kontrola LOGU

prototyp · Napísal **prototyp**: 27.05.2012 13:12

zdravim, chcem vas poprosit o kontrolu logu,, uz viac krat sa mi stalo ze pri vypinani PC mi vypisalo ze k pc su pripojeny iny uzivatelia ako to zistim kto sa pripaja?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:01:21, on 27.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Muros\Dokumenty\Preberanie\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.w.start.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [TC Login] c:\tccargo\tccargo.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3E3BB4F-269C-41A3-9F5F-A360E933CAD3} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD34703C-FC75-4CB7-94EA-DC9CEF8CB39B}: NameServer = 88.212.8.8
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

michalesku · Napísal **michalesku**: 27.05.2012 19:50

Hlavne by si mal napisat, ako mas PC pripojeny v sieti.. Mas vlastnu domacu siet s viacerymi PC, ide o PC v praci, alebo mas PC pripojeny na net cez lokalneho providera, ktory ma klientov v obycajnej LAN sieti a ti sa mozu navzajom vidiet?

prototyp · Napísal autor témy **prototyp**: 29.05.2012 9:28

pc mam pripojeny doma len jeden cez wifi antenu na ich BOD, smerovac vzdialeny asi 500metrov z ktoreho poskytuju pripojenie pre viacerych ucastnikov,

je nejaky program ktory mi vypise IP adresu ked sa niekto dostane do pc ?

michalesku · Napísal **michalesku**: 29.05.2012 9:45

V Tvojom pripade by bolo vhodne nainstalovat poriadny firewall, napr. Comodo alebo ZoneAlarm.. Potom pripojenia priamo zablokuje, nielen vypise..

prototyp · Napísal autor témy **prototyp**: 29.05.2012 11:59

idem vyskusat, treba tam nieco specialne ponastavovat?

Ingenium Deerro · Napísal **Ingenium Deerro**: 15.06.2012 13:38

Tak najprv k Tvojmu logu:

Vieš, čo je toto?

O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [TC Login] c:\tccargo\tccargo.exe --autostart

Pokiaľ nie, odinštaluj, alebo fixni

Tu máš odkazy na nejaké weby/servre - pokiaľ ich nepoznáš, fixni

O16 - DPF: {C3E3BB4F-269C-41A3-9F5F-A360E933CAD3} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{CD34703C-FC75-4CB7-94EA-DC9CEF8CB39B}: NameServer = 88.212.8.8

A čo sa týka hlášky o pripojených užívateľoch. Nemáš v sieti pripojené ďalšie PC/zariadenia, s ktorými zdielaš priečinok, alebo tlačiareň?
Nemáš na počítači viac vytvorených užívateľov? Neprihlasuje sa niekto iný z rodiny?

Spixy · Napísal **Spixy**: 26.07.2012 15:41

Caute mozte mi skontrolovat moj log? Mam We Windows 7 x64 aktualizovany pripojeny na net a ked som raz vypinal notebook, vypisalo:
"Ukončovanie programu Velký úsměv.exe" co ma dost vystrasilo.
Avast, SUPERAntiSpyware, CureIt, Kaspersky Virus Removal Tool nič nenašli.

Kód:

ComboFix 12-07-27.01 - Heno . 07. 2012  14:49:09.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.421.1051.18.6049.3734 [GMT 2:00]
Running from: c:\users\Heno\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\AsPatch10430001.exe
c:\windows\msvcr71.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\data.exe
c:\windows\SysWow64\tmp3F24.tmp
c:\windows\SysWow64\tmp3F83.tmp
c:\windows\SysWow64\tmpB44B.tmp
c:\windows\SysWow64\tmpB4E8.tmp
c:\windows\SysWow64\tmpDD12.tmp
c:\windows\SysWow64\tmpDF54.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AthBtTray.exe      pid: 5216     4C: c:\program files (x86)\Bluetooth Suite\sk-SK\athbttray.exe.mui
-------\Service_audiodg.exe        pid: 4552     2C: c:\windows\System32\en-US\audiodg.exe.mui
-------\Service_BtvStack.exe       pid: 4820     74: c:\program files (x86)\Bluetooth Suite\sk-SK\btvstack.exe.mui
-------\Service_conhost.exe        pid: 6652     24: c:\windows\System32\en-US\conhost.exe.mui
-------\Service_Copyright (C) 1997-2008 Mark Russinovich
-------\Service_csrss.exe          pid: 572      48: c:\windows\System32\en-US\csrss.exe.mui
-------\Service_ctfmon.exe         pid: 1284     60: c:\windows\SysWOW64\sk-SK\ctfmon.exe.mui
-------\Service_Handle v3.42
-------\Service_IAStorDataMgrSvc.exe pid: 4172    1C4: c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
-------\Service_lsm.exe            pid: 820      38: c:\windows\System32\en-US\lsm.exe.mui
-------\Service_sidebar.exe        pid: 3924     E8: c:\program files\Windows Sidebar\sidebar.exe
-------\Service_Skype.exe          pid: 3860    1F4: c:\program files (x86)\Skype\Phone\Skype.exe
-------\Service_spoolsv.exe        pid: 1576     34: c:\windows\System32\en-US\spoolsv.exe.mui
-------\Service_Sysinternals - www.sysinternals.com
-------\Service_taskeng.exe        pid: 1924     34: c:\windows\System32\en-US\TaskEng.exe.mui
-------\Service_taskhost.exe       pid: 2020     34: c:\windows\System32\en-US\taskhost.exe.mui
.
.
(((((((((((((((((((((((((   Files Created from 2012-06-26 to 2012-07-26  )))))))))))))))))))))))))))))))
.
.
2012-07-26 13:01 . 2012-07-26 13:01   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2012-07-26 13:01 . 2012-07-26 13:01   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-07-26 10:43 . 2012-07-26 10:43   --------   d-----w-   c:\users\Heno\AppData\Local\BMExplorer
2012-07-26 10:41 . 2012-07-26 10:41   --------   d-----w-   c:\users\TEMP
2012-07-26 10:40 . 2012-07-26 10:44   --------   d-----w-   c:\users\Heno\DoctorWeb
2012-07-26 10:26 . 2012-07-26 10:26   --------   d-----w-   c:\users\Heno\AppData\Local\Macromedia
2012-07-26 09:21 . 2012-07-26 09:21   --------   d-----w-   c:\users\Heno\AppData\Roaming\SUPERAntiSpyware.com
2012-07-26 09:19 . 2012-07-26 09:21   --------   d-----w-   c:\program files\SUPERAntiSpyware
2012-07-26 09:19 . 2012-07-26 09:19   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2012-07-23 20:48 . 2009-04-02 16:29   122080   ----a-w-   c:\windows\system32\Conficker.exe
2012-07-23 20:48 . 2009-05-19 19:34   126976   ----a-w-   c:\windows\system32\data.exe
2012-07-23 20:48 . 2009-04-26 13:16   40960   ----a-w-   c:\windows\system32\comp32.exe
2012-07-23 20:48 . 2012-07-23 20:49   --------   d-----w-   c:\windows\Force
2012-07-23 20:46 . 2012-07-23 20:46   --------   d-----w-   c:\windows\DK_Bot
2012-07-20 20:21 . 2012-07-20 20:21   73696   ----a-w-   c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-07-15 17:04 . 2012-06-05 14:03   224088   ----a-w-   c:\windows\system32\drivers\VBoxDrv.sys
2012-07-15 17:04 . 2012-06-05 14:03   130904   ----a-w-   c:\windows\system32\drivers\VBoxUSBMon.sys
2012-07-12 09:20 . 2012-06-12 03:08   3148800   ----a-w-   c:\windows\system32\win32k.sys
2012-07-12 09:03 . 2012-06-02 12:06   499200   ----a-w-   c:\program files\Internet Explorer\jsdbgui.dll
2012-07-12 09:03 . 2012-06-02 08:26   387584   ----a-w-   c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-07-12 09:03 . 2012-06-02 08:27   678912   ----a-w-   c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-07-12 09:03 . 2012-06-02 12:07   887296   ----a-w-   c:\program files\Internet Explorer\iedvtool.dll
2012-07-12 09:03 . 2012-06-02 12:49   17807360   ----a-w-   c:\windows\system32\mshtml.dll
2012-07-12 09:03 . 2012-06-02 12:17   10924032   ----a-w-   c:\windows\system32\ieframe.dll
2012-07-10 11:32 . 2012-07-12 09:18   171488   ----a-w-   c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-07-10 11:30 . 2012-07-10 11:30   --------   d-----w-   c:\program files (x86)\Common Files\Merge Modules
2012-07-10 09:40 . 2012-07-23 21:48   --------   d-----w-   c:\users\Heno\AppData\Roaming\codeblocks
2012-07-08 16:59 . 2012-07-08 16:59   16200   ----a-w-   c:\windows\stinger.sys
2012-07-08 16:59 . 2012-07-08 18:25   --------   d-----w-   c:\program files (x86)\stinger
2012-07-05 17:44 . 2012-07-05 17:46   --------   d-----w-   c:\users\Heno\AppData\Roaming\wargaming.net
2012-07-04 14:17 . 2012-07-04 14:17   --------   d-----w-   c:\users\Heno\AppData\Local\Realmware
2012-06-27 20:52 . 2012-06-27 20:52   --------   d-----w-   c:\users\Heno\AppData\Roaming\Intel
2012-06-27 20:50 . 2012-06-27 20:51   --------   d-----w-   c:\program files (x86)\Cisco
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-24 13:52 . 2012-06-22 11:05   283304   ----a-w-   c:\windows\SysWow64\PnkBstrB.xtr
2012-07-24 13:52 . 2011-12-27 17:49   283304   ----a-w-   c:\windows\SysWow64\PnkBstrB.exe
2012-07-24 11:54 . 2011-12-27 17:49   283304   ----a-w-   c:\windows\SysWow64\PnkBstrB.ex0
2012-07-12 09:19 . 2011-12-26 12:02   289472   ----a-w-   c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-07-12 09:05 . 2012-01-08 21:36   59701280   ----a-w-   c:\windows\system32\MRT.exe
2012-07-12 07:17 . 2012-04-03 06:49   426184   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 07:17 . 2011-12-29 11:20   70344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-03 16:21 . 2012-06-07 08:21   355856   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-06-07 08:21   958400   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-06-07 08:21   59728   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-06-07 08:21   54072   ----a-w-   c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-06-07 08:21   71064   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-06-07 08:21   25232   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-06-07 08:20   41224   ----a-w-   c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-06-07 08:20   227648   ----a-w-   c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-06-07 08:21   285328   ----a-w-   c:\windows\system32\aswBoot.exe
2012-06-22 08:37 . 2011-12-27 17:49   76888   ----a-w-   c:\windows\SysWow64\PnkBstrA.exe
2012-06-19 08:30 . 2012-04-20 14:20   48648   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-06-15 07:13 . 2012-05-05 12:45   48648   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-06-14 07:55 . 2012-04-20 14:20   458064   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-11 18:17 . 2012-06-11 18:17   71680   ----a-w-   c:\windows\system32\frapsv64.dll
2012-06-11 18:17 . 2012-06-11 18:17   65536   ----a-w-   c:\windows\SysWow64\frapsvid.dll
2012-06-10 09:27 . 2012-05-05 12:45   458064   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-07 08:15 . 2011-12-25 18:25   45056   ----a-w-   c:\windows\system32\acovcnt.exe
2012-06-05 14:03 . 2012-06-05 14:03   166232   ----a-w-   c:\windows\system32\drivers\VBoxNetFlt.sys
2012-06-05 14:03 . 2012-06-05 14:03   147288   ----a-w-   c:\windows\system32\drivers\VBoxNetAdp.sys
2012-06-05 14:02 . 2012-06-05 14:02   320856   ----a-w-   c:\windows\system32\VBoxNetFltNobj.dll
2012-06-02 22:19 . 2012-06-21 08:07   38424   ----a-w-   c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 08:07   2428952   ----a-w-   c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 08:07   57880   ----a-w-   c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 08:07   44056   ----a-w-   c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 08:07   701976   ----a-w-   c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 08:07   2622464   ----a-w-   c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 08:07   99840   ----a-w-   c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 08:07   186752   ----a-w-   c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 08:07   36864   ----a-w-   c:\windows\system32\wuapp.exe
2012-06-02 05:45 . 2012-07-12 09:02   340992   ----a-w-   c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-12 09:02   225280   ----a-w-   c:\windows\SysWow64\schannel.dll
2012-05-24 14:47 . 2012-05-24 14:47   283200   ----a-w-   c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-15 10:48 . 2012-06-13 07:09   818496   ----a-w-   c:\windows\SysWow64\nvumdshim.dll
2012-05-15 10:48 . 2012-06-13 07:09   8105280   ----a-w-   c:\windows\SysWow64\nvwgf2um.dll
2012-05-15 10:48 . 2012-06-13 07:09   28992   ----a-w-   c:\windows\system32\drivers\nvpciflt.sys
2012-05-15 10:48 . 2012-06-13 07:09   25743168   ----a-w-   c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2012-06-13 07:09   19607872   ----a-w-   c:\windows\SysWow64\nvoglv32.dll
2012-05-15 10:48 . 2012-06-13 07:09   14298944   ----a-w-   c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2012-06-13 07:09   10194752   ----a-w-   c:\windows\system32\nvwgf2umx.dll
2012-05-15 10:48 . 2012-06-13 07:09   8139072   ----a-w-   c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-06-13 07:09   5982528   ----a-w-   c:\windows\SysWow64\nvcuda.dll
2012-05-15 10:48 . 2012-06-13 07:09   364352   ----a-w-   c:\windows\system32\nvdecodemft.dll
2012-05-15 10:48 . 2012-06-13 07:09   301376   ----a-w-   c:\windows\SysWow64\nvdecodemft.dll
2012-05-15 10:48 . 2012-06-13 07:09   2881856   ----a-w-   c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-06-13 07:09   2681664   ----a-w-   c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-06-13 07:09   2524992   ----a-w-   c:\windows\SysWow64\nvcuvid.dll
2012-05-15 10:48 . 2012-06-13 07:09   25248064   ----a-w-   c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-06-13 07:09   2445120   ----a-w-   c:\windows\SysWow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-06-13 07:09   2368832   ----a-w-   c:\windows\SysWow64\nvapi.dll
2012-05-15 10:48 . 2012-06-13 07:09   18044224   ----a-w-   c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-06-13 07:09   17551680   ----a-w-   c:\windows\SysWow64\nvcompiler.dll
2012-05-15 10:48 . 2012-06-13 07:09   15322432   ----a-w-   c:\windows\SysWow64\nvd3dum.dll
2012-05-15 10:48 . 2012-02-21 17:46   949056   ----a-w-   c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2012-02-21 17:46   68928   ----a-w-   c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2012-02-21 17:46   61248   ----a-w-   c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2012-02-21 17:46   246592   ----a-w-   c:\windows\system32\nvinitx.dll
2012-05-15 10:48 . 2012-02-21 17:46   202048   ----a-w-   c:\windows\SysWow64\nvinit.dll
2012-05-15 10:48 . 2012-02-21 17:46   1738048   ----a-w-   c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2012-02-21 17:46   1468224   ----a-w-   c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2012-02-21 17:46   2741568   ----a-w-   c:\windows\system32\nvapi64.dll
2012-05-15 09:29 . 2012-06-13 06:49   889664   ----a-w-   c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2012-06-13 06:49   858944   ----a-w-   c:\windows\system32\nv3dappshext.dll
2012-05-15 09:29 . 2012-06-13 06:49   63296   ----a-w-   c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2012-06-13 06:49   55616   ----a-w-   c:\windows\system32\nv3dappshextr.dll
2012-05-15 09:29 . 2012-06-13 06:49   2561856   ----a-w-   c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2012-06-13 06:49   118080   ----a-w-   c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2012-06-13 06:49   2621723   ----a-w-   c:\windows\system32\nvcoproc.bin
2012-05-15 09:29 . 2012-06-13 06:49   3149632   ----a-w-   c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2012-06-13 06:49   6151488   ----a-w-   c:\windows\system32\nvcpl.dll
2012-05-10 07:09 . 2012-04-22 18:21   8107   ----a-w-   c:\windows\w7dsd.reg
2012-05-10 07:09 . 2012-04-22 18:21   8089   ----a-w-   c:\windows\w7dse.reg
2012-05-09 10:21 . 2012-06-11 13:41   476936   ----a-w-   c:\windows\SysWow64\npdeployJava1.dll
2012-05-09 10:21 . 2011-12-26 14:07   472840   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-15 06:25   5559664   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-15 06:25   3968368   ----a-w-   c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-15 06:25   3913072   ----a-w-   c:\windows\SysWow64\ntoskrnl.exe
2012-05-03 11:57 . 2012-04-22 18:21   275360   ----a-w-   c:\windows\system32\DreamScene.dll
2012-05-02 18:10 . 2012-04-22 18:21   275360   ----a-w-   c:\windows\system32\DreamScene.dll.9683
2012-05-02 00:46 . 2012-05-02 00:46   4472832   ----a-w-   c:\windows\SysWow64\GPhotos.scr
2012-05-01 05:40 . 2012-06-15 06:25   209920   ----a-w-   c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-15 06:25   210944   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"SRDownloader"="c:\users\Heno\Desktop\Programy\SRDownloader.exe" [2012-07-14 904192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
.
c:\users\Heno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-7-3 41160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"DelayedDesktopSwitchTimeout"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-04-24 584224]
R3 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2010-05-07 814344]
R3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
R3 ALSysIO;ALSysIO;c:\users\Heno\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R3 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-02-17 276248]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-01-06 13352]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2007-03-06 16160]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS [x]
R3 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R3 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-04-03 117040]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2012-04-24 54728]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 577824]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-24 283200]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-13 30568]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-03-06 58400]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 07:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21   133400   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41   220160   ----a-w-   c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41   220160   ----a-w-   c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"COMODO Internet Security"="d:\program files (x86)\COMODO\COMODO Internet Security\cfp.exe" [2012-03-13 9569096]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-18 11785832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-02 419096]
"combofix"="c:\combofix\CF22913.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Heno\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{32750BD4-7F18-4A19-AA4E-D9B874D6BD00}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Heno\AppData\Roaming\Mozilla\Firefox\Profiles\ijd79ty7.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
"ImagePath"="system32\DRIVERS\btath_flt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AthBtTray.exe      pid: 5216     4C: C:]
--
"ImagePath"="\??\c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\audiodg.exe        pid: 4552     2C: C:]
--
"ImagePath"="\SystemRoot\System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BtvStack.exe       pid: 4820     74: C:]
--
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe        pid: 6652     24: C:]
--
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\csrss.exe          pid: 572      48: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ctfmon.exe         pid: 1284     60: C:]
--
"ImagePath"="\"c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 4172    1C4: C:]
--
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe            pid: 820      38: C:]
--
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe        pid: 3924     E8: C:]
--
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Skype.exe          pid: 3860    1F4: C:]
--
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spoolsv.exe        pid: 1576     34: C:]
--
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe        pid: 1924     34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe       pid: 2020     34: C:]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2841906299-1500666321-4036413701-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:6d,ac,d1,29,36,8a,d8,97,d7,b3,43,31,ea,0b,9a,f3,76,0b,7b,2e,d7,e9,1c,
   a9,ad,4d,1a,80,7f,db,b7,11,f5,22,43,86,f5,12,1a,9d,46,ee,34,7c,0c,59,56,b6,\
"??"=hex:0b,c3,f2,11,9a,81,bb,ee,a1,d0,da,ad,53,2f,a3,e1
.
[HKEY_USERS\S-1-5-21-2841906299-1500666321-4036413701-1001\Software\SecuROM\License information*]
"datasecu"=hex:8c,35,f2,9f,15,5a,28,41,bc,7f,8b,5e,d1,ee,7e,db,14,b0,ee,d0,d7,
   41,63,a6,10,13,bd,e7,77,a8,b2,22,3c,72,f2,ed,b2,37,c7,ed,e0,38,c7,1c,93,e7,\
"rkeysecu"=hex:ee,c8,79,d8,d5,40,c7,0e,18,0a,ef,42,b9,af,a8,5d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2012-07-26  15:17:57 - machine was rebooted
ComboFix-quarantined-files.txt  2012-07-26 13:17
.
Pre-Run: 40 918 679 552 bytes free
Post-Run: 40 108 564 480 bytes free
.
- - End Of File - - E44FE0DA5DCC8A95BB078763FB326DEF

Kód:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:36:02, on 26. 7. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Users\Heno\Desktop\Programy\SRDownloader.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SRDownloader] C:\Users\Heno\Desktop\Programy\SRDownloader.exe
O4 - HKUS\S-1-5-21-2841906299-1500666321-4036413701-1014\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2841906299-1500666321-4036413701-1014\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Heno\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32750BD4-7F18-4A19-AA4E-D9B874D6BD00}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Program Files (x86)\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 13048 bytes

personal compuper · Napísal **personal compuper**: 29.07.2012 10:51

otvor poznámkový blok

Citácia:

killall::
SecCenter::
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
{FEEA52D5-051E-08DD-07EF-2F009097607D}

registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"SRDownloader"=-

driver::
AdobeARMservice
AdobeFlashPlayerUpdateSvc
SkypeUpdate
gupdate
gupdatem

file::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

dds::
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Heno\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

firefox::
FF - ProfilePath - c:\users\Heno\AppData\Roaming\Mozilla\Firefox\Profiles\ijd79ty7.default\

regnull::
[HKEY_USERS\S-1-5-21-2841906299-1500666321-4036413701-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-2841906299-1500666321-4036413701-1001\Software\SecuROM\License information*]
reglock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

clearjavacache::
atjob::
reboot::

vsštko z qoute presun do poznmkoveho bloku poznámkový blok premenuj cfscript ulož to combofix premiestni na plochu a aj poznámkový blok z skriptom nech e na ploche cfscript pretiahni cez combofix log pošli

Spixy · Napísal **Spixy**: 29.07.2012 12:22

Problem je ze nemozem najst Combofix. Na ploche mam len instalator a nic. Combofix sa nainstaloval do "C:\Combofix" kam sa viem odstat len cez Total Commander ale ziadny Combofix.exe tam nie je.

// [ CODE ] tag tu blbne:

ComboFix 12-07-27.03 - Heno . 07. 2012 11:41:13.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.6049.3552 [GMT 2:00]
Running from: c:\users\Heno\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AthBtTray.exe pid: 4692 4C: c:\program files (x86)\Bluetooth Suite\sk-SK\athbttray.exe.mui
-------\Service_BtvStack.exe pid: 2928 78: c:\program files (x86)\Bluetooth Suite\sk-SK\btvstack.exe.mui
-------\Service_conhost.exe pid: 3356 28: c:\windows\System32\en-US\conhost.exe.mui
-------\Service_Copyright (C) 1997-2008 Mark Russinovich
-------\Service_csrss.exe pid: 576 48: c:\windows\System32\en-US\csrss.exe.mui
-------\Service_Handle v3.42
-------\Service_IAStorDataMgrSvc.exe pid: 5272 1C4: c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
-------\Service_lsm.exe pid: 792 38: c:\windows\System32\en-US\lsm.exe.mui
-------\Service_sidebar.exe pid: 1420 E8: c:\program files\Windows Sidebar\sidebar.exe
-------\Service_Skype.exe pid: 7568 1F4: c:\program files (x86)\Skype\Phone\Skype.exe
-------\Service_spoolsv.exe pid: 1740 34: c:\windows\System32\en-US\spoolsv.exe.mui
-------\Service_Sysinternals - www.sysinternals.com
-------\Service_taskeng.exe pid: 1560 34: c:\windows\System32\en-US\TaskEng.exe.mui
-------\Service_taskeng.exe pid: 7836 30: c:\windows\System32\en-US\TaskEng.exe.mui
-------\Service_taskhost.exe pid: 1912 34: c:\windows\System32\en-US\taskhost.exe.mui
.
.
((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-29 )))))))))))))))))))))))))))))))
.
.
2012-07-29 09:53 . 2012-07-29 09:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-29 09:53 . 2012-07-29 09:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-29 09:45 . 2012-07-29 09:59 -------- d-----w- c:\users\Heno\.designer
2012-07-29 09:10 . 2012-07-29 09:10 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-07-27 14:00 . 2012-07-27 14:00 -------- d-----w- c:\users\Heno\AppData\Local\Nokia
2012-07-27 13:59 . 2012-07-29 09:59 -------- d-----w- c:\users\Heno\AppData\Roaming\Nokia
2012-07-27 11:22 . 2012-03-11 00:17 121344 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-07-27 11:22 . 2012-03-11 00:09 86528 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-07-27 10:56 . 2012-07-27 10:56 -------- d-----w- c:\users\Heno\SystemRequirementsLab
2012-07-26 21:03 . 2012-07-26 21:03 -------- d-----w- c:\users\Heno\AppData\Local\Adobe
2012-07-26 14:48 . 2012-07-29 09:27 -------- d-----w- c:\users\Heno\AppData\Local\Google
2012-07-26 10:43 . 2012-07-26 10:43 -------- d-----w- c:\users\Heno\AppData\Local\BMExplorer
2012-07-26 10:41 . 2012-07-26 10:41 -------- d-----w- c:\users\TEMP
2012-07-26 10:40 . 2012-07-26 10:44 -------- d-----w- c:\users\Heno\DoctorWeb
2012-07-26 10:26 . 2012-07-26 10:26 -------- d-----w- c:\users\Heno\AppData\Local\Macromedia
2012-07-23 20:48 . 2009-04-02 16:29 122080 ----a-w- c:\windows\system32\Conficker.exe
2012-07-23 20:48 . 2009-05-19 19:34 126976 ----a-w- c:\windows\system32\data.exe
2012-07-23 20:48 . 2009-04-26 13:16 40960 ----a-w- c:\windows\system32\comp32.exe
2012-07-20 20:21 . 2012-07-20 20:21 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-07-15 17:04 . 2012-06-05 14:03 224088 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-07-15 17:04 . 2012-06-05 14:03 130904 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-07-12 09:20 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 09:03 . 2012-06-02 12:06 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-07-12 09:03 . 2012-06-02 08:26 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-07-12 09:03 . 2012-06-02 08:27 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-07-12 09:03 . 2012-06-02 12:07 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-07-12 09:03 . 2012-06-02 12:49 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-07-12 09:03 . 2012-06-02 12:17 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-07-10 11:32 . 2012-07-12 09:18 171488 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-07-10 11:30 . 2012-07-10 11:30 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2012-07-10 09:40 . 2012-07-23 21:48 -------- d-----w- c:\users\Heno\AppData\Roaming\codeblocks
2012-07-08 16:59 . 2012-07-08 16:59 16200 ----a-w- c:\windows\stinger.sys
2012-07-08 16:59 . 2012-07-08 18:25 -------- d-----w- c:\program files (x86)\stinger
2012-07-05 17:44 . 2012-07-05 17:46 -------- d-----w- c:\users\Heno\AppData\Roaming\wargaming.net
2012-07-04 14:17 . 2012-07-04 14:17 -------- d-----w- c:\users\Heno\AppData\Local\Realmware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 10:53 . 2012-06-22 11:05 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-27 10:53 . 2011-12-27 17:49 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-26 21:17 . 2012-04-03 06:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-26 21:17 . 2011-12-29 11:20 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-24 13:52 . 2011-12-27 17:49 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-12 09:19 . 2011-12-26 12:02 289472 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-07-12 09:05 . 2012-01-08 21:36 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-06-07 08:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-06-07 08:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-06-07 08:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-06-07 08:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-06-07 08:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-06-07 08:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-06-07 08:20 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-06-07 08:20 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-06-07 08:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-29 03:37 . 2012-02-21 17:46 969064 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-06-29 03:37 . 2012-02-21 17:46 1758056 ----a-w- c:\windows\system32\nvdispco64.dll
2012-06-29 03:37 . 2012-02-21 17:46 2723688 ----a-w- c:\windows\system32\nvapi64.dll
2012-06-28 23:56 . 2012-06-13 06:49 2667062 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-28 23:55 . 2012-06-13 06:49 3266408 ----a-w- c:\windows\system32\nvsvc64.dll
2012-06-28 23:55 . 2012-06-13 06:49 6193000 ----a-w- c:\windows\system32\nvcpl.dll
2012-06-28 23:55 . 2012-06-13 06:49 865128 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-06-28 23:55 . 2012-06-13 06:49 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-06-28 23:55 . 2012-06-13 06:49 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-06-28 23:55 . 2012-06-13 06:49 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-06-28 23:55 . 2012-06-13 06:49 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-06-28 23:55 . 2012-06-13 06:49 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-06-22 08:37 . 2011-12-27 17:49 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-19 08:30 . 2012-04-20 14:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-06-15 07:13 . 2012-05-05 12:45 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-06-14 07:55 . 2012-04-20 14:20 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-11 18:17 . 2012-06-11 18:17 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-06-11 18:17 . 2012-06-11 18:17 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-06-10 09:27 . 2012-05-05 12:45 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-07 08:15 . 2011-12-25 18:25 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-05 14:03 . 2012-06-05 14:03 166232 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-06-05 14:03 . 2012-06-05 14:03 147288 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-06-05 14:02 . 2012-06-05 14:02 320856 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-06-02 22:19 . 2012-06-21 08:07 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 08:07 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 08:07 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 08:07 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 08:07 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 08:07 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 08:07 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 08:07 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 08:07 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:45 . 2012-07-12 09:02 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-12 09:02 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-30 11:10 . 2010-11-29 22:00 16168 ----a-w- c:\windows\system32\drivers\TurboB.sys
2012-05-24 14:47 . 2012-05-24 14:47 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-15 10:48 . 2012-06-13 07:09 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2012-05-15 10:48 . 2012-06-13 07:09 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2012-05-15 10:48 . 2012-02-21 17:46 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-10 07:09 . 2012-04-22 18:21 8107 ----a-w- c:\windows\w7dsd.reg
2012-05-10 07:09 . 2012-04-22 18:21 8089 ----a-w- c:\windows\w7dse.reg
2012-05-09 10:21 . 2012-06-11 13:41 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-09 10:21 . 2011-12-26 14:07 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-15 06:25 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-15 06:25 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-15 06:25 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-03 11:57 . 2012-04-22 18:21 275360 ----a-w- c:\windows\system32\DreamScene.dll
2012-05-02 18:10 . 2012-04-22 18:21 275360 ----a-w- c:\windows\system32\DreamScene.dll.9683
2012-05-02 00:46 . 2012-05-02 00:46 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-05-01 05:40 . 2012-06-15 06:25 209920 ----a-w- c:\windows\system32\profsvc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-26_13.11.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-21 17:46 . 2012-03-11 00:09 17920 c:\windows\SysWOW64\OpenCL.dll
+ 2012-03-19 13:12 . 2012-03-19 13:12 25088 c:\windows\SysWOW64\igfxexps32.dll
- 2012-02-17 08:24 . 2012-02-17 08:24 58880 c:\windows\SysWOW64\igdde32.dll
+ 2012-03-19 14:25 . 2012-03-19 14:25 58880 c:\windows\SysWOW64\igdde32.dll
+ 2012-02-29 15:21 . 2012-07-29 08:49 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2012-02-29 15:21 . 2012-07-26 13:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 04:54 . 2012-07-29 10:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-26 13:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-26 13:13 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-29 10:03 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-26 13:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-29 10:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-07-27 11:48 61352 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-29 10:04 47094 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-25 18:26 . 2012-07-29 10:04 13906 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2841906299-1500666321-4036413701-1001_UserData.bin
+ 2012-02-21 17:46 . 2012-03-11 00:17 20992 c:\windows\system32\OpenCL.dll
+ 2011-12-06 02:22 . 2011-12-06 02:22 14848 c:\windows\system32\IntcDAuC.dll
- 2012-05-09 05:53 . 2010-10-15 14:27 14848 c:\windows\system32\IntcDAuC.dll
+ 2011-07-12 04:10 . 2012-03-19 13:17 63488 c:\windows\system32\igfxsrvc.dll
- 2012-05-09 05:53 . 2011-05-24 06:29 28672 c:\windows\system32\igfxexps.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 28672 c:\windows\system32\igfxexps.dll
+ 2012-03-19 14:42 . 2012-03-19 14:42 90112 c:\windows\system32\igfxCoIn_v2696.dll
- 2012-02-17 08:27 . 2012-02-17 08:27 79360 c:\windows\system32\igdde64.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 79360 c:\windows\system32\igdde64.dll
+ 2009-07-14 05:30 . 2012-07-27 14:06 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-07-15 17:04 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-07-27 11:25 . 2012-06-29 03:37 60776 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\OpenCL64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 52584 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\OpenCL.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 30056 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvpciflt.sys
+ 2011-12-06 02:22 . 2011-12-06 02:22 14848 c:\windows\system32\DriverStore\FileRepository\intcdaud.inf_amd64_neutral_31955b183c8225fd\IntcDAuC.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 52736 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\OpenCL64.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 51200 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\OpenCL.dll
+ 2012-03-19 14:42 . 2012-03-19 14:42 90112 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igxpco64.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 63488 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxsrvc.dll
+ 2012-03-19 13:12 . 2012-03-19 13:12 25088 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxexps32.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 28672 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxexps.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 79360 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdde64.dll
+ 2012-03-19 14:25 . 2012-03-19 14:25 58880 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdde32.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 94208 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IccLibDll_x64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 30056 c:\windows\system32\drivers\nvpciflt.sys
- 2011-12-25 18:29 . 2012-07-26 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-25 18:29 . 2012-07-27 11:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-25 18:29 . 2012-07-26 11:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-12-25 18:29 . 2012-07-27 11:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-26 11:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-27 11:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-02-10 23:06 . 2012-07-29 09:59 3538 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-02-10 23:06 . 2012-07-25 22:56 3538 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-03-19 13:17 . 2012-03-19 13:17 9216 c:\windows\system32\IGFXDEVLib.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 4096 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdetx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 4096 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdet.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 9216 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IGFXDEVLib.dll
+ 2012-07-29 10:01 . 2012-07-29 10:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-26 13:09 . 2012-07-26 13:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 10:01 . 2012-07-29 10:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-26 13:09 . 2012-07-26 13:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-27 11:25 . 2012-06-29 03:37 828264 c:\windows\SysWOW64\nvumdshim.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 202600 c:\windows\SysWOW64\nvinit.dll
+ 2012-07-27 11:44 . 2012-06-29 03:37 828264 c:\windows\SysWOW64\NV\igdumd32.dll
+ 2012-06-13 06:54 . 2012-06-29 03:37 828264 c:\windows\SysWOW64\NV\igd10umd32.dll
+ 2012-07-26 21:17 . 2012-07-26 21:17 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe
+ 2012-07-26 20:20 . 2012-07-26 20:20 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe
+ 2012-07-26 20:20 . 2012-07-26 20:20 466632 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.dll
+ 2012-04-03 06:49 . 2012-07-26 21:17 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-03 06:49 . 2012-07-12 07:17 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-02-17 08:37 . 2012-02-17 08:37 276248 c:\windows\SysWOW64\IntelCpHeciSvc.exe
+ 2012-03-19 14:44 . 2012-03-19 14:44 276248 c:\windows\SysWOW64\IntelCpHeciSvc.exe
+ 2012-03-19 13:09 . 2012-03-19 13:09 519680 c:\windows\SysWOW64\iglhsip32.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 177152 c:\windows\SysWOW64\iglhcp32.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 963912 c:\windows\SysWOW64\igkrng600.bin
+ 2012-03-19 13:11 . 2012-03-19 13:11 325120 c:\windows\SysWOW64\igfxdv32.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 237056 c:\windows\SysWOW64\igfxcmrt32.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 261208 c:\windows\SysWOW64\igfcg600m.bin
+ 2011-12-26 09:39 . 2012-07-29 08:48 363410 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-12-25 22:02 . 2012-07-27 19:01 366786 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-07-26 17:49 738448 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-23 13:47 738448 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-26 17:49 153964 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-23 13:47 153964 c:\windows\system32\perfc009.dat
+ 2012-07-27 11:25 . 2012-06-29 03:37 247144 c:\windows\system32\nvinitx.dll
+ 2012-06-13 06:54 . 2012-06-29 03:37 969064 c:\windows\system32\NV\igdumd64.dll
+ 2012-06-13 06:54 . 2012-06-29 03:37 969064 c:\windows\system32\NV\igd10umd64.dll
+ 2012-07-26 21:17 . 2012-07-26 21:17 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_Plugin.exe
+ 2012-07-26 20:20 . 2012-07-26 20:20 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe
+ 2012-07-26 20:20 . 2012-07-26 20:20 513224 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 524800 c:\windows\system32\iglhsip64.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 213504 c:\windows\system32\iglhcp64.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 963912 c:\windows\system32\igkrng600.bin
+ 2012-03-19 14:44 . 2012-03-19 14:44 170264 c:\windows\system32\igfxtray.exe
+ 2012-03-19 13:18 . 2012-03-19 13:18 410624 c:\windows\system32\igfxTMM.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 509720 c:\windows\system32\igfxsrvc.exe
+ 2011-07-12 04:10 . 2012-03-19 13:18 386560 c:\windows\system32\igfxpph.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 439064 c:\windows\system32\igfxpers.exe
+ 2012-03-19 14:44 . 2012-03-19 14:44 250136 c:\windows\system32\igfxext.exe
+ 2012-03-19 13:16 . 2012-03-19 13:16 142336 c:\windows\system32\igfxdo.dll
- 2012-05-09 05:53 . 2011-05-24 06:27 142336 c:\windows\system32\igfxdo.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 434688 c:\windows\system32\igfxdev.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 193024 c:\windows\system32\igfxcmrt64.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 261208 c:\windows\system32\igfcg600m.bin
+ 2012-03-19 14:44 . 2012-03-19 14:44 398616 c:\windows\system32\hkcmd.exe
+ 2011-07-12 04:10 . 2012-03-19 13:17 110592 c:\windows\system32\hccutils.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 172032 c:\windows\system32\gfxSrvc.dll
- 2009-07-14 05:30 . 2012-07-15 17:04 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-07-27 14:06 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-07-27 14:06 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-07-15 17:04 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-07-27 11:25 . 2012-06-29 03:37 969064 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvumdshimx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 828264 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvumdshim.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 363368 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvml.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 284008 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvkflt.sys
+ 2012-07-27 11:25 . 2012-06-29 03:37 247144 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvinitx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 202600 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvinit.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 237416 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvidia-smi.exe
+ 2012-07-27 11:25 . 2012-06-29 03:37 330088 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvEncodeAPI64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 290664 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvEncodeAPI.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 249344 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdxgiwrapx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 220008 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdxgiwrap.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 222056 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdebugdump.exe
+ 2012-07-27 11:25 . 2012-06-29 03:37 316416 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\Nvd3d9wrapx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 285032 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\Nvd3d9wrap.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 661352 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\MCU.exe
+ 2012-07-27 11:25 . 2012-06-29 03:37 233320 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\dbInstaller.exe
+ 2011-12-06 02:23 . 2011-12-06 02:23 331264 c:\windows\system32\DriverStore\FileRepository\intcdaud.inf_amd64_neutral_31955b183c8225fd\IntcDAud.sys
+ 2012-03-19 14:03 . 2012-03-19 14:03 236544 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IntelOpenCL64.dll
+ 2012-03-19 14:00 . 2012-03-19 14:00 188416 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IntelOpenCL32.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 276248 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\IntelCpHeciSvc.exe
+ 2012-03-19 13:09 . 2012-03-19 13:09 524800 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhsip64.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 519680 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhsip32.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 213504 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhcp64.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 177152 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\iglhcp32.dll
+ 2012-03-19 14:37 . 2012-03-19 14:37 755188 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igkrng700.bin
+ 2012-03-19 14:31 . 2012-03-19 14:31 963912 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igkrng600.bin
+ 2012-03-19 14:44 . 2012-03-19 14:44 170264 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxtray.exe
+ 2012-03-19 13:18 . 2012-03-19 13:18 410624 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxTMM.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 509720 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxsrvc.exe
+ 2012-03-19 13:18 . 2012-03-19 13:18 386560 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxpph.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 439064 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxpers.exe
+ 2012-03-19 14:44 . 2012-03-19 14:44 250136 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxext.exe
+ 2012-03-19 13:11 . 2012-03-19 13:11 325120 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxdv32.dll
+ 2012-03-19 13:16 . 2012-03-19 13:16 142336 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxdo.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 434688 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxdev.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 193024 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmrt64.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 237056 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmrt32.dll
+ 2012-03-19 14:37 . 2012-03-19 14:37 561508 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfcg700m.bin
+ 2012-03-19 14:31 . 2012-03-19 14:31 261208 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfcg600m.bin
+ 2012-03-19 14:03 . 2012-03-19 14:03 591872 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdrcl64.dll
+ 2012-03-19 14:00 . 2012-03-19 14:00 518144 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdrcl32.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 145804 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igcompkrng600.bin
+ 2012-03-19 14:44 . 2012-03-19 14:44 398616 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\hkcmd.exe
+ 2012-03-19 13:17 . 2012-03-19 13:17 110592 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\hccutils.dll
+ 2012-03-19 13:17 . 2012-03-19 13:17 172032 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\gfxSrvc.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 184600 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\difx64.exe
+ 2011-12-06 02:23 . 2011-12-06 02:23 331264 c:\windows\system32\drivers\IntcDAud.sys
+ 2012-03-19 14:44 . 2012-03-19 14:44 184600 c:\windows\system32\difx64.exe
+ 2009-07-14 05:12 . 2012-07-26 21:17 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2012-07-17 09:57 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2012-07-26 13:08 515704 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-29 09:59 515704 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-26 21:06 . 2012-07-26 21:06 131072 c:\windows\Installer\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}\ARPPRODUCTICON.exe
+ 2012-07-27 11:25 . 2012-06-29 03:37 2573160 c:\windows\SysWOW64\nvcuvid.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 1865064 c:\windows\SysWOW64\nvcuvenc.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 7699304 c:\windows\SysWOW64\nvcuda.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2422120 c:\windows\SysWOW64\nvapi.dll
+ 2012-07-26 21:17 . 2012-07-26 21:17 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
+ 2012-07-26 21:17 . 2012-07-26 21:17 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
+ 2012-02-17 08:24 . 2012-03-19 14:26 6120960 c:\windows\SysWOW64\igdumd32.dll
+ 2012-02-17 08:13 . 2012-03-19 14:11 7795200 c:\windows\SysWOW64\igd10umd32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 1472360 c:\windows\system32\nvdispgenco64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2744680 c:\windows\system32\nvcuvid.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2216296 c:\windows\system32\nvcuvenc.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 9164648 c:\windows\system32\nvcuda.dll
+ 2012-03-19 13:16 . 2012-03-19 13:16 9007616 c:\windows\system32\igfxress.dll
+ 2012-05-09 05:53 . 2012-03-19 14:31 8087040 c:\windows\system32\igdumd64.dll
+ 2011-07-12 04:10 . 2012-03-19 14:22 9605632 c:\windows\system32\igd10umd64.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 5888792 c:\windows\system32\GfxUI.exe
+ 2012-07-27 11:25 . 2012-06-29 03:37 1074316 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdrsdb.bin
+ 2012-07-27 11:25 . 2012-06-29 03:37 1472360 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdispgenco64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 1758056 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvdispco64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2573160 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcuvid32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2744680 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcuvid.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2216296 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcuvenc64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 1865064 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcuvenc.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 7699304 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcuda32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 9164648 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcuda.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2723688 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvapi64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 2422120 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvapi.dll
+ 2012-03-19 13:16 . 2012-03-19 13:16 9007616 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxress.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 2967040 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmjit64.dll
+ 2012-03-19 13:09 . 2012-03-19 13:09 2321408 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igfxcmjit32.dll
+ 2012-03-19 14:31 . 2012-03-19 14:31 8087040 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdumd64.dll
+ 2012-03-19 14:26 . 2012-03-19 14:26 6120960 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdumd32.dll
+ 2012-03-19 14:03 . 2012-03-19 14:03 3749888 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdbcl64.dll
+ 2012-03-19 14:00 . 2012-03-19 14:00 2866688 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdbcl32.dll
+ 2012-03-19 14:22 . 2012-03-19 14:22 9605632 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igd10umd64.dll
+ 2012-03-19 14:11 . 2012-03-19 14:11 7795200 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igd10umd32.dll
+ 2012-03-19 14:44 . 2012-03-19 14:44 5888792 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\GfxUI.exe
+ 2012-05-24 06:06 . 2012-07-29 09:59 1677816 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-07-29 09:09 . 2012-07-29 09:09 1606656 c:\windows\Installer\9c0f7ec.msi
+ 2012-07-27 11:25 . 2012-06-29 03:37 12388712 c:\windows\SysWOW64\nvwgf2um.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 19828072 c:\windows\SysWOW64\nvoglv32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 15290216 c:\windows\SysWOW64\nvd3dum.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 17559912 c:\windows\SysWOW64\nvcompiler.dll
+ 2012-06-13 06:54 . 2012-06-29 03:37 19828072 c:\windows\SysWOW64\NV\ig4icd32.dll
+ 2012-03-19 13:21 . 2012-03-19 13:21 13212672 c:\windows\SysWOW64\ig4icd32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 14806376 c:\windows\system32\nvwgf2umx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 26226536 c:\windows\system32\nvoglv64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 18228072 c:\windows\system32\nvd3dumx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 25256296 c:\windows\system32\nvcompiler.dll
+ 2012-06-13 06:54 . 2012-06-29 03:37 26226536 c:\windows\system32\NV\ig4icd64.dll
+ 2012-07-26 21:17 . 2012-07-26 21:17 12315336 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll
+ 2012-03-19 13:31 . 2012-03-19 13:31 18137088 c:\windows\system32\ig4icd64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 14806376 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvwgf2umx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 12388712 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvwgf2um.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 26226536 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvoglv64.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 19828072 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvoglv32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 13365608 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvlddmkm.sys
+ 2012-07-27 11:25 . 2012-06-29 03:37 18228072 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvd3dumx.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 15290216 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvd3dum.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 72703952 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\NvCplSetupInt.exe
+ 2012-07-27 11:25 . 2012-06-29 03:37 17559912 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcompiler32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 25256296 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_b72e08a55e6f9fd2\nvcompiler.dll
+ 2012-03-19 14:32 . 2012-03-19 14:32 14745600 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdkmd64.sys
+ 2012-03-19 13:55 . 2012-03-19 13:55 28992000 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdfcl64.dll
+ 2012-03-19 13:43 . 2012-03-19 13:43 23460864 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\igdfcl32.dll
+ 2012-03-19 13:33 . 2012-03-19 13:33 17226240 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig7icd64.dll
+ 2012-03-19 13:23 . 2012-03-19 13:23 13024256 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig7icd32.dll
+ 2012-03-19 13:31 . 2012-03-19 13:31 18137088 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig4icd64.dll
+ 2012-03-19 13:21 . 2012-03-19 13:21 13212672 c:\windows\system32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_2b61513fe1a7b941\ig4icd32.dll
+ 2012-07-27 11:25 . 2012-06-29 03:37 13365608 c:\windows\system32\drivers\nvlddmkm.sys
+ 2012-03-19 14:32 . 2012-03-19 14:32 14745600 c:\windows\system32\drivers\igdkmd64.sys
+ 2011-12-25 22:18 . 2012-07-29 09:59 37286480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2841906299-1500666321-4036413701-1001-12288.dat
+ 2012-06-04 16:05 . 2012-06-04 16:05 34270720 c:\windows\Installer\34a35aa.msi
+ 2012-07-26 21:05 . 2012-07-26 21:05 11384320 c:\windows\Installer\33db44.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SRDownloader"="c:\users\Heno\Desktop\Programy\SRDownloader.exe" [2012-07-14 904192]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
.
c:\users\Heno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2012-5-30 207400]
Intel(R) Turbo Boost Technology Monitor 2.6.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2012-5-30 207400]
Rainmeter.lnk - h:\programy\Rainmeter\Rainmeter.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"DelayedDesktopSwitchTimeout"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2010-05-07 814344]
R3 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 250056]
R3 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
R3 ALSysIO;ALSysIO;c:\users\Heno\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R3 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-01-06 13352]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2007-03-06 16160]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS [x]
R3 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe [2012-05-30 149544]
R3 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R3 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-04-03 117040]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-06-29 30056]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2012-04-24 54728]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 577824]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-24 283200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-04-24 584224]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2012-05-30 16168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-13 30568]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-03-06 58400]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"COMODO Internet Security"="d:\program files (x86)\COMODO\COMODO Internet Security\cfp.exe" [2012-03-13 9569096]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-18 11785832]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"combofix"="c:\combofix\CF13358.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Heno\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{32750BD4-7F18-4A19-AA4E-D9B874D6BD00}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Heno\AppData\Roaming\Mozilla\Firefox\Profiles\ijd79ty7.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-SystemExplorerAutoStart - h:\programy\SystemExplorer\SystemExplorer.exe
AddRemove-RocketDock_is1 - h:\programy\RocketDock\unins000.exe
.
.
"ImagePath"="system32\DRIVERS\btath_flt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AthBtTray.exe pid: 4692 4C: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AthBtTray.exe pid: 5216 4C: C:]
--
"ImagePath"="\??\c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\audiodg.exe pid: 4552 2C: C:]
--
"ImagePath"="\SystemRoot\System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BtvStack.exe pid: 2928 78: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BtvStack.exe pid: 4820 74: C:]
--
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe pid: 3356 28: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe pid: 6652 24: C:]
--
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\csrss.exe pid: 572 48: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\csrss.exe pid: 576 48: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ctfmon.exe pid: 1284 60: C:]
--
"ImagePath"="\"c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 4172 1C4: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 5272 1C4: C:]
--
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe pid: 792 38: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe pid: 820 38: C:]
--
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe pid: 1420 E8: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe pid: 3924 E8: C:]
--
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Skype.exe pid: 3860 1F4: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Skype.exe pid: 7568 1F4: C:]
--
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spoolsv.exe pid: 1576 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spoolsv.exe pid: 1740 34: C:]
--
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 1560 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 1924 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 7836 30: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe pid: 1912 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe pid: 2020 34: C:]
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
.
**************************************************************************
.
Completion time: 2012-07-29 12:09:16 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-29 10:09
ComboFix2.txt 2012-07-26 13:17
.
Pre-Run: 52 399 513 600 bytes free
Post-Run: 52 175 110 144 bytes free
.
- - End Of File - - 0C21621DC1C4650181F11B27D64A9A65

personal compuper · Napísal **personal compuper**: 29.07.2012 12:42

no veď tak si ho stiahni daj na plochu a aplikuj zo sriptom

// pridané po 6 minútach od posledného príspevku

otestuj ešte vo https://www.virustotal.com/
tieto subory
c:\windows\system32\Conficker.exe
c:\windows\system32\data.exe
c:\windows\system32\comp32.exe
vysledky pošli

Spixy · Napísal **Spixy**: 29.07.2012 12:42

vsak hore mas uz ten novy log co sa mi otvoril po restarte

personal compuper · Napísal **personal compuper**: 29.07.2012 12:43

no ved neni aplikovany skript

Spixy · Napísal **Spixy**: 29.07.2012 14:45

personal compuper píše:

otestuj ešte vo https://www.virustotal.com/
tieto subory
c:\windows\system32\Conficker.exe
c:\windows\system32\data.exe
c:\windows\system32\comp32.exe
vysledky pošli

Conficker.exe bol Conficker Removal Tool, ktory som uz vymazal. data.exe a comp32.exe som tam nenasiel.
Neviem ako je to mozne ale po restarte sa Combofix odinstaloval (zmizol C:\combofix\), hned to bude.

// pridané po 1 hodine 42 minútach od posledného príspevku

Hotovo. (Takto som to urobil podla navodu).
-------------------------------------------------------------------------------------------------------

ComboFix 12-07-29.01 - Heno . 07. 2012 13:54:16.6.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.6049.3900 [GMT 2:00]
Running from: c:\users\Heno\Desktop\ComboFix.exe
Command switches used :: c:\users\Heno\Desktop\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
.
FILE ::
"c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Heno\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_audiodg.exe pid: 5528 2C: c:\windows\System32\en-US\audiodg.exe.mui
-------\Service_conhost.exe pid: 5692 24: c:\windows\System32\en-US\conhost.exe.mui
-------\Service_Copyright (C) 1997-2008 Mark Russinovich
-------\Service_csrss.exe pid: 572 48: c:\windows\System32\en-US\csrss.exe.mui
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_Handle v3.42
-------\Service_IAStorDataMgrSvc.exe pid: 3048 1C0: c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
-------\Service_lsm.exe pid: 804 38: c:\windows\System32\en-US\lsm.exe.mui
-------\Service_sidebar.exe pid: 3740 E8: c:\program files\Windows Sidebar\sidebar.exe
-------\Service_SkypeUpdate
-------\Service_spoolsv.exe pid: 1576 34: c:\windows\System32\en-US\spoolsv.exe.mui
-------\Service_Sysinternals - www.sysinternals.com
-------\Service_taskeng.exe pid: 2280 34: c:\windows\System32\en-US\TaskEng.exe.mui
-------\Service_taskhost.exe pid: 2192 34: c:\windows\System32\en-US\taskhost.exe.mui
-------\Service_VCSExpress.exe pid: 6044 810: c:\users\Heno\AppData\Local\Microsoft\VCSExpress\10.0\ProjectAssemblies\rspxexqu01\Speedmeter.exe
-------\Service_VCSExpress.exe pid: 6044 844: c:\users\Heno\AppData\Local\Microsoft\VCSExpress\10.0\ProjectAssemblies\rspxexqu01\Speedmeter.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-29 )))))))))))))))))))))))))))))))
.
.
2012-07-29 12:27 . 2012-07-29 12:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-29 12:27 . 2012-07-29 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-29 09:45 . 2012-07-29 09:59 -------- d-----w- c:\users\Heno\.designer
2012-07-29 09:10 . 2012-07-29 09:10 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-07-27 14:00 . 2012-07-27 14:00 -------- d-----w- c:\users\Heno\AppData\Local\Nokia
2012-07-27 13:59 . 2012-07-29 11:12 -------- d-----w- c:\users\Heno\AppData\Roaming\Nokia
2012-07-27 11:22 . 2012-03-11 00:17 121344 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-07-27 11:22 . 2012-03-11 00:09 86528 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-07-27 10:56 . 2012-07-27 10:56 -------- d-----w- c:\users\Heno\SystemRequirementsLab
2012-07-26 21:03 . 2012-07-26 21:03 -------- d-----w- c:\users\Heno\AppData\Local\Adobe
2012-07-26 14:48 . 2012-07-29 09:27 -------- d-----w- c:\users\Heno\AppData\Local\Google
2012-07-26 10:43 . 2012-07-26 10:43 -------- d-----w- c:\users\Heno\AppData\Local\BMExplorer
2012-07-26 10:41 . 2012-07-26 10:41 -------- d-----w- c:\users\TEMP
2012-07-26 10:40 . 2012-07-26 10:44 -------- d-----w- c:\users\Heno\DoctorWeb
2012-07-26 10:26 . 2012-07-26 10:26 -------- d-----w- c:\users\Heno\AppData\Local\Macromedia
2012-07-23 20:48 . 2009-05-19 19:34 126976 ----a-w- c:\windows\system32\data.exe
2012-07-23 20:48 . 2009-04-26 13:16 40960 ----a-w- c:\windows\system32\comp32.exe
2012-07-20 20:21 . 2012-07-20 20:21 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-07-15 17:04 . 2012-06-05 14:03 224088 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-07-15 17:04 . 2012-06-05 14:03 130904 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-07-12 09:20 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 09:03 . 2012-06-02 12:06 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-07-12 09:03 . 2012-06-02 08:26 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-07-12 09:03 . 2012-06-02 08:27 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-07-12 09:03 . 2012-06-02 12:07 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-07-12 09:03 . 2012-06-02 12:49 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-07-12 09:03 . 2012-06-02 12:17 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-07-10 11:32 . 2012-07-12 09:18 171488 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-07-10 11:30 . 2012-07-10 11:30 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2012-07-10 09:40 . 2012-07-29 12:08 -------- d-----w- c:\users\Heno\AppData\Roaming\codeblocks
2012-07-08 16:59 . 2012-07-08 16:59 16200 ----a-w- c:\windows\stinger.sys
2012-07-08 16:59 . 2012-07-08 18:25 -------- d-----w- c:\program files (x86)\stinger
2012-07-05 17:44 . 2012-07-05 17:46 -------- d-----w- c:\users\Heno\AppData\Roaming\wargaming.net
2012-07-04 14:17 . 2012-07-04 14:17 -------- d-----w- c:\users\Heno\AppData\Local\Realmware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 10:53 . 2012-06-22 11:05 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-27 10:53 . 2011-12-27 17:49 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-26 21:17 . 2012-04-03 06:49 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-26 21:17 . 2011-12-29 11:20 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-24 13:52 . 2011-12-27 17:49 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-12 09:19 . 2011-12-26 12:02 289472 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-07-12 09:05 . 2012-01-08 21:36 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-06-07 08:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-06-07 08:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-06-07 08:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-06-07 08:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-06-07 08:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-06-07 08:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-06-07 08:20 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-06-07 08:20 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2012-06-07 08:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-29 03:37 . 2012-02-21 17:46 969064 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-06-29 03:37 . 2012-02-21 17:46 1758056 ----a-w- c:\windows\system32\nvdispco64.dll
2012-06-29 03:37 . 2012-02-21 17:46 2723688 ----a-w- c:\windows\system32\nvapi64.dll
2012-06-28 23:56 . 2012-06-13 06:49 2667062 ----a-w- c:\windows\system32\nvcoproc.bin
2012-06-28 23:55 . 2012-06-13 06:49 3266408 ----a-w- c:\windows\system32\nvsvc64.dll
2012-06-28 23:55 . 2012-06-13 06:49 6193000 ----a-w- c:\windows\system32\nvcpl.dll
2012-06-28 23:55 . 2012-06-13 06:49 865128 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-06-28 23:55 . 2012-06-13 06:49 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-06-28 23:55 . 2012-06-13 06:49 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-06-28 23:55 . 2012-06-13 06:49 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-06-28 23:55 . 2012-06-13 06:49 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-06-28 23:55 . 2012-06-13 06:49 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-06-22 08:37 . 2011-12-27 17:49 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-06-19 08:30 . 2012-04-20 14:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-06-15 07:13 . 2012-05-05 12:45 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-06-14 07:55 . 2012-04-20 14:20 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-11 18:17 . 2012-06-11 18:17 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-06-11 18:17 . 2012-06-11 18:17 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-06-10 09:27 . 2012-05-05 12:45 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-07 08:15 . 2011-12-25 18:25 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-05 14:03 . 2012-06-05 14:03 166232 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-06-05 14:03 . 2012-06-05 14:03 147288 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-06-05 14:02 . 2012-06-05 14:02 320856 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-06-02 22:19 . 2012-06-21 08:07 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 08:07 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 08:07 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 08:07 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 08:07 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 08:07 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 08:07 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 08:07 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 08:07 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:45 . 2012-07-12 09:02 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-12 09:02 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-30 11:10 . 2010-11-29 22:00 16168 ----a-w- c:\windows\system32\drivers\TurboB.sys
2012-05-24 14:47 . 2012-05-24 14:47 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-05-15 10:48 . 2012-06-13 07:09 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2012-05-15 10:48 . 2012-06-13 07:09 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2012-05-15 10:48 . 2012-02-21 17:46 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-10 07:09 . 2012-04-22 18:21 8107 ----a-w- c:\windows\w7dsd.reg
2012-05-10 07:09 . 2012-04-22 18:21 8089 ----a-w- c:\windows\w7dse.reg
2012-05-09 10:21 . 2012-06-11 13:41 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-05-09 10:21 . 2011-12-26 14:07 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-15 06:25 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-15 06:25 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-15 06:25 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-03 11:57 . 2012-04-22 18:21 275360 ----a-w- c:\windows\system32\DreamScene.dll
2012-05-02 18:10 . 2012-04-22 18:21 275360 ----a-w- c:\windows\system32\DreamScene.dll.9683
2012-05-02 00:46 . 2012-05-02 00:46 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
2012-05-01 05:40 . 2012-06-15 06:25 209920 ----a-w- c:\windows\system32\profsvc.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-29_10.03.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-29 10:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-29 12:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-29 10:03 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-29 12:36 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-29 10:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-29 12:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-07-29 12:37 61618 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-29 12:37 47126 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-25 18:26 . 2012-07-29 12:37 13922 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2841906299-1500666321-4036413701-1001_UserData.bin
- 2012-07-29 10:01 . 2012-07-29 10:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 12:34 . 2012-07-29 12:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-29 12:34 . 2012-07-29 12:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-29 10:01 . 2012-07-29 10:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-07-29 09:59 515704 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-29 12:33 515704 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-05-24 06:06 . 2012-07-29 12:33 1677816 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-05-24 06:06 . 2012-07-29 09:59 1677816 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-12-25 22:18 . 2012-07-29 12:33 37560432 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2841906299-1500666321-4036413701-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SRDownloader"="c:\users\Heno\Desktop\Programy\SRDownloader.exe" [2012-07-14 904192]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
.
c:\users\Heno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2012-5-30 207400]
Intel(R) Turbo Boost Technology Monitor 2.6.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2012-5-30 207400]
Rainmeter.lnk - h:\programy\Rainmeter\Rainmeter.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"DelayedDesktopSwitchTimeout"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-04-24 584224]
R3 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2010-05-07 814344]
R3 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
R3 ALSysIO;ALSysIO;c:\users\Heno\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R3 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-01-06 13352]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2007-03-06 16160]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS [x]
R3 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe [2012-05-30 149544]
R3 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R3 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 24168]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-04-03 117040]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
R4 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-06-29 30056]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2012-04-24 54728]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 577824]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-24 283200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Mouse Driver\KMWDSrv.exe [2009-08-31 1821184]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2012-05-30 16168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-13 30568]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2011-02-25 302592]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2011-02-25 81920]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-03-06 58400]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-06-05 166232]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"COMODO Internet Security"="d:\program files (x86)\COMODO\COMODO Internet Security\cfp.exe" [2012-03-13 9569096]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-18 11785832]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"combofix"="c:\combofix\CF6617.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{32750BD4-7F18-4A19-AA4E-D9B874D6BD00}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Heno\AppData\Roaming\Mozilla\Firefox\Profiles\ijd79ty7.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
"ImagePath"="system32\DRIVERS\btath_flt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AthBtTray.exe pid: 4692 4C: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AthBtTray.exe pid: 5216 4C: C:]
--
"ImagePath"="\??\c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\audiodg.exe pid: 4552 2C: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\audiodg.exe pid: 5528 2C: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\audiodg.exe pid: 6004 2C: C:]
--
"ImagePath"="\SystemRoot\System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BtvStack.exe pid: 2928 78: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BtvStack.exe pid: 4820 74: C:]
--
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe pid: 3356 28: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe pid: 5692 24: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe pid: 5740 24: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\conhost.exe pid: 6652 24: C:]
--
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\csrss.exe pid: 572 48: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\csrss.exe pid: 576 48: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\csrss.exe pid: 580 48: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ctfmon.exe pid: 1284 60: C:]
--
"ImagePath"=""c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 3032 1C0: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 3048 1C0: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 4172 1C4: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IAStorDataMgrSvc.exe pid: 5272 1C4: C:]
--
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe pid: 792 38: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe pid: 804 38: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe pid: 808 38: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lsm.exe pid: 820 38: C:]
--
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe pid: 1420 E8: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe pid: 3740 E8: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe pid: 3924 E8: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sidebar.exe pid: 4592 E8: C:]
--
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Skype.exe pid: 3860 1F4: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Skype.exe pid: 4488 1F0: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Skype.exe pid: 7568 1F4: C:]
--
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spoolsv.exe pid: 1516 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spoolsv.exe pid: 1576 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spoolsv.exe pid: 1740 34: C:]
--
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 1560 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 1916 30: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 1924 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 2280 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 4056 30: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskeng.exe pid: 7836 30: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe pid: 1508 30: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe pid: 1912 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe pid: 2020 34: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\taskhost.exe pid: 2192 34: C:]
--
"ImagePath"="system32\DRIVERS\VBoxUSBMon.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VCSExpress.exe pid: 5808 898: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VCSExpress.exe pid: 5808 920: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VCSExpress.exe pid: 6044 810: C:]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VCSExpress.exe pid: 6044 844: C:]
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2012-07-29 14:41:30 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-29 12:41
ComboFix2.txt 2012-07-29 11:37
ComboFix3.txt 2012-07-29 10:09
ComboFix4.txt 2012-07-26 13:17
.
Pre-Run: 52 112 437 248 bytes free
Post-Run: 52 014 546 944 bytes free
.
- - End Of File - - A0C85F1E3EC560DC830253CD2C97202F

personal compuper · Napísal **personal compuper**: 29.07.2012 15:06

preskenuj pc malwarebitesom pošli log potom

Spixy · Napísal **Spixy**: 29.07.2012 18:23

Kód:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verzia databázy: v2012.07.29.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Heno :: ASUS-X [administrátor]

29. 7. 2012 15:57:58
mbam-log

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 762856
Uplynutý čas: 2 hod, 7 min, 51 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 3
D:\Hry\Codemasters\DiRT 3\paul.dll (PUP.RiskwareTool.CK) -> Žiadna úloha nevykonaná.
D:\Hry\Codemasters\DiRT 3\SKIDROW.dll (Trojan.Downloader.H) -> Žiadna úloha nevykonaná.
D:\Hry\Electronic Arts\Battlefield Bad Company 2\rld-bbc2.exe (RiskWare.Tool.HCK) -> Žiadna úloha nevykonaná.

(koniec)

personal compuper · Napísal **personal compuper**: 29.07.2012 18:42

všetko čo našiel mbam zmaž

// pridané po 1 minúte od posledného príspevku

prekontroluj PC tdskillerom link máš zde http://support.kaspersky.com/faq/?qid=208283363
a ešte prekontroluj PC roguekillerom link máš zde http://www.sur-la-toile.com/RogueKiller/ daj tam kontrolovat zmazat a opravit host

Spixy · Napísal **Spixy**: 29.07.2012 19:27

MBAM

Kód:

-> Pridanie do karantény a zmazanie úspešné.

Tdskiller a Roguekiller nič nenašlo.
Asi kašlem na to, v budúcnosti si niekedy preinštalujem celý Winodws.
Díky aj tak

personal compuper · Napísal **personal compuper**: 29.07.2012 21:02

odinštaluj combofix prečisti PC ccleanerom

Spixy · Napísal **Spixy**: 29.07.2012 23:16

ČISTENIE DOKONČENÉ
Odstránené: 762 MB

personal compuper · Napísal **personal compuper**: 30.07.2012 19:01

odinštaloval si combofix dal si opraviť aj chyby v registroch

kontrola LOGU

Podobné témy