ComboFix 13-01-22.01 - nexter . 01. 2013 20:22:24.2.3 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3830.1532 [GMT 1:00]
Running from: c:\users\nexter\Desktop\ComboFix.exe
Command switches used :: c:\users\nexter\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\HPCeeScheduleFornexter.job"
"c:\windows\TEMP\cpuz135\cpuz135_x64.sys"
"c:\windows\TEMP\cpuz136\cpuz136_x64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\log.txt
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod043C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod074D.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod09D3.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod10E1.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2375.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod263D.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod34C4.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod386D.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod38B0.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3A1C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod439D.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod440E.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5271.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod53D8.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5492.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5687.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod61A6.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6E2C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7596.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod77CC.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod78A7.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7D68.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7F1C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7F47.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7FDC.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em001_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em003_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em004_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em005_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll
c:\program files (x86)\SaveByClick
c:\program files (x86)\SaveByClick\sprotector.dll
c:\program files (x86)\SaveByClick\uninstall.exe
c:\program files (x86)\Spybot - Search & Destroy
c:\program files (x86)\Spybot - Search & Destroy\advcheck.dll
c:\program files (x86)\Spybot - Search & Destroy\Help\Slovensky.Resident.chm
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\programdata\SaveByclick
c:\programdata\SaveByclick\50f7bbf966b87.dll
c:\programdata\SaveByclick\50f7bbf966b87.tlb
c:\programdata\SaveByclick\settings.ini
c:\programdata\SaveByclick\uninstall.exe
c:\programdata\Spybot - Search & Destroy
c:\programdata\Spybot - Search & Destroy\Logs\Resident.log
c:\programdata\Spybot - Search & Destroy\ProcCache.sbc
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar10.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar100.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar11.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar12.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar13.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar14.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar15.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar16.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar17.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar18.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar19.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar20.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar21.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar22.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar23.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar24.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar25.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar26.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar27.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar28.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar29.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar30.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar31.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar32.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar33.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar34.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar35.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar36.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar37.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar38.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar39.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar40.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar41.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar42.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar43.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar44.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar45.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar46.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar47.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar48.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar49.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar50.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar51.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar52.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar53.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar54.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar55.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar56.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar57.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar58.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar59.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar60.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar61.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar62.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar63.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar64.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar65.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar66.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar67.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar68.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar69.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar7.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar71.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar72.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar73.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar74.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar75.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar76.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar77.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar78.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar79.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar8.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar80.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar81.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar82.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar83.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar84.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar85.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar86.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar87.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar88.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar89.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar9.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar90.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar91.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar92.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar93.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar94.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar95.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar96.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar97.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar98.zip
c:\programdata\Spybot - Search & Destroy\Recovery\BabylonToolbar99.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger10.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger11.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger12.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger13.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger7.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger8.zip
c:\programdata\Spybot - Search & Destroy\Recovery\FacebookMessenger9.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\iCrossRider6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\IWantThis.zip
c:\programdata\Spybot - Search & Destroy\Recovery\IWantThis1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\IWantThis2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\Overview.ini
c:\programdata\Spybot - Search & Destroy\Recovery\PCPerformer.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar10.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar11.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar12.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar13.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar14.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar15.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar16.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar17.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar18.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar19.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar20.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar21.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar22.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar23.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar24.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar25.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar26.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar27.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar28.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar29.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar30.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar31.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar32.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar33.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar34.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar35.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar36.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar37.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar38.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar39.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar40.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar41.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar7.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar8.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WidgiToolbar9.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinUrFacebho.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinUrFacebho1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinUrFacebho2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage10.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage11.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage12.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage13.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage14.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage15.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage16.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage17.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage18.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage19.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage20.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage21.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage22.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage23.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage24.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage25.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage26.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage27.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage7.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage8.zip
c:\programdata\Spybot - Search & Destroy\Recovery\YontooPagerage9.zip
C:\Thumbs.db
c:\users\nexter\AppData\Local\Temp\_MEI40762\_ctypes.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\_elementtree.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\_hashlib.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\_socket.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\_ssl.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\pyexpat.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\pysqlite2._sqlite.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\python26.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\pythoncom26.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\PyWinTypes26.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\select.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\unicodedata.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32api.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32com.shell.shell.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32crypt.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32event.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32file.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32inet.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32pdh.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32process.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32profile.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32security.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\win32ts.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\windows._cacheinvalidation.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._controls_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._core_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._gdi_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._html2.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._misc_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._windows_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wx._wizard.pyd
c:\users\nexter\AppData\Local\Temp\_MEI40762\wxbase293u_net_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\wxbase293u_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\wxmsw293u_adv_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\wxmsw293u_core_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\wxmsw293u_html_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI40762\wxmsw293u_webview_vc.dll
c:\users\nexter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\muzapp.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleFornexter.job
c:\windows\wininit.ini
.
---- Previous Run -------
.
c:\users\nexter\AppData\Local\Temp\_MEI42082\_ctypes.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\_elementtree.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\_hashlib.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\_socket.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\_ssl.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\pyexpat.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\pysqlite2._sqlite.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\python26.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\pythoncom26.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\PyWinTypes26.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\select.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\unicodedata.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32api.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32com.shell.shell.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32crypt.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32event.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32file.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32inet.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32pdh.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32process.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32profile.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32security.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\win32ts.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\windows._cacheinvalidation.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._controls_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._core_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._gdi_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._html2.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._misc_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._windows_.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wx._wizard.pyd
c:\users\nexter\AppData\Local\Temp\_MEI42082\wxbase293u_net_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\wxbase293u_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\wxmsw293u_adv_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\wxmsw293u_core_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\wxmsw293u_html_vc.dll
c:\users\nexter\AppData\Local\Temp\_MEI42082\wxmsw293u_webview_vc.dll
c:\windows\SysWow64\pt\DPCont32.dll.mui
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ135
-------\Legacy_CPUZ136
-------\Service_cpuz135
-------\Service_cpuz136
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2012-12-22 to 2013-01-22 )))))))))))))))))))))))))))))))
.
.
2013-01-22 14:19 . 2013-01-22 14:19 -------- d-----w- c:\users\nexter\AppData\Roaming\Roxio Log Files
2013-01-22 14:16 . 2013-01-22 14:16 -------- d-----w- c:\programdata\PDF Architect
2013-01-22 13:26 . 2013-01-22 13:26 -------- d-----w- c:\program files\trend micro
2013-01-22 13:26 . 2013-01-22 13:27 -------- d-----w- C:\rsit
2013-01-22 10:58 . 2013-01-22 10:58 388096 ----a-r- c:\users\nexter\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-22 10:14 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B5FF14EC-2A3F-4781-9A55-3C9DC6C1B132}\mpengine.dll
2013-01-21 06:16 . 2013-01-21 06:16 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-01-17 08:45 . 2013-01-17 08:45 -------- d-----w- c:\users\nexter\AppData\Roaming\PDF Architect
2013-01-17 08:32 . 2013-01-17 08:32 -------- d-----w- c:\programdata\Cloud Software LTD
2013-01-17 08:29 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2013-01-17 08:29 . 2013-01-11 10:39 103936 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-17 08:29 . 2013-01-17 08:29 -------- d-----w- c:\program files (x86)\PDFCreator
2013-01-17 08:29 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2013-01-14 07:05 . 2013-01-14 07:05 -------- d-----w- c:\users\nexter\AppData\Local\Programs
2013-01-09 18:00 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 18:00 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 17:58 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 17:57 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 17:57 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 08:47 . 2013-01-04 08:47 -------- d-----w- c:\users\nexter\AppData\Local\Finančné_riaditeľstvo_SR_-_Sekcia_daňová
2013-01-03 13:57 . 2013-01-22 19:18 -------- d-s---w- c:\users\nexter\Disk Google
2012-12-27 06:19 . 2012-12-27 06:19 -------- d-----w- c:\program files\Soluto
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 21:11 . 2011-04-26 06:45 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 11:04 . 2012-05-01 11:12 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 11:04 . 2011-08-23 05:57 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-22 19:22 . 2012-12-22 19:22 25616 ----a-w- c:\windows\system32\drivers\bizVSerialNT.sys
2012-12-20 18:19 . 2011-10-21 06:42 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys
2012-12-16 17:11 . 2012-12-23 16:10 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 16:10 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:10 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 16:10 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 17:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 20:13 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 20:13 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 20:14 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 20:14 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 20:13 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 20:14 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 20:14 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 20:13 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 20:13 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 20:13 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 20:14 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 20:13 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 20:13 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 20:14 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 20:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 20:14 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 20:13 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 20:14 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 20:13 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 20:14 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 20:14 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 20:14 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 06:37 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 06:37 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 05:59 . 2012-12-12 06:35 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 06:35 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-31 16:05 . 2012-10-31 16:05 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2012-10-31 16:05 . 2012-10-31 16:05 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2012-10-31 16:05 . 2012-10-31 16:05 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2012-10-31 16:05 . 2012-10-31 16:05 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2012-10-31 16:05 . 2012-10-31 16:05 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2012-10-30 22:51 . 2011-04-22 10:13 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-04-22 10:13 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-04-22 10:13 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-04-22 10:13 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-04-22 10:13 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-04-22 10:12 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-04-22 10:12 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2011-04-22 10:13 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2010-01-19 11266048]
"estar"="c:\system.sav\Util\HideDOS.EXE" [2006-11-28 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2010-02-24 1160480]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-04-05 103992]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [2010-04-14 45736]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [2012-07-02 218624]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-07-02 117248]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2012-07-02 421376]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-12-07 362040]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-22 1436424]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-10-24 30192]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 RTCore64;RTCore64;c:\users\nexter\Desktop\rmclock_235_bin\RTCore64.sys [x]
R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe [2012-12-20 1246344]
R3 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-23 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2012-12-20 54728]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-04-22 834544]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2010-01-26 44576]
S1 RsvLock;RsvLock; [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-03-17 36864]
S2 HPDayStarterService;HP DayStarter Service;c:\program files (x86)\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-03-25 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-01-19 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-07-06 1698360]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2010-11-16 339456]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 1052328]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-03-23 87040]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [2009-10-28 79360]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [2009-12-11 55808]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe [2012-12-20 183432]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-12-20 542344]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 35104]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-02-02 704512]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-07-02 86016]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2010-01-30 05:46 89344]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-01-08 395776]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-15 12:42 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-04-05 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 196648]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 483880]
"CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE" [2009-04-22 116128]
"lxecmon.exe"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe" [2011-01-23 770728]
"EzPrint"="c:\program files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" [2011-01-23 148280]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-07 2174760]
"Soluto"="c:\program files\soluto\soluto.exe" [2012-12-20 1229448]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mDefault_Page_URL =
hxxp://www.bing.commStart Page =
hxxp://www.bing.comIE: Download with &Media Finder
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~2\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~2\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~2\PCTRAN~1\webie.dll
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - ProfilePath - c:\users\nexter\AppData\Roaming\Mozilla\Firefox\Profiles\11kw2nld.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage -
www.google.skFF - ExtSQL: 2013-01-17 09:53;
50f7bbf9669f7@50f7bbf966a2f.com; c:\users\nexter\AppData\Roaming\Mozilla\Firefox\Profiles\11kw2nld.default\extensions\50f7bbf9669f7@50f7bbf966a2f.com
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{90283CE0-6C4B-1EF0-5248-B5DD24CA3850} - c:\programdata\SaveByclick\50f7bbf966b87.dll
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-SP_661c9f97 - c:\program files (x86)\SaveByClick\uninstall.exe
AddRemove-{26B5A6D1-1F75-3B59-5825-E4D4CAE3445D} - c:\programdata\SaveByclick\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
c:\windows\system32\spool\DRIVERS\x64\3\CNABBSWK.EXE
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
.
**************************************************************************
.
Completion time: 2013-01-22 20:44:42 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-22 19:44
.
Pre-Run: 127 959 142 400 bytes free
Post-Run: 127 402 135 552 bytes free
.
- - End Of File - - CDB135A6E88B70DEB485C0C695CAC6A1
