02-25 11:26:10 ----D---- C:\Program Files\Mozilla Firefox
2010-02-25 11:13:16 ----D---- C:\Users\Marco\AppData\Roaming\Lavasoft
2010-02-25 11:13:05 ----D---- C:\Program Files\Lavasoft
2010-02-25 10:53:01 ----A---- C:\Windows\system32\msonpmon.dll
2010-02-25 10:50:08 ----D---- C:\Program Files\Microsoft Works
2010-02-25 10:49:35 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-25 10:49:35 ----D---- C:\Program Files\Common Files\DESIGNER
2010-02-25 10:48:49 ----D---- C:\Windows\PCHEALTH
2010-02-25 10:48:48 ----D---- C:\Program Files\Microsoft.NET
2010-02-25 10:46:42 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-02-25 10:45:47 ----D---- C:\ProgramData\Microsoft Help
2010-02-25 10:45:47 ----D---- C:\Program Files\Microsoft Office
2010-02-25 10:44:41 ----RHD---- C:\MSOCache
2010-02-25 10:43:36 ----D---- C:\Windows\system32\ShellExt
2010-02-25 10:42:05 ----D---- C:\Program Files\LG Electronics
2010-02-25 10:33:33 ----D---- C:\Windows\system32\RTCOM
2010-02-25 10:33:11 ----A---- C:\Windows\system32\WavesLib.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSWOW.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSTSHD.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSHP360.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkAPO.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEEP32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEEL32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEEG32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEED32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RP3DHT32.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RP3DAA32.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2010-02-25 10:33:08 ----D---- C:\Program Files\Realtek
2010-02-25 10:33:08 ----A---- C:\Windows\system32\FMAPO.dll
2010-02-25 10:33:08 ----A---- C:\Windows\system32\AERTARen.dll
2010-02-25 10:33:08 ----A---- C:\Windows\system32\AERTACap.dll
2010-02-25 10:33:05 ----HD---- C:\Program Files\Temp
2010-02-25 10:33:05 ----A---- C:\Windows\RtlExUpd.dll
2010-02-25 10:25:12 ----D---- C:\Users\Marco\AppData\Roaming\Macromedia
2010-02-25 10:25:12 ----D---- C:\Users\Marco\AppData\Roaming\Adobe
2010-02-25 10:25:05 ----D---- C:\Windows\system32\Macromed
2010-02-25 10:22:42 ----D---- C:\Users\Marco\AppData\Roaming\GetRightToGo
2010-02-25 10:19:24 ----D---- C:\Program Files\LizardTech
2010-02-25 10:04:14 ----D---- C:\Program Files\Google
2010-02-25 10:03:34 ----A---- C:\Windows\system32\aswBoot.exe
2010-02-25 10:03:32 ----D---- C:\ProgramData\Alwil Software
2010-02-25 10:03:32 ----D---- C:\Program Files\Alwil Software
2010-02-25 09:58:42 ----A---- C:\Windows\IsUninst.exe
2010-02-25 09:57:40 ----D---- C:\Program Files\ATI Technologies
2010-02-25 09:57:22 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-25 09:50:19 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-25 09:43:25 ----D---- C:\Program Files\ICQ6Toolbar
2010-02-25 09:43:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-25 09:43:23 ----D---- C:\Users\Marco\AppData\Roaming\Mozilla
2010-02-25 09:43:23 ----D---- C:\ProgramData\ICQ
2010-02-25 09:43:19 ----D---- C:\Users\Marco\AppData\Roaming\ICQ
2010-02-25 09:43:12 ----D---- C:\Program Files\ICQ7.0
2010-02-25 09:42:34 ----D---- C:\Users\Marco\AppData\Roaming\Opera
2010-02-25 09:42:29 ----D---- C:\Program Files\Opera
2010-02-25 09:40:29 ----SHD---- C:\Windows\Installer
2010-02-25 09:38:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-25 09:29:18 ----D---- C:\Users\Marco\AppData\Roaming\Identities
2010-02-25 09:29:04 ----SD---- C:\Users\Marco\AppData\Roaming\Microsoft
2010-02-25 09:29:04 ----D---- C:\Users\Marco\AppData\Roaming\Media Center Programs
2010-02-25 09:28:59 ----SHD---- C:\Recovery
2010-02-25 09:22:18 ----D---- C:\Windows\SoftwareDistribution
2010-02-25 09:19:29 ----D---- C:\Windows\Prefetch
2010-02-25 09:19:22 ----SHD---- C:\System Volume Information
2010-02-25 09:18:39 ----D---- C:\Windows\Panther
2010-02-25 09:18:27 ----RASH---- C:\BOOTSECT.BAK
2010-02-25 09:18:25 ----SHD---- C:\Boot
======List of files/folders modified in the last 1 months======
2010-03-11 11:44:30 ----D---- C:\Windows\Temp
2010-03-11 11:42:53 ----RD---- C:\Program Files
2010-03-11 07:56:31 ----D---- C:\Windows\System32
2010-03-11 07:56:31 ----D---- C:\Windows\inf
2010-03-10 18:05:38 ----D---- C:\Windows\system32\catroot2
2010-03-10 17:56:27 ----D---- C:\Windows\system32\config
2010-03-10 16:15:45 ----D---- C:\Windows
2010-03-09 13:01:48 ----D---- C:\Windows\system32\wdi
2010-03-08 17:29:23 ----D---- C:\Windows\rescache
2010-03-08 17:27:43 ----D---- C:\Windows\Logs
2010-03-01 17:35:55 ----HD---- C:\ProgramData
2010-02-28 16:02:30 ----D---- C:\Windows\system32\DriverStore
2010-02-26 13:41:37 ----SD---- C:\ProgramData\Microsoft
2010-02-26 13:41:37 ----D---- C:\Windows\system32\drivers
2010-02-26 13:36:26 ----D---- C:\Windows\winsxs
2010-02-26 12:20:12 ----D---- C:\Program Files\Internet Explorer
2010-02-26 11:59:13 ----D---- C:\Windows\system32\Tasks
2010-02-26 11:37:37 ----D---- C:\Program Files\Common Files
2010-02-26 11:33:45 ----RSD---- C:\Windows\Fonts
2010-02-25 15:24:53 ----D---- C:\Windows\system32\catroot
2010-02-25 15:22:15 ----A---- C:\Windows\win.ini
2010-02-25 15:22:14 ----D---- C:\Windows\twain_32
2010-02-25 13:50:52 ----D---- C:\Windows\debug
2010-02-25 13:13:16 ----HD---- C:\Windows\system32\GroupPolicy
2010-02-25 12:40:49 ----D---- C:\Windows\Microsoft.NET
2010-02-25 12:40:46 ----RSD---- C:\Windows\assembly
2010-02-25 12:15:30 ----SHD---- C:\$Recycle.Bin
2010-02-25 12:15:20 ----RD---- C:\Users
2010-02-25 11:44:34 ----D---- C:\Windows\Downloaded Program Files
2010-02-25 11:40:23 ----D---- C:\Windows\LiveKernelReports
2010-02-25 10:50:04 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-25 10:49:58 ----D---- C:\Program Files\MSBuild
2010-02-25 10:49:31 ----D---- C:\Windows\ShellNew
2010-02-25 10:46:11 ----D---- C:\Program Files\Common Files\System
2010-02-25 10:04:19 ----D---- C:\Windows\Tasks
2010-02-25 09:42:15 ----D---- C:\Windows\system32\CodeIntegrity
2010-02-25 09:42:03 ----D---- C:\Windows\system32\restore
2010-02-25 09:37:38 ----D---- C:\Windows\system32\wbem
2010-02-25 09:28:59 ----D---- C:\Windows\system32\Recovery
2010-02-25 09:24:45 ----D---- C:\Windows\system32\sysprep
2010-02-25 09:20:07 ----D---- C:\Windows\CSC
avastom najdeny win32:malware-gen
avast ho dal do truhly no clovek nikdy nevie...
Dakujem
Logfile of random's system information tool 1.06 (written by random/random)
Run by Marco at 2010-03-11 11:44:29
Microsoft Windows 7 Ultimate
System drive C: has 25 GB (63%) free of 40 GB
Total RAM: 1024 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:44, on 11. 3. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnpstd3.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Marco\Desktop\RSIT.exe
C:\Program Files\trend micro\Marco.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
--
End of file - 9228 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-03-09 2769336]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-08 8120864]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"Device Detector"=DevDetect.exe -autorun []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]
"FixCamera"=C:\Windows\FixCamera.exe [2007-02-10 20480]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2007-02-07 262144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2009-12-22 38840]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-12-21 640440]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-10 133368]
C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-03-11 11:42:53 ----D---- C:\Program Files\trend micro
2010-03-11 11:42:50 ----D---- C:\rsit
2010-03-10 16:15:45 ----D---- C:\Windows\Sun
2010-03-04 16:44:04 ----D---- C:\Program Files\Winamp Detect
2010-02-28 16:58:38 ----A---- C:\Windows\cdplayer.ini
2010-02-28 16:58:05 ----D---- C:\Program Files\Audiograbber
2010-02-28 16:01:57 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2010-02-28 16:01:57 ----RA---- C:\Windows\system32\AdobePDF.dll
2010-02-26 12:03:01 ----D---- C:\Users\Marco\AppData\Roaming\BITS
2010-02-26 11:53:29 ----D---- C:\Program Files\Secunia
2010-02-26 11:38:41 ----D---- C:\ProgramData\FLEXnet
2010-02-26 11:37:37 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-02-26 11:33:11 ----D---- C:\ProgramData\Adobe
2010-02-26 11:33:11 ----D---- C:\Program Files\Common Files\Adobe
2010-02-26 11:33:10 ----D---- C:\Program Files\Adobe
2010-02-26 10:10:11 ----D---- C:\ProgramData\Sun
2010-02-26 10:10:10 ----D---- C:\Program Files\Common Files\Java
2010-02-26 10:07:12 ----A---- C:\Windows\system32\javaws.exe
2010-02-26 10:07:12 ----A---- C:\Windows\system32\javaw.exe
2010-02-26 10:07:12 ----A---- C:\Windows\system32\java.exe
2010-02-26 10:07:12 ----A---- C:\Windows\system32\deploytk.dll
2010-02-26 10:06:55 ----D---- C:\Program Files\Java
2010-02-26 10:04:20 ----D---- C:\Users\Marco\AppData\Roaming\ACD Systems
2010-02-25 16:07:14 ----D---- C:\Windows\system32\custom matrices
2010-02-25 16:07:10 ----D---- C:\Windows\system32\QuickTime
2010-02-25 16:07:10 ----D---- C:\Windows\system32\C2MP
2010-02-25 16:03:23 ----D---- C:\Users\Marco\AppData\Roaming\BSplayer Pro
2010-02-25 16:03:23 ----D---- C:\Users\Marco\AppData\Roaming\BSplayer
2010-02-25 16:03:22 ----D---- C:\Program Files\Webteh
2010-02-25 15:22:15 ----A---- C:\Windows\FixCamera.exe
2010-02-25 15:22:15 ----A---- C:\Windows\amcap.exe
2010-02-25 15:22:14 ----A---- C:\Windows\vsnpstd3.exe
2010-02-25 15:22:14 ----A---- C:\Windows\tsnpstd3.exe
2010-02-25 15:22:13 ----A---- C:\Windows\snpstd3.ini
2010-02-25 15:22:11 ----A---- C:\Windows\system32\vsnpstd3.dll
2010-02-25 15:22:11 ----A---- C:\Windows\system32\rsnpstd3.dll
2010-02-25 15:22:11 ----A---- C:\Windows\csnpstd3.dll
2010-02-25 15:22:10 ----D---- C:\Program Files\Common Files\snpstd3
2010-02-25 15:22:10 ----A---- C:\Windows\system32\csnpstd3.dll
2010-02-25 15:21:49 ----D---- C:\Users\Marco\AppData\Roaming\InstallShield
2010-02-25 15:06:58 ----A---- C:\Windows\wdict32.INI
2010-02-25 15:06:13 ----D---- C:\Program Files\Apple Software Update
2010-02-25 15:05:51 ----D---- C:\Program Files\Common Files\Apple
2010-02-25 15:05:34 ----D---- C:\Users\Marco\AppData\Roaming\Sony Corporation
2010-02-25 15:05:12 ----D---- C:\ProgramData\Apple Computer
2010-02-25 15:05:12 ----D---- C:\Program Files\QuickTime
2010-02-25 14:49:01 ----D---- C:\Drivers
2010-02-25 14:49:01 ----A---- C:\Windows\system32\SONYHCY.DLL
2010-02-25 14:47:49 ----D---- C:\Windows\system32\Iosubsys
2010-02-25 14:47:49 ----A---- C:\Windows\system32\PxInsI64.exe
2010-02-25 14:47:49 ----A---- C:\Windows\system32\PxCpyI64.exe
2010-02-25 14:45:11 ----D---- C:\Program Files\Sony
2010-02-25 13:50:14 ----D---- C:\Program Files\CCleaner
2010-02-25 13:47:11 ----D---- C:\ProgramData\ACD Systems
2010-02-25 13:47:09 ----D---- C:\Program Files\Common Files\ACD Systems
2010-02-25 13:47:09 ----D---- C:\Program Files\ACD Systems
2010-02-25 13:45:47 ----D---- C:\Windows\Downloaded Installations
2010-02-25 13:45:28 ----A---- C:\Windows\system32\BASSMOD.dll
2010-02-25 13:29:42 ----D---- C:\ProgramData\Apple
2010-02-25 13:28:33 ----D---- C:\Program Files\SuperDVD Player 5.0
2010-02-25 13:27:35 ----D---- C:\Program Files\WinRAR
2010-02-25 13:26:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-02-25 13:26:24 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-02-25 13:23:14 ----D---- C:\profiles
2010-02-25 13:22:53 ----D---- C:\Program Files\FlashGet Network
2010-02-25 13:04:46 ----A---- C:\Windows\wtran32.INI
2010-02-25 12:49:01 ----D---- C:\Users\Marco\AppData\Roaming\GHISLER
2010-02-25 12:49:01 ----D---- C:\totalcmd
2010-02-25 12:05:34 ----D---- C:\Users\Marco\AppData\Roaming\TrueCrypt
2010-02-25 12:05:25 ----D---- C:\ProgramData\TrueCrypt
2010-02-25 12:04:59 ----D---- C:\Program Files\TrueCrypt
2010-02-25 11:52:05 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-02-25 11:52:05 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-02-25 11:52:04 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-02-25 11:52:02 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-02-25 11:52:01 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-02-25 11:52:00 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-02-25 11:51:59 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-02-25 11:51:58 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-02-25 11:51:57 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-02-25 11:51:57 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-02-25 11:51:57 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-02-25 11:51:56 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-02-25 11:51:55 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-02-25 11:51:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\xinput1_3.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-02-25 11:51:53 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\d3dx10.dll
2010-02-25 11:51:52 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\xinput1_2.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-02-25 11:51:51 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-02-25 11:51:50 ----A---- C:\Windows\system32\xinput1_1.dll
2010-02-25 11:51:50 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-02-25 11:51:50 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-02-25 11:51:47 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-02-25 11:51:46 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-02-25 11:51:45 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-02-25 11:51:45 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-02-25 11:51:44 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-02-25 11:47:46 ----D---- C:\Program Files\PC Translator
2010-02-25 11:37:28 ----D---- C:\Users\Marco\AppData\Roaming\skypePM
2010-02-25 11:34:58 ----D---- C:\Users\Marco\AppData\Roaming\Skype
2010-02-25 11:34:49 ----D---- C:\Program Files\Common Files\Skype
2010-02-25 11:34:45 ----RD---- C:\Program Files\Skype
2010-02-25 11:34:43 ----D---- C:\ProgramData\Skype
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxinsa64.exe
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxhpinst.exe
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxcpya64.exe
2010-02-25 11:33:10 ----N---- C:\Windows\system32\pxafs.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\vxblock.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxwave.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxsfs.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxmas.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\pxdrv.dll
2010-02-25 11:33:09 ----N---- C:\Windows\system32\px.dll
2010-02-25 11:33:08 ----D---- C:\Users\Marco\AppData\Roaming\Winamp
2010-02-25 11:33:08 ----D---- C:\Program Files\Winamp
2010-02-25 11:26:10 ----D---- C:\Program Files\Mozilla Firefox
2010-02-25 11:13:16 ----D---- C:\Users\Marco\AppData\Roaming\Lavasoft
2010-02-25 11:13:05 ----D---- C:\Program Files\Lavasoft
2010-02-25 10:53:01 ----A---- C:\Windows\system32\msonpmon.dll
2010-02-25 10:50:08 ----D---- C:\Program Files\Microsoft Works
2010-02-25 10:49:35 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-25 10:49:35 ----D---- C:\Program Files\Common Files\DESIGNER
2010-02-25 10:48:49 ----D---- C:\Windows\PCHEALTH
2010-02-25 10:48:48 ----D---- C:\Program Files\Microsoft.NET
2010-02-25 10:46:42 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-02-25 10:45:47 ----D---- C:\ProgramData\Microsoft Help
2010-02-25 10:45:47 ----D---- C:\Program Files\Microsoft Office
2010-02-25 10:44:41 ----RHD---- C:\MSOCache
2010-02-25 10:43:36 ----D---- C:\Windows\system32\ShellExt
2010-02-25 10:42:05 ----D---- C:\Program Files\LG Electronics
2010-02-25 10:33:33 ----D---- C:\Windows\system32\RTCOM
2010-02-25 10:33:11 ----A---- C:\Windows\system32\WavesLib.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSWOW.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSTSHD.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\SRSHP360.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-02-25 10:33:10 ----A---- C:\Windows\system32\RtkAPO.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEEP32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEEL32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEEG32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RTEED32A.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RP3DHT32.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\RP3DAA32.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2010-02-25 10:33:08 ----D---- C:\Program Files\Realtek
2010-02-25 10:33:08 ----A---- C:\Windows\system32\FMAPO.dll
2010-02-25 10:33:08 ----A---- C:\Windows\system32\AERTARen.dll
2010-02-25 10:33:08 ----A---- C:\Windows\system32\AERTACap.dll
2010-02-25 10:33:05 ----HD---- C:\Program Files\Temp
2010-02-25 10:33:05 ----A---- C:\Windows\RtlExUpd.dll
2010-02-25 10:25:12 ----D---- C:\Users\Marco\AppData\Roaming\Macromedia
2010-02-25 10:25:12 ----D---- C:\Users\Marco\AppData\Roaming\Adobe
2010-02-25 10:25:05 ----D---- C:\Windows\system32\Macromed
2010-02-25 10:22:42 ----D---- C:\Users\Marco\AppData\Roaming\GetRightToGo
2010-02-25 10:19:24 ----D---- C:\Program Files\LizardTech
2010-02-25 10:04:14 ----D---- C:\Program Files\Google
2010-02-25 10:03:34 ----A---- C:\Windows\system32\aswBoot.exe
2010-02-25 10:03:32 ----D---- C:\ProgramData\Alwil Software
2010-02-25 10:03:32 ----D---- C:\Program Files\Alwil Software
2010-02-25 09:58:42 ----A---- C:\Windows\IsUninst.exe
2010-02-25 09:57:40 ----D---- C:\Program Files\ATI Technologies
2010-02-25 09:57:22 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-25 09:50:19 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-25 09:43:25 ----D---- C:\Program Files\ICQ6Toolbar
2010-02-25 09:43:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-25 09:43:23 ----D---- C:\Users\Marco\AppData\Roaming\Mozilla
2010-02-25 09:43:23 ----D---- C:\ProgramData\ICQ
2010-02-25 09:43:19 ----D---- C:\Users\Marco\AppData\Roaming\ICQ
2010-02-25 09:43:12 ----D---- C:\Program Files\ICQ7.0
2010-02-25 09:42:34 ----D---- C:\Users\Marco\AppData\Roaming\Opera
2010-02-25 09:42:29 ----D---- C:\Program Files\Opera
2010-02-25 09:40:29 ----SHD---- C:\Windows\Installer
2010-02-25 09:38:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-25 09:29:18 ----D---- C:\Users\Marco\AppData\Roaming\Identities
2010-02-25 09:29:04 ----SD---- C:\Users\Marco\AppData\Roaming\Microsoft
2010-02-25 09:29:04 ----D---- C:\Users\Marco\AppData\Roaming\Media Center Programs
2010-02-25 09:28:59 ----SHD---- C:\Recovery
2010-02-25 09:22:18 ----D---- C:\Windows\SoftwareDistribution
2010-02-25 09:19:29 ----D---- C:\Windows\Prefetch
2010-02-25 09:19:22 ----SHD---- C:\System Volume Information
2010-02-25 09:18:39 ----D---- C:\Windows\Panther
2010-02-25 09:18:27 ----RASH---- C:\BOOTSECT.BAK
2010-02-25 09:18:25 ----SHD---- C:\Boot
======List of files/folders modified in the last 1 months======
2010-03-11 11:44:30 ----D---- C:\Windows\Temp
2010-03-11 11:42:53 ----RD---- C:\Program Files
2010-03-11 07:56:31 ----D---- C:\Windows\System32
2010-03-11 07:56:31 ----D---- C:\Windows\inf
2010-03-10 18:05:38 ----D---- C:\Windows\system32\catroot2
2010-03-10 17:56:27 ----D---- C:\Windows\system32\config
2010-03-10 16:15:45 ----D---- C:\Windows
2010-03-09 13:01:48 ----D---- C:\Windows\system32\wdi
2010-03-08 17:29:23 ----D---- C:\Windows\rescache
2010-03-08 17:27:43 ----D---- C:\Windows\Logs
2010-03-01 17:35:55 ----HD---- C:\ProgramData
2010-02-28 16:02:30 ----D---- C:\Windows\system32\DriverStore
2010-02-26 13:41:37 ----SD---- C:\ProgramData\Microsoft
2010-02-26 13:41:37 ----D---- C:\Windows\system32\drivers
2010-02-26 13:36:26 ----D---- C:\Windows\winsxs
2010-02-26 12:20:12 ----D---- C:\Program Files\Internet Explorer
2010-02-26 11:59:13 ----D---- C:\Windows\system32\Tasks
2010-02-26 11:37:37 ----D---- C:\Program Files\Common Files
2010-02-26 11:33:45 ----RSD---- C:\Windows\Fonts
2010-02-25 15:24:53 ----D---- C:\Windows\system32\catroot
2010-02-25 15:22:15 ----A---- C:\Windows\win.ini
2010-02-25 15:22:14 ----D---- C:\Windows\twain_32
2010-02-25 13:50:52 ----D---- C:\Windows\debug
2010-02-25 13:13:16 ----HD---- C:\Windows\system32\GroupPolicy
2010-02-25 12:40:49 ----D---- C:\Windows\Microsoft.NET
2010-02-25 12:40:46 ----RSD---- C:\Windows\assembly
2010-02-25 12:15:30 ----SHD---- C:\$Recycle.Bin
2010-02-25 12:15:20 ----RD---- C:\Users
2010-02-25 11:44:34 ----D---- C:\Windows\Downloaded Program Files
2010-02-25 11:40:23 ----D---- C:\Windows\LiveKernelReports
2010-02-25 10:50:04 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-25 10:49:58 ----D---- C:\Program Files\MSBuild
2010-02-25 10:49:31 ----D---- C:\Windows\ShellNew
2010-02-25 10:46:11 ----D---- C:\Program Files\Common Files\System
2010-02-25 10:04:19 ----D---- C:\Windows\Tasks
2010-02-25 09:42:15 ----D---- C:\Windows\system32\CodeIntegrity
2010-02-25 09:42:03 ----D---- C:\Windows\system32\restore
2010-02-25 09:37:38 ----D---- C:\Windows\system32\wbem
2010-02-25 09:28:59 ----D---- C:\Windows\system32\Recovery
2010-02-25 09:24:45 ----D---- C:\Windows\system32\sysprep
2010-02-25 09:20:07 ----D---- C:\Windows\CSC
tak o moc chytřejší nejsem.
spusťte přejmenované HJT 
záložka