IT NEWS PC REVUE PC FORUM FreeBSDInternet time: @176
Obsah fóra
Pravidlá  •  Kontakt  •  Prihlásenie  •  Registrácia

OPIS Engineering, s.r.o

Prevodovky, bonfiglioli , elektromotory tlmiče rázov, frekvenčné meniče, spojky www.opis.sk

SunSoft e-shop

Kompletný sortiment výpočtovej techniky. Tisíce položiek za výhodnú cenu. shop.sunsoft.sk

Prejdite do O2

s platbou na faktúru a získajte bonus 50€. Len v e-shope. www.o2.sk

Optimalizujeme firemné IS

Váš dobrý informáčný systém v DOS vám upravíme na moderný systém. www.partnersoft.sk

Auto od PROFI CREDIT

Využite rýchlu bezúčelovú pôžičku a vyhrajte nové auto ŠKODA Fabia ! www.proficredit.sk

spomaleny internet
Zaslať odpoveďObsah fóra » Antivíry, bezpečnosť a internet » Antivíry a antispywary
AutorSpráva
kingrider
Užívateľ
Užívateľ

Založený: 07.07.2008
Príspevky: 89
Bydlisko: NMnV

PríspevokZaslal: Št 28.05.09 20:12Odpovedať s citátomNávrat hore

Cau.
moze mi niekto poradit? bol som len tak na nete a zrazu mi Eset 4 hlási ze 44 trojanov. Prebehol som to Lavasoftom, esetom a nic mi nenaslo.
Pls poradte
Zobraziť informácie o autoroviOdoslať súkromnú správu
shiro
Skúsený užívateľ
Skúsený užívateľ

Založený: 12.10.2006
Príspevky: 9660

PríspevokZaslal: Št 28.05.09 20:57Odpovedať s citátomNávrat hore

tak mas tie viry alebo nie? ked ti raz hlasi ze ich mas, tak ich musi aj najst...
a mas problem s virusmi alebo spomalenym netom? napis to ako clovek a nemiesaj 4 veci dokopy

_________________
AMD Phenom II 955 BE 3.2GHz, 4GB RAM DDR3-1333 A-Data, MB Gigabyte MA-770T-UD3P, Kingston SSDNow V 64GB 2.Gen., WD 640GB + WD 1TB, Gigabyte GeForce GTX275 896MB, 2xDVD+-RW NEC 7173, LCD BenQ G2400Wa 24", MS Wireless optical mouse 2.0A, Keyboard Prestigio, Creative SBS 380 2.1
Zobraziť informácie o autoroviOdoslať súkromnú správu
Linux
Zablokovaný užívateľ
Zablokovaný užívateľ

Založený: 20.09.2008
Príspevky: 351

PríspevokZaslal: Št 28.05.09 20:58Odpovedať s citátomNávrat hore

http://www.viry.cz/forum/index.php
Zobraziť informácie o autoroviOdoslať súkromnú správu
kingrider
Užívateľ
Užívateľ

Založený: 07.07.2008
Príspevky: 89
Bydlisko: NMnV

PríspevokZaslal: Št 28.05.09 22:06Odpovedať s citátomNávrat hore

shiro napísal:
tak mas tie viry alebo nie? ked ti raz hlasi ze ich mas, tak ich musi aj najst...
a mas problem s virusmi alebo spomalenym netom? napis to ako clovek a nemiesaj 4 veci dokopy

A co je na tom nepochopitelne ze eset mi hlasil 44 trojanov, antivirus nic nenasiel a odkedy mi to hlasilo, tak sa mi nejaka stranka nacitava skoro minutu a predtym som klikol a bol som tam.
Zobraziť informácie o autoroviOdoslať súkromnú správu
shiro
Skúsený užívateľ
Skúsený užívateľ

Založený: 12.10.2006
Príspevky: 9660

PríspevokZaslal: Pi 29.05.09 8:53Odpovedať s citátomNávrat hore

je na tom nepochopitelne to, ze Eset je antivir, ktory ti vraj nasiel 44 trojanov, a zrazu pises ze "nejaky antivir" ti nic nehlasi. Tak si to daj dokopy ze co vlastne chces, aby ti rozumel aj zvysok sveta.

_________________
AMD Phenom II 955 BE 3.2GHz, 4GB RAM DDR3-1333 A-Data, MB Gigabyte MA-770T-UD3P, Kingston SSDNow V 64GB 2.Gen., WD 640GB + WD 1TB, Gigabyte GeForce GTX275 896MB, 2xDVD+-RW NEC 7173, LCD BenQ G2400Wa 24", MS Wireless optical mouse 2.0A, Keyboard Prestigio, Creative SBS 380 2.1
Zobraziť informácie o autoroviOdoslať súkromnú správu
kingrider
Užívateľ
Užívateľ

Založený: 07.07.2008
Príspevky: 89
Bydlisko: NMnV

PríspevokZaslal: Pi 29.05.09 11:02Odpovedať s citátomNávrat hore

shiro napísal:
je na tom nepochopitelne to, ze Eset je antivir, ktory ti vraj nasiel 44 trojanov, a zrazu pises ze "nejaky antivir" ti nic nehlasi. Tak si to daj dokopy ze co vlastne chces, aby ti rozumel aj zvysok sveta.

Dobre, Eset 4 my hlasil ze som dostal 44 napadnuti trojanom, chapete? Tusim ich ulozil do karanteny. A tak som pre istotu harddisk prescanoval esetom 4, Lavasoftom-Ad-aware ale ani jedno ziadneho kona nenaslo. No a odvtedy com som to dostal sa mi spomalil internet.
Zobraziť informácie o autoroviOdoslať súkromnú správu
shiro
Skúsený užívateľ
Skúsený užívateľ

Založený: 12.10.2006
Príspevky: 9660

PríspevokZaslal: Pi 29.05.09 12:01Odpovedať s citátomNávrat hore

no, a to bol problem napisat to takto zrozumitelne uz na zaciatku? zbytocne si stratil par hodin...

Je mozne ze spomaleny internet ti sposobuje este nieco co v syseme ostalo a odosiela data prec, pripadne stahuje dalsie bordel. Preskenuj si to este cez SuperAntiSpyware.

_________________
AMD Phenom II 955 BE 3.2GHz, 4GB RAM DDR3-1333 A-Data, MB Gigabyte MA-770T-UD3P, Kingston SSDNow V 64GB 2.Gen., WD 640GB + WD 1TB, Gigabyte GeForce GTX275 896MB, 2xDVD+-RW NEC 7173, LCD BenQ G2400Wa 24", MS Wireless optical mouse 2.0A, Keyboard Prestigio, Creative SBS 380 2.1
Zobraziť informácie o autoroviOdoslať súkromnú správu
kingrider
Užívateľ
Užívateľ

Založený: 07.07.2008
Príspevky: 89
Bydlisko: NMnV

PríspevokZaslal: Pi 29.05.09 13:38Odpovedať s citátomNávrat hore

shiro napísal:
no, a to bol problem napisat to takto zrozumitelne uz na zaciatku? zbytocne si stratil par hodin...

Je mozne ze spomaleny internet ti sposobuje este nieco co v syseme ostalo a odosiela data prec, pripadne stahuje dalsie bordel. Preskenuj si to este cez SuperAntiSpyware.

Uz som to skenoval, tusim to aj prestalo. Dufam ze sa to uz nebude opakovat
dik za pomoc
Zobraziť informácie o autoroviOdoslať súkromnú správu
kingrider
Užívateľ
Užívateľ

Založený: 07.07.2008
Príspevky: 89
Bydlisko: NMnV

PríspevokZaslal: Pi 29.05.09 17:39Odpovedať s citátomNávrat hore

Ešte jedna vec. Ked som to prebehol hijacktisom a dal si to analyzovat na internete ( http://www.hijackthis.de/cz ) tak mi tam hlási toto. http://www.postimage.org/image.php?v=aVO7f10 Mám to fixnut?

Tu je este cely log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:35, on 29. 5. 2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Java\j2re1.4.2_09\bin\jucheck.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Sun\SDK\jdk\bin\javaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\System32\MDM.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.azet.sk/
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SmartSync - ScheduleSync] C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: SDK Tray Menu.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Port pro program Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1029\OLFSNT40.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B0237F8-88F7-41DA-8FD8-0D1A0CB8A38E}: NameServer = 217.119.121.225,217.119.113.244
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B0237F8-88F7-41DA-8FD8-0D1A0CB8A38E}: NameServer = 217.119.121.225,217.119.113.244
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B0237F8-88F7-41DA-8FD8-0D1A0CB8A38E}: NameServer = 217.119.121.225,217.119.113.244
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B14\intel_a\code\bin\CATSysDemon.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe

--
End of file - 7801 bytes
Zobraziť informácie o autoroviOdoslať súkromnú správu
Roberbo
Skúsený užívateľ
Skúsený užívateľ

Založený: 10.07.2007
Príspevky: 1060
Bydlisko: Bratislava

PríspevokZaslal: Ut 02.06.09 2:32Odpovedať s citátomNávrat hore

To co sa pytas, nie,

Ale cez hijackthis fixni:
O4 - Startup: SDK Tray Menu.lnk = ?
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

Stiahni si:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Program uloz na plochu.
Spusti ho az! po vypnuti rezidentnej ochrany antiviroveho programu.

Nasledne posli vypis logu (ten moze byt vytvoreny az po vynutenom restarte pc).

_________________
Nebo je modre, voda je mokra...
Zobraziť informácie o autoroviOdoslať súkromnú správu
Pitwo
Užívateľ
Užívateľ

Založený: 08.04.2010
Príspevky: 105
Bydlisko: Slovakia, Bratislava
Vek: 23
PríspevokZaslal: Po 21.11.11 20:42Odpovedať s citátomNávrat hore

Zdravim, mam podobny problem, neviem ako to blizsie specifikovat ale mam hodne spomaleny net, nikdy sa mi nestavalo aby sa kazde video na youtube v 240p nestihalo nacitavat, alebo aby som cakal na otvorenie vacsiny stranok cca minutu a podobne. Citim to aj na mmo a ani download sa mi nevysplha na taku rychlost ako bezne. Mam internet Chello easy od UPC a spravil som aj vypis cez ten ComboFix, zde:

kód:
ComboFix 11-11-21.01 - Abík . 11. 2011  19:24:00.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.421.1051.18.8183.3429 [GMT 1:00]
Running from: c:\users\AbÝk\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0411.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-10-21 to 2011-11-21  )))))))))))))))))))))))))))))))
.
.
2011-11-21 18:27 . 2011-11-21 18:27   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-11-21 18:20 . 2011-10-07 04:16   8570192   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{38E19F02-0D59-419A-BE75-A8E4B75D254E}\mpengine.dll
2011-11-20 17:46 . 2011-11-20 17:46   --------   d-----w-   c:\program files (x86)\Common Files\Intel Corporation
2011-11-20 17:42 . 2011-11-20 17:42   --------   d-----w-   c:\users\Abík\AppData\Roaming\Intel Corporation
2011-11-20 17:36 . 2011-11-20 17:36   --------   d-----w-   c:\programdata\ATI
2011-11-20 17:36 . 2011-11-20 17:36   --------   d-----w-   c:\program files (x86)\AMD APP
2011-11-20 17:27 . 2011-10-17 13:55   559384   ----a-w-   c:\windows\system32\drivers\iaStor.sys
2011-11-20 17:27 . 2011-11-20 17:27   --------   d-----w-   c:\users\Abík\AppData\Roaming\InstallShield
2011-11-20 16:52 . 2009-07-14 01:15   315904   ----a-w-   c:\windows\SysWow64\Difxe0d2.rra
2011-11-17 20:46 . 2011-11-17 20:46   --------   d-----w-   c:\users\Abík\AppData\Roaming\SUPERAntiSpyware.com
2011-11-17 20:46 . 2011-11-17 22:48   --------   d-----w-   c:\program files\SUPERAntiSpyware
2011-11-17 20:46 . 2011-11-17 20:46   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2011-11-17 18:58 . 2011-11-17 18:58   --------   d---a-w-   c:\windows\rundll16.exe
2011-11-17 18:58 . 2011-11-17 18:58   --------   d---a-w-   c:\windows\logo1_.exe
2011-11-15 14:56 . 2011-11-15 14:56   --------   d-----w-   c:\users\Abík\AppData\Local\Skyrim
2011-11-15 14:54 . 2005-05-26 14:34   3767504   ----a-w-   c:\windows\system32\d3dx9_26.dll
2011-11-15 14:54 . 2005-05-26 14:34   2297552   ----a-w-   c:\windows\SysWow64\d3dx9_26.dll
2011-11-13 12:28 . 2011-11-13 12:28   --------   d-----w-   c:\users\Abík\AppData\Local\{C16F7F4A-A34C-4E4F-8198-1586D74EA399}
2011-11-13 12:28 . 2011-11-13 12:28   --------   d-----w-   c:\users\Abík\AppData\Local\{6EA81EBB-6A16-4D67-ABE0-BBA4DF03A461}
2011-11-11 17:31 . 2011-11-11 17:32   --------   d-----w-   c:\users\Abík\AppData\Local\{68F4AA67-4B0E-429A-9CD2-7D5A3606FE2B}
2011-11-11 17:31 . 2011-11-11 17:31   --------   d-----w-   c:\users\Abík\AppData\Local\{E4D35970-31CE-4ADB-B504-EE8E7EE70D43}
2011-11-08 21:57 . 2011-10-01 05:45   886784   ----a-w-   c:\program files\Common Files\System\wab32.dll
2011-11-08 21:57 . 2011-10-01 04:37   708608   ----a-w-   c:\program files (x86)\Common Files\System\wab32.dll
2011-11-08 21:57 . 2011-09-29 16:29   1923952   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-08 21:57 . 2011-09-29 04:03   3144704   ----a-w-   c:\windows\system32\win32k.sys
2011-11-06 13:17 . 2011-11-06 13:17   --------   d-----w-   c:\users\Abík\AppData\Local\.inapptracking
2011-11-04 18:35 . 2011-11-06 12:10   --------   d-----w-   c:\program files (x86)\Cracked Steam
2011-10-30 12:51 . 2011-10-30 12:51   --------   d-----w-   c:\users\Abík\AppData\Roaming\Apple Computer
2011-10-28 13:38 . 2011-10-28 13:38   --------   d-----w-   c:\users\Abík\AppData\Local\Apple Computer
2011-10-28 06:42 . 2011-10-28 06:42   --------   d-----w-   c:\programdata\Apple Computer
2011-10-24 21:51 . 2011-10-24 21:51   --------   d-----w-   c:\program files (x86)\Kawaii Radio Player 3
2011-10-24 21:44 . 2011-10-24 21:44   --------   d-----w-   C:\picture export
2011-10-24 21:41 . 2011-10-24 21:41   --------   d-----w-   c:\program files (x86)\RealTime Picture Convertor 6
2011-10-24 18:28 . 2011-10-24 19:28   --------   d-----w-   c:\programdata\Blizzard Entertainment
2011-10-24 13:36 . 2011-10-24 13:36   680288   ----a-w-   c:\windows\system32\Iron Man 2 War Machine.scr
2011-10-24 13:36 . 2011-10-24 13:36   680288   ------w-   c:\windows\SysWow64\Iron Man 2 War Machine.scr
2011-10-24 13:34 . 2011-10-24 13:34   --------   d-----w-   c:\users\Abík\AppData\Roaming\GetRightToGo
2011-10-24 13:27 . 2011-10-24 13:36   --------   d-----w-   c:\programdata\Screentime
2011-10-24 13:27 . 2011-10-24 13:27   680288   ----a-w-   c:\windows\system32\IM-Screensaver.scr
2011-10-24 13:27 . 2011-10-24 13:27   680288   ------w-   c:\windows\SysWow64\IM-Screensaver.scr
2011-10-24 13:27 . 2011-10-24 13:36   --------   d-----w-   c:\users\Abík\AppData\Local\Screentime
2011-10-24 13:25 . 2011-10-24 13:25   --------   d-----w-   c:\users\Abík\AppData\Roaming\Screensaver Factory
2011-10-24 13:25 . 2011-10-24 13:26   --------   d-----w-   c:\program files (x86)\Your Own Screensaver
2011-10-24 13:17 . 2011-10-24 13:17   --------   d-----w-   c:\users\Abík\AppData\Local\{4F7C71D0-FA2B-44A8-B581-2F24A5E85BAF}
2011-10-24 13:17 . 2011-10-24 13:17   --------   d-----w-   c:\users\Abík\AppData\Local\{3CDD1B9B-4643-4FAB-B454-DFDA99A1E91D}
2011-10-24 13:08 . 2011-10-24 13:08   --------   d-----w-   C:\ATI
2011-10-24 12:39 . 2011-10-24 12:40   --------   d-----w-   c:\program files (x86)\ConvertHelper
2011-10-24 12:29 . 2011-10-24 12:29   94208   ----a-w-   c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29   69632   ----a-w-   c:\windows\SysWow64\QuickTime.qts
2011-10-23 17:16 . 2011-10-23 17:16   --------   d-----w-   c:\users\Abík\AppData\Local\Focus Home Interactive
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-03 18:15 . 2011-05-19 12:29   404640   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-12 20:56 . 2011-10-12 20:56   10207232   ----a-w-   c:\windows\system32\drivers\atikmdag.sys
2011-10-12 20:20 . 2011-10-12 20:20   24629760   ----a-w-   c:\windows\system32\atio6axx.dll
2011-10-12 20:14 . 2011-10-12 20:14   159744   ----a-w-   c:\windows\system32\atiapfxx.exe
2011-10-12 20:14 . 2011-05-25 03:07   736768   ----a-w-   c:\windows\SysWow64\aticfx32.dll
2011-10-12 20:13 . 2011-04-20 02:07   867328   ----a-w-   c:\windows\system32\aticfx64.dll
2011-10-12 20:10 . 2011-07-28 21:36   466944   ----a-w-   c:\windows\system32\ATIDEMGX.dll
2011-10-12 20:10 . 2011-10-12 20:10   487936   ----a-w-   c:\windows\system32\atieclxx.exe
2011-10-12 20:09 . 2011-10-12 20:09   204288   ----a-w-   c:\windows\system32\atiesrxx.exe
2011-10-12 20:08 . 2011-10-12 20:08   120320   ----a-w-   c:\windows\system32\atitmm64.dll
2011-10-12 20:08 . 2011-10-12 20:08   423424   ----a-w-   c:\windows\system32\atipdl64.dll
2011-10-12 20:08 . 2011-10-12 20:08   356352   ----a-w-   c:\windows\SysWow64\atipdlxx.dll
2011-10-12 20:07 . 2011-10-12 20:07   278528   ----a-w-   c:\windows\SysWow64\Oemdspif.dll
2011-10-12 20:07 . 2011-10-12 20:07   21504   ----a-w-   c:\windows\system32\atimuixx.dll
2011-10-12 20:07 . 2011-10-12 20:07   59392   ----a-w-   c:\windows\system32\atiedu64.dll
2011-10-12 20:07 . 2011-10-12 20:07   43520   ----a-w-   c:\windows\SysWow64\ati2edxx.dll
2011-10-12 20:04 . 2011-05-25 02:58   4231680   ----a-w-   c:\windows\SysWow64\atidxx32.dll
2011-10-12 20:04 . 2011-10-12 20:04   18630656   ----a-w-   c:\windows\SysWow64\atioglxx.dll
2011-10-12 19:54 . 2011-04-20 01:49   4960768   ----a-w-   c:\windows\system32\atidxx64.dll
2011-10-12 19:46 . 2011-10-12 19:46   51200   ----a-w-   c:\windows\system32\aticalrt64.dll
2011-10-12 19:46 . 2011-10-12 19:46   46080   ----a-w-   c:\windows\SysWow64\aticalrt.dll
2011-10-12 19:46 . 2011-10-12 19:46   44544   ----a-w-   c:\windows\system32\aticalcl64.dll
2011-10-12 19:46 . 2011-10-12 19:46   44032   ----a-w-   c:\windows\SysWow64\aticalcl.dll
2011-10-12 19:45 . 2011-10-12 19:45   9877504   ----a-w-   c:\windows\system32\aticaldd64.dll
2011-10-12 19:44 . 2011-10-12 19:44   1113088   ----a-w-   c:\windows\system32\atiumd6v.dll
2011-10-12 19:44 . 2011-05-25 02:39   4289024   ----a-w-   c:\windows\SysWow64\atiumdag.dll
2011-10-12 19:44 . 2011-10-12 19:44   1828864   ----a-w-   c:\windows\SysWow64\atiumdmv.dll
2011-10-12 19:44 . 2011-07-28 21:11   4023296   ----a-w-   c:\windows\system32\atiumd6a.dll
2011-10-12 19:42 . 2011-10-12 19:42   8391680   ----a-w-   c:\windows\SysWow64\aticaldd.dll
2011-10-12 19:39 . 2011-04-20 01:27   58880   ----a-w-   c:\windows\system32\coinst.dll
2011-10-12 19:38 . 2011-07-28 21:02   5431808   ----a-w-   c:\windows\system32\atiumd64.dll
2011-10-12 19:33 . 2011-05-25 02:50   4174848   ----a-w-   c:\windows\SysWow64\atiumdva.dll
2011-10-12 19:31 . 2011-07-28 20:54   479744   ----a-w-   c:\windows\system32\atiadlxx.dll
2011-10-12 19:31 . 2011-10-12 19:31   335872   ----a-w-   c:\windows\SysWow64\atiadlxy.dll
2011-10-12 19:31 . 2011-10-12 19:31   17408   ----a-w-   c:\windows\system32\atig6pxx.dll
2011-10-12 19:31 . 2011-10-12 19:31   14336   ----a-w-   c:\windows\SysWow64\atiglpxx.dll
2011-10-12 19:31 . 2011-10-12 19:31   14336   ----a-w-   c:\windows\system32\atiglpxx.dll
2011-10-12 19:30 . 2011-10-12 19:30   39936   ----a-w-   c:\windows\system32\atig6txx.dll
2011-10-12 19:30 . 2011-10-12 19:30   32768   ----a-w-   c:\windows\SysWow64\atigktxx.dll
2011-10-12 19:30 . 2011-10-12 19:30   317952   ----a-w-   c:\windows\system32\drivers\atikmpag.sys
2011-10-12 19:29 . 2011-04-20 01:21   40960   ----a-w-   c:\windows\system32\atiuxp64.dll
2011-10-12 19:29 . 2011-05-25 02:24   31744   ----a-w-   c:\windows\SysWow64\atiuxpag.dll
2011-10-12 19:29 . 2011-07-28 20:53   38912   ----a-w-   c:\windows\system32\atiu9p64.dll
2011-10-12 19:29 . 2011-05-25 02:24   29184   ----a-w-   c:\windows\SysWow64\atiu9pag.dll
2011-10-12 19:28 . 2011-10-12 19:28   53248   ----a-w-   c:\windows\system32\drivers\ati2erec.dll
2011-10-12 19:16 . 2011-10-12 19:16   54784   ----a-w-   c:\windows\system32\atimpc64.dll
2011-10-12 19:16 . 2011-10-12 19:16   54784   ----a-w-   c:\windows\system32\amdpcom64.dll
2011-10-12 19:16 . 2011-10-12 19:16   53760   ----a-w-   c:\windows\SysWow64\atimpc32.dll
2011-10-12 19:16 . 2011-10-12 19:16   53760   ----a-w-   c:\windows\SysWow64\amdpcom32.dll
2011-10-12 15:16 . 2011-10-12 15:16   66048   ----a-w-   c:\windows\system32\OpenVideo64.dll
2011-10-12 15:16 . 2011-10-12 15:16   56832   ----a-w-   c:\windows\SysWow64\OpenVideo.dll
2011-10-12 15:16 . 2011-10-12 15:16   16787456   ----a-w-   c:\windows\system32\amdocl64.dll
2011-10-12 15:15 . 2011-10-12 15:15   13753856   ----a-w-   c:\windows\SysWow64\amdocl.dll
2011-10-12 15:14 . 2011-10-12 15:14   51200   ----a-w-   c:\windows\system32\OpenCL.dll
2011-10-12 15:14 . 2011-10-12 15:14   43520   ----a-w-   c:\windows\SysWow64\OpenCL.dll
2011-10-03 03:06 . 2011-05-25 09:44   472808   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2011-09-26 13:13 . 2009-07-13 23:57   20267008   ----a-w-   c:\windows\system32\imageres.dll
2011-09-22 21:55 . 2011-09-22 21:55   275360   ----a-w-   c:\windows\system32\DreamScene.dll
2011-09-19 22:56 . 2011-09-19 22:56   18328   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-14 09:47 . 2011-09-14 09:47   60416   ----a-w-   c:\windows\system32\OVDecode64.dll
2011-09-14 09:47 . 2011-09-14 09:47   53760   ----a-w-   c:\windows\SysWow64\OVDecode.dll
2011-09-14 09:38 . 2011-09-14 09:38   44032   ----a-w-   c:\windows\system32\amdoclcl64.dll
2011-09-14 09:38 . 2011-09-14 09:38   37376   ----a-w-   c:\windows\SysWow64\amdoclcl.dll
2011-09-13 15:14 . 2011-09-13 15:14   212992   ----a-w-   c:\windows\system32\drivers\nusb3xhc.sys
2011-09-13 15:14 . 2011-09-13 15:14   95744   ----a-w-   c:\windows\system32\drivers\nusb3hub.sys
2011-09-09 23:02 . 2011-09-09 23:02   23056   ----a-w-   c:\windows\system32\drivers\Usbnic.sys
2011-09-06 20:45 . 2011-05-11 16:26   41184   ----a-w-   c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-05-11 16:26   199304   ----a-w-   c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-05-11 16:26   254400   ----a-w-   c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-05-11 16:26   601944   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-05-11 16:26   301912   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-05-11 16:26   58200   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-05-11 16:26   42328   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-05-11 16:26   65368   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-05-11 16:26   24408   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2011-09-01 05:24 . 2011-10-14 01:00   2309120   ----a-w-   c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 01:00   1389056   ----a-w-   c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 01:00   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 01:00   1798144   ----a-w-   c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 01:00   1126912   ----a-w-   c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 01:00   2382848   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2011-08-31 17:12 . 2011-05-11 15:37   1698408   ----a-w-   c:\windows\RtlExUpd.dll
2011-08-31 14:20 . 2011-09-19 19:36   53248   ----a-w-   c:\windows\SysWow64\CSVer.dll
2011-08-30 15:28 . 2011-09-19 19:39   3069032   ----a-w-   c:\windows\system32\drivers\RTKVHD64.sys
2011-08-30 11:37 . 2011-09-19 19:39   2518632   ----a-w-   c:\windows\system32\RtPgEx64.dll
2011-08-27 05:37 . 2011-10-14 00:46   861696   ----a-w-   c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-14 00:46   331776   ----a-w-   c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-14 00:46   571904   ----a-w-   c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-14 00:46   233472   ----a-w-   c:\windows\SysWow64\oleacc.dll
2011-08-25 15:52 . 2011-08-25 15:51   833024   ----a-w-   c:\windows\SysWow64\user32.dll
2011-08-25 15:52 . 2011-08-25 15:51   2048   ----a-w-   c:\windows\SysWow64\winver.exe
2011-08-25 15:51 . 2011-08-25 15:51   410624   ----a-w-   c:\windows\SysWow64\systemcpl.dll
2011-08-25 15:51 . 2011-08-25 15:51   1536   ----a-w-   c:\windows\SysWow64\sppcomapi.dll
2011-08-25 15:51 . 2011-08-25 15:51   113543   ----a-w-   c:\windows\SysWow64\slmgr.vbs
2011-08-24 11:30 . 2011-09-19 19:39   3201128   ----a-w-   c:\windows\system32\RtkAPO64.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2010-11-20 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2011-08-25 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
[7] 2011-02-26 . E38899074D4951D31B4040E994DD7C8D . 2870784 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[7] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2011-02-25 . DB3631F9DFBC84CD3E0FA658EC9A9BFA . 2388992 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-09-19 640888]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-17 5495680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Razer Mamba Driver"="c:\program files (x86)\Razer\Mamba\RazerTray.exe" [2009-12-15 3278728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-12 343168]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Abík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ScreenUpdate.lnk - c:\program files (x86)\Your Own Screensaver\ScreenUpdate.exe [2011-10-24 167936]
Yahoo! Widgets.lnk - c:\program files (x86)\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\Drivers\RAMDiskVE.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 Usbnic;OTi Network Driver Module;c:\windows\system32\DRIVERS\Usbnic.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\Installer\MSI31A0.tmp [2011-09-26 102400]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-07-15 741624]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29   451872   ----a-w-   c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c977279d-d172-443a-a472-9aac57e35f41.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45   134384   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-05 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Abík\AppData\Roaming\Mozilla\Firefox\Profiles\6trm9hpj.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-YInstHelper - c:\windows\system32\regsvr32
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HyperDeskCustomThemeEnabler]
"ImagePath"="\"c:\windows\Installer\MSI31A0.tmp\" -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1564969282-139998884-2361810755-1001\Software\SecuROM\License information*]
"datasecu"=hex:15,27,99,ac,54,09,9c,1e,b8,eb,99,23,47,d9,21,15,78,dc,ce,9b,92,
   3d,af,71,86,b8,13,72,ff,b6,9a,09,9b,91,ee,3c,19,d5,ed,5a,b1,c9,4b,3a,4b,be,\
"rkeysecu"=hex:47,94,37,60,9a,f8,2e,4e,99,e7,dc,0a,4a,5b,28,75
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
.
**************************************************************************
.
Completion time: 2011-11-21  19:30:35 - machine was rebooted
ComboFix-quarantined-files.txt  2011-11-21 18:30
.
Pre-Run: 56 335 966 208 bytes free
Post-Run: 57 970 896 896 bytes free
.
- - End Of File - - 68BEC9A8C7821E47D637A98F061F7513

_________________
CPU: INTEL i5-750 Quad-Core 3,8GHz / CPU fan: CoolerMaster Hyper 212+ / GPU: ATI Radeon HD 5870 / RAM: CORSAIR 4x2GB DDR3 1333MHz / MB: GIGABYTE P55-USB3 / PSU: CORSAIR TX650, 650W / SSD: CORSAIR Force Series 120GB / HDD: WD Caviar Black 2000GB / Case: Thermaltake Tsunami VA3000 BWA / Monitor: Samsung P2770H 27" / Myš: RAZER Mamba / OS: Windows 7 Ultimate 64-bit
Zobraziť informácie o autoroviOdoslať súkromnú správuICQMSNJabberSkypeZobraziť autorove WWW stránky
Zobraziť príspevky z predchádzajúcich:    
Zaslať odpoveďObsah fóra » Antivíry, bezpečnosť a internet » Antivíry a antispywary
Nemôžete pridávať nové témy do tohto fóra.
Nemôžete odpovedať na témy v tomto fóre.
Nemôžete upravovať svoje príspevky v tomto fóre.
Nemôžete mazať svoje príspevky v tomto fóre.
Nemôžete hlasovať v tomto fóre.

Powered by phpBB 2.x.x © 2005 - 2012 PCforum, webhosting by WebSupport, edited by JanoF

SEO - optimalizácia pre vyhľadávače

Freebsd