Prosim o kontrolu logu. Vyřešeno

[LightclawSK]

c:\java api\Java SE 1.4.2\guide\serialization\relnotes.html
c:\java api\Java SE 1.4.2\guide\serialization\relnotes14.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\class.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\copyright.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\examples.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\exceptions.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\classa.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\diamond.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\diamond_sm.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\mkdirhier.txt
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\next.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\nextx.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\prev.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\prevx.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\toc.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\tocx.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\triangle.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\images\versiona.gif
c:\java api\Java SE 1.4.2\guide\serialization\spec\input.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\output.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\protocol.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\security.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\serial-arch.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\serialTOC.html
c:\java api\Java SE 1.4.2\guide\serialization\spec\version.html
c:\java api\Java SE 1.4.2\guide\sound\arch_overview.html
c:\java api\Java SE 1.4.2\guide\sound\arch_overview.txt
c:\java api\Java SE 1.4.2\guide\sound\Figures\audioInput.GIF
c:\java api\Java SE 1.4.2\guide\sound\Figures\audioOutput.GIF
c:\java api\Java SE 1.4.2\guide\sound\Figures\lineInterfaces.GIF
c:\java api\Java SE 1.4.2\guide\sound\Figures\midiDevices.gif
c:\java api\Java SE 1.4.2\guide\sound\Figures\typicalAudioArch.gif
c:\java api\Java SE 1.4.2\guide\sound\Figures\typicalMidiArch.gif
c:\java api\Java SE 1.4.2\guide\sound\index.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\appendix1.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\contents.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\devasearch.js
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\help.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\log.txt
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\search.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\searchalt.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\searchresults.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\searchtopframe.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\DevaSearch\style.css
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter1.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter10.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter11.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter12.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter13.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter14.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter15.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter2.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter3.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter4.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter5.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter6.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter7.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter8.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\chapter9.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter1.anc.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter1.anc1.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter1.anc2.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter2.anc.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter2.anc1.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter2.anc2.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\chapter2.anc3.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\javalogo.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\images\MixerInfo-2a.gif
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\index.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\menu_script.js
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\preface.html
c:\java api\Java SE 1.4.2\guide\sound\programmer_guide\styles\style1.css
c:\java api\Java SE 1.4.2\guide\standards\index.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\ActionsChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\BordersChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\I18NChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\InputChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JFileChooserChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JFrameChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JJJChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JMenuChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JSplitPaneChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JTabbedPaneChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JTableChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JToolBarChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\JTreeChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\KeyBindChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\ListenerChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\MDIChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\PerformanceChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\PrintingChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\ScrollingChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\SwingChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.3\TextChanges.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\dnd.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\ftf.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\JLabelDragNDrop.java
c:\java api\Java SE 1.4.2\guide\swing\1.4\keyboard_nav_hiding.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\pb.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\popup.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\Post1.4.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\spinner.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\tabbedPane.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\w2k_bugs.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\w2k_props.html
c:\java api\Java SE 1.4.2\guide\swing\1.4\windows.html
c:\java api\Java SE 1.4.2\guide\swing\index.html
c:\java api\Java SE 1.4.2\guide\swing\SwingChanges.html
c:\java api\Java SE 1.4.2\guide\ui\index.html
c:\java api\Java SE 1.4.2\guide\util\logging\index.html
c:\java api\Java SE 1.4.2\guide\util\logging\logging1.gif
c:\java api\Java SE 1.4.2\guide\util\logging\logging2.gif
c:\java api\Java SE 1.4.2\guide\util\logging\overview.html
c:\java api\Java SE 1.4.2\guide\versioning\index.html
c:\java api\Java SE 1.4.2\guide\versioning\spec\catalog.back
c:\java api\Java SE 1.4.2\guide\versioning\spec\catalog.css
c:\java api\Java SE 1.4.2\guide\versioning\spec\copyright.html
c:\java api\Java SE 1.4.2\guide\versioning\spec\document.back
c:\java api\Java SE 1.4.2\guide\versioning\spec\document.css
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\diamond.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\diamond_sm.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\mkdirhier.txt
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\next.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\nextx.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\prev.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\prevx.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\toc.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\tocx.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\images\triangle.gif
c:\java api\Java SE 1.4.2\guide\versioning\spec\versioning.html
c:\java api\Java SE 1.4.2\guide\versioning\spec\versioning2.html
c:\java api\Java SE 1.4.2\guide\versioning\spec\versioningTOC.html
c:\java api\Java SE 1.4.2\guide\vm\error-example.txt
c:\java api\Java SE 1.4.2\guide\vm\error-handling.html
c:\java api\Java SE 1.4.2\guide\vm\index.html
c:\java api\Java SE 1.4.2\guide\vm\sample-output.html
c:\java api\Java SE 1.4.2\guide\vm\signal-chaining.html
c:\java api\Java SE 1.4.2\guide\xml\index.html
c:\java api\Java SE 1.4.2\guide\xml\jaxp\index.html
c:\java api\Java SE 1.4.2\images\bullet-round-indented.gif
c:\java api\Java SE 1.4.2\images\bullet-round.gif
c:\java api\Java SE 1.4.2\images\bullet.gif
c:\java api\Java SE 1.4.2\images\bullet2.gif
c:\java api\Java SE 1.4.2\images\comingsoon.gif
c:\java api\Java SE 1.4.2\images\cross.gif
c:\java api\Java SE 1.4.2\images\cupHJbutton.gif
c:\java api\Java SE 1.4.2\images\download.arrow.gif
c:\java api\Java SE 1.4.2\images\dt-spinner.gif
c:\java api\Java SE 1.4.2\images\dt-spinners.gif
c:\java api\Java SE 1.4.2\images\emptyImage.gif
c:\java api\Java SE 1.4.2\images\j2se9.2_arch3.gif
c:\java api\Java SE 1.4.2\images\Japanese12B.gif
c:\java api\Java SE 1.4.2\images\javalogo52x88.gif
c:\java api\Java SE 1.4.2\images\jws-dukeonly.gif
c:\java api\Java SE 1.4.2\images\mac-spinner.gif
c:\java api\Java SE 1.4.2\images\metal-spinner.gif
c:\java api\Java SE 1.4.2\images\metaltabs.gif
c:\java api\Java SE 1.4.2\images\openwindows-spinner.gif
c:\java api\Java SE 1.4.2\images\scrolltabs.gif
c:\java api\Java SE 1.4.2\images\smi.logo.gif
c:\java api\Java SE 1.4.2\images\spacer13.gif

[Reklama]

[LightclawSK]

c:\java api\Java SE 1.4.2\images\spacer9.gif
c:\java api\Java SE 1.4.2\images\sunlogo64x30.gif
c:\java api\Java SE 1.4.2\images\windows-spinner.gif
c:\java api\Java SE 1.4.2\images\wintabs.gif
c:\java api\Java SE 1.4.2\images\wintabs0.gif
c:\java api\Java SE 1.4.2\index.html
c:\java api\Java SE 1.4.2\install-notes\disk-space.html
c:\java api\Java SE 1.4.2\relnotes\contacts.html
c:\java api\Java SE 1.4.2\relnotes\demos.html
c:\java api\Java SE 1.4.2\relnotes\devdocs-vs-specs.html
c:\java api\Java SE 1.4.2\relnotes\features.html
c:\java api\Java SE 1.4.2\relnotes\license.html
c:\java api\Java SE 1.4.2\relnotes\prop_rights.html
c:\java api\Java SE 1.4.2\relnotes\SMICopyright.html
c:\java api\Java SE 1.4.2\tooldocs\appletviewertags.html
c:\java api\Java SE 1.4.2\tooldocs\findingclasses.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\allclasses-frame.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\allclasses-noframe.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\ClassDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\ConstructorDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\Doc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\DocErrorReporter.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\Doclet.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\ExecutableMemberDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\FieldDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\MemberDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\MethodDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\PackageDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\Parameter.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\ParamTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\ProgramElementDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\RootDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\SeeTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\SerialFieldTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\SourcePosition.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\Tag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\ThrowsTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\class-use\Type.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\ClassDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\ConstructorDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\Doc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\DocErrorReporter.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\Doclet.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\ExecutableMemberDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\FieldDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\MemberDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\MethodDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\package-frame.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\package-summary.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\package-tree.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\package-use.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\PackageDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\Parameter.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\ParamTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\ProgramElementDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\RootDoc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\SeeTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\SerialFieldTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\SourcePosition.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\Tag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\ThrowsTag.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\com\sun\javadoc\Type.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\constant-values.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\deprecated-list.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\help-doc.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\index-all.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\index.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\overview-tree.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\package-list
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\packages.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\resources\inherit.gif
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\serialized-form.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\doclet\stylesheet.css
c:\java api\Java SE 1.4.2\tooldocs\javadoc\docletapi-62x14.gif
c:\java api\Java SE 1.4.2\tooldocs\javadoc\index.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\javadoctool-email.gif
c:\java api\Java SE 1.4.2\tooldocs\javadoc\overview.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\standard-doclet.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\taglet\com\sun\tools\doclets\Taglet.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\taglet\overview.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\taglet\s.overview-DOUG.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\taglet\stylesheet.css
c:\java api\Java SE 1.4.2\tooldocs\javadoc\taglet\ToDoTaglet.java
c:\java api\Java SE 1.4.2\tooldocs\javadoc\taglet\UnderlineTaglet.java
c:\java api\Java SE 1.4.2\tooldocs\javadoc\whatsnew-1.2.html

[LightclawSK]

c:\java api\Java SE 1.4.2\tooldocs\javadoc\whatsnew-1.3.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\whatsnew-1.4.1.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\whatsnew-1.4.2.html
c:\java api\Java SE 1.4.2\tooldocs\javadoc\whatsnew-1.4.html
c:\java api\Java SE 1.4.2\tooldocs\linux\java.html
c:\java api\Java SE 1.4.2\tooldocs\linux\jdkfiles.html
c:\java api\Java SE 1.4.2\tooldocs\linux\kinit.html
c:\java api\Java SE 1.4.2\tooldocs\linux\klist.html
c:\java api\Java SE 1.4.2\tooldocs\linux\ktab.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\appletviewer.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\classpath.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\extcheck.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\AddEntryBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\AddPermBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\AddPrincipalBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\AddPrincipalPermEntry.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\AddSocketPerm.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\AddX500Principal.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\ptBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sAddEntry1.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sAddEntry2.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sAddEntry3.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sAddFilePerm1.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sAddFilePerm2.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sAddKeystore.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sptOneCB.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sptThreeEntries.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sptThreeEntriesAndFileName.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\images\sptTwoEntries.gif
c:\java api\Java SE 1.4.2\tooldocs\solaris\jar.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\jarsigner.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\java.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\javac.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\javadoc.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\javah.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\javap.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\jdb.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\jdkfiles.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\keytool.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\native2ascii.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\policytool.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\rmic.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\rmid.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\rmiregistry.html
c:\java api\Java SE 1.4.2\tooldocs\solaris\serialver.html
c:\java api\Java SE 1.4.2\tooldocs\tools-changes.html
c:\java api\Java SE 1.4.2\tooldocs\tools.html
c:\java api\Java SE 1.4.2\tooldocs\windows\appletviewer.html
c:\java api\Java SE 1.4.2\tooldocs\windows\classpath.html
c:\java api\Java SE 1.4.2\tooldocs\windows\extcheck.html
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddEntry1.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddEntry2.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddEntry3.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddEntryBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddFilePerm1.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddFilePerm2.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddKeystore.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddPermBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddPrincipalBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddPrincipalPermEntry.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddSocketPerm.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\AddX500Principal.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\ptBlank.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\ptOneCB.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\ptThreeEntries.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\ptThreeEntriesAndFileName.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\images\ptTwoEntries.gif
c:\java api\Java SE 1.4.2\tooldocs\windows\jar.html
c:\java api\Java SE 1.4.2\tooldocs\windows\jarsigner.html
c:\java api\Java SE 1.4.2\tooldocs\windows\java.html
c:\java api\Java SE 1.4.2\tooldocs\windows\javac.html
c:\java api\Java SE 1.4.2\tooldocs\windows\javadoc.html
c:\java api\Java SE 1.4.2\tooldocs\windows\javah.html
c:\java api\Java SE 1.4.2\tooldocs\windows\javap.html
c:\java api\Java SE 1.4.2\tooldocs\windows\jdb.html
c:\java api\Java SE 1.4.2\tooldocs\windows\jdkfiles.html
c:\java api\Java SE 1.4.2\tooldocs\windows\keytool.html
c:\java api\Java SE 1.4.2\tooldocs\windows\kinit.html
c:\java api\Java SE 1.4.2\tooldocs\windows\klist.html
c:\java api\Java SE 1.4.2\tooldocs\windows\ktab.html
c:\java api\Java SE 1.4.2\tooldocs\windows\native2ascii.html
c:\java api\Java SE 1.4.2\tooldocs\windows\policytool.html
c:\java api\Java SE 1.4.2\tooldocs\windows\rmic.html
c:\java api\Java SE 1.4.2\tooldocs\windows\rmid.html
c:\java api\Java SE 1.4.2\tooldocs\windows\rmiregistry.html
c:\java api\Java SE 1.4.2\tooldocs\windows\serialver.html

[LightclawSK]

.
.
((((((((((((((((((((((((( Files Created from 2013-06-17 to 2013-07-17 )))))))))))))))))))))))))))))))
.
.
2013-07-16 19:25 . 2013-07-16 19:25 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Screenshot Studio
2013-07-16 19:23 . 2013-07-16 19:23 -------- d-sh--w- c:\documents and settings\All Users\Application Data\System Restore
2013-07-16 19:23 . 2013-07-16 19:23 -------- d-----w- c:\program files\Screenshot Studio
2013-07-16 19:03 . 2013-07-16 19:03 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\Deployment
2013-07-16 18:45 . 2013-07-16 18:45 -------- d-----w- c:\program files\CPUID
2013-07-16 16:07 . 2013-07-16 16:07 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\OpenCandy
2013-07-16 12:18 . 2013-07-16 12:18 -------- d-----w- c:\windows\ERUNT
2013-07-16 11:11 . 2013-07-16 11:11 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Malwarebytes
2013-07-16 11:10 . 2013-07-16 11:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-07-10 11:42 . 2013-04-17 18:22 23360 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-07-10 11:16 . 2013-07-10 11:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2013-07-10 11:10 . 2013-07-10 11:10 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-07-10 11:10 . 2013-07-10 11:10 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\eSupport.com
2013-07-10 11:08 . 2013-07-10 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Ashampoo
2013-07-10 11:07 . 2013-07-10 11:07 -------- d-----w- c:\program files\Ashampoo
2013-07-10 10:34 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-10 10:34 . 2013-07-10 10:34 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Application Updater
2013-07-10 10:34 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\Lightclaw\AppData
2013-07-10 10:33 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2013-07-10 10:33 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\IObit
2013-07-10 10:33 . 2013-07-10 10:33 -------- d-----w- c:\program files\IObit
2013-07-07 18:57 . 2013-07-07 18:57 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Talkback
2013-07-07 16:54 . 2013-07-07 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\POPWWPROFILES
2013-07-07 16:54 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-07-07 16:54 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-07-07 16:54 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-07-07 16:54 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-07-03 08:41 . 2009-03-18 16:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2013-07-03 08:41 . 2013-07-03 08:41 -------- d-----w- c:\program files\LogMeIn Hamachi
2013-07-02 13:26 . 2013-07-04 07:03 -------- d-----w- c:\program files\Common Files\PC Tools
2013-07-02 10:31 . 2013-07-04 07:02 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-07-02 10:31 . 2013-07-04 07:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2013-07-01 05:32 . 2013-07-01 05:31 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 15:07 . 2013-07-15 06:45 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\LogMeIn Hamachi
2013-06-30 15:06 . 2013-07-17 14:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2013-06-30 09:43 . 2013-06-30 09:43 -------- d-----w- c:\windows\Performance
2013-06-30 09:42 . 2013-06-30 09:42 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\Microsoft Corporation
2013-06-30 09:40 . 2013-06-30 09:40 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2013-06-28 14:46 . 2013-06-28 14:46 -------- d-----w- c:\program files\Alwil Software
2013-06-28 14:25 . 2013-06-28 14:36 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Audacity
2013-06-28 14:24 . 2013-06-28 14:25 -------- d-----w- c:\program files\Audacity
2013-06-27 17:30 . 2013-05-09 08:59 110920 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-06-27 17:30 . 2013-05-09 08:59 102936 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-06-27 17:30 . 2013-05-09 08:59 25696 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-06-27 13:54 . 2013-06-27 13:54 -------- d-----w- c:\program files\Sanny Builder 3
2013-06-27 11:37 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-27 11:37 . 2013-06-28 15:15 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 11:37 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-27 11:37 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-06-27 11:37 . 2013-06-28 15:15 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 11:37 . 2013-06-28 15:15 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 11:37 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-27 11:37 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-27 11:37 . 2011-01-13 07:47 188216 ------w- c:\windows\system32\aswBoot.exe
2013-06-27 11:36 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-27 11:35 . 2013-06-27 11:35 -------- d-----w- c:\program files\AVAST Software
2013-06-27 11:35 . 2013-06-27 11:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2013-06-25 04:05 . 2013-06-25 04:05 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\CRE
2013-06-23 16:17 . 2013-06-23 16:17 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\LolClient
2013-06-23 12:49 . 2013-06-24 14:58 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\GarenaPlus
2013-06-23 12:48 . 2013-06-23 12:49 -------- d-----w- c:\program files\Garena Plus
2013-06-23 12:48 . 2013-06-24 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\GarenaMessenger
2013-06-23 10:20 . 2013-07-08 12:36 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\PMB Files
2013-06-23 10:20 . 2013-07-08 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2013-06-23 10:20 . 2013-06-23 10:20 -------- d-----w- c:\program files\Pando Networks
2013-06-23 10:07 . 2013-06-23 10:07 -------- d-----w- c:\documents and settings\Lightclaw\.swt
2013-06-22 17:58 . 2013-06-23 13:01 -------- d-----w- c:\program files\Warcraft III Frozen Throne eSK
2013-06-19 13:52 . 2013-06-19 13:52 -------- d-----w- c:\program files\MTA San Andreas 1.3
2013-06-19 13:52 . 2013-06-19 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\MTA San Andreas All
2013-06-18 13:58 . 2013-07-07 12:19 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
.
.

[LightclawSK]

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-13 04:53 . 2012-04-13 10:47 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-13 04:53 . 2011-05-25 05:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-01 05:31 . 2009-01-21 09:49 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-01 05:31 . 2013-06-08 15:04 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-01 05:31 . 2010-06-01 05:52 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-16 08:10 . 2013-06-16 08:10 451072 ----a-w- c:\windows\Radeon Omega Drivers v2.6.87 Uninstall.exe
2013-06-16 06:23 . 2013-06-16 06:23 687561 ----a-w- c:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-06-16 05:39 . 2013-06-16 05:39 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2013-06-16 05:39 . 2013-06-16 05:39 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2013-06-12 16:25 . 2013-06-12 16:25 1175371 ----a-w- c:\windows\system32\unins000.exe
2013-06-12 13:18 . 2013-06-12 13:18 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-09 12:35 . 2013-06-09 12:35 2288128 ----a-w- c:\windows\system32\TUKernel.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2000-01-01 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2000-01-01 118784]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2000-01-01 77824]
"AtiPTA"="atiptaxx.exe" [2005-11-23 344064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]
"TSClientAXDisabler"="c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat" [2008-01-18 2247]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"MaxGPOScriptWait"= 28800 (0x7080)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-1343024091-854245398-12201\Scripts\Logon\0\0]
"Script"=mapdrive.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-1343024091-854245398-6733\Scripts\Logon\0\0]
"Script"=logon.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
2013-07-04 07:57 3737424 ----a-w- c:\program files\Ashampoo\Ashampoo Snap 6\ashsnap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-03-14 08:23 3672640 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
2006-08-18 14:58 49152 ----a-w- c:\windows\Domino.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
2013-06-19 03:38 9873200 ----a-w- c:\program files\Garena Plus\GarenaMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-06-28 12:02 2255184 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiRes]
2005-06-07 22:16 54272 ----a-w- c:\program files\MultiRes\MultiRes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-03 14:27 19603048 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2013-06-07 07:01 29378880 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-06-10 13:49 735608 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-05-14 22:22 35328 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Counter-Strike 1.6 Standalone\\launcher.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Garena Plus\\Room\\garena_room.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57922:TCP"= 57922:TCP:Pando Media Booster
"57922:UDP"= 57922:UDP:Pando Media Booster

[LightclawSK]

.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [27.6.2013 13:37 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [27.6.2013 13:37 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.6.2013 13:37 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.6.2013 13:37 369584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12.6.2013 15:18 242240]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [10.7.2013 12:33 574272]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.6.2013 13:37 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [27.6.2013 13:37 66336]
R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2.8.2012 18:30 154624]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.6.2013 14:02 1440080]
R2 OracleFormsServer-Forms60Server;Oracle Forms Server [Forms60Server];c:\orant\bin\ifsrv60.exe -start_service --> c:\orant\bin\ifsrv60.exe -start_service [?]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.6.2013 16:21 162408]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [10.7.2013 13:10 23456]
S3 FairplayKD;FairplayKD;\??\c:\documents and settings\All Users\Application Data\MTA San Andreas All\Common\temp\FairplayKD.sys --> c:\documents and settings\All Users\Application Data\MTA San Andreas All\Common\temp\FairplayKD.sys [?]
S3 GGSAFERDriver;GGSAFER Driver; [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 OracleClientCache80;OracleClientCache80;c:\orant\BIN\ONRSD80.EXE [21.11.2011 11:27 101136]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - BASFND
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 11:29 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 04:53]
.
2013-07-17 c:\windows\Tasks\ASC6_AutoClean.job
- c:\program files\IObit\Advanced SystemCare 6\AutoSweep.exe [2013-07-10 11:25]
.
2013-07-17 c:\windows\Tasks\ASC6_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 6\Monitor.exe [2013-07-10 17:02]
.
2013-07-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-06-27 08:58]
.
2013-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 13:09]
.
2013-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-12 13:09]
.
2013-07-17 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\
FF - prefs.js: browser.startup.homepage - hxxp://rexik.zoznam.sk/
FF - ExtSQL: 2013-06-27 19:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-17 16:15
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'explorer.exe'(2912)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-07-17 16:17:39
ComboFix-quarantined-files.txt 2013-07-17 14:17
.
Pre-Run: 12 342 022 144 bytes free
Post-Run: 12 309 700 608 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=R7O3XV /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=R7O3XV-BAK
.
- - End Of File - - A8C129F724E8DF04E8154918A2F66296
8F558EB6672622401DA993E1E865C861

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Common Files\PC Tools
c:\program files\Common Files\Symantec Shared
c:\documents and settings\All Users\Application Data\Norton
c:\documents and settings\Lightclaw\Local Settings\Application Data\CRE
c:\program files\Spybot - Search & Destroy
c:\program files\Google\Update

DirLook::
c:\documents and settings\All Users\Application Data\System Restore

Driver::
SkypeUpdate
FairplayKD
LgBttPort
lgbusenum
LGVMODEM


Registry::
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[LightclawSK]

log ComboFix

ComboFix 13-07-18.04 - Lightclaw 18.07.2013 21:54:00.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1534.1014 [GMT 2:00]
Running from: c:\documents and settings\Lightclaw\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lightclaw\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Norton
c:\documents and settings\All Users\Application Data\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\documents and settings\Lightclaw\Local Settings\Application Data\CRE
c:\documents and settings\Lightclaw\Local Settings\Application Data\CRE\lpgjmggepafkhenaeknpnjiceakbedpi.crx
c:\program files\Common Files\PC Tools
c:\program files\Common Files\PC Tools\sMonitor\aDSBootTimes.xml
c:\program files\Common Files\Symantec Shared
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.153\goopdate.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.153\psmachine.dll
c:\program files\Google\Update\1.3.21.153\psuser.dll
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.72\28.0.1500.72_28.0.1500.71_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\advcheck.dll
c:\program files\Spybot - Search & Destroy\aports.dll
c:\program files\Spybot - Search & Destroy\blindman.exe
c:\program files\Spybot - Search & Destroy\CXHMUPDCDKIH.scr
c:\program files\Spybot - Search & Destroy\Default configuration.ini
c:\program files\Spybot - Search & Destroy\DelZip179.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.dap.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.data.xml
c:\program files\Spybot - Search & Destroy\Dummies\dummy.default.gif
c:\program files\Spybot - Search & Destroy\Dummies\dummy.related.htm
c:\program files\Spybot - Search & Destroy\EGIUWZKWDKGJPSN.scr
c:\program files\Spybot - Search & Destroy\FBPLFX.scr
c:\program files\Spybot - Search & Destroy\Help\Brasil.license.txt
c:\program files\Spybot - Search & Destroy\Help\Cesky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Deutsch.license.txt
c:\program files\Spybot - Search & Destroy\Help\English.chm
c:\program files\Spybot - Search & Destroy\Help\English.license.txt
c:\program files\Spybot - Search & Destroy\Help\Espanol.license.txt
c:\program files\Spybot - Search & Destroy\Help\Francais.license.txt
c:\program files\Spybot - Search & Destroy\Help\Hellenic.license.txt
c:\program files\Spybot - Search & Destroy\Help\Italiano.license.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
c:\program files\Spybot - Search & Destroy\Help\Japanese.license.txt
c:\program files\Spybot - Search & Destroy\Help\Korean.license.txt
c:\program files\Spybot - Search & Destroy\Help\Nederlands.license.txt
c:\program files\Spybot - Search & Destroy\Help\Polski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Russkiy.license.txt
c:\program files\Spybot - Search & Destroy\Help\Slovensky.license.txt
c:\program files\Spybot - Search & Destroy\Help\Srpski.license.txt
c:\program files\Spybot - Search & Destroy\Help\Suomi.license.txt
c:\program files\Spybot - Search & Destroy\Includes\Adware.sbi
c:\program files\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\program files\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\program files\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\program files\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Domains.sbs
c:\program files\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\program files\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\program files\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\iPhone.sbi
c:\program files\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\program files\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Logs.uts
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbi
c:\program files\Spybot - Search & Destroy\Includes\LSP.sbs
c:\program files\Spybot - Search & Destroy\Includes\Malware.sbi
c:\program files\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\program files\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\program files\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\program files\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\program files\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbi
c:\program files\Spybot - Search & Destroy\Includes\Revision.sbs
c:\program files\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\program files\Spybot - Search & Destroy\Includes\Security.sbi
c:\program files\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Services.sbs
c:\program files\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\program files\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\program files\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\program files\Spybot - Search & Destroy\Includes\Targets.nfo
c:\program files\Spybot - Search & Destroy\Includes\Tracks.uti
c:\program files\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-02.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-03.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-04.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC-05.sbi
c:\program files\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\program files\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\program files\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\program files\Spybot - Search & Destroy\Includes\X509White.sbs
c:\program files\Spybot - Search & Destroy\is-59T8J.tmp
c:\program files\Spybot - Search & Destroy\JYNSIJZZCL.scr
c:\program files\Spybot - Search & Destroy\Languages\Afrikaans.sbl
c:\program files\Spybot - Search & Destroy\Languages\Arabic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Azeri.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
c:\program files\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bosanski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Brasil.sbl
c:\program files\Spybot - Search & Destroy\Languages\Bulgarski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Catalan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Dansk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Deutsch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Eesti.sbl
c:\program files\Spybot - Search & Destroy\Languages\English.sbl
c:\program files\Spybot - Search & Destroy\Languages\Espanol.sbl
c:\program files\Spybot - Search & Destroy\Languages\Esperanto.sbl
c:\program files\Spybot - Search & Destroy\Languages\Euskera.sbl
c:\program files\Spybot - Search & Destroy\Languages\Farsi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Francais.sbl
c:\program files\Spybot - Search & Destroy\Languages\Furlan.sbl
c:\program files\Spybot - Search & Destroy\Languages\Galego.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hebrew.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hellenic.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hindi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Hrvatski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl
c:\program files\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl
c:\program files\Spybot - Search & Destroy\Languages\Islenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Italiano.sbl
c:\program files\Spybot - Search & Destroy\Languages\Japanese.sbl
c:\program files\Spybot - Search & Destroy\Languages\Korean.sbl
c:\program files\Spybot - Search & Destroy\Languages\Latvian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl
c:\program files\Spybot - Search & Destroy\Languages\Lietuviu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Magyar.sbl
c:\program files\Spybot - Search & Destroy\Languages\Makedonski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Melayu.sbl
c:\program files\Spybot - Search & Destroy\Languages\Nederlands.sbl
c:\program files\Spybot - Search & Destroy\Languages\Norsk.sbl
c:\program files\Spybot - Search & Destroy\Languages\Polski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Portugues.sbl
c:\program files\Spybot - Search & Destroy\Languages\Romaneste.sbl
c:\program files\Spybot - Search & Destroy\Languages\Russkiy.sbl
c:\program files\Spybot - Search & Destroy\Languages\Shqip.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovenscina.sbl
c:\program files\Spybot - Search & Destroy\Languages\Slovensky.sbl
c:\program files\Spybot - Search & Destroy\Languages\Srpski.sbl
c:\program files\Spybot - Search & Destroy\Languages\Suomi.sbl
c:\program files\Spybot - Search & Destroy\Languages\Svenska.sbl
c:\program files\Spybot - Search & Destroy\Languages\Thai.sbl
c:\program files\Spybot - Search & Destroy\Languages\Turkce.sbl
c:\program files\Spybot - Search & Destroy\Languages\Ukrainian.sbl
c:\program files\Spybot - Search & Destroy\Languages\Uzbek.sbl
c:\program files\Spybot - Search & Destroy\messages.zres
c:\program files\Spybot - Search & Destroy\OptOut.ini
c:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\program files\Spybot - Search & Destroy\SDFiles.exe
c:\program files\Spybot - Search & Destroy\SDHelper.dll
c:\program files\Spybot - Search & Destroy\SDMain.exe
c:\program files\Spybot - Search & Destroy\SDShred.exe
c:\program files\Spybot - Search & Destroy\SDUpdate.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Spybot - Search & Destroy\Skins\Colorblind.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.ini
c:\program files\Spybot - Search & Destroy\Skins\Italia.jpg
c:\program files\Spybot - Search & Destroy\Skins\Peace.ini
c:\program files\Spybot - Search & Destroy\Skins\Peace.jpg
c:\program files\Spybot - Search & Destroy\SpybotSD.exe
c:\program files\Spybot - Search & Destroy\sqlite3.dll
c:\program files\Spybot - Search & Destroy\TeaTimer.exe
c:\program files\Spybot - Search & Destroy\Tools.dll
c:\program files\Spybot - Search & Destroy\UGHNAZBOTPEYRMZ.scr
c:\program files\Spybot - Search & Destroy\unins000.dat
c:\program files\Spybot - Search & Destroy\unins000.exe
c:\program files\Spybot - Search & Destroy\unins000.msg
c:\program files\Spybot - Search & Destroy\UninsSrv.dll
c:\program files\Spybot - Search & Destroy\Update.exe
c:\program files\Spybot - Search & Destroy\Updates\downloaded.ini
c:\program files\Spybot - Search & Destroy\WKWQYIJKYHPUL.scr
c:\program files\Spybot - Search & Destroy\XDZCBQBPYT.scr
c:\program files\Spybot - Search & Destroy\XETZIIWQJJ.scr
.
.

[LightclawSK]

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FAIRPLAYKD
-------\Legacy_SKYPEUPDATE
-------\Service_FairplayKD
-------\Service_LgBttPort
-------\Service_lgbusenum
-------\Service_LGVMODEM
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2013-06-18 to 2013-07-18 )))))))))))))))))))))))))))))))
.
.
2013-07-16 19:25 . 2013-07-16 19:25 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Screenshot Studio
2013-07-16 19:23 . 2013-07-16 19:23 -------- d-sh--w- c:\documents and settings\All Users\Application Data\System Restore
2013-07-16 19:23 . 2013-07-16 19:23 -------- d-----w- c:\program files\Screenshot Studio
2013-07-16 19:03 . 2013-07-16 19:03 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\Deployment
2013-07-16 18:45 . 2013-07-16 18:45 -------- d-----w- c:\program files\CPUID
2013-07-16 16:07 . 2013-07-16 16:07 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\OpenCandy
2013-07-16 12:18 . 2013-07-16 12:18 -------- d-----w- c:\windows\ERUNT
2013-07-16 11:11 . 2013-07-16 11:11 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Malwarebytes
2013-07-16 11:10 . 2013-07-16 11:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-07-10 11:42 . 2013-04-17 18:22 23360 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-07-10 11:16 . 2013-07-10 11:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\IObit
2013-07-10 11:10 . 2013-07-10 11:10 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-07-10 11:10 . 2013-07-10 11:10 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\eSupport.com
2013-07-10 11:08 . 2013-07-10 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Ashampoo
2013-07-10 11:07 . 2013-07-10 11:07 -------- d-----w- c:\program files\Ashampoo
2013-07-10 10:34 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-10 10:34 . 2013-07-10 10:34 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Application Updater
2013-07-10 10:34 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\Lightclaw\AppData
2013-07-10 10:33 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2013-07-10 10:33 . 2013-07-10 10:34 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\IObit
2013-07-10 10:33 . 2013-07-10 10:33 -------- d-----w- c:\program files\IObit
2013-07-07 18:57 . 2013-07-07 18:57 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Talkback
2013-07-07 16:54 . 2013-07-07 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\POPWWPROFILES
2013-07-07 16:54 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-07-07 16:54 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-07-07 16:54 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-07-07 16:54 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-07-03 08:41 . 2009-03-18 16:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2013-07-03 08:41 . 2013-07-03 08:41 -------- d-----w- c:\program files\LogMeIn Hamachi
2013-07-02 10:31 . 2013-07-02 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2013-07-01 05:32 . 2013-07-01 05:31 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 15:07 . 2013-07-15 06:45 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\LogMeIn Hamachi
2013-06-30 15:06 . 2013-07-18 20:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2013-06-30 09:43 . 2013-06-30 09:43 -------- d-----w- c:\windows\Performance
2013-06-30 09:42 . 2013-06-30 09:42 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\Microsoft Corporation
2013-06-30 09:40 . 2013-06-30 09:40 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2013-06-28 14:46 . 2013-06-28 14:46 -------- d-----w- c:\program files\Alwil Software
2013-06-28 14:25 . 2013-06-28 14:36 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\Audacity
2013-06-28 14:24 . 2013-06-28 14:25 -------- d-----w- c:\program files\Audacity
2013-06-27 17:30 . 2013-05-09 08:59 110920 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-06-27 17:30 . 2013-05-09 08:59 102936 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-06-27 17:30 . 2013-05-09 08:59 25696 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-06-27 13:54 . 2013-06-27 13:54 -------- d-----w- c:\program files\Sanny Builder 3
2013-06-27 11:37 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-27 11:37 . 2013-06-28 15:15 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 11:37 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-27 11:37 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-06-27 11:37 . 2013-06-28 15:15 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 11:37 . 2013-06-28 15:15 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 11:37 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-27 11:37 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-27 11:37 . 2011-01-13 07:47 188216 ------w- c:\windows\system32\aswBoot.exe
2013-06-27 11:36 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-27 11:35 . 2013-06-27 11:35 -------- d-----w- c:\program files\AVAST Software
2013-06-27 11:35 . 2013-06-27 11:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2013-06-23 16:17 . 2013-06-23 16:17 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\LolClient
2013-06-23 12:49 . 2013-06-24 14:58 -------- d-----w- c:\documents and settings\Lightclaw\Application Data\GarenaPlus
2013-06-23 12:48 . 2013-06-23 12:49 -------- d-----w- c:\program files\Garena Plus
2013-06-23 12:48 . 2013-06-24 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\GarenaMessenger
2013-06-23 10:20 . 2013-07-08 12:36 -------- d-----w- c:\documents and settings\Lightclaw\Local Settings\Application Data\PMB Files
2013-06-23 10:20 . 2013-07-08 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2013-06-23 10:20 . 2013-06-23 10:20 -------- d-----w- c:\program files\Pando Networks
2013-06-23 10:07 . 2013-06-23 10:07 -------- d-----w- c:\documents and settings\Lightclaw\.swt
2013-06-22 17:58 . 2013-06-23 13:01 -------- d-----w- c:\program files\Warcraft III Frozen Throne eSK
2013-06-19 13:52 . 2013-06-19 13:52 -------- d-----w- c:\program files\MTA San Andreas 1.3
2013-06-19 13:52 . 2013-06-19 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\MTA San Andreas All
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-13 04:53 . 2012-04-13 10:47 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-13 04:53 . 2011-05-25 05:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-07 12:19 . 2013-06-18 13:58 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-07-01 05:31 . 2009-01-21 09:49 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-01 05:31 . 2013-06-08 15:04 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-01 05:31 . 2010-06-01 05:52 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-16 08:10 . 2013-06-16 08:10 451072 ----a-w- c:\windows\Radeon Omega Drivers v2.6.87 Uninstall.exe
2013-06-16 06:23 . 2013-06-16 06:23 687561 ----a-w- c:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-06-16 05:39 . 2013-06-16 05:39 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2013-06-16 05:39 . 2013-06-16 05:39 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2013-06-12 16:25 . 2013-06-12 16:25 1175371 ----a-w- c:\windows\system32\unins000.exe
2013-06-12 13:18 . 2013-06-12 13:18 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-09 12:35 . 2013-06-09 12:35 2288128 ----a-w- c:\windows\system32\TUKernel.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users\Application Data\System Restore ----
.
2013-07-09 19:23 . 2013-07-09 19:23 16 --sha-w- c:\documents and settings\All Users\Application Data\System Restore\DefaultStore_xxS.bin
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2000-01-01 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2000-01-01 118784]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2000-01-01 77824]
"AtiPTA"="atiptaxx.exe" [2005-11-23 344064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]
"TSClientAXDisabler"="c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat" [2008-01-18 2247]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"MaxGPOScriptWait"= 28800 (0x7080)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-1343024091-854245398-12201\Scripts\Logon\0\0]
"Script"=mapdrive.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1390067357-1343024091-854245398-6733\Scripts\Logon\0\0]
"Script"=logon.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AshSnap]
2013-07-04 07:57 3737424 ----a-w- c:\program files\Ashampoo\Ashampoo Snap 6\ashsnap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-03-14 08:23 3672640 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Domino]
2006-08-18 14:58 49152 ----a-w- c:\windows\Domino.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
2013-06-19 03:38 9873200 ----a-w- c:\program files\Garena Plus\GarenaMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-06-28 12:02 2255184 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiRes]
2005-06-07 22:16 54272 ----a-w- c:\program files\MultiRes\MultiRes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-03 14:27 19603048 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2013-06-07 07:01 29378880 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-06-10 13:49 735608 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-05-14 22:22 35328 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Counter-Strike 1.6 Standalone\\launcher.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Garena Plus\\Room\\garena_room.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57922:TCP"= 57922:TCP:Pando Media Booster
"57922:UDP"= 57922:UDP:Pando Media Booster
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [27.6.2013 13:37 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [27.6.2013 13:37 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.6.2013 13:37 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.6.2013 13:37 369584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12.6.2013 15:18 242240]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [10.7.2013 12:33 574272]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.6.2013 13:37 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [27.6.2013 13:37 66336]
R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2.8.2012 18:30 154624]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.6.2013 14:02 1440080]
R2 OracleFormsServer-Forms60Server;Oracle Forms Server [Forms60Server];c:\orant\bin\ifsrv60.exe -start_service --> c:\orant\bin\ifsrv60.exe -start_service [?]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [10.7.2013 13:10 23456]
S3 GGSAFERDriver;GGSAFER Driver; [x]
S3 OracleClientCache80;OracleClientCache80;c:\orant\BIN\ONRSD80.EXE [21.11.2011 11:27 101136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 11:29 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 04:53]
.
2013-07-18 c:\windows\Tasks\ASC6_AutoClean.job
- c:\program files\IObit\Advanced SystemCare 6\AutoSweep.exe [2013-07-10 11:25]
.
2013-07-18 c:\windows\Tasks\ASC6_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 6\Monitor.exe [2013-07-10 17:02]
.
2013-07-18 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-06-27 08:58]
.
2013-07-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Lightclaw\Application Data\Mozilla\Firefox\Profiles\kq3d9ct0.default\
FF - prefs.js: browser.startup.homepage - hxxp://rexik.zoznam.sk/
FF - ExtSQL: 2013-06-27 19:30; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 - c:\program files\Spybot - Search & Destroy\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-18 22:10
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(920)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3072)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\orant\bin\ifsrv60.exe
c:\orant\bin\ifweb60.exe
c:\windows\system32\Ati2evxx.exe
.
**************************************************************************
.
Completion time: 2013-07-18 22:14:03 - machine was rebooted
ComboFix-quarantined-files.txt 2013-07-18 20:14
ComboFix2.txt 2013-07-17 14:17
.
Pre-Run: 10 988 036 096 bytes free
Post-Run: 11 551 203 328 bytes free
.
- - End Of File - - 421EF97AFE94228AD640D650372389EE
8F558EB6672622401DA993E1E865C861

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?

[LightclawSK]

Prikladam log z HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:36:17, on 18.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\orant\bin\ifsrv60.exe
C:\WINDOWS\System32\svchost.exe
C:\orant\bin\ifweb60.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lightclaw\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = softec.sk
O17 - HKLM\Software\..\Telephony: DomainName = softec.sk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = softec.sk
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OracleClientCache80 - Unknown owner - C:\orant\BIN\ONRSD80.EXE
O23 - Service: Oracle Forms Server [Forms60Server] (OracleFormsServer-Forms60Server) - Oracle Corporation - C:\orant\bin\ifsrv60.exe

--
End of file - 8314 bytes

[LightclawSK]

Tu je log z aswMBR

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-18 22:18:55
-----------------------------
22:18:55.125 OS Version: Windows 5.1.2600 Service Pack 3
22:18:55.125 Number of processors: 2 586 0x401
22:18:55.125 ComputerName: CHARGER UserName:
22:18:55.734 Initialize success
22:18:55.968 AVAST engine defs: 13071803
22:19:29.187 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-c
22:19:29.187 Disk 0 Vendor: MAXTOR_STM3250820A 3.AAE Size: 238475MB BusType: 3
22:19:29.187 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-17
22:19:29.187 Disk 1 Vendor: ST380013AS 8.12 Size: 76293MB BusType: 3
22:19:29.281 Disk 1 MBR read successfully
22:19:29.281 Disk 1 MBR scan
22:19:29.281 Disk 1 Windows XP default MBR code
22:19:29.281 Disk 1 Partition 1 00 DE Dell Utility Dell 4.1 54 MB offset 63
22:19:29.296 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76230 MB offset 112455
22:19:29.328 Disk 1 scanning sectors +156232125
22:19:29.375 Disk 1 scanning C:\WINDOWS\system32\drivers
22:19:37.531 Service scanning
22:19:47.984 Modules scanning
22:19:52.593 Disk 1 trace - called modules:
22:19:52.640 TUKERNEL.EXE CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:19:52.640 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8a2c7ab8]
22:19:52.640 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8a2deb00]
22:19:53.125 AVAST engine scan C:\WINDOWS
22:19:58.421 AVAST engine scan C:\WINDOWS\system32
22:22:06.859 AVAST engine scan C:\WINDOWS\system32\drivers
22:22:21.500 AVAST engine scan C:\Documents and Settings\Lightclaw
22:25:54.890 AVAST engine scan C:\Documents and Settings\All Users
22:26:34.578 Scan finished successfully
22:32:37.843 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Lightclaw\Desktop\MBR.dat"
22:32:37.843 The log file has been saved successfully to "C:\Documents and Settings\Lightclaw\Desktop\aswMBR.txt"