Pc ma stale vytazeny procesor na 55 - 100% aj bez spustenia akejkolvek akcie.
Mbam - negativ. CCleaner - negativ.
Dakujem za navrh opravy.
Logfile of random's system information tool 1.07 (written by random/random)
Run by europe at 2010-07-20 22:27:55
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 12 GB (8%) free of 146 GB
Total RAM: 2046 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:29, on 2010-07-20
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES\T-COM\PANDA INTERNET SECURITY 2009\WebProxy.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-com\Panda Internet Security 2009\ApvxdWin.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\T-com\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\europe\Downloads\RSIT(2).exe
C:\Program Files\trend micro\europe.exe
C:\Program Files\T-com\Panda Internet Security 2009\avciman.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\T-com\Panda Internet Security 2009\Inicio.exe"
O4 - HKLM\..\Run: [HPUsageTracking] c:\Program Files\HP\HP UT\bin\hppusg.exe "c:\Program Files\HP\HP UT\"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: RadarSync Website - {29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - C:\Program Files\RadarSync\RadarSync Website.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9639299226
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C3718A6-DD75-4B1A-B628-36FC48575DCC}: NameServer = 192.168.2.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\T-com\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\t-com\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PskSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12491 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for europe.job
C:\Windows\tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
C:\Windows\tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
C:\Windows\tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
C:\Windows\tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-04-30 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-13 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21 71192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"APVXDWIN"=C:\Program Files\T-com\Panda Internet Security 2009\APVXDWIN.EXE [2008-07-16 857344]
"SCANINICIO"=C:\Program Files\T-com\Panda Internet Security 2009\Inicio.exe [2008-07-07 50432]
"HPUsageTracking"=c:\Program Files\HP\HP UT\bin\hppusg.exe [2007-05-04 36864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-04-13 47392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-06-12 56080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
C:\Users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
C:\Program Files\inKline Global\PC Booster\pcbooster.exe [2007-11-30 14450688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2009-03-10 468264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-04 2403568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-17 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-04-30 202256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
c:\program files\uniblue\registrybooster\StartRegistryBooster.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-01-14 37888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Z810PNP]
C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-03-29 719664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-07-26 768528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
C:\PROGRA~1\Returnil\RVS3\rvsgui.exe /INST_AUTO /NOSPLASH []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-01-23 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-10-01 87552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\PROGRA~1\T-com\PANDAI~1\PAVSCRIP.EXE "%1" %*
.vbs - open - C:\PROGRA~1\T-com\PANDAI~1\PAVSCRIP.EXE "%1" %*
======List of files/folders created in the last 2 months======
2010-07-17 15:27:14 ----D---- C:\Program Files\Webteh
2010-07-05 14:03:52 ----D---- C:\ProgramData\Innovative Solutions
2010-07-05 13:49:15 ----D---- C:\Program Files\RadarSync
2010-07-05 13:47:35 ----D---- C:\Program Files\Innovative Solutions
2010-07-03 22:44:47 ----D---- C:\Users\europe\AppData\Roaming\DivX
2010-07-02 21:43:17 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-02 21:37:38 ----D---- C:\ProgramData\DivX
2010-06-30 23:55:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-06-23 20:28:04 ----D---- C:\Windows\system32\WindowsPowerShell
2010-06-23 19:53:08 ----A---- C:\Windows\system32\winrsmgr.dll
2010-06-23 19:52:12 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-06-23 19:52:12 ----A---- C:\Windows\system32\winrshost.exe
2010-06-23 19:52:12 ----A---- C:\Windows\system32\winrs.exe
2010-06-23 19:52:08 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-06-23 19:52:08 ----A---- C:\Windows\system32\winrssrv.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\WsmRes.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wevtfwd.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecutil.exe
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecsvc.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecapi.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-06-23 19:51:55 ----A---- C:\Windows\system32\winrm.vbs
2010-06-23 19:51:50 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-06-23 19:51:50 ----A---- C:\Windows\system32\WsmAuto.dll
2010-06-23 19:51:50 ----A---- C:\Windows\system32\winrscmd.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-06-23 19:46:42 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-23 19:46:42 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\mscoree.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 19:34:02 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-23 19:33:57 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-22 19:41:48 ----D---- C:\68b489bebacea28f49
2010-06-22 16:35:46 ----D---- C:\Users\europe\AppData\Roaming\MicrosoTt
2010-06-16 18:47:59 ----D---- C:\13e56cc4b03f25b052c9218c
2010-06-15 22:48:25 ----D---- C:\Windows\CheckSur
2010-06-12 00:23:41 ----A---- C:\Windows\system32\ieui.dll
2010-06-12 00:23:40 ----A---- C:\Windows\system32\ieframe.dll
2010-06-12 00:23:38 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\iesetup.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\iernonce.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-12 00:23:31 ----A---- C:\Windows\system32\occache.dll
2010-06-12 00:23:31 ----A---- C:\Windows\system32\iertutil.dll
2010-06-12 00:23:29 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-12 00:23:25 ----A---- C:\Windows\system32\mshtml.dll
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-12 00:23:21 ----A---- C:\Windows\system32\iepeers.dll
2010-06-12 00:23:21 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-12 00:23:19 ----A---- C:\Windows\system32\wininet.dll
2010-06-12 00:23:19 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-12 00:23:17 ----A---- C:\Windows\system32\mstime.dll
2010-06-12 00:23:16 ----A---- C:\Windows\system32\urlmon.dll
2010-06-12 00:22:57 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-12 00:19:23 ----A---- C:\Windows\system32\atmlib.dll
2010-06-12 00:19:23 ----A---- C:\Windows\system32\atmfd.dll
2010-05-27 22:31:28 ----A---- C:\Windows\system32\SynCtrl.dll
2010-05-26 12:28:55 ----A---- C:\Windows\system32\tzres.dll
2010-05-22 15:59:53 ----D---- C:\_OTM
======List of files/folders modified in the last 2 months======
2010-07-20 22:28:19 ----D---- C:\Windows\temp
2010-07-20 22:28:12 ----D---- C:\Program Files\Trend Micro
2010-07-20 20:18:05 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-07-20 17:22:06 ----SD---- C:\Windows\Downloaded Program Files
2010-07-20 17:22:06 ----D---- C:\Windows\System32
2010-07-20 16:59:44 ----D---- C:\Windows\system32\drivers
2010-07-20 13:30:58 ----SHD---- C:\System Volume Information
2010-07-19 17:24:05 ----D---- C:\Windows\Prefetch
2010-07-19 17:22:08 ----D---- C:\Windows
2010-07-19 13:43:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-19 13:43:19 ----D---- C:\Windows\inf
2010-07-19 11:04:47 ----A---- C:\ProgramData\hpqp.txt
2010-07-18 19:13:11 ----D---- C:\Windows\system32\catroot2
2010-07-17 15:32:56 ----D---- C:\Windows\system32\Tasks
2010-07-17 15:27:14 ----RD---- C:\Program Files
2010-07-15 22:16:40 ----D---- C:\Windows\Minidump
2010-07-15 22:16:40 ----D---- C:\Windows\Debug
2010-07-15 14:32:42 ----D---- C:\Windows\winsxs
2010-07-14 17:21:56 ----D---- C:\Windows\system32\catroot
2010-07-14 17:21:32 ----D---- C:\Program Files\Windows Mail
2010-07-14 17:11:08 ----D---- C:\Users\europe\AppData\Roaming\Skype
2010-07-14 16:52:13 ----D---- C:\Users\europe\AppData\Roaming\skypePM
2010-07-13 10:16:23 ----SHD---- C:\Windows\Installer
2010-07-06 22:54:22 ----D---- C:\Program Files\ICQ6.5
2010-07-05 14:03:52 ----HD---- C:\ProgramData
2010-07-05 01:31:51 ----D---- C:\Windows\Tasks
2010-07-04 13:58:12 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-03 16:36:26 ----A---- C:\Windows\ODBCINST.INI
2010-07-02 21:43:17 ----D---- C:\Program Files\Common Files
2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe
2010-07-02 21:33:50 ----D---- C:\Users\europe\AppData\Roaming\cspa
2010-07-01 23:53:07 ----D---- C:\Program Files\CCleaner
2010-07-01 18:56:19 ----D---- C:\Users\europe\AppData\Roaming\Software Informer
2010-06-30 23:55:15 ----D---- C:\Program Files\Winamp
2010-06-30 23:55:12 ----D---- C:\Program Files\iTunes
2010-06-30 13:23:01 ----D---- C:\Windows\pss
2010-06-29 19:44:51 ----D---- C:\Program Files\Microsoft Security Essentials
2010-06-27 16:54:36 ----D---- C:\Program Files\Mozilla Firefox
2010-06-26 12:01:17 ----D---- C:\Windows\Cursors
2010-06-25 20:23:31 ----D---- C:\Program Files\Video Karaoke Studio II
2010-06-25 17:12:07 ----D---- C:\Windows\system32\wbem
2010-06-25 17:11:12 ----D---- C:\Windows\system32\spool
2010-06-25 17:11:11 ----D---- C:\Windows\registration
2010-06-24 01:43:40 ----D---- C:\Windows\Microsoft.NET
2010-06-24 00:21:24 ----RSD---- C:\Windows\assembly
2010-06-23 21:10:15 ----D---- C:\Windows\rescache
2010-06-23 20:28:08 ----D---- C:\Windows\AppPatch
2010-06-23 20:28:07 ----D---- C:\Windows\system32\cs-CZ
2010-06-23 20:28:07 ----D---- C:\Windows\PolicyDefinitions
2010-06-23 20:28:02 ----D---- C:\Windows\ehome
2010-06-16 20:38:19 ----D---- C:\Users\europe\AppData\Roaming\Opera
2010-06-14 08:57:26 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-12 19:09:59 ----D---- C:\Windows\system32\migration
2010-06-12 19:09:59 ----D---- C:\Program Files\Internet Explorer
2010-06-11 23:35:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-06-11 23:35:19 ----D---- C:\Program Files\PC Connectivity Solution
2010-06-11 23:35:19 ----D---- C:\Program Files\Microsoft Works
2010-06-11 23:35:16 ----D---- C:\Program Files\LG PC Suite II
2010-06-11 23:35:15 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-06-11 23:35:14 ----D---- C:\Program Files\Common Files\Skype
2010-06-11 23:34:54 ----D---- C:\Windows\system32\Sony_usb
2010-06-11 23:34:54 ----D---- C:\Windows\system32\restore
2010-06-11 23:34:53 ----D---- C:\Windows\system32\CodeIntegrity
2010-06-11 23:34:34 ----D---- C:\Windows\Fonts
2010-06-11 23:34:31 ----D---- C:\Users\europe\AppData\Roaming\Winamp
2010-06-11 23:32:38 ----D---- C:\Windows\system32\config
2010-06-11 23:31:35 ----D---- C:\Windows\system32\Msdtc
2010-06-11 23:18:07 ----D---- C:\ProgramData\Microsoft Help
2010-06-04 13:35:21 ----SD---- C:\ProgramData\Microsoft
2010-06-01 19:37:48 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-29 01:46:19 ----D---- C:\Users\europe\AppData\Roaming\Apple Computer
2010-05-28 15:14:09 ----D---- C:\Program Files\QuickTime
2010-05-28 15:04:30 ----D---- C:\Program Files\Bonjour
2010-05-27 22:31:32 ----A---- C:\Windows\system32\SynTPCo4.dll
2010-05-27 22:31:32 ----A---- C:\Windows\system32\SynTPAPI.dll
2010-05-27 22:31:26 ----A---- C:\Windows\system32\SynCOM.dll
2010-05-27 01:31:58 ----D---- C:\Program Files\Common Files\microsoft shared
2010-05-27 01:31:00 ----D---- C:\Program Files\Microsoft
2010-05-22 00:21:40 ----D---- C:\ProgramData\Roxio
2010-05-21 13:49:23 ----D---- C:\rsit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 APPFLT;App Filter Plugin; \??\C:\Windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
R1 DSAFLT;DSA Filter Plugin; \??\C:\Windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 FNETMON;NetMon Filter Plugin; \??\C:\Windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin; \??\C:\Windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\Windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 158848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
R1 ShldDrv;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\Windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 ComFiltr;Panda Anti-Dialer; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PavProc;Panda Process Protection Driver; \??\C:\Windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424]
R3 AvFlt;Antivirus Filter Driver; C:\Windows\system32\drivers\av5flt.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-19 1331192]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-04-18 79664]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-04-18 81200]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-04-18 16432]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34; C:\Windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-09 7140800]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 PavSRK.sys;PavSRK.sys; \??\C:\Windows\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-19 1331192]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-06-25 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-06-12 35216]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-06-12 36496]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-06-12 28688]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\Windows\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 sonypvs1;Sony Digital Imaging Video2; C:\Windows\system32\DRIVERS\sonypvs1.sys [2006-10-30 102220]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Gwmsrv;Panda Goodware Cache Manager; C:\Windows\system32\svchost -k Panda []
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe [2007-07-26 121360]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files\T-com\Panda Internet Security 2009\PsCtrls.exe [2008-07-16 181504]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\T-com\Panda Internet Security 2009\PavFnSvr.exe [2008-07-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files\T-com\Panda Internet Security 2009\pavsrvx86.exe [2008-07-04 290048]
R2 PSHost;Panda Host Service; c:\program files\t-com\panda internet security 2009\firewall\PSHOST.EXE [2008-06-12 226608]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\T-com\Panda Internet Security 2009\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2009-01-12 292216]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2009-01-12 116080]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TPSrv;Panda TPSrv; C:\Program Files\T-com\Panda Internet Security 2009\TPSrv.exe [2008-07-17 157440]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-17 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
Urobil som 2 pokusy o scan combofix. Zda sa, ze neuspesne. Po prvom scan mi ukazal cfix asi 4 del. files, sam sa vsak automaticky neskoncil ani po3 hodinach, restartol som manualne. Zacal vykonavat chck. disk. Po ukonceni som hladal log, ale nikde nenasiel - ani na C, ani inde.
Urobil som scan Rsit - tu pripojeny dole.
Pri druhom pokuse o scan cfix to bolo rovnako ako pri prvom. Pri scanovani pisal completed stage 1- 50 a zastavil sa - nechal som ho tak aj 4 hodiny a nic. Po manual restart som zasa nikde nenasiel log.
Neviem kde robim chybu. Pri scanovani ma byt zapnuta siet, alebo vypnuta? Ja som mal net vypnuty aj antivirus bol kompletne vypnuty.
Logfile of random's system information tool 1.07 (written by random/random)
Run by europe at 2010-07-23 08:00:46
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (8%) free of 146 GB
Total RAM: 2046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:02, on 2010-07-23
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES\T-COM\PANDA INTERNET SECURITY 2009\WebProxy.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-com\Panda Internet Security 2009\ApvxdWin.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\T-com\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Users\europe\Downloads\RSIT(2).exe
C:\Program Files\trend micro\europe.exe
C:\Program Files\T-com\Panda Internet Security 2009\avciman.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\T-com\Panda Internet Security 2009\Inicio.exe"
O4 - HKLM\..\Run: [HPUsageTracking] c:\Program Files\HP\HP UT\bin\hppusg.exe "c:\Program Files\HP\HP UT\"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: RadarSync Website - {29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - C:\Program Files\RadarSync\RadarSync Website.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9639299226
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C3718A6-DD75-4B1A-B628-36FC48575DCC}: NameServer = 192.168.2.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\T-com\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\t-com\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PskSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12478 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for europe.job
C:\Windows\tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
C:\Windows\tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
C:\Windows\tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
C:\Windows\tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-04-30 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-13 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21 71192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"APVXDWIN"=C:\Program Files\T-com\Panda Internet Security 2009\APVXDWIN.EXE [2008-07-16 857344]
"SCANINICIO"=C:\Program Files\T-com\Panda Internet Security 2009\Inicio.exe [2008-07-07 50432]
"HPUsageTracking"=c:\Program Files\HP\HP UT\bin\hppusg.exe [2007-05-04 36864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-04-13 47392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-06-12 56080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
C:\Users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
C:\Program Files\inKline Global\PC Booster\pcbooster.exe [2007-11-30 14450688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2009-03-10 468264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-04 2403568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-17 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-04-30 202256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
c:\program files\uniblue\registrybooster\StartRegistryBooster.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-01-14 37888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Z810PNP]
C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-03-29 719664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-07-26 768528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
C:\PROGRA~1\Returnil\RVS3\rvsgui.exe /INST_AUTO /NOSPLASH []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-01-23 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-10-01 87552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\PROGRA~1\T-com\PANDAI~1\PAVSCRIP.EXE "%1" %*
.vbs - open - C:\PROGRA~1\T-com\PANDAI~1\PAVSCRIP.EXE "%1" %*
======List of files/folders created in the last 2 months======
2010-07-22 15:21:02 ----A---- C:\Windows\MBR.exe
2010-07-22 15:21:01 ----A---- C:\Windows\PEV.exe
2010-07-22 15:20:30 ----SD---- C:\ComboFix
2010-07-22 15:19:37 ----A---- C:\Windows\SWXCACLS.exe
2010-07-21 11:11:36 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-21 11:00:24 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-21 00:59:33 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-21 00:50:03 ----D---- C:\Program Files\Nokia
2010-07-17 15:27:14 ----D---- C:\Program Files\Webteh
2010-07-05 14:03:52 ----D---- C:\ProgramData\Innovative Solutions
2010-07-05 13:49:15 ----D---- C:\Program Files\RadarSync
2010-07-05 13:47:35 ----D---- C:\Program Files\Innovative Solutions
2010-07-03 22:44:47 ----D---- C:\Users\europe\AppData\Roaming\DivX
2010-07-02 21:43:17 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-02 21:37:38 ----D---- C:\ProgramData\DivX
2010-06-30 23:55:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-06-23 20:28:04 ----D---- C:\Windows\system32\WindowsPowerShell
2010-06-23 19:53:08 ----A---- C:\Windows\system32\winrsmgr.dll
2010-06-23 19:52:12 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-06-23 19:52:12 ----A---- C:\Windows\system32\winrshost.exe
2010-06-23 19:52:12 ----A---- C:\Windows\system32\winrs.exe
2010-06-23 19:52:08 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-06-23 19:52:08 ----A---- C:\Windows\system32\winrssrv.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\WsmRes.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wevtfwd.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecutil.exe
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecsvc.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecapi.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-06-23 19:51:55 ----A---- C:\Windows\system32\winrm.vbs
2010-06-23 19:51:50 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-06-23 19:51:50 ----A---- C:\Windows\system32\WsmAuto.dll
2010-06-23 19:51:50 ----A---- C:\Windows\system32\winrscmd.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-06-23 19:46:42 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-23 19:46:42 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\mscoree.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 19:34:02 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-23 19:33:57 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-22 19:41:48 ----D---- C:\68b489bebacea28f49
2010-06-22 16:35:46 ----D---- C:\Users\europe\AppData\Roaming\MicrosoTt
2010-06-16 18:47:59 ----D---- C:\13e56cc4b03f25b052c9218c
2010-06-15 22:48:25 ----D---- C:\Windows\CheckSur
2010-06-12 00:23:41 ----A---- C:\Windows\system32\ieui.dll
2010-06-12 00:23:40 ----A---- C:\Windows\system32\ieframe.dll
2010-06-12 00:23:38 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\iesetup.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\iernonce.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-12 00:23:31 ----A---- C:\Windows\system32\occache.dll
2010-06-12 00:23:31 ----A---- C:\Windows\system32\iertutil.dll
2010-06-12 00:23:29 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-12 00:23:25 ----A---- C:\Windows\system32\mshtml.dll
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-12 00:23:21 ----A---- C:\Windows\system32\iepeers.dll
2010-06-12 00:23:21 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-12 00:23:19 ----A---- C:\Windows\system32\wininet.dll
2010-06-12 00:23:19 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-12 00:23:17 ----A---- C:\Windows\system32\mstime.dll
2010-06-12 00:23:16 ----A---- C:\Windows\system32\urlmon.dll
2010-06-12 00:22:57 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-12 00:19:23 ----A---- C:\Windows\system32\atmlib.dll
2010-06-12 00:19:23 ----A---- C:\Windows\system32\atmfd.dll
2010-05-27 22:31:28 ----A---- C:\Windows\system32\SynCtrl.dll
2010-05-26 12:28:55 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2010-07-23 08:02:02 ----D---- C:\Windows\temp
2010-07-23 08:01:02 ----D---- C:\Program Files\Trend Micro
2010-07-23 07:24:23 ----SHD---- C:\System Volume Information
2010-07-23 07:09:41 ----D---- C:\Windows\system32\drivers
2010-07-23 07:01:36 ----D---- C:\Windows\System32
2010-07-22 17:20:53 ----D---- C:\Windows\Prefetch
2010-07-22 15:44:54 ----D---- C:\Windows\AppPatch
2010-07-22 15:44:54 ----D---- C:\Windows
2010-07-22 15:44:52 ----D---- C:\Program Files\Common Files
2010-07-22 13:14:15 ----D---- C:\Program Files\Mozilla Firefox
2010-07-21 17:01:14 ----D---- C:\Windows\inf
2010-07-21 17:01:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-21 11:41:26 ----D---- C:\Users\europe\AppData\Roaming\Nokia
2010-07-21 11:20:53 ----D---- C:\Windows\system32\catroot
2010-07-21 11:18:43 ----SHD---- C:\Windows\Installer
2010-07-21 11:15:06 ----D---- C:\Program Files\Common Files\Nokia
2010-07-21 11:12:17 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-21 11:11:36 ----RD---- C:\Program Files
2010-07-21 11:07:57 ----D---- C:\Windows\system32\catroot2
2010-07-21 11:02:15 ----D---- C:\Windows\winsxs
2010-07-21 11:00:24 ----HD---- C:\ProgramData
2010-07-21 01:25:00 ----D---- C:\Users\europe\AppData\Roaming\PC Suite
2010-07-21 00:58:16 ----D---- C:\Program Files\DIFX
2010-07-21 00:49:43 ----D---- C:\ProgramData\Installations
2010-07-20 20:18:05 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-07-20 17:22:06 ----SD---- C:\Windows\Downloaded Program Files
2010-07-19 11:04:47 ----A---- C:\ProgramData\hpqp.txt
2010-07-17 15:32:56 ----D---- C:\Windows\system32\Tasks
2010-07-15 22:16:40 ----D---- C:\Windows\Minidump
2010-07-15 22:16:40 ----D---- C:\Windows\Debug
2010-07-14 17:21:32 ----D---- C:\Program Files\Windows Mail
2010-07-14 17:11:08 ----D---- C:\Users\europe\AppData\Roaming\Skype
2010-07-14 16:52:13 ----D---- C:\Users\europe\AppData\Roaming\skypePM
2010-07-06 22:54:22 ----D---- C:\Program Files\ICQ6.5
2010-07-05 01:31:51 ----D---- C:\Windows\Tasks
2010-07-04 13:58:12 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-03 16:36:26 ----A---- C:\Windows\ODBCINST.INI
2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe
2010-07-02 21:33:50 ----D---- C:\Users\europe\AppData\Roaming\cspa
2010-07-01 23:53:07 ----D---- C:\Program Files\CCleaner
2010-07-01 18:56:19 ----D---- C:\Users\europe\AppData\Roaming\Software Informer
2010-06-30 23:55:15 ----D---- C:\Program Files\Winamp
2010-06-30 23:55:12 ----D---- C:\Program Files\iTunes
2010-06-30 13:23:01 ----D---- C:\Windows\pss
2010-06-29 19:44:51 ----D---- C:\Program Files\Microsoft Security Essentials
2010-06-26 12:01:17 ----D---- C:\Windows\Cursors
2010-06-25 20:23:31 ----D---- C:\Program Files\Video Karaoke Studio II
2010-06-25 17:12:07 ----D---- C:\Windows\system32\wbem
2010-06-25 17:11:12 ----D---- C:\Windows\system32\spool
2010-06-25 17:11:11 ----D---- C:\Windows\registration
2010-06-24 01:43:40 ----D---- C:\Windows\Microsoft.NET
2010-06-24 00:21:24 ----RSD---- C:\Windows\assembly
2010-06-23 21:10:15 ----D---- C:\Windows\rescache
2010-06-23 20:28:07 ----D---- C:\Windows\system32\cs-CZ
2010-06-23 20:28:07 ----D---- C:\Windows\PolicyDefinitions
2010-06-23 20:28:02 ----D---- C:\Windows\ehome
2010-06-16 20:38:19 ----D---- C:\Users\europe\AppData\Roaming\Opera
2010-06-14 08:57:26 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-12 19:09:59 ----D---- C:\Windows\system32\migration
2010-06-12 19:09:59 ----D---- C:\Program Files\Internet Explorer
2010-06-11 23:35:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-06-11 23:35:19 ----D---- C:\Program Files\Microsoft Works
2010-06-11 23:35:16 ----D---- C:\Program Files\LG PC Suite II
2010-06-11 23:35:15 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-06-11 23:35:14 ----D---- C:\Program Files\Common Files\Skype
2010-06-11 23:34:54 ----D---- C:\Windows\system32\Sony_usb
2010-06-11 23:34:54 ----D---- C:\Windows\system32\restore
2010-06-11 23:34:53 ----D---- C:\Windows\system32\CodeIntegrity
2010-06-11 23:34:34 ----D---- C:\Windows\Fonts
2010-06-11 23:34:31 ----D---- C:\Users\europe\AppData\Roaming\Winamp
2010-06-11 23:32:38 ----D---- C:\Windows\system32\config
2010-06-11 23:31:35 ----D---- C:\Windows\system32\Msdtc
2010-06-11 23:18:07 ----D---- C:\ProgramData\Microsoft Help
2010-06-04 13:35:21 ----SD---- C:\ProgramData\Microsoft
2010-05-29 01:46:19 ----D---- C:\Users\europe\AppData\Roaming\Apple Computer
2010-05-28 15:14:09 ----D---- C:\Program Files\QuickTime
2010-05-28 15:04:30 ----D---- C:\Program Files\Bonjour
2010-05-27 22:31:32 ----A---- C:\Windows\system32\SynTPCo4.dll
2010-05-27 22:31:32 ----A---- C:\Windows\system32\SynTPAPI.dll
2010-05-27 22:31:26 ----A---- C:\Windows\system32\SynCOM.dll
2010-05-27 01:31:58 ----D---- C:\Program Files\Common Files\microsoft shared
2010-05-27 01:31:00 ----D---- C:\Program Files\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 APPFLT;App Filter Plugin; \??\C:\Windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
R1 DSAFLT;DSA Filter Plugin; \??\C:\Windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 FNETMON;NetMon Filter Plugin; \??\C:\Windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin; \??\C:\Windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\Windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 158848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
R1 ShldDrv;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\Windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 ComFiltr;Panda Anti-Dialer; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PavProc;Panda Process Protection Driver; \??\C:\Windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424]
R3 AvFlt;Antivirus Filter Driver; C:\Windows\system32\drivers\av5flt.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-19 1331192]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-04-18 79664]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-04-18 81200]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-04-18 16432]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34; C:\Windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-09 7140800]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 PavSRK.sys;PavSRK.sys; \??\C:\Windows\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-19 1331192]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\Users\europe\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-06-25 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-06-12 35216]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-06-12 36496]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-06-12 28688]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\Windows\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 sonypvs1;Sony Digital Imaging Video2; C:\Windows\system32\DRIVERS\sonypvs1.sys [2006-10-30 102220]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Gwmsrv;Panda Goodware Cache Manager; C:\Windows\system32\svchost -k Panda []
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe [2007-07-26 121360]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files\T-com\Panda Internet Security 2009\PsCtrls.exe [2008-07-16 181504]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\T-com\Panda Internet Security 2009\PavFnSvr.exe [2008-07-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files\T-com\Panda Internet Security 2009\pavsrvx86.exe [2008-07-04 290048]
R2 PSHost;Panda Host Service; c:\program files\t-com\panda internet security 2009\firewall\PSHOST.EXE [2008-06-12 226608]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\T-com\Panda Internet Security 2009\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2009-01-12 292216]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2009-01-12 116080]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TPSrv;Panda TPSrv; C:\Program Files\T-com\Panda Internet Security 2009\TPSrv.exe [2008-07-17 157440]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-17 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
-----------------EOF-----------------
Urobil som scan Rsit - tu pripojeny dole.
Pri druhom pokuse o scan cfix to bolo rovnako ako pri prvom. Pri scanovani pisal completed stage 1- 50 a zastavil sa - nechal som ho tak aj 4 hodiny a nic. Po manual restart som zasa nikde nenasiel log.
Neviem kde robim chybu. Pri scanovani ma byt zapnuta siet, alebo vypnuta? Ja som mal net vypnuty aj antivirus bol kompletne vypnuty.
Logfile of random's system information tool 1.07 (written by random/random)
Run by europe at 2010-07-23 08:00:46
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (8%) free of 146 GB
Total RAM: 2046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:02, on 2010-07-23
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\PROGRAM FILES\T-COM\PANDA INTERNET SECURITY 2009\WebProxy.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\T-com\Panda Internet Security 2009\ApvxdWin.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\T-com\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Users\europe\Downloads\RSIT(2).exe
C:\Program Files\trend micro\europe.exe
C:\Program Files\T-com\Panda Internet Security 2009\avciman.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bing.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\T-com\Panda Internet Security 2009\Inicio.exe"
O4 - HKLM\..\Run: [HPUsageTracking] c:\Program Files\HP\HP UT\bin\hppusg.exe "c:\Program Files\HP\HP UT\"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: RadarSync Website - {29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - C:\Program Files\RadarSync\RadarSync Website.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9639299226
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C3718A6-DD75-4B1A-B628-36FC48575DCC}: NameServer = 192.168.2.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\T-com\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\t-com\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\PskSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\T-com\Panda Internet Security 2009\TPSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12478 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for europe.job
C:\Windows\tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
C:\Windows\tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
C:\Windows\tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
C:\Windows\tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-04-30 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-13 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21 71192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-13 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"APVXDWIN"=C:\Program Files\T-com\Panda Internet Security 2009\APVXDWIN.EXE [2008-07-16 857344]
"SCANINICIO"=C:\Program Files\T-com\Panda Internet Security 2009\Inicio.exe [2008-07-07 50432]
"HPUsageTracking"=c:\Program Files\HP\HP UT\bin\hppusg.exe [2007-05-04 36864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-04-13 47392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-06-12 56080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
C:\Users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
C:\Program Files\inKline Global\PC Booster\pcbooster.exe [2007-11-30 14450688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2009-03-10 468264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-04 2403568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-17 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-04-30 202256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
c:\program files\uniblue\registrybooster\StartRegistryBooster.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-01-14 37888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Z810PNP]
C:\Program Files\Connection Manager\SamsungPnPServiceManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-03-29 719664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-07-26 768528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
C:\PROGRA~1\Returnil\RVS3\rvsgui.exe /INST_AUTO /NOSPLASH []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-01-23 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2009-10-01 87552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\PROGRA~1\T-com\PANDAI~1\PAVSCRIP.EXE "%1" %*
.vbs - open - C:\PROGRA~1\T-com\PANDAI~1\PAVSCRIP.EXE "%1" %*
======List of files/folders created in the last 2 months======
2010-07-22 15:21:02 ----A---- C:\Windows\MBR.exe
2010-07-22 15:21:01 ----A---- C:\Windows\PEV.exe
2010-07-22 15:20:30 ----SD---- C:\ComboFix
2010-07-22 15:19:37 ----A---- C:\Windows\SWXCACLS.exe
2010-07-21 11:11:36 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-21 11:00:24 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-21 00:59:33 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-21 00:50:03 ----D---- C:\Program Files\Nokia
2010-07-17 15:27:14 ----D---- C:\Program Files\Webteh
2010-07-05 14:03:52 ----D---- C:\ProgramData\Innovative Solutions
2010-07-05 13:49:15 ----D---- C:\Program Files\RadarSync
2010-07-05 13:47:35 ----D---- C:\Program Files\Innovative Solutions
2010-07-03 22:44:47 ----D---- C:\Users\europe\AppData\Roaming\DivX
2010-07-02 21:43:17 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-02 21:37:38 ----D---- C:\ProgramData\DivX
2010-06-30 23:55:26 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-06-23 20:28:04 ----D---- C:\Windows\system32\WindowsPowerShell
2010-06-23 19:53:08 ----A---- C:\Windows\system32\winrsmgr.dll
2010-06-23 19:52:12 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-06-23 19:52:12 ----A---- C:\Windows\system32\winrshost.exe
2010-06-23 19:52:12 ----A---- C:\Windows\system32\winrs.exe
2010-06-23 19:52:08 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-06-23 19:52:08 ----A---- C:\Windows\system32\winrssrv.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\WsmRes.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wevtfwd.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecutil.exe
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecsvc.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\wecapi.dll
2010-06-23 19:52:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-06-23 19:51:55 ----A---- C:\Windows\system32\winrm.vbs
2010-06-23 19:51:50 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-06-23 19:51:50 ----A---- C:\Windows\system32\WsmAuto.dll
2010-06-23 19:51:50 ----A---- C:\Windows\system32\winrscmd.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-06-23 19:51:49 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-06-23 19:46:42 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-23 19:46:42 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\mscoree.dll
2010-06-23 19:46:42 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 19:34:02 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-23 19:33:57 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-22 19:41:48 ----D---- C:\68b489bebacea28f49
2010-06-22 16:35:46 ----D---- C:\Users\europe\AppData\Roaming\MicrosoTt
2010-06-16 18:47:59 ----D---- C:\13e56cc4b03f25b052c9218c
2010-06-15 22:48:25 ----D---- C:\Windows\CheckSur
2010-06-12 00:23:41 ----A---- C:\Windows\system32\ieui.dll
2010-06-12 00:23:40 ----A---- C:\Windows\system32\ieframe.dll
2010-06-12 00:23:38 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\iesetup.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\iernonce.dll
2010-06-12 00:23:36 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-12 00:23:31 ----A---- C:\Windows\system32\occache.dll
2010-06-12 00:23:31 ----A---- C:\Windows\system32\iertutil.dll
2010-06-12 00:23:29 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-12 00:23:25 ----A---- C:\Windows\system32\mshtml.dll
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-12 00:23:23 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-12 00:23:21 ----A---- C:\Windows\system32\iepeers.dll
2010-06-12 00:23:21 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-12 00:23:19 ----A---- C:\Windows\system32\wininet.dll
2010-06-12 00:23:19 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-12 00:23:17 ----A---- C:\Windows\system32\mstime.dll
2010-06-12 00:23:16 ----A---- C:\Windows\system32\urlmon.dll
2010-06-12 00:22:57 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-12 00:19:23 ----A---- C:\Windows\system32\atmlib.dll
2010-06-12 00:19:23 ----A---- C:\Windows\system32\atmfd.dll
2010-05-27 22:31:28 ----A---- C:\Windows\system32\SynCtrl.dll
2010-05-26 12:28:55 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2010-07-23 08:02:02 ----D---- C:\Windows\temp
2010-07-23 08:01:02 ----D---- C:\Program Files\Trend Micro
2010-07-23 07:24:23 ----SHD---- C:\System Volume Information
2010-07-23 07:09:41 ----D---- C:\Windows\system32\drivers
2010-07-23 07:01:36 ----D---- C:\Windows\System32
2010-07-22 17:20:53 ----D---- C:\Windows\Prefetch
2010-07-22 15:44:54 ----D---- C:\Windows\AppPatch
2010-07-22 15:44:54 ----D---- C:\Windows
2010-07-22 15:44:52 ----D---- C:\Program Files\Common Files
2010-07-22 13:14:15 ----D---- C:\Program Files\Mozilla Firefox
2010-07-21 17:01:14 ----D---- C:\Windows\inf
2010-07-21 17:01:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-21 11:41:26 ----D---- C:\Users\europe\AppData\Roaming\Nokia
2010-07-21 11:20:53 ----D---- C:\Windows\system32\catroot
2010-07-21 11:18:43 ----SHD---- C:\Windows\Installer
2010-07-21 11:15:06 ----D---- C:\Program Files\Common Files\Nokia
2010-07-21 11:12:17 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-21 11:11:36 ----RD---- C:\Program Files
2010-07-21 11:07:57 ----D---- C:\Windows\system32\catroot2
2010-07-21 11:02:15 ----D---- C:\Windows\winsxs
2010-07-21 11:00:24 ----HD---- C:\ProgramData
2010-07-21 01:25:00 ----D---- C:\Users\europe\AppData\Roaming\PC Suite
2010-07-21 00:58:16 ----D---- C:\Program Files\DIFX
2010-07-21 00:49:43 ----D---- C:\ProgramData\Installations
2010-07-20 20:18:05 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-07-20 17:22:06 ----SD---- C:\Windows\Downloaded Program Files
2010-07-19 11:04:47 ----A---- C:\ProgramData\hpqp.txt
2010-07-17 15:32:56 ----D---- C:\Windows\system32\Tasks
2010-07-15 22:16:40 ----D---- C:\Windows\Minidump
2010-07-15 22:16:40 ----D---- C:\Windows\Debug
2010-07-14 17:21:32 ----D---- C:\Program Files\Windows Mail
2010-07-14 17:11:08 ----D---- C:\Users\europe\AppData\Roaming\Skype
2010-07-14 16:52:13 ----D---- C:\Users\europe\AppData\Roaming\skypePM
2010-07-06 22:54:22 ----D---- C:\Program Files\ICQ6.5
2010-07-05 01:31:51 ----D---- C:\Windows\Tasks
2010-07-04 13:58:12 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-03 16:36:26 ----A---- C:\Windows\ODBCINST.INI
2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe
2010-07-02 21:33:50 ----D---- C:\Users\europe\AppData\Roaming\cspa
2010-07-01 23:53:07 ----D---- C:\Program Files\CCleaner
2010-07-01 18:56:19 ----D---- C:\Users\europe\AppData\Roaming\Software Informer
2010-06-30 23:55:15 ----D---- C:\Program Files\Winamp
2010-06-30 23:55:12 ----D---- C:\Program Files\iTunes
2010-06-30 13:23:01 ----D---- C:\Windows\pss
2010-06-29 19:44:51 ----D---- C:\Program Files\Microsoft Security Essentials
2010-06-26 12:01:17 ----D---- C:\Windows\Cursors
2010-06-25 20:23:31 ----D---- C:\Program Files\Video Karaoke Studio II
2010-06-25 17:12:07 ----D---- C:\Windows\system32\wbem
2010-06-25 17:11:12 ----D---- C:\Windows\system32\spool
2010-06-25 17:11:11 ----D---- C:\Windows\registration
2010-06-24 01:43:40 ----D---- C:\Windows\Microsoft.NET
2010-06-24 00:21:24 ----RSD---- C:\Windows\assembly
2010-06-23 21:10:15 ----D---- C:\Windows\rescache
2010-06-23 20:28:07 ----D---- C:\Windows\system32\cs-CZ
2010-06-23 20:28:07 ----D---- C:\Windows\PolicyDefinitions
2010-06-23 20:28:02 ----D---- C:\Windows\ehome
2010-06-16 20:38:19 ----D---- C:\Users\europe\AppData\Roaming\Opera
2010-06-14 08:57:26 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-12 19:09:59 ----D---- C:\Windows\system32\migration
2010-06-12 19:09:59 ----D---- C:\Program Files\Internet Explorer
2010-06-11 23:35:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-06-11 23:35:19 ----D---- C:\Program Files\Microsoft Works
2010-06-11 23:35:16 ----D---- C:\Program Files\LG PC Suite II
2010-06-11 23:35:15 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-06-11 23:35:14 ----D---- C:\Program Files\Common Files\Skype
2010-06-11 23:34:54 ----D---- C:\Windows\system32\Sony_usb
2010-06-11 23:34:54 ----D---- C:\Windows\system32\restore
2010-06-11 23:34:53 ----D---- C:\Windows\system32\CodeIntegrity
2010-06-11 23:34:34 ----D---- C:\Windows\Fonts
2010-06-11 23:34:31 ----D---- C:\Users\europe\AppData\Roaming\Winamp
2010-06-11 23:32:38 ----D---- C:\Windows\system32\config
2010-06-11 23:31:35 ----D---- C:\Windows\system32\Msdtc
2010-06-11 23:18:07 ----D---- C:\ProgramData\Microsoft Help
2010-06-04 13:35:21 ----SD---- C:\ProgramData\Microsoft
2010-05-29 01:46:19 ----D---- C:\Users\europe\AppData\Roaming\Apple Computer
2010-05-28 15:14:09 ----D---- C:\Program Files\QuickTime
2010-05-28 15:04:30 ----D---- C:\Program Files\Bonjour
2010-05-27 22:31:32 ----A---- C:\Windows\system32\SynTPCo4.dll
2010-05-27 22:31:32 ----A---- C:\Windows\system32\SynTPAPI.dll
2010-05-27 22:31:26 ----A---- C:\Windows\system32\SynCOM.dll
2010-05-27 01:31:58 ----D---- C:\Program Files\Common Files\microsoft shared
2010-05-27 01:31:00 ----D---- C:\Program Files\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 APPFLT;App Filter Plugin; \??\C:\Windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
R1 DSAFLT;DSA Filter Plugin; \??\C:\Windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 FNETMON;NetMon Filter Plugin; \??\C:\Windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
R1 IDSFLT;Ids Filter Plugin; \??\C:\Windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 NETFLTDI;Panda Net Driver [TDI Layer]; \??\C:\Windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 158848]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
R1 ShldDrv;Panda File Shield Driver; C:\Windows\System32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin; \??\C:\Windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
R2 AmFSM;AmFSM; C:\Windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 ComFiltr;Panda Anti-Dialer; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PavProc;Panda Process Protection Driver; \??\C:\Windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424]
R3 AvFlt;Antivirus Filter Driver; C:\Windows\system32\drivers\av5flt.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-19 1331192]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-04-18 79664]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-04-18 81200]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-04-18 16432]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34; C:\Windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-09 7140800]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 PavSRK.sys;PavSRK.sys; \??\C:\Windows\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-12-19 1331192]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\Users\europe\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-06-25 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-06-12 35216]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-06-12 36496]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-06-12 28688]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\Windows\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 sonypvs1;Sony Digital Imaging Video2; C:\Windows\system32\DRIVERS\sonypvs1.sys [2006-10-30 102220]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Gwmsrv;Panda Goodware Cache Manager; C:\Windows\system32\svchost -k Panda []
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe [2007-07-26 121360]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-10-03 219752]
R2 Panda Software Controller;Panda Software Controller; C:\Program Files\T-com\Panda Internet Security 2009\PsCtrls.exe [2008-07-16 181504]
R2 PAVFNSVR;Panda Function Service; C:\Program Files\T-com\Panda Internet Security 2009\PavFnSvr.exe [2008-07-10 169216]
R2 PavPrSrv;Panda Process Protection Service; C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe [2008-02-04 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service; C:\Program Files\T-com\Panda Internet Security 2009\pavsrvx86.exe [2008-07-04 290048]
R2 PSHost;Panda Host Service; c:\program files\t-com\panda internet security 2009\firewall\PSHOST.EXE [2008-06-12 226608]
R2 PSIMSVC;Panda IManager Service; C:\Program Files\T-com\Panda Internet Security 2009\PsImSvc.exe [2008-06-19 108288]
R2 PskSvcRetail;Panda PSK service; C:\Program Files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2009-01-12 292216]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2009-01-12 116080]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TPSrv;Panda TPSrv; C:\Program Files\T-com\Panda Internet Security 2009\TPSrv.exe [2008-07-17 157440]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-17 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Spusťte CF v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
diky za radu ist do safe mode. tam som totiz zistil, preco mi zlyhava scan cfix. moj antivir a antispy som mal vypnuty v ich domacom prostredi aj ikony to potvrzdovali. v safe mode mi vsak hlasky pripomenuli, ze oba tieto programy na pozadi bezia. vypol som ich v ms config/sluzby. potom uz cfix bezal aj v normalnom rezime. tu je log. prosim o kontrolu. dakujem
ComboFix 10-07-22.01 - europe 2010-07-24 2:04.11.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.1.1029.18.2046.1215 [GMT 2:00]
Running from: c:\users\europe\Downloads\ComboFix.exe
AV: Panda Internet Security 2009 *On-access scanning disabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Panda Personal Firewall 2009 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
SP: Panda Internet Security 2009 *disabled* (Updated) {FE6602D3-1E71-4EBB-B4E3-D1C9CBDAF0A1}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\%appdata%
.
---- Previous Run -------
.
c:\windows\system32\%appdata%\Microsoft\Windows\IETldCache\index.dat . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2010-06-24 to 2010-07-24 )))))))))))))))))))))))))))))))
.
2010-07-24 00:24 . 2010-07-24 00:24 -------- d-----w- c:\users\Kika\AppData\Local\temp
2010-07-24 00:24 . 2010-07-24 00:24 -------- d-----w- c:\users\Family\AppData\Local\temp
2010-07-24 00:24 . 2010-07-24 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-23 23:06 . 2010-07-24 00:29 -------- d-----w- c:\users\europe\AppData\Local\temp
2010-07-23 21:58 . 2010-07-23 21:58 -------- d-----w- C:\%APPDATA%
2010-07-21 09:35 . 2010-07-21 09:35 -------- d-----w- c:\users\europe\AppData\Local\NokiaAccount
2010-07-21 09:18 . 2010-07-21 10:00 -------- d-----w- c:\users\europe\AppData\Local\Nokia
2010-07-21 09:12 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-21 09:11 . 2010-07-21 09:11 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-21 09:00 . 2010-07-21 09:00 -------- d-----w- c:\programdata\NokiaInstallerCache
2010-07-20 22:59 . 2010-07-20 22:59 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-20 22:50 . 2010-07-21 09:12 -------- d-----w- c:\program files\Nokia
2010-07-17 13:27 . 2010-07-17 13:27 -------- d-----w- c:\program files\Webteh
2010-07-17 13:08 . 2010-07-17 13:09 -------- d-----w- c:\users\Family\AppData\Roaming\Winamp
2010-07-05 12:03 . 2010-07-05 12:03 -------- d-----w- c:\programdata\Innovative Solutions
2010-07-05 11:49 . 2010-07-05 11:49 -------- d-----w- c:\program files\RadarSync
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\users\europe\AppData\Local\Innovative Solutions
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\program files\Innovative Solutions
2010-07-03 20:44 . 2010-07-03 20:44 -------- d-----w- c:\users\europe\AppData\Roaming\DivX
2010-07-02 19:43 . 2010-07-02 19:45 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-02 19:37 . 2010-07-02 20:09 -------- d-----w- c:\programdata\DivX
2010-06-30 21:55 . 2009-04-05 01:01 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-24 00:25 . 2007-11-09 22:34 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-23 23:47 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-07-23 23:47 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-07-23 06:01 . 2009-01-02 00:47 -------- d-----w- c:\program files\Trend Micro
2010-07-21 15:01 . 2007-01-08 21:09 627516 ----a-w- c:\windows\system32\perfh005.dat
2010-07-21 15:01 . 2007-01-08 21:09 134718 ----a-w- c:\windows\system32\perfc005.dat
2010-07-21 09:41 . 2009-05-26 07:52 -------- d-----w- c:\users\europe\AppData\Roaming\Nokia
2010-07-21 09:15 . 2008-09-07 18:31 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-20 23:25 . 2010-07-20 23:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-07-20 23:25 . 2009-01-05 10:26 -------- d-----w- c:\users\europe\AppData\Roaming\PC Suite
2010-07-20 22:58 . 2008-05-11 13:35 -------- d-----w- c:\program files\DIFX
2010-07-20 22:49 . 2008-05-11 13:25 -------- d-----w- c:\programdata\Installations
2010-07-20 22:28 . 2010-07-20 22:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-07-20 18:18 . 2008-12-09 09:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-14 15:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-14 15:11 . 2009-01-18 00:23 -------- d-----w- c:\users\europe\AppData\Roaming\Skype
2010-07-14 14:52 . 2009-01-18 00:24 -------- d-----w- c:\users\europe\AppData\Roaming\skypePM
2010-07-11 19:04 . 2008-12-26 15:02 64478 ----a-w- c:\programdata\nvModes.dat
2010-07-06 22:27 . 2007-12-30 18:13 -------- d-----w- c:\users\Kika\AppData\Roaming\Skype
2010-07-06 22:07 . 2007-12-30 18:24 -------- d-----w- c:\users\Kika\AppData\Roaming\skypePM
2010-07-06 20:54 . 2009-07-19 18:53 -------- d-----w- c:\program files\ICQ6.5
2010-07-06 20:52 . 2008-01-01 15:11 -------- d-----w- c:\users\Kika\AppData\Roaming\ICQ
2010-07-04 11:58 . 2008-12-08 08:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-02 19:33 . 2009-04-22 08:55 -------- d-----w- c:\users\europe\AppData\Roaming\cspa
2010-07-01 21:53 . 2008-12-29 15:33 -------- d-----w- c:\program files\CCleaner
2010-07-01 16:56 . 2009-08-26 22:41 -------- d-----w- c:\users\europe\AppData\Roaming\Software Informer
2010-06-30 21:55 . 2010-02-19 14:31 -------- d-----w- c:\program files\Winamp
2010-06-30 21:55 . 2008-12-17 16:06 -------- d-----w- c:\program files\iTunes
2010-06-29 17:44 . 2009-10-06 18:36 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-25 18:23 . 2009-03-24 11:59 -------- d-----w- c:\program files\Video Karaoke Studio II
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-22 14:35 . 2010-06-22 14:35 -------- d-----w- c:\users\europe\AppData\Roaming\Microso?t
2010-06-20 11:49 . 2007-11-10 12:31 98528 ----a-w- c:\users\Kika\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-14 06:57 . 2008-04-09 10:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 21:35 . 2008-12-09 09:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-11 21:35 . 2007-08-22 08:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-11 21:35 . 2009-08-27 15:43 -------- d-----w- c:\program files\LG PC Suite II
2010-06-11 21:35 . 2007-08-22 08:41 -------- d-----w- c:\program files\Common Files\SureThing Shared
2010-06-11 21:35 . 2010-04-20 08:31 -------- d-----w- c:\program files\Common Files\Skype
2010-06-11 21:34 . 2010-02-19 14:31 -------- d-----w- c:\users\europe\AppData\Roaming\Winamp
2010-06-11 21:18 . 2007-11-18 19:40 -------- d-----w- c:\programdata\Microsoft Help
2010-06-08 15:36 . 2007-11-10 12:29 98528 ----a-w- c:\users\Family\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-28 23:46 . 2009-01-04 01:24 -------- d-----w- c:\users\europe\AppData\Roaming\Apple Computer
2010-05-28 13:14 . 2008-12-17 16:00 -------- d-----w- c:\program files\QuickTime
2010-05-28 13:04 . 2008-12-17 16:08 -------- d-----w- c:\program files\Bonjour
2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2008-01-18 17:30 120104 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2008-01-18 17:03 165160 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2008-01-18 16:51 173352 ----a-w- c:\windows\system32\SynCOM.dll
2010-05-26 23:31 . 2009-01-23 23:36 -------- d-----w- c:\program files\Microsoft
2010-05-26 17:06 . 2010-06-11 22:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 22:19 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-22 16:27 . 2009-01-04 01:27 98528 ----a-w- c:\users\europe\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-21 12:14 . 2009-10-09 15:04 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-06-11 22:23 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-11 22:23 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-11 22:23 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-11 22:23 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-11 22:27 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2009-01-03 02:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-01-03 02:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2007-11-10 08:37 . 2007-11-10 08:37 22 --sha-w- c:\windows\SMINST\HPCD.sys
2008-12-29 03:15 . 2008-12-28 18:43 4404768 --sha-w- c:\windows\System32\drivers\fidbox.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"APVXDWIN"="c:\program files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" [2008-07-16 857344]
"SCANINICIO"="c:\program files\T-com\Panda Internet Security 2009\Inicio.exe" [2008-07-07 50432]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-23 10:43 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RVS 2010.lnk
backup=c:\windows\pss\RVS 2010.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
path=c:\users\europe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk
backup=c:\windows\pss\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-04-13 00:29 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 14:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-06-12 12:03 56080 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
2010-06-01 12:53 1093208 ----a-w- c:\program files\Microsoft Security Essentials\msseces.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
2007-11-30 16:16 14450688 ----a-w- c:\program files\inKline Global\PC Booster\PCBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-02-13 09:38 159744 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2009-03-10 19:19 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-04 11:58 2403568 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-05-16 23:19 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-04-30 20:38 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-01-13 22:44 37888 ----a-w- c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):95,8b,23,84,58,03,ca,01
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
R4 ekrn;Eset Service; [x]
R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost [x]
R4 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R4 PskSvcRetail;Panda PSK service;c:\program files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2008-06-19 28544]
S1 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 13:58 158848]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
S3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
panda REG_MULTI_SZ Gwmsrv
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-23 c:\windows\Tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://bing.sk/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - c:\program files\RadarSync\RadarSync Website.lnk
LSP: c:\windows\system32\wpclsp.dll
TCP: {4C3718A6-DD75-4B1A-B628-36FC48575DCC} = 192.168.2.1
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-Uniblue RegistryBooster 2009 - c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
MSConfigStartUp-Z810PNP - c:\program files\Connection Manager\SamsungPnPServiceManager.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\europe\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-24 02:27
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000fb
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(1416)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
c:\windows\system32\BTNCopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2010-07-24 02:43:34 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-24 00:43
ComboFix2.txt 2009-01-15 09:35
ComboFix3.txt 2009-01-03 09:44
ComboFix4.txt 2009-01-02 21:21
ComboFix5.txt 2009-01-15 21:03
Pre-Run: Volných bajtů: 11,464,806,400
Post-Run: Volných bajtů: 11,399,057,408
- - End Of File - - 4D8CCDD6B59EC8F73E379F5DED410E43
ComboFix 10-07-22.01 - europe 2010-07-24 2:04.11.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.1.1029.18.2046.1215 [GMT 2:00]
Running from: c:\users\europe\Downloads\ComboFix.exe
AV: Panda Internet Security 2009 *On-access scanning disabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Panda Personal Firewall 2009 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
SP: Panda Internet Security 2009 *disabled* (Updated) {FE6602D3-1E71-4EBB-B4E3-D1C9CBDAF0A1}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\%appdata%
.
---- Previous Run -------
.
c:\windows\system32\%appdata%\Microsoft\Windows\IETldCache\index.dat . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2010-06-24 to 2010-07-24 )))))))))))))))))))))))))))))))
.
2010-07-24 00:24 . 2010-07-24 00:24 -------- d-----w- c:\users\Kika\AppData\Local\temp
2010-07-24 00:24 . 2010-07-24 00:24 -------- d-----w- c:\users\Family\AppData\Local\temp
2010-07-24 00:24 . 2010-07-24 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-23 23:06 . 2010-07-24 00:29 -------- d-----w- c:\users\europe\AppData\Local\temp
2010-07-23 21:58 . 2010-07-23 21:58 -------- d-----w- C:\%APPDATA%
2010-07-21 09:35 . 2010-07-21 09:35 -------- d-----w- c:\users\europe\AppData\Local\NokiaAccount
2010-07-21 09:18 . 2010-07-21 10:00 -------- d-----w- c:\users\europe\AppData\Local\Nokia
2010-07-21 09:12 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-21 09:11 . 2010-07-21 09:11 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-21 09:00 . 2010-07-21 09:00 -------- d-----w- c:\programdata\NokiaInstallerCache
2010-07-20 22:59 . 2010-07-20 22:59 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-20 22:50 . 2010-07-21 09:12 -------- d-----w- c:\program files\Nokia
2010-07-17 13:27 . 2010-07-17 13:27 -------- d-----w- c:\program files\Webteh
2010-07-17 13:08 . 2010-07-17 13:09 -------- d-----w- c:\users\Family\AppData\Roaming\Winamp
2010-07-05 12:03 . 2010-07-05 12:03 -------- d-----w- c:\programdata\Innovative Solutions
2010-07-05 11:49 . 2010-07-05 11:49 -------- d-----w- c:\program files\RadarSync
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\users\europe\AppData\Local\Innovative Solutions
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\program files\Innovative Solutions
2010-07-03 20:44 . 2010-07-03 20:44 -------- d-----w- c:\users\europe\AppData\Roaming\DivX
2010-07-02 19:43 . 2010-07-02 19:45 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-02 19:37 . 2010-07-02 20:09 -------- d-----w- c:\programdata\DivX
2010-06-30 21:55 . 2009-04-05 01:01 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-24 00:25 . 2007-11-09 22:34 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-23 23:47 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-07-23 23:47 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-07-23 06:01 . 2009-01-02 00:47 -------- d-----w- c:\program files\Trend Micro
2010-07-21 15:01 . 2007-01-08 21:09 627516 ----a-w- c:\windows\system32\perfh005.dat
2010-07-21 15:01 . 2007-01-08 21:09 134718 ----a-w- c:\windows\system32\perfc005.dat
2010-07-21 09:41 . 2009-05-26 07:52 -------- d-----w- c:\users\europe\AppData\Roaming\Nokia
2010-07-21 09:15 . 2008-09-07 18:31 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-20 23:25 . 2010-07-20 23:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-07-20 23:25 . 2009-01-05 10:26 -------- d-----w- c:\users\europe\AppData\Roaming\PC Suite
2010-07-20 22:58 . 2008-05-11 13:35 -------- d-----w- c:\program files\DIFX
2010-07-20 22:49 . 2008-05-11 13:25 -------- d-----w- c:\programdata\Installations
2010-07-20 22:28 . 2010-07-20 22:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-07-20 18:18 . 2008-12-09 09:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-14 15:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-14 15:11 . 2009-01-18 00:23 -------- d-----w- c:\users\europe\AppData\Roaming\Skype
2010-07-14 14:52 . 2009-01-18 00:24 -------- d-----w- c:\users\europe\AppData\Roaming\skypePM
2010-07-11 19:04 . 2008-12-26 15:02 64478 ----a-w- c:\programdata\nvModes.dat
2010-07-06 22:27 . 2007-12-30 18:13 -------- d-----w- c:\users\Kika\AppData\Roaming\Skype
2010-07-06 22:07 . 2007-12-30 18:24 -------- d-----w- c:\users\Kika\AppData\Roaming\skypePM
2010-07-06 20:54 . 2009-07-19 18:53 -------- d-----w- c:\program files\ICQ6.5
2010-07-06 20:52 . 2008-01-01 15:11 -------- d-----w- c:\users\Kika\AppData\Roaming\ICQ
2010-07-04 11:58 . 2008-12-08 08:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-02 19:33 . 2009-04-22 08:55 -------- d-----w- c:\users\europe\AppData\Roaming\cspa
2010-07-01 21:53 . 2008-12-29 15:33 -------- d-----w- c:\program files\CCleaner
2010-07-01 16:56 . 2009-08-26 22:41 -------- d-----w- c:\users\europe\AppData\Roaming\Software Informer
2010-06-30 21:55 . 2010-02-19 14:31 -------- d-----w- c:\program files\Winamp
2010-06-30 21:55 . 2008-12-17 16:06 -------- d-----w- c:\program files\iTunes
2010-06-29 17:44 . 2009-10-06 18:36 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-25 18:23 . 2009-03-24 11:59 -------- d-----w- c:\program files\Video Karaoke Studio II
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-22 14:35 . 2010-06-22 14:35 -------- d-----w- c:\users\europe\AppData\Roaming\Microso?t
2010-06-20 11:49 . 2007-11-10 12:31 98528 ----a-w- c:\users\Kika\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-14 06:57 . 2008-04-09 10:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 21:35 . 2008-12-09 09:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-11 21:35 . 2007-08-22 08:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-11 21:35 . 2009-08-27 15:43 -------- d-----w- c:\program files\LG PC Suite II
2010-06-11 21:35 . 2007-08-22 08:41 -------- d-----w- c:\program files\Common Files\SureThing Shared
2010-06-11 21:35 . 2010-04-20 08:31 -------- d-----w- c:\program files\Common Files\Skype
2010-06-11 21:34 . 2010-02-19 14:31 -------- d-----w- c:\users\europe\AppData\Roaming\Winamp
2010-06-11 21:18 . 2007-11-18 19:40 -------- d-----w- c:\programdata\Microsoft Help
2010-06-08 15:36 . 2007-11-10 12:29 98528 ----a-w- c:\users\Family\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-28 23:46 . 2009-01-04 01:24 -------- d-----w- c:\users\europe\AppData\Roaming\Apple Computer
2010-05-28 13:14 . 2008-12-17 16:00 -------- d-----w- c:\program files\QuickTime
2010-05-28 13:04 . 2008-12-17 16:08 -------- d-----w- c:\program files\Bonjour
2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2008-01-18 17:30 120104 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2008-01-18 17:03 165160 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2008-01-18 16:51 173352 ----a-w- c:\windows\system32\SynCOM.dll
2010-05-26 23:31 . 2009-01-23 23:36 -------- d-----w- c:\program files\Microsoft
2010-05-26 17:06 . 2010-06-11 22:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 22:19 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-22 16:27 . 2009-01-04 01:27 98528 ----a-w- c:\users\europe\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-21 12:14 . 2009-10-09 15:04 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-06-11 22:23 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-11 22:23 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-11 22:23 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-11 22:23 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-11 22:27 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2009-01-03 02:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-01-03 02:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2007-11-10 08:37 . 2007-11-10 08:37 22 --sha-w- c:\windows\SMINST\HPCD.sys
2008-12-29 03:15 . 2008-12-28 18:43 4404768 --sha-w- c:\windows\System32\drivers\fidbox.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"APVXDWIN"="c:\program files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" [2008-07-16 857344]
"SCANINICIO"="c:\program files\T-com\Panda Internet Security 2009\Inicio.exe" [2008-07-07 50432]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-23 10:43 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RVS 2010.lnk
backup=c:\windows\pss\RVS 2010.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
path=c:\users\europe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk
backup=c:\windows\pss\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-04-13 00:29 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 14:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-06-12 12:03 56080 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
2010-06-01 12:53 1093208 ----a-w- c:\program files\Microsoft Security Essentials\msseces.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
2007-11-30 16:16 14450688 ----a-w- c:\program files\inKline Global\PC Booster\PCBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-02-13 09:38 159744 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2009-03-10 19:19 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-04 11:58 2403568 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-05-16 23:19 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-04-30 20:38 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-01-13 22:44 37888 ----a-w- c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):95,8b,23,84,58,03,ca,01
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
R4 ekrn;Eset Service; [x]
R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost [x]
R4 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R4 PskSvcRetail;Panda PSK service;c:\program files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2008-06-19 28544]
S1 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 13:58 158848]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
S3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
panda REG_MULTI_SZ Gwmsrv
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-23 c:\windows\Tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://bing.sk/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - c:\program files\RadarSync\RadarSync Website.lnk
LSP: c:\windows\system32\wpclsp.dll
TCP: {4C3718A6-DD75-4B1A-B628-36FC48575DCC} = 192.168.2.1
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-Uniblue RegistryBooster 2009 - c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
MSConfigStartUp-Z810PNP - c:\program files\Connection Manager\SamsungPnPServiceManager.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\europe\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-24 02:27
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000fb
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(1416)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
c:\windows\system32\BTNCopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2010-07-24 02:43:34 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-24 00:43
ComboFix2.txt 2009-01-15 09:35
ComboFix3.txt 2009-01-03 09:44
ComboFix4.txt 2009-01-02 21:21
ComboFix5.txt 2009-01-15 21:03
Pre-Run: Volných bajtů: 11,464,806,400
Post-Run: Volných bajtů: 11,399,057,408
- - End Of File - - 4D8CCDD6B59EC8F73E379F5DED410E43
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
1 položka byla smazána. V PC je ještě zbytek po antiviru NOD, který odstraníme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.Driver::
ekrn
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
Tu je log po akcii:
ComboFix 10-07-22.01 - europe 2010-07-24 17:34:12.12.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.1.1029.18.2046.1094 [GMT 2:00]
Running from: c:\users\europe\Downloads\ComboFix.exe
Command switches used :: c:\users\europe\Desktop\CFScript.txt
AV: Panda Internet Security 2009 *On-access scanning disabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Panda Personal Firewall 2009 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
SP: Panda Internet Security 2009 *disabled* (Updated) {FE6602D3-1E71-4EBB-B4E3-D1C9CBDAF0A1}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_EKRN
-------\Service_ekrn
((((((((((((((((((((((((( Files Created from 2010-06-24 to 2010-07-24 )))))))))))))))))))))))))))))))
.
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Kika\AppData\Local\temp
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Family\AppData\Local\temp
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-24 00:43 . 2010-07-24 16:13 -------- d-----w- c:\users\europe\AppData\Local\temp
2010-07-23 21:58 . 2010-07-23 21:58 -------- d-----w- C:\%APPDATA%
2010-07-21 09:35 . 2010-07-21 09:35 -------- d-----w- c:\users\europe\AppData\Local\NokiaAccount
2010-07-21 09:18 . 2010-07-21 10:00 -------- d-----w- c:\users\europe\AppData\Local\Nokia
2010-07-21 09:12 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-21 09:11 . 2010-07-21 09:11 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-21 09:00 . 2010-07-21 09:00 -------- d-----w- c:\programdata\NokiaInstallerCache
2010-07-20 22:59 . 2010-07-20 22:59 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-20 22:50 . 2010-07-21 09:12 -------- d-----w- c:\program files\Nokia
2010-07-17 13:27 . 2010-07-17 13:27 -------- d-----w- c:\program files\Webteh
2010-07-17 13:08 . 2010-07-17 13:09 -------- d-----w- c:\users\Family\AppData\Roaming\Winamp
2010-07-05 12:03 . 2010-07-05 12:03 -------- d-----w- c:\programdata\Innovative Solutions
2010-07-05 11:49 . 2010-07-05 11:49 -------- d-----w- c:\program files\RadarSync
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\users\europe\AppData\Local\Innovative Solutions
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\program files\Innovative Solutions
2010-07-03 20:44 . 2010-07-03 20:44 -------- d-----w- c:\users\europe\AppData\Roaming\DivX
2010-07-02 19:43 . 2010-07-02 19:45 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-02 19:37 . 2010-07-02 20:09 -------- d-----w- c:\programdata\DivX
2010-06-30 21:55 . 2009-04-05 01:01 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-24 15:55 . 2007-11-09 22:34 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-24 15:20 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-07-24 15:20 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-07-23 06:01 . 2009-01-02 00:47 -------- d-----w- c:\program files\Trend Micro
2010-07-21 15:01 . 2007-01-08 21:09 627516 ----a-w- c:\windows\system32\perfh005.dat
2010-07-21 15:01 . 2007-01-08 21:09 134718 ----a-w- c:\windows\system32\perfc005.dat
2010-07-21 09:41 . 2009-05-26 07:52 -------- d-----w- c:\users\europe\AppData\Roaming\Nokia
2010-07-21 09:15 . 2008-09-07 18:31 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-21 09:01 . 2010-07-21 09:01 12212040 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-07-21 09:00 . 2010-07-21 09:00 13930312 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-07-21 09:00 . 2010-07-21 09:00 77824 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-07-21 09:00 . 2010-07-21 09:00 50000 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-07-21 09:00 . 2010-07-21 09:00 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-07-21 09:00 . 2010-07-21 09:00 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-07-21 09:00 . 2010-07-21 09:00 103412296 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-07-20 23:25 . 2010-07-20 23:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-07-20 23:25 . 2009-01-05 10:26 -------- d-----w- c:\users\europe\AppData\Roaming\PC Suite
2010-07-20 22:58 . 2008-05-11 13:35 -------- d-----w- c:\program files\DIFX
2010-07-20 22:49 . 2008-05-11 13:25 -------- d-----w- c:\programdata\Installations
2010-07-20 22:49 . 2010-07-20 22:49 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2010-07-20 22:49 . 2010-07-20 22:49 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-07-20 22:49 . 2010-07-20 22:49 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2010-07-20 22:49 . 2010-07-20 22:49 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2010-07-20 22:47 . 2010-07-20 22:49 33773208 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng_web.exe
2010-07-20 22:28 . 2010-07-20 22:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-07-20 18:18 . 2008-12-09 09:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-14 15:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-14 15:11 . 2009-01-18 00:23 -------- d-----w- c:\users\europe\AppData\Roaming\Skype
2010-07-14 14:52 . 2009-01-18 00:24 -------- d-----w- c:\users\europe\AppData\Roaming\skypePM
2010-07-11 19:04 . 2008-12-26 15:02 64478 ----a-w- c:\programdata\nvModes.dat
2010-07-06 22:27 . 2007-12-30 18:13 -------- d-----w- c:\users\Kika\AppData\Roaming\Skype
2010-07-06 22:07 . 2007-12-30 18:24 -------- d-----w- c:\users\Kika\AppData\Roaming\skypePM
2010-07-06 20:54 . 2009-07-19 18:53 -------- d-----w- c:\program files\ICQ6.5
2010-07-06 20:52 . 2008-01-01 15:11 -------- d-----w- c:\users\Kika\AppData\Roaming\ICQ
2010-07-04 11:58 . 2008-12-08 08:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-04 11:56 . 2010-07-04 11:55 63488 ----a-w- c:\users\europe\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-04 11:56 . 2010-01-23 10:30 117760 ----a-w- c:\users\europe\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-02 20:09 . 2010-07-02 20:09 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-02 19:43 . 2010-07-02 19:43 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-07-02 19:43 . 2010-07-02 19:43 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-07-02 19:37 . 2010-07-02 19:37 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-07-02 19:33 . 2009-04-22 08:55 -------- d-----w- c:\users\europe\AppData\Roaming\cspa
2010-07-01 21:53 . 2008-12-29 15:33 -------- d-----w- c:\program files\CCleaner
2010-07-01 16:56 . 2009-08-26 22:41 -------- d-----w- c:\users\europe\AppData\Roaming\Software Informer
2010-06-30 21:55 . 2010-02-19 14:31 -------- d-----w- c:\program files\Winamp
2010-06-30 21:55 . 2008-12-17 16:06 -------- d-----w- c:\program files\iTunes
2010-06-29 17:44 . 2009-10-06 18:36 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-25 18:23 . 2009-03-24 11:59 -------- d-----w- c:\program files\Video Karaoke Studio II
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-22 14:35 . 2010-06-22 14:35 -------- d-----w- c:\users\europe\AppData\Roaming\Microso?t
2010-06-20 11:49 . 2007-11-10 12:31 98528 ----a-w- c:\users\Kika\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-14 06:57 . 2008-04-09 10:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 21:35 . 2008-12-09 09:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-11 21:35 . 2007-08-22 08:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-11 21:35 . 2009-08-27 15:43 -------- d-----w- c:\program files\LG PC Suite II
2010-06-11 21:35 . 2007-08-22 08:41 -------- d-----w- c:\program files\Common Files\SureThing Shared
2010-06-11 21:35 . 2010-04-20 08:31 -------- d-----w- c:\program files\Common Files\Skype
2010-06-11 21:34 . 2010-02-19 14:31 -------- d-----w- c:\users\europe\AppData\Roaming\Winamp
2010-06-11 21:18 . 2007-11-18 19:40 -------- d-----w- c:\programdata\Microsoft Help
2010-06-08 15:36 . 2007-11-10 12:29 98528 ----a-w- c:\users\Family\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-28 23:46 . 2009-01-04 01:24 -------- d-----w- c:\users\europe\AppData\Roaming\Apple Computer
2010-05-28 13:14 . 2008-12-17 16:00 -------- d-----w- c:\program files\QuickTime
2010-05-28 13:04 . 2008-12-17 16:08 -------- d-----w- c:\program files\Bonjour
2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2008-01-18 17:30 120104 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2008-01-18 17:03 165160 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2008-01-18 16:51 173352 ----a-w- c:\windows\system32\SynCOM.dll
2010-05-26 23:31 . 2009-01-23 23:36 -------- d-----w- c:\program files\Microsoft
2010-05-26 17:06 . 2010-06-11 22:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 22:19 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-22 16:27 . 2009-01-04 01:27 98528 ----a-w- c:\users\europe\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-21 12:14 . 2009-10-09 15:04 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-06-11 22:23 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-11 22:23 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-11 22:23 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-11 22:23 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-11 22:27 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-04-30 20:45 . 2010-04-30 20:45 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-04-30 20:45 . 2010-04-30 20:45 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-04-30 20:45 . 2010-04-30 20:45 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-04-30 20:45 . 2010-04-30 20:45 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-04-30 20:45 . 2010-04-30 20:45 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-04-30 17:37 . 2010-04-06 16:53 439816 ----a-w- c:\users\europe\AppData\Roaming\Real\Update\setup3.11\setup.exe
2010-04-29 13:39 . 2009-01-03 02:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-01-03 02:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2007-11-10 08:37 . 2007-11-10 08:37 22 --sha-w- c:\windows\SMINST\HPCD.sys
2008-12-29 03:15 . 2008-12-28 18:43 4404768 --sha-w- c:\windows\System32\drivers\fidbox.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"APVXDWIN"="c:\program files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" [2008-07-16 857344]
"SCANINICIO"="c:\program files\T-com\Panda Internet Security 2009\Inicio.exe" [2008-07-07 50432]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-23 10:43 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RVS 2010.lnk
backup=c:\windows\pss\RVS 2010.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
path=c:\users\europe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk
backup=c:\windows\pss\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-04-13 00:29 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 14:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-06-12 12:03 56080 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
2010-06-01 12:53 1093208 ----a-w- c:\program files\Microsoft Security Essentials\msseces.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
2007-11-30 16:16 14450688 ----a-w- c:\program files\inKline Global\PC Booster\PCBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-02-13 09:38 159744 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2009-03-10 19:19 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-04 11:58 2403568 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-05-16 23:19 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-04-30 20:38 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-01-13 22:44 37888 ----a-w- c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):95,8b,23,84,58,03,ca,01
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost [x]
R4 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R4 PskSvcRetail;Panda PSK service;c:\program files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2008-06-19 28544]
S1 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 13:58 158848]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
S3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
panda REG_MULTI_SZ Gwmsrv
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://bing.sk/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - c:\program files\RadarSync\RadarSync Website.lnk
LSP: c:\windows\system32\wpclsp.dll
TCP: {4C3718A6-DD75-4B1A-B628-36FC48575DCC} = 192.168.2.1
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-24 18:12
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000fb
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(3308)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
c:\windows\system32\BTNCopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\windows\system32\wlrmdr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2010-07-24 18:23:48 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-24 16:23
ComboFix2.txt 2010-07-24 00:43
ComboFix3.txt 2009-01-15 09:35
ComboFix4.txt 2009-01-03 09:44
ComboFix5.txt 2010-07-24 15:30
Pre-Run: Volných bajtů: 11,420,844,032
Post-Run: Volných bajtů: 11,343,323,136
- - End Of File - - 4373C6CD3AFB4A203AC54B361ED6F229
Ešte by som chcel vedieť, čo znamená toto v prvom logu z rsit a či je to niečo dôležité a lebo zbytočnosť a čo s tým.
Ďakujem
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
ComboFix 10-07-22.01 - europe 2010-07-24 17:34:12.12.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.1.1029.18.2046.1094 [GMT 2:00]
Running from: c:\users\europe\Downloads\ComboFix.exe
Command switches used :: c:\users\europe\Desktop\CFScript.txt
AV: Panda Internet Security 2009 *On-access scanning disabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0}
FW: Panda Personal Firewall 2009 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
SP: Panda Internet Security 2009 *disabled* (Updated) {FE6602D3-1E71-4EBB-B4E3-D1C9CBDAF0A1}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_EKRN
-------\Service_ekrn
((((((((((((((((((((((((( Files Created from 2010-06-24 to 2010-07-24 )))))))))))))))))))))))))))))))
.
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Kika\AppData\Local\temp
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Family\AppData\Local\temp
2010-07-24 15:54 . 2010-07-24 15:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-24 00:43 . 2010-07-24 16:13 -------- d-----w- c:\users\europe\AppData\Local\temp
2010-07-23 21:58 . 2010-07-23 21:58 -------- d-----w- C:\%APPDATA%
2010-07-21 09:35 . 2010-07-21 09:35 -------- d-----w- c:\users\europe\AppData\Local\NokiaAccount
2010-07-21 09:18 . 2010-07-21 10:00 -------- d-----w- c:\users\europe\AppData\Local\Nokia
2010-07-21 09:12 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-21 09:11 . 2010-07-21 09:11 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-21 09:00 . 2010-07-21 09:00 -------- d-----w- c:\programdata\NokiaInstallerCache
2010-07-20 22:59 . 2010-07-20 22:59 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-20 22:50 . 2010-07-21 09:12 -------- d-----w- c:\program files\Nokia
2010-07-17 13:27 . 2010-07-17 13:27 -------- d-----w- c:\program files\Webteh
2010-07-17 13:08 . 2010-07-17 13:09 -------- d-----w- c:\users\Family\AppData\Roaming\Winamp
2010-07-05 12:03 . 2010-07-05 12:03 -------- d-----w- c:\programdata\Innovative Solutions
2010-07-05 11:49 . 2010-07-05 11:49 -------- d-----w- c:\program files\RadarSync
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\users\europe\AppData\Local\Innovative Solutions
2010-07-05 11:47 . 2010-07-05 11:47 -------- d-----w- c:\program files\Innovative Solutions
2010-07-03 20:44 . 2010-07-03 20:44 -------- d-----w- c:\users\europe\AppData\Roaming\DivX
2010-07-02 19:43 . 2010-07-02 19:45 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-02 19:37 . 2010-07-02 20:09 -------- d-----w- c:\programdata\DivX
2010-06-30 21:55 . 2009-04-05 01:01 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-24 15:55 . 2007-11-09 22:34 12 ----a-w- c:\windows\bthservsdp.dat
2010-07-24 15:20 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-07-24 15:20 . 2009-01-20 09:19 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-07-23 22:34 . 2009-01-20 09:19 506620 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-07-23 06:01 . 2009-01-02 00:47 -------- d-----w- c:\program files\Trend Micro
2010-07-21 15:01 . 2007-01-08 21:09 627516 ----a-w- c:\windows\system32\perfh005.dat
2010-07-21 15:01 . 2007-01-08 21:09 134718 ----a-w- c:\windows\system32\perfc005.dat
2010-07-21 09:41 . 2009-05-26 07:52 -------- d-----w- c:\users\europe\AppData\Roaming\Nokia
2010-07-21 09:15 . 2008-09-07 18:31 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-21 09:01 . 2010-07-21 09:01 12212040 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-07-21 09:00 . 2010-07-21 09:00 13930312 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-07-21 09:00 . 2010-07-21 09:00 77824 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-07-21 09:00 . 2010-07-21 09:00 50000 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-07-21 09:00 . 2010-07-21 09:00 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-07-21 09:00 . 2010-07-21 09:00 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-07-21 09:00 . 2010-07-21 09:00 103412296 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-07-20 23:25 . 2010-07-20 23:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-07-20 23:25 . 2009-01-05 10:26 -------- d-----w- c:\users\europe\AppData\Roaming\PC Suite
2010-07-20 22:58 . 2008-05-11 13:35 -------- d-----w- c:\program files\DIFX
2010-07-20 22:49 . 2008-05-11 13:25 -------- d-----w- c:\programdata\Installations
2010-07-20 22:49 . 2010-07-20 22:49 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2010-07-20 22:49 . 2010-07-20 22:49 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-07-20 22:49 . 2010-07-20 22:49 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2010-07-20 22:49 . 2010-07-20 22:49 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2010-07-20 22:47 . 2010-07-20 22:49 33773208 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng_web.exe
2010-07-20 22:28 . 2010-07-20 22:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-07-20 18:18 . 2008-12-09 09:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-14 15:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-14 15:11 . 2009-01-18 00:23 -------- d-----w- c:\users\europe\AppData\Roaming\Skype
2010-07-14 14:52 . 2009-01-18 00:24 -------- d-----w- c:\users\europe\AppData\Roaming\skypePM
2010-07-11 19:04 . 2008-12-26 15:02 64478 ----a-w- c:\programdata\nvModes.dat
2010-07-06 22:27 . 2007-12-30 18:13 -------- d-----w- c:\users\Kika\AppData\Roaming\Skype
2010-07-06 22:07 . 2007-12-30 18:24 -------- d-----w- c:\users\Kika\AppData\Roaming\skypePM
2010-07-06 20:54 . 2009-07-19 18:53 -------- d-----w- c:\program files\ICQ6.5
2010-07-06 20:52 . 2008-01-01 15:11 -------- d-----w- c:\users\Kika\AppData\Roaming\ICQ
2010-07-04 11:58 . 2008-12-08 08:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-04 11:56 . 2010-07-04 11:55 63488 ----a-w- c:\users\europe\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-04 11:56 . 2010-01-23 10:30 117760 ----a-w- c:\users\europe\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-02 20:09 . 2010-07-02 20:09 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-02 19:43 . 2010-07-02 19:43 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-07-02 19:43 . 2010-07-02 19:43 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-07-02 19:37 . 2010-07-02 19:37 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-07-02 19:33 . 2009-04-22 08:55 -------- d-----w- c:\users\europe\AppData\Roaming\cspa
2010-07-01 21:53 . 2008-12-29 15:33 -------- d-----w- c:\program files\CCleaner
2010-07-01 16:56 . 2009-08-26 22:41 -------- d-----w- c:\users\europe\AppData\Roaming\Software Informer
2010-06-30 21:55 . 2010-02-19 14:31 -------- d-----w- c:\program files\Winamp
2010-06-30 21:55 . 2008-12-17 16:06 -------- d-----w- c:\program files\iTunes
2010-06-29 17:44 . 2009-10-06 18:36 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-25 18:23 . 2009-03-24 11:59 -------- d-----w- c:\program files\Video Karaoke Studio II
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-22 17:36 . 2010-06-22 17:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-22 14:35 . 2010-06-22 14:35 -------- d-----w- c:\users\europe\AppData\Roaming\Microso?t
2010-06-20 11:49 . 2007-11-10 12:31 98528 ----a-w- c:\users\Kika\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-14 06:57 . 2008-04-09 10:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 21:35 . 2008-12-09 09:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-11 21:35 . 2007-08-22 08:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-11 21:35 . 2009-08-27 15:43 -------- d-----w- c:\program files\LG PC Suite II
2010-06-11 21:35 . 2007-08-22 08:41 -------- d-----w- c:\program files\Common Files\SureThing Shared
2010-06-11 21:35 . 2010-04-20 08:31 -------- d-----w- c:\program files\Common Files\Skype
2010-06-11 21:34 . 2010-02-19 14:31 -------- d-----w- c:\users\europe\AppData\Roaming\Winamp
2010-06-11 21:18 . 2007-11-18 19:40 -------- d-----w- c:\programdata\Microsoft Help
2010-06-08 15:36 . 2007-11-10 12:29 98528 ----a-w- c:\users\Family\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-28 23:46 . 2009-01-04 01:24 -------- d-----w- c:\users\europe\AppData\Roaming\Apple Computer
2010-05-28 13:14 . 2008-12-17 16:00 -------- d-----w- c:\program files\QuickTime
2010-05-28 13:04 . 2008-12-17 16:08 -------- d-----w- c:\program files\Bonjour
2010-05-27 20:32 . 2010-05-27 20:32 245936 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-05-27 20:31 . 2008-01-18 17:30 120104 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-05-27 20:31 . 2008-01-18 17:03 165160 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-05-27 20:31 . 2010-05-27 20:31 210216 ----a-w- c:\windows\system32\SynCtrl.dll
2010-05-27 20:31 . 2008-01-18 16:51 173352 ----a-w- c:\windows\system32\SynCOM.dll
2010-05-26 23:31 . 2009-01-23 23:36 -------- d-----w- c:\program files\Microsoft
2010-05-26 17:06 . 2010-06-11 22:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 22:19 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-22 16:27 . 2009-01-04 01:27 98528 ----a-w- c:\users\europe\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-21 12:14 . 2009-10-09 15:04 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-06-11 22:23 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-11 22:23 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-11 22:23 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-11 22:23 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-11 22:27 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-04-30 20:45 . 2010-04-30 20:45 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-04-30 20:45 . 2010-04-30 20:45 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-04-30 20:45 . 2010-04-30 20:45 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-04-30 20:45 . 2010-04-30 20:45 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-04-30 20:45 . 2010-04-30 20:45 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-04-30 20:45 . 2010-04-30 20:45 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-04-30 17:37 . 2010-04-06 16:53 439816 ----a-w- c:\users\europe\AppData\Roaming\Real\Update\setup3.11\setup.exe
2010-04-29 13:39 . 2009-01-03 02:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-01-03 02:00 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2007-11-10 08:37 . 2007-11-10 08:37 22 --sha-w- c:\windows\SMINST\HPCD.sys
2008-12-29 03:15 . 2008-12-28 18:43 4404768 --sha-w- c:\windows\System32\drivers\fidbox.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"APVXDWIN"="c:\program files\T-com\Panda Internet Security 2009\APVXDWIN.EXE" [2008-07-16 857344]
"SCANINICIO"="c:\program files\T-com\Panda Internet Security 2009\Inicio.exe" [2008-07-07 50432]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-23 10:43 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RVS 2010.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RVS 2010.lnk
backup=c:\windows\pss\RVS 2010.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^europe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
path=c:\users\europe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk
backup=c:\windows\pss\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-04-13 00:29 47392 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 14:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-06-12 12:03 56080 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
2010-06-01 12:53 1093208 ----a-w- c:\program files\Microsoft Security Essentials\msseces.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\users\europe\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
2007-11-30 16:16 14450688 ----a-w- c:\program files\inKline Global\PC Booster\PCBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 13:12 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-02-13 09:38 159744 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2009-03-10 19:19 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 09:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-04 11:58 2403568 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-05-16 23:19 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-04-30 20:38 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-01-13 22:44 37888 ----a-w- c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):95,8b,23,84,58,03,ca,01
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 PavSRK.sys;PavSRK.sys;c:\windows\system32\PavSRK.sys [x]
R3 PavTPK.sys;PavTPK.sys;c:\windows\system32\PavTPK.sys [x]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-03-03 12872]
R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost [x]
R4 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
R4 PskSvcRetail;Panda PSK service;c:\program files\T-com\Panda Internet Security 2009\PskSvc.exe [2008-06-25 28928]
S0 pavboot;Panda boot driver;c:\windows\system32\Drivers\pavboot.sys [2008-06-19 28544]
S1 APPFLT;App Filter Plugin;c:\windows\system32\Drivers\APPFLT.SYS [2008-06-25 73728]
S1 DSAFLT;DSA Filter Plugin;c:\windows\system32\Drivers\DSAFLT.SYS [2008-06-18 52992]
S1 FNETMON;NetMon Filter Plugin;c:\windows\system32\Drivers\fnetmon.SYS [2008-03-28 22072]
S1 IDSFLT;Ids Filter Plugin;c:\windows\system32\Drivers\IDSFLT.SYS [2008-06-18 193792]
S1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\Drivers\NETFLTDI.SYS [2008-07-11 13:58 158848]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-03 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-07-04 67656]
S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-03-04 41144]
S1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\Drivers\WNMFLT.SYS [2008-06-18 46720]
S2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2008-02-13 49208]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-19 21504]
S2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\DRIVERS\COMFiltr.sys [2009-01-20 13880]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 PavProc;Panda Process Protection Driver;c:\windows\system32\DRIVERS\PavProc.sys [2008-02-07 179640]
S3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\DRIVERS\neti1634.sys [2008-06-26 197888]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
panda REG_MULTI_SZ Gwmsrv
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 22:34]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{31DCA4EB-CAB0-4CED-A8DA-AFE4AA220AB7}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{3C6F9F0F-B0CC-4309-9516-7E4D078D0473}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{78F5F398-0C2F-4584-8E4C-DE0DC4FBE144}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
2010-07-24 c:\windows\Tasks\User_Feed_Synchronization-{DBCCA46E-DC2D-4EC9-8D73-B2464A42AE53}.job
- c:\windows\system32\msfeedssync.exe [2010-06-11 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://bing.sk/
uInternet Settings,ProxyOverride = *.local
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{29F02F90-D4AE-4c9a-82D2-D8DCDD507F33} - c:\program files\RadarSync\RadarSync Website.lnk
LSP: c:\windows\system32\wpclsp.dll
TCP: {4C3718A6-DD75-4B1A-B628-36FC48575DCC} = 192.168.2.1
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-24 18:12
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5e,85,9c,67,03,8c,6f,40,bb,84,fa,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000fb
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(3308)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
c:\windows\system32\BTNCopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\windows\system32\wlrmdr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2010-07-24 18:23:48 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-24 16:23
ComboFix2.txt 2010-07-24 00:43
ComboFix3.txt 2009-01-15 09:35
ComboFix4.txt 2009-01-03 09:44
ComboFix5.txt 2010-07-24 15:30
Pre-Run: Volných bajtů: 11,420,844,032
Post-Run: Volných bajtů: 11,343,323,136
- - End Of File - - 4373C6CD3AFB4A203AC54B361ED6F229
Ešte by som chcel vedieť, čo znamená toto v prvom logu z rsit a či je to niečo dôležité a lebo zbytočnosť a čo s tým.
Ďakujem
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontrolu logu
po restarte to vyzeralo velmi dobre-pri ziadnej cinnosti- 0%-5% cpu.
neviem preco, po dalsich dvoch restartoch je to znovu takto:http://leteckaposta.cz/767902793
este by som poprosil o odpoved na posledne riadky mojho predchadzajuceho prispevku.
Dakujem
neviem preco, po dalsich dvoch restartoch je to znovu takto:http://leteckaposta.cz/767902793
este by som poprosil o odpoved na posledne riadky mojho predchadzajuceho prispevku.
Dakujem
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontrolu logu
c:\windows\system32\wpclsp.dll je legitimní soubor. Jeho smazáním byste si znepřístupnil síť. Odkaz na letecké poště nemohu otevřít. Pokud je opět CPU vytížen, vypněte na zkoušku antivir a zkontrolujte, zda se něco změnilo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?