facebook vir

[marlow]

tady je link na log z RSIT: http://www.ulozto.cz/9803012/log-txt
vir mi zablokoval antivir, někdy musím kolikrát restartovat PC kvůli internetu a vypíná se každých 10-30 minut kde se nějdřív pustí automaticky v nouzovém režimu a po minutě se zase sám restartuje a pustí se teprv běžným způsobem. Prosím o radu.
Děkuji

[vyosek]

Zdravim a pekny den preji

Ja si sem log pro prehlednost vlozim


Logfile of random's system information tool 1.09 (written by random/random)
Run by Minh at 2011-07-27 14:56:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 238 GB (78%) free of 305 GB
Total RAM: 1976 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:22, on 27.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\update.tray-7-0\svchost.exe
C:\Windows\update.tray-2-0\svchost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\sysdriver32.exe
C:\Windows\sysdriver32_.exe
C:\Windows\l1rezerv.exe
C:\Windows\update.3\svchost.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Minh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Minh\Desktop\RSIT.exe
C:\Program Files\trend micro\Minh.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=15000
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Babylon-English Toolbar - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - C:\Program Files\Babylon-English\tbBaby.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Babylon-English Toolbar - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - C:\Program Files\Babylon-English\tbBaby.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O3 - Toolbar: Babylon-English Toolbar - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - C:\Program Files\Babylon-English\tbBaby.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\Windows\update.tray-2-0\svchost.exe
O4 - HKLM\..\Run: [2874021.exe] "C:\Windows\Temp\2874021.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [6087732.exe] "C:\Users\Minh\AppData\Local\Temp\6087732.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [30254297-loader2.exe] "C:\Windows\Temp\30254297-loader2.exe"
O4 - HKLM\..\Run: [25003662-loader2.exe] "C:\Windows\Temp\25003662-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKLM\..\Run: [2598920.exe] "C:\Windows\Temp\2598920.exe"
O4 - HKLM\..\Run: [w_distrib.exe] "C:\Windows\update.3\svchost.exe" stand
O4 - HKLM\..\Run: [7820739.exe] "C:\Windows\Temp\7820739.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Minh\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe

--
End of file - 10113 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
Babylon-English Toolbar - C:\Program Files\Babylon-English\tbBaby.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []
{ce18769b-c7fa-42d2-860d-17c4662c70ad} - Babylon-English Toolbar - C:\Program Files\Babylon-English\tbBaby.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-02 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-02 151064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-29 1545512]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"wxpdrv"=C:\Windows\services32.exe [2011-07-18 1150976]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-7-0\svchost.exe [2011-07-18 1150976]
"tray_ico1"=C:\Windows\update.tray-2-0\svchost.exe [2011-07-18 1150976]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"2874021.exe"=C:\Windows\Temp\2874021.exe [2011-07-18 232960]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-07-25 256000]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-07-25 256000]
"6087732.exe"=C:\Users\Minh\AppData\Local\Temp\6087732.exe [2011-07-18 232960]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"30254297-loader2.exe"=C:\Windows\Temp\30254297-loader2.exe [2011-07-21 245760]
"25003662-loader2.exe"=C:\Windows\Temp\25003662-loader2.exe [2011-07-22 249344]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-07-23 232960]
"2598920.exe"=C:\Windows\Temp\2598920.exe [2011-07-25 256000]
"w_distrib.exe"=C:\Windows\update.3\svchost.exe [2011-07-25 272896]
"7820739.exe"=C:\Windows\Temp\7820739.exe [2011-07-27 502272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Minh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-07-19 3318784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-27 14:56:13 ----D---- C:\rsit
2011-07-27 14:56:13 ----D---- C:\Program Files\trend micro
2011-07-25 21:51:03 ----A---- C:\Windows\w_distrib_iplist.txt
2011-07-25 21:50:36 ----HD---- C:\Windows\update.3
2011-07-23 17:23:03 ----A---- C:\Windows\l1rezerv.exe
2011-07-19 12:22:44 ----D---- C:\Users\Minh\AppData\Roaming\Spyware Terminator
2011-07-19 12:22:44 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2011-07-19 12:22:43 ----D---- C:\ProgramData\Spyware Terminator
2011-07-19 12:22:42 ----D---- C:\Program Files\Spyware Terminator
2011-07-19 09:53:40 ----D---- C:\Users\Minh\AppData\Roaming\Fighters
2011-07-19 09:15:43 ----HD---- C:\Windows\update.tray-2-0-lnk
2011-07-19 09:15:43 ----HD---- C:\Windows\update.tray-2-0
2011-07-18 22:03:27 ----A---- C:\Windows\ntbtlog.txt
2011-07-18 21:39:10 ----D---- C:\ProgramData\clp
2011-07-18 21:16:41 ----D---- C:\Windows\ufa
2011-07-18 21:16:41 ----D---- C:\Windows\rpcminer
2011-07-18 21:16:41 ----D---- C:\Windows\phoenix
2011-07-18 21:16:03 ----A---- C:\Windows\ddh_iplist.txt
2011-07-18 21:15:52 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-18 21:15:44 ----A---- C:\Windows\unrar.exe
2011-07-18 21:15:26 ----HD---- C:\Windows\update.2
2011-07-18 21:14:58 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-18 21:14:35 ----HD---- C:\Windows\update.5.0
2011-07-18 21:14:00 ----A---- C:\Windows\sysdriver32_.exe
2011-07-18 21:13:52 ----A---- C:\Windows\iplist.txt
2011-07-18 21:13:46 ----A---- C:\Windows\sysdriver32.exe
2011-07-18 21:13:22 ----A---- C:\Windows\front_ip_list.txt
2011-07-18 21:13:20 ----D---- C:\Windows\av_ico
2011-07-18 21:12:04 ----HD---- C:\Windows\update.1
2011-07-18 21:12:00 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-07-18 21:12:00 ----HD---- C:\Windows\update.tray-7-0
2011-07-18 21:00:19 ----A---- C:\Windows\winlog-ids.txt
2011-07-18 21:00:19 ----A---- C:\Windows\winlog-dirs.txt
2011-07-18 21:00:15 ----A---- C:\Windows\services32.exe
2011-07-13 08:31:34 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-07-13 08:31:33 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-07-13 08:31:33 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-07-13 08:31:33 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-07-13 08:31:33 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-07-13 08:31:33 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-07-13 08:31:33 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-07-13 08:31:31 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-13 08:31:31 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-13 08:31:29 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 08:31:28 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 08:31:28 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 08:31:28 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 08:31:28 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 08:31:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 08:31:22 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 08:31:21 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 08:31:21 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 08:31:15 ----A---- C:\Windows\system32\win32k.sys
2011-07-07 13:33:36 ----D---- C:\PFiles
2011-07-05 22:21:31 ----D---- C:\Program Files\Common Files\Java
2011-07-05 22:21:13 ----A---- C:\Windows\system32\javaws.exe
2011-07-05 22:21:13 ----A---- C:\Windows\system32\javaw.exe
2011-07-05 22:21:13 ----A---- C:\Windows\system32\java.exe
2011-07-04 19:09:10 ----D---- C:\Windows\system32\SPReview
2011-07-04 19:05:47 ----D---- C:\Windows\system32\EventProviders
2011-07-04 17:42:15 ----A---- C:\Windows\system32\dfshim.dll
2011-07-04 17:42:11 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-07-04 17:42:11 ----A---- C:\Windows\system32\mstscax.dll
2011-07-04 17:42:11 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-07-04 17:42:07 ----A---- C:\Windows\system32\mfc40u.dll
2011-07-04 17:42:07 ----A---- C:\Windows\system32\mfc40.dll
2011-07-04 17:42:07 ----A---- C:\Windows\system32\d3d10warp.dll
2011-07-04 17:42:06 ----A---- C:\Windows\system32\sysmain.dll
2011-07-04 17:42:05 ----A---- C:\Windows\system32\secproc_isv.dll
2011-07-04 17:42:04 ----A---- C:\Windows\system32\shell32.dll
2011-07-04 17:42:04 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-07-04 17:42:03 ----A---- C:\Windows\system32\secproc.dll
2011-07-04 17:42:02 ----A---- C:\Windows\system32\RMActivate.exe
2011-07-04 17:42:01 ----A---- C:\Windows\system32\spwizui.dll
2011-07-04 17:42:00 ----A---- C:\Windows\system32\mscoree.dll
2011-07-04 17:41:59 ----A---- C:\Windows\system32\mf.dll
2011-07-04 17:41:59 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-07-04 17:41:59 ----A---- C:\Windows\system32\CertEnroll.dll
2011-07-04 17:41:58 ----A---- C:\Windows\system32\wmp.dll
2011-07-04 17:41:57 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-07-04 17:41:57 ----A---- C:\Windows\system32\PresentationHost.exe
2011-07-04 17:41:57 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-07-04 17:41:57 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2011-07-04 17:41:56 ----A---- C:\Windows\system32\schedsvc.dll
2011-07-04 17:41:54 ----A---- C:\Windows\system32\RacEngn.dll
2011-07-04 17:41:54 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-07-04 17:41:53 ----A---- C:\Windows\system32\ntdll.dll
2011-07-04 17:41:52 ----A---- C:\Windows\system32\rdpdd.dll
2011-07-04 17:41:52 ----A---- C:\Windows\system32\qmgr.dll
2011-07-04 17:41:51 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-07-04 17:41:50 ----A---- C:\Windows\system32\wevtsvc.dll
2011-07-04 17:41:50 ----A---- C:\Windows\system32\ole32.dll
2011-07-04 17:41:48 ----A---- C:\Windows\system32\vssapi.dll
2011-07-04 17:41:48 ----A---- C:\Windows\system32\SearchFolder.dll
2011-07-04 17:41:47 ----A---- C:\Windows\system32\taskschd.dll
2011-07-04 17:41:47 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-07-04 17:41:47 ----A---- C:\Windows\system32\d3d9.dll
2011-07-04 17:41:46 ----A---- C:\Windows\system32\crypt32.dll
2011-07-04 17:41:45 ----A---- C:\Windows\system32\spreview.exe
2011-07-04 17:41:45 ----A---- C:\Windows\system32\spinstall.exe
2011-07-04 17:41:45 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2011-07-04 17:41:45 ----A---- C:\Windows\system32\mstsc.exe
2011-07-04 17:41:44 ----A---- C:\Windows\system32\wer.dll
2011-07-04 17:41:44 ----A---- C:\Windows\system32\termsrv.dll
2011-07-04 17:41:44 ----A---- C:\Windows\system32\rpcrt4.dll
2011-07-04 17:41:44 ----A---- C:\Windows\system32\certcli.dll
2011-07-04 17:41:43 ----A---- C:\Windows\system32\msxml6.dll
2011-07-04 17:41:43 ----A---- C:\Windows\system32\lsasrv.dll
2011-07-04 17:41:43 ----A---- C:\Windows\system32\gpsvc.dll
2011-07-04 17:41:43 ----A---- C:\Windows\system32\dwmcore.dll
2011-07-04 17:41:42 ----A---- C:\Windows\system32\odbc32.dll
2011-07-04 17:41:42 ----A---- C:\Windows\system32\MPSSVC.dll
2011-07-04 17:41:42 ----A---- C:\Windows\system32\diagperf.dll
2011-07-04 17:41:41 ----A---- C:\Windows\system32\WinSAT.exe
2011-07-04 17:41:41 ----A---- C:\Windows\system32\wbengine.exe
2011-07-04 17:41:41 ----A---- C:\Windows\system32\umrdp.dll
2011-07-04 17:41:41 ----A---- C:\Windows\system32\scavengeui.dll
2011-07-04 17:41:41 ----A---- C:\Windows\system32\quartz.dll
2011-07-04 17:41:41 ----A---- C:\Windows\system32\mstime.dll
2011-07-04 17:41:40 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-07-04 17:41:40 ----A---- C:\Windows\system32\tsmf.dll
2011-07-04 17:41:40 ----A---- C:\Windows\system32\localspl.dll
2011-07-04 17:41:40 ----A---- C:\Windows\system32\dot3api.dll
2011-07-04 17:41:39 ----A---- C:\Windows\system32\winhttp.dll
2011-07-04 17:41:39 ----A---- C:\Windows\system32\setupapi.dll
2011-07-04 17:41:39 ----A---- C:\Windows\system32\iedkcs32.dll
2011-07-04 17:41:39 ----A---- C:\Windows\system32\apphelp.dll
2011-07-04 17:41:38 ----A---- C:\Windows\system32\VSSVC.exe
2011-07-04 17:41:38 ----A---- C:\Windows\system32\netlogon.dll
2011-07-04 17:41:38 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-07-04 17:41:38 ----A---- C:\Windows\system32\dbgeng.dll
2011-07-04 17:41:37 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-07-04 17:41:37 ----A---- C:\Windows\system32\winlogon.exe
2011-07-04 17:41:37 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-07-04 17:41:37 ----A---- C:\Windows\system32\user32.dll
2011-07-04 17:41:37 ----A---- C:\Windows\system32\netcfgx.dll
2011-07-04 17:41:37 ----A---- C:\Windows\system32\d3d11.dll
2011-07-04 17:41:36 ----A---- C:\Windows\system32\WsmSvc.dll
2011-07-04 17:41:36 ----A---- C:\Windows\system32\webio.dll
2011-07-04 17:41:36 ----A---- C:\Windows\system32\Query.dll
2011-07-04 17:41:36 ----A---- C:\Windows\system32\gpprefcl.dll
2011-07-04 17:41:36 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-07-04 17:41:36 ----A---- C:\Windows\system32\advapi32.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\upnp.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\schannel.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\netfxperf.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\msv1_0.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\lsm.exe
2011-07-04 17:41:35 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-07-04 17:41:35 ----A---- C:\Windows\system32\drivers\csc.sys
2011-07-04 17:41:34 ----A---- C:\Windows\system32\sppobjs.dll
2011-07-04 17:41:34 ----A---- C:\Windows\system32\SessEnv.dll
2011-07-04 17:41:34 ----A---- C:\Windows\system32\msdrm.dll
2011-07-04 17:41:34 ----A---- C:\Windows\system32\imapi2fs.dll
2011-07-04 17:41:34 ----A---- C:\Windows\system32\authui.dll
2011-07-04 17:41:33 ----A---- C:\Windows\system32\usp10.dll
2011-07-04 17:41:33 ----A---- C:\Windows\system32\shlwapi.dll
2011-07-04 17:41:33 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-07-04 17:41:33 ----A---- C:\Windows\system32\mcbuilder.exe
2011-07-04 17:41:32 ----A---- C:\Windows\system32\winload.exe
2011-07-04 17:41:32 ----A---- C:\Windows\system32\userenv.dll
2011-07-04 17:41:32 ----A---- C:\Windows\system32\certmgr.dll
2011-07-04 17:41:32 ----A---- C:\Windows\system32\autochk.exe
2011-07-04 17:41:31 ----A---- C:\Windows\system32\xpsservices.dll
2011-07-04 17:41:31 ----A---- C:\Windows\system32\WebClnt.dll
2011-07-04 17:41:30 ----A---- C:\Windows\system32\sppwinob.dll
2011-07-04 17:41:30 ----A---- C:\Windows\system32\comdlg32.dll
2011-07-04 17:41:30 ----A---- C:\Windows\system32\audiosrv.dll
2011-07-04 17:41:29 ----A---- C:\Windows\system32\rpcss.dll
2011-07-04 17:41:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-07-04 17:41:29 ----A---- C:\Windows\system32\cmd.exe
2011-07-04 17:41:28 ----A---- C:\Windows\system32\win32spl.dll
2011-07-04 17:41:28 ----A---- C:\Windows\system32\framedynos.dll
2011-07-04 17:41:28 ----A---- C:\Windows\system32\BFE.DLL
2011-07-04 17:41:27 ----A---- C:\Windows\system32\wuaueng.dll
2011-07-04 17:41:27 ----A---- C:\Windows\system32\Wldap32.dll
2011-07-04 17:41:27 ----A---- C:\Windows\system32\rdpendp.dll
2011-07-04 17:41:27 ----A---- C:\Windows\system32\propsys.dll
2011-07-04 17:41:27 ----A---- C:\Windows\system32\nlasvc.dll
2011-07-04 17:41:27 ----A---- C:\Windows\system32\mfds.dll
2011-07-04 17:41:27 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-07-04 17:41:27 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-07-04 17:41:26 ----A---- C:\Windows\system32\wucltux.dll
2011-07-04 17:41:26 ----A---- C:\Windows\system32\winresume.exe
2011-07-04 17:41:26 ----A---- C:\Windows\system32\samsrv.dll
2011-07-04 17:41:26 ----A---- C:\Windows\system32\profsvc.dll
2011-07-04 17:41:26 ----A---- C:\Windows\system32\drivers\netio.sys
2011-07-04 17:41:26 ----A---- C:\Windows\system32\cscsvc.dll
2011-07-04 17:41:25 ----A---- C:\Windows\system32\werconcpl.dll
2011-07-04 17:41:25 ----A---- C:\Windows\system32\rdpclip.exe
2011-07-04 17:41:25 ----A---- C:\Windows\system32\ncsi.dll
2011-07-04 17:41:25 ----A---- C:\Windows\system32\azroles.dll
2011-07-04 17:41:25 ----A---- C:\Windows\system32\appmgr.dll
2011-07-04 17:41:24 ----A---- C:\Windows\system32\themeui.dll
2011-07-04 17:41:24 ----A---- C:\Windows\system32\taskeng.exe
2011-07-04 17:41:24 ----A---- C:\Windows\system32\spp.dll
2011-07-04 17:41:24 ----A---- C:\Windows\system32\mswsock.dll
2011-07-04 17:41:24 ----A---- C:\Windows\system32\drivers\http.sys
2011-07-04 17:41:24 ----A---- C:\Windows\system32\dhcpcore.dll
2011-07-04 17:41:24 ----A---- C:\Windows\system32\credui.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\wintrust.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\taskcomp.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\msxml3.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\dxgi.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\dbghelp.dll
2011-07-04 17:41:23 ----A---- C:\Windows\system32\basecsp.dll
2011-07-04 17:41:22 ----A---- C:\Windows\system32\gdi32.dll
2011-07-04 17:41:22 ----A---- C:\Windows\system32\evr.dll
2011-07-04 17:41:22 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-07-04 17:41:21 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-07-04 17:41:21 ----A---- C:\Windows\system32\spoolsv.exe
2011-07-04 17:41:20 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-07-04 17:41:20 ----A---- C:\Windows\system32\calc.exe
2011-07-04 17:41:19 ----A---- C:\Windows\system32\vpnike.dll
2011-07-04 17:41:19 ----A---- C:\Windows\system32\UIRibbon.dll
2011-07-04 17:41:19 ----A---- C:\Windows\system32\srvsvc.dll
2011-07-04 17:41:19 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-07-04 17:41:19 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-07-04 17:41:18 ----A---- C:\Windows\system32\sxs.dll
2011-07-04 17:41:18 ----A---- C:\Windows\system32\lpksetup.exe
2011-07-04 17:41:18 ----A---- C:\Windows\system32\fveapi.dll
2011-07-04 17:41:18 ----A---- C:\Windows\system32\cryptsvc.dll
2011-07-04 17:41:17 ----A---- C:\Windows\system32\ws2_32.dll
2011-07-04 17:41:17 ----A---- C:\Windows\system32\stobject.dll
2011-07-04 17:41:17 ----A---- C:\Windows\system32\netshell.dll
2011-07-04 17:41:17 ----A---- C:\Windows\system32\ie4uinit.exe
2011-07-04 17:41:17 ----A---- C:\Windows\system32\hgprint.dll
2011-07-04 17:41:17 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-07-04 17:41:17 ----A---- C:\Windows\system32\drivers\msdsm.sys
2011-07-04 17:41:17 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-07-04 17:41:17 ----A---- C:\Windows\system32\comctl32.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\WSDApi.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\wmpeffects.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\prncache.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\printui.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\net1.exe
2011-07-04 17:41:16 ----A---- C:\Windows\system32\msi.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\inetpp.dll
2011-07-04 17:41:16 ----A---- C:\Windows\system32\dps.dll
2011-07-04 17:41:15 ----A---- C:\Windows\system32\vds.exe
2011-07-04 17:41:15 ----A---- C:\Windows\system32\scansetting.dll
2011-07-04 17:41:15 ----A---- C:\Windows\system32\rpchttp.dll
2011-07-04 17:41:15 ----A---- C:\Windows\system32\FXSSVC.exe
2011-07-04 17:41:15 ----A---- C:\Windows\system32\drivers\vmbus.sys
2011-07-04 17:41:15 ----A---- C:\Windows\system32\drivers\pci.sys
2011-07-04 17:41:15 ----A---- C:\Windows\system32\ci.dll
2011-07-04 17:41:15 ----A---- C:\Windows\system32\aitagent.exe
2011-07-04 17:41:15 ----A---- C:\Windows\system32\aepdu.dll
2011-07-04 17:41:14 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-07-04 17:41:14 ----A---- C:\Windows\system32\wlangpui.dll
2011-07-04 17:41:14 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-07-04 17:41:14 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-07-04 17:41:14 ----A---- C:\Windows\system32\davclnt.dll
2011-07-04 17:41:14 ----A---- C:\Windows\system32\aaclient.dll
2011-07-04 17:41:13 ----A---- C:\Windows\system32\pnidui.dll
2011-07-04 17:41:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-07-04 17:41:13 ----A---- C:\Windows\system32\consent.exe
2011-07-04 17:41:12 ----A---- C:\Windows\system32\t2embed.dll
2011-07-04 17:41:11 ----A---- C:\Windows\system32\wpdshext.dll
2011-07-04 17:41:11 ----A---- C:\Windows\system32\scrptadm.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\webservices.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\tscfgwmi.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\SyncCenter.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\netdiagfx.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\fde.dll
2011-07-04 17:41:10 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-07-04 17:41:10 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2011-07-04 17:41:10 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2011-07-04 17:41:09 ----A---- C:\Windows\system32\wuapi.dll
2011-07-04 17:41:09 ----A---- C:\Windows\system32\wscapi.dll
2011-07-04 17:41:09 ----A---- C:\Windows\system32\WinSCard.dll
2011-07-04 17:41:09 ----A---- C:\Windows\system32\vmicsvc.exe
2011-07-04 17:41:09 ----A---- C:\Windows\system32\sdengin2.dll
2011-07-04 17:41:09 ----A---- C:\Windows\system32\cscobj.dll
2011-07-04 17:41:08 ----A---- C:\Windows\system32\wisptis.exe
2011-07-04 17:41:08 ----A---- C:\Windows\system32\winsta.dll
2011-07-04 17:41:08 ----A---- C:\Windows\system32\rdpcore.dll
2011-07-04 17:41:08 ----A---- C:\Windows\system32\pla.dll
2011-07-04 17:41:08 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-07-04 17:41:08 ----A---- C:\Windows\system32\msasn1.dll
2011-07-04 17:41:08 ----A---- C:\Windows\system32\mcmde.dll
2011-07-04 17:41:08 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-07-04 17:41:08 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-07-04 17:41:07 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\wiaservc.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\setupcl.exe
2011-07-04 17:41:07 ----A---- C:\Windows\system32\ntshrui.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\imapi2.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\iepeers.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\gameux.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2011-07-04 17:41:07 ----A---- C:\Windows\system32\aeinv.dll
2011-07-04 17:41:06 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-07-04 17:41:06 ----A---- C:\Windows\system32\onex.dll
2011-07-04 17:41:06 ----A---- C:\Windows\system32\dwmredir.dll
2011-07-04 17:41:06 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-07-04 17:41:05 ----A---- C:\Windows\system32\winmm.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\vaultsvc.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\TabSvc.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\shsvcs.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\rasmans.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\netiohlp.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\Narrator.exe
2011-07-04 17:41:05 ----A---- C:\Windows\system32\hbaapi.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-07-04 17:41:05 ----A---- C:\Windows\system32\bootres.dll
2011-07-04 17:41:05 ----A---- C:\Windows\system32\autofmt.exe
2011-07-04 17:41:04 ----A---- C:\Windows\system32\thumbcache.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\samcli.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\regapi.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\proquota.exe
2011-07-04 17:41:04 ----A---- C:\Windows\system32\msutb.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\msinfo32.exe
2011-07-04 17:41:04 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-07-04 17:41:04 ----A---- C:\Windows\system32\halmacpi.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\hal.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\autoconv.exe
2011-07-04 17:41:04 ----A---- C:\Windows\system32\AudioSes.dll
2011-07-04 17:41:04 ----A---- C:\Windows\system32\audiodg.exe
2011-07-04 17:41:03 ----A---- C:\Windows\system32\wcncsvc.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\srchadmin.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\schtasks.exe
2011-07-04 17:41:03 ----A---- C:\Windows\system32\powercpl.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\msihnd.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\mimefilt.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\framedyn.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\eapphost.dll
2011-07-04 17:41:03 ----A---- C:\Windows\system32\drivers\winusb.sys
2011-07-04 17:41:02 ----A---- C:\Windows\system32\sspicli.dll
2011-07-04 17:41:02 ----A---- C:\Windows\system32\QAGENT.DLL
2011-07-04 17:41:02 ----A---- C:\Windows\system32\mscorier.dll
2011-07-04 17:41:02 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-07-04 17:41:02 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-07-04 17:41:02 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-07-04 17:41:02 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\wdc.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\umpo.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\scesrv.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\netid.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\DXP.dll
2011-07-04 17:41:01 ----A---- C:\Windows\system32\actxprxy.dll
2011-07-04 17:41:00 ----A---- C:\Windows\system32\Vault.dll
2011-07-04 17:41:00 ----A---- C:\Windows\system32\untfs.dll
2011-07-04 17:41:00 ----A---- C:\Windows\system32\sppsvc.exe
2011-07-04 17:41:00 ----A---- C:\Windows\system32\sdclt.exe
2011-07-04 17:41:00 ----A---- C:\Windows\system32\rastls.dll
2011-07-04 17:41:00 ----A---- C:\Windows\system32\nci.dll
2011-07-04 17:41:00 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-07-04 17:40:59 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-07-04 17:40:59 ----A---- C:\Windows\system32\wlanpref.dll
2011-07-04 17:40:59 ----A---- C:\Windows\system32\RpcRtRemote.dll
2011-07-04 17:40:59 ----A---- C:\Windows\system32\Robocopy.exe
2011-07-04 17:40:59 ----A---- C:\Windows\system32\ListSvc.dll
2011-07-04 17:40:59 ----A---- C:\Windows\system32\licmgr10.dll
2011-07-04 17:40:58 ----A---- C:\Windows\system32\taskmgr.exe
2011-07-04 17:40:58 ----A---- C:\Windows\system32\mtxclu.dll
2011-07-04 17:40:58 ----A---- C:\Windows\system32\DxpTaskSync.dll
2011-07-04 17:40:58 ----A---- C:\Windows\system32\Display.dll
2011-07-04 17:40:57 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-07-04 17:40:57 ----A---- C:\Windows\system32\userinit.exe
2011-07-04 17:40:57 ----A---- C:\Windows\system32\termmgr.dll
2011-07-04 17:40:57 ----A---- C:\Windows\system32\sharemediacpl.dll
2011-07-04 17:40:57 ----A---- C:\Windows\system32\puiobj.dll
2011-07-04 17:40:57 ----A---- C:\Windows\system32\msdri.dll
2011-07-04 17:40:57 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-07-04 17:40:57 ----A---- C:\Windows\system32\drivers\mpio.sys
2011-07-04 17:40:57 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-07-04 17:40:57 ----A---- C:\Windows\system32\cscui.dll
2011-07-04 17:40:56 ----A---- C:\Windows\system32\eudcedit.exe
2011-07-04 17:40:56 ----A---- C:\Windows\system32\drivers\winhv.sys
2011-07-04 17:40:56 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-07-04 17:40:56 ----A---- C:\Windows\system32\DiagCpl.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\wiadefui.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\sppcomapi.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\shsetup.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\rasppp.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\msdtctm.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\msconfig.exe
2011-07-04 17:40:55 ----A---- C:\Windows\system32\logoncli.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2011-07-04 17:40:55 ----A---- C:\Windows\system32\cabview.dll
2011-07-04 17:40:55 ----A---- C:\Windows\system32\biocpl.dll
2011-07-04 17:40:54 ----A---- C:\Windows\system32\themecpl.dll
2011-07-04 17:40:54 ----A---- C:\Windows\system32\SensorsCpl.dll
2011-07-04 17:40:54 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2011-07-04 17:40:54 ----A---- C:\Windows\system32\drivers\storvsc.sys
2011-07-04 17:40:53 ----A---- C:\Windows\system32\wpccpl.dll
2011-07-04 17:40:53 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2011-07-04 17:40:53 ----A---- C:\Windows\system32\hgcpl.dll
2011-07-04 17:40:53 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2011-07-04 17:40:53 ----A---- C:\Windows\system32\dnscmmc.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\tapisrv.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\scecli.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\mscories.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\mscms.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\localsec.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\fontext.dll
2011-07-04 17:40:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-07-04 17:40:51 ----A---- C:\Windows\system32\wlanui.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\wkssvc.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\VAN.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\usercpl.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\srcore.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\SndVolSSO.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\qedit.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\prntvpt.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\mprddm.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\mblctr.exe
2011-07-04 17:40:51 ----A---- C:\Windows\system32\KMSVC.DLL
2011-07-04 17:40:51 ----A---- C:\Windows\system32\iasacct.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\bcdsrv.dll
2011-07-04 17:40:51 ----A---- C:\Windows\system32\batmeter.dll
2011-07-04 17:40:50 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-07-04 17:40:50 ----A---- C:\Windows\system32\wksprt.exe
2011-07-04 17:40:50 ----A---- C:\Windows\system32\w32tm.exe
2011-07-04 17:40:50 ----A---- C:\Windows\system32\spwizeng.dll
2011-07-04 17:40:50 ----A---- C:\Windows\system32\SndVol.exe
2011-07-04 17:40:50 ----A---- C:\Windows\system32\qdvd.dll
2011-07-04 17:40:50 ----A---- C:\Windows\system32\netcenter.dll
2011-07-04 17:40:50 ----A---- C:\Windows\system32\azroleui.dll
2011-07-04 17:40:50 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-07-04 17:40:49 ----A---- C:\Windows\system32\zipfldr.dll
2011-07-04 17:40:49 ----A---- C:\Windows\system32\fdeploy.dll
2011-07-04 17:40:49 ----A---- C:\Windows\system32\drivers\ks.sys
2011-07-04 17:40:48 ----A---- C:\Windows\system32\netjoin.dll
2011-07-04 17:40:48 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-07-04 17:40:48 ----A---- C:\Windows\system32\cryptui.dll
2011-07-04 17:40:48 ----A---- C:\Windows\system32\adsldp.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\wusa.exe
2011-07-04 17:40:47 ----A---- C:\Windows\system32\prnfldr.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\networkmap.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\mspbda.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\Faultrep.dll
2011-07-04 17:40:47 ----A---- C:\Windows\system32\ActionCenter.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\taskhost.exe
2011-07-04 17:40:46 ----A---- C:\Windows\system32\taskbarcpl.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\sud.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\slui.exe
2011-07-04 17:40:46 ----A---- C:\Windows\system32\photowiz.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\msieftp.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\iasrad.dll
2011-07-04 17:40:46 ----A---- C:\Windows\system32\credssp.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\sisbkup.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\shwebsvc.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\rdpcorekmts.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\ifsutil.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\ieUnatt.exe
2011-07-04 17:40:45 ----A---- C:\Windows\system32\halacpi.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\ftp.exe
2011-07-04 17:40:45 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-07-04 17:40:45 ----A---- C:\Windows\system32\dot3cfg.dll
2011-07-04 17:40:45 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\wpd_ci.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\syncui.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\sdcpl.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\recovery.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\odbcjt32.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\iesysprep.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\efscore.dll
2011-07-04 17:40:44 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\wmpmde.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\sppnp.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\rtutils.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\rdpwsx.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\ntlanman.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\fsquirt.exe
2011-07-04 17:40:43 ----A---- C:\Windows\system32\dskquoui.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\DeviceCenter.dll
2011-07-04 17:40:43 ----A---- C:\Windows\system32\bcdedit.exe
2011-07-04 17:40:43 ----A---- C:\Windows\system32\autoplay.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\vdsutil.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\systemcpl.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\sethc.exe
2011-07-04 17:40:42 ----A---- C:\Windows\system32\riched20.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\recdisc.exe
2011-07-04 17:40:42 ----A---- C:\Windows\system32\OobeFldr.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\ntprint.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\nshwfp.dll
2011-07-04 17:40:42 ----A---- C:\Windows\system32\bcdboot.exe
2011-07-04 17:40:41 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-07-04 17:40:41 ----A---- C:\Windows\system32\rstrui.exe
2011-07-04 17:40:41 ----A---- C:\Windows\system32\netplwiz.dll
2011-07-04 17:40:41 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-07-04 17:40:41 ----A---- C:\Windows\system32\migisol.dll
2011-07-04 17:40:41 ----A---- C:\Windows\system32\fms.dll
2011-07-04 17:40:41 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-07-04 17:40:41 ----A---- C:\Windows\system32\blackbox.dll
2011-07-04 17:40:41 ----A---- C:\Windows\system32\AxInstSv.dll
2011-07-04 17:40:41 ----A---- C:\Windows\system32\activeds.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\wsqmcons.exe
2011-07-04 17:40:40 ----A---- C:\Windows\system32\nshipsec.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\nlaapi.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\httpapi.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-07-04 17:40:40 ----A---- C:\Windows\system32\dot3svc.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\cdosys.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-07-04 17:40:40 ----A---- C:\Windows\system32\asycfilt.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\wuwebv.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\wlanmsm.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\wavemsp.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\ReAgent.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\provsvc.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\msftedit.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\isoburn.exe
2011-07-04 17:40:39 ----A---- C:\Windows\system32\dot3ui.dll
2011-07-04 17:40:39 ----A---- C:\Windows\system32\dfrgui.exe
2011-07-04 17:40:38 ----A---- C:\Windows\system32\wvc.dll
2011-07-04 17:40:38 ----A---- C:\Windows\system32\wtsapi32.dll
2011-07-04 17:40:38 ----A---- C:\Windows\system32\wimgapi.dll
2011-07-04 17:40:38 ----A---- C:\Windows\system32\tzutil.exe
2011-07-04 17:40:38 ----A---- C:\Windows\system32\sysclass.dll
2011-07-04 17:40:38 ----A---- C:\Windows\system32\ocsetup.exe
2011-07-04 17:40:38 ----A---- C:\Windows\system32\dsuiext.dll
2011-07-04 17:40:38 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-07-04 17:40:38 ----A---- C:\Windows\system32\appinfo.dll
2011-07-04 17:40:38 ----A---- C:\Windows\system32\AdmTmpl.dll
2011-07-04 17:40:37 ----A---- C:\Windows\twain_32.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\webcheck.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\twext.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\shdocvw.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\setupugc.exe
2011-07-04 17:40:37 ----A---- C:\Windows\system32\qcap.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\occache.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\mstask.dll
2011-07-04 17:40:37 ----A---- C:\Windows\system32\certprop.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\uxlib.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\ssText3d.scr
2011-07-04 17:40:36 ----A---- C:\Windows\system32\srrstr.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\slwga.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\qasf.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-07-04 17:40:36 ----A---- C:\Windows\system32\msrating.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-07-04 17:40:36 ----A---- C:\Windows\system32\imm32.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\wwanconn.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\nslookup.exe
2011-07-04 17:40:35 ----A---- C:\Windows\system32\msvfw32.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\mciavi32.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\imgutil.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\clusapi.dll
2011-07-04 17:40:35 ----A---- C:\Windows\system32\audiodev.dll
2011-07-04 17:40:34 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-07-04 17:40:34 ----A---- C:\Windows\system32\msscp.dll
2011-07-04 17:40:34 ----A---- C:\Windows\system32\diskraid.exe
2011-07-04 17:40:34 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\wimserv.exe
2011-07-04 17:40:33 ----A---- C:\Windows\system32\TSpkg.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\remotepg.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\rdpencom.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\raschap.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\QUTIL.DLL
2011-07-04 17:40:33 ----A---- C:\Windows\system32\perfmon.exe
2011-07-04 17:40:33 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-07-04 17:40:33 ----A---- C:\Windows\system32\input.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\browser.dll
2011-07-04 17:40:33 ----A---- C:\Windows\system32\acppage.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\wmpdxm.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2011-07-04 17:40:32 ----A---- C:\Windows\system32\vpnikeapi.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\sdrsvc.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\olepro32.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\odbccp32.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\ocsetapi.dll
2011-07-04 17:40:32 ----A---- C:\Windows\system32\networkexplorer.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\wpdwcn.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\vdsbas.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\sspisrv.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\runonce.exe
2011-07-04 17:40:31 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-07-04 17:40:31 ----A---- C:\Windows\system32\onexui.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\nltest.exe
2011-07-04 17:40:31 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\logagent.exe
2011-07-04 17:40:31 ----A---- C:\Windows\system32\iTVData.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\inseng.dll
2011-07-04 17:40:31 ----A---- C:\Windows\system32\dxdiagn.dll
2011-07-04 17:40:31 ----A---- C:\Windows\bfsvc.exe
2011-07-04 17:40:30 ----A---- C:\Windows\system32\msvidc32.dll
2011-07-04 17:40:30 ----A---- C:\Windows\system32\msiexec.exe
2011-07-04 17:40:30 ----A---- C:\Windows\system32\MFPlay.dll
2011-07-04 17:40:30 ----A---- C:\Windows\system32\eapp3hst.dll
2011-07-04 17:40:30 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-07-04 17:40:29 ----A---- C:\Windows\system32\wudriver.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\wmpshell.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\unimdmat.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\tabcal.exe
2011-07-04 17:40:29 ----A---- C:\Windows\system32\sqlcese30.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\shacct.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\rdpd3d.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-07-04 17:40:29 ----A---- C:\Windows\system32\lsmproxy.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\iscsium.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\d3d10level9.dll
2011-07-04 17:40:29 ----A---- C:\Windows\system32\Bubbles.scr
2011-07-04 17:40:29 ----A---- C:\Windows\system32\bitsadmin.exe
2011-07-04 17:40:28 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\WPDSp.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\srvcli.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\pdh.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\OpcServices.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\ncryptui.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\mprapi.dll
2011-07-04 17:40:28 ----A---- C:\Windows\system32\logman.exe
2011-07-04 17:40:28 ----A---- C:\Windows\system32\djoin.exe
2011-07-04 17:40:28 ----A---- C:\Windows\system32\cscapi.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\wwanprotdim.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\WMPhoto.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-07-04 17:40:27 ----A---- C:\Windows\system32\utildll.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\tsgqec.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\Ribbons.scr
2011-07-04 17:40:27 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-07-04 17:40:27 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\olethk32.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\odbctrac.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\Mystify.scr
2011-07-04 17:40:27 ----A---- C:\Windows\system32\mshtmled.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\MdSched.exe
2011-07-04 17:40:27 ----A---- C:\Windows\system32\mapistub.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\mapi32.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\lpremove.exe
2011-07-04 17:40:27 ----A---- C:\Windows\system32\fphc.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\CscMig.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\avifil32.dll
2011-07-04 17:40:27 ----A---- C:\Windows\system32\ActionQueue.dll
2011-07-04 17:40:26 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-07-04 17:40:26 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-07-04 17:40:26 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2011-07-04 17:40:26 ----A---- C:\Windows\system32\wiavideo.dll
2011-07-04 17:40:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-07-04 17:40:26 ----A---- C:\Windows\system32\takeown.exe
2011-07-04 17:40:26 ----A---- C:\Windows\system32\sqmapi.dll
2011-07-04 17:40:26 ----A---- C:\Windows\system32\iyuv_32.dll
2011-07-04 17:40:26 ----A---- C:\Windows\system32\imagehlp.dll
2011-07-04 17:40:26 ----A---- C:\Windows\system32\dot3msm.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\WUDFx.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\unattend.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\sppinst.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\qprocess.exe
2011-07-04 17:40:25 ----A---- C:\Windows\system32\qdv.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-07-04 17:40:25 ----A---- C:\Windows\system32\msyuv.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\msrle32.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\msnetobj.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-07-04 17:40:25 ----A---- C:\Windows\system32\cmstp.exe
2011-07-04 17:40:25 ----A---- C:\Windows\system32\cca.dll
2011-07-04 17:40:24 ----A---- C:\Windows\system32\WUDFHost.exe
2011-07-04 17:40:24 ----A---- C:\Windows\system32\wsnmp32.dll
2011-07-04 17:40:24 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-07-04 17:40:24 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-07-04 17:40:24 ----A---- C:\Windows\system32\umb.dll
2011-07-04 17:40:24 ----A---- C:\Windows\system32\setupcln.dll
2011-07-04 17:40:24 ----A---- C:\Windows\system32\RelPost.exe
2011-07-04 17:40:24 ----A---- C:\Windows\system32\pdhui.dll
2011-07-04 17:40:24 ----A---- C:\Windows\system32\MuiUnattend.exe
2011-07-04 17:40:24 ----A---- C:\Windows\system32\msg.exe
2011-07-04 17:40:24 ----A---- C:\Windows\system32\basesrv.dll
2011-07-04 17:40:23 ----A---- C:\Windows\system32\wuauclt.exe
2011-07-04 17:40:23 ----A---- C:\Windows\system32\tsbyuv.dll
2011-07-04 17:40:23 ----A---- C:\Windows\system32\relog.exe
2011-07-04 17:40:23 ----A---- C:\Windows\system32\qwinsta.exe
2011-07-04 17:40:23 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2011-07-04 17:40:23 ----A---- C:\Windows\system32\netiougc.exe
2011-07-04 17:40:23 ----A---- C:\Windows\system32\msorcl32.dll
2011-07-04 17:40:23 ----A---- C:\Windows\system32\iscsicli.exe
2011-07-04 17:40:23 ----A---- C:\Windows\system32\iasrecst.dll
2011-07-04 17:40:23 ----A---- C:\Windows\system32\chglogon.exe
2011-07-04 17:40:23 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-07-04 17:40:23 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-07-04 17:40:23 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\wkscli.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\WavDest.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\sppuinotify.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\spbcd.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\resutils.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\rastapi.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\quser.exe
2011-07-04 17:40:22 ----A---- C:\Windows\system32\netbtugc.exe
2011-07-04 17:40:22 ----A---- C:\Windows\system32\mydocs.dll
2011-07-04 17:40:22 ----A---- C:\Windows\system32\MultiDigiMon.exe
2011-07-04 17:40:22 ----A---- C:\Windows\system32\diskpart.exe
2011-07-04 17:40:22 ----A---- C:\Windows\system32\amstream.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\wuapp.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\wmpps.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\tsdiscon.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\tscon.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\syssetup.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\secur32.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\qappsrv.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\PrintBrmUi.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\nrpsrv.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\itircl.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\chgusr.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\chgport.exe
2011-07-04 17:40:21 ----A---- C:\Windows\system32\FXSTIFF.dll
2011-07-04 17:40:21 ----A---- C:\Windows\system32\CertPolEng.dll
2011-07-04 17:40:20 ----A---- C:\Windows\system32\wiarpc.dll
2011-07-04 17:40:20 ----A---- C:\Windows\system32\tskill.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\tlscsp.dll
2011-07-04 17:40:20 ----A---- C:\Windows\system32\shadow.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\rwinsta.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\ReAgentc.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\netutils.dll
2011-07-04 17:40:20 ----A---- C:\Windows\system32\netapi32.dll
2011-07-04 17:40:20 ----A---- C:\Windows\system32\mobsync.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\mciqtz32.dll
2011-07-04 17:40:20 ----A---- C:\Windows\system32\logoff.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\findstr.exe
2011-07-04 17:40:20 ----A---- C:\Windows\system32\eappgnui.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\sppc.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\spopk.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\shimgvw.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\muifontsetup.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\luainstall.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\iccvid.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-07-04 17:40:19 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2011-07-04 17:40:19 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-07-04 17:40:19 ----A---- C:\Windows\system32\dosx.exe
2011-07-04 17:40:19 ----A---- C:\Windows\system32\cabinet.dll
2011-07-04 17:40:18 ----A---- C:\Windows\system32\vmstorfltres.dll
2011-07-04 17:40:18 ----A---- C:\Windows\system32\vmicres.dll
2011-07-04 17:40:18 ----A---- C:\Windows\system32\unlodctr.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\reset.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\repair-bde.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2011-07-04 17:40:18 ----A---- C:\Windows\system32\query.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\netcfg.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\msdmo.dll
2011-07-04 17:40:18 ----A---- C:\Windows\system32\manage-bde.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\inetmib1.dll
2011-07-04 17:40:18 ----A---- C:\Windows\system32\change.exe
2011-07-04 17:40:18 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2011-07-04 17:40:17 ----A---- C:\Windows\system32\wups.dll
2011-07-04 17:40:17 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-07-04 17:40:17 ----A---- C:\Windows\system32\vmbusres.dll
2011-07-04 17:40:17 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-07-04 17:40:17 ----A---- C:\Windows\system32\profprov.dll
2011-07-04 17:40:17 ----A---- C:\Windows\system32\odbcconf.dll
2011-07-04 17:40:17 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-07-04 17:40:17 ----A---- C:\Windows\system32\browcli.dll
2011-07-04 17:40:16 ----A---- C:\Windows\system32\perfts.dll
2011-07-04 17:40:16 ----A---- C:\Windows\system32\icaapi.dll
2011-07-04 17:40:15 ----A---- C:\Windows\system32\TRAPI.dll
2011-07-04 17:40:15 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-07-04 17:40:15 ----A---- C:\Windows\system32\msfeedssync.exe
2011-07-04 17:40:15 ----A---- C:\Windows\system32\FXSMON.dll
2011-07-04 17:40:15 ----A---- C:\Windows\system32\elsTrans.dll
2011-07-04 17:40:15 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-07-04 17:40:15 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-07-04 17:40:15 ----A---- C:\Windows\system32\bitsperf.dll
2011-07-04 17:40:14 ----A---- C:\Windows\system32\wshbth.dll
2011-07-04 17:40:14 ----A---- C:\Windows\system32\schedcli.dll
2011-07-04 17:40:14 ----A---- C:\Windows\system32\napdsnap.dll
2011-07-04 17:40:14 ----A---- C:\Windows\system32\LogonUI.exe
2011-07-04 17:40:14 ----A---- C:\Windows\system32\dsauth.dll
2011-07-04 17:40:14 ----A---- C:\Windows\system32\cscdll.dll
2011-07-04 17:40:13 ----A---- C:\Windows\system32\wsdchngr.dll
2011-07-04 17:40:13 ----A---- C:\Windows\system32\sscore.dll
2011-07-04 17:40:13 ----A---- C:\Windows\system32\shgina.dll
2011-07-04 17:40:13 ----A---- C:\Windows\system32\riched32.dll
2011-07-04 17:40:13 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2011-07-04 17:40:12 ----A---- C:\Windows\system32\wups2.dll
2011-07-04 17:40:12 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-07-04 17:40:12 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2011-07-04 17:40:12 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-07-04 17:40:12 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-07-04 17:40:11 ----A---- C:\Windows\system32\wshirda.dll
2011-07-04 17:40:11 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-07-04 17:40:11 ----A---- C:\Windows\system32\drivers\appid.sys
2011-07-04 17:40:10 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-07-04 17:40:10 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2011-07-04 17:40:10 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-07-04 17:40:10 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2011-07-04 17:40:10 ----A---- C:\Windows\system32\browseui.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\vmictimeprovider.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\VmdCoinstall.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\vmbuspipe.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\spwmp.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\IcCoinstall.dll
2011-07-04 17:40:09 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-07-04 17:40:09 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-07-04 17:40:09 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2011-07-04 17:40:09 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2011-07-04 17:40:09 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2011-07-04 17:40:08 ----A---- C:\Windows\system32\shunimpl.dll
2011-07-04 17:40:08 ----A---- C:\Windows\system32\RDPREFDD.dll
2011-07-04 17:40:08 ----A---- C:\Windows\system32\dxmasf.dll
2011-07-04 17:40:08 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-07-04 17:40:08 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-07-04 17:40:08 ----A---- C:\Windows\system32\drivers\scfilter.sys
2011-07-04 17:40:08 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2011-07-04 17:40:08 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-07-04 17:40:08 ----A---- C:\Windows\system32\C_ISCII.DLL
2011-07-04 17:40:07 ----A---- C:\Windows\system32\wmploc.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDUS.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDTURME.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDSF.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDNEPR.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDMON.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDMAORI.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDLT1.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\kbdlk41a.dll
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINTEL.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINTAM.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINORI.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINMAR.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINKAN.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINHIN.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDINBEN.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDGEO.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDBULG.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDBLR.DLL
2011-07-04 17:40:06 ----A---- C:\Windows\system32\KBDBASH.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\tzres.dll
2011-07-04 17:40:05 ----A---- C:\Windows\system32\spwizres.dll
2011-07-04 17:40:05 ----A---- C:\Windows\system32\pifmgr.dll
2011-07-04 17:40:05 ----A---- C:\Windows\system32\nlsbres.dll
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDTUQ.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDTUF.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDSG.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDPO.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDGR1.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDGKL.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\KBDCZ1.DLL
2011-07-04 17:40:05 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2011-07-04 17:40:05 ----A---- C:\Windows\system32\dpnaddr.dll
2011-07-04 17:40:05 ----A---- C:\Windows\system32\BlbEvents.dll
2011-07-04 17:39:24 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-07-04 17:39:24 ----A---- C:\Windows\system32\wbemcomn.dll
2011-07-04 17:39:06 ----A---- C:\Windows\system32\SmiEngine.dll
2011-07-04 17:39:00 ----A---- C:\Windows\system32\wdscore.dll
2011-07-04 17:39:00 ----A---- C:\Windows\system32\PkgMgr.exe
2011-07-04 17:38:02 ----A---- C:\Windows\system32\drvstore.dll
2011-07-04 17:38:01 ----A---- C:\Windows\system32\dpx.dll
2011-07-01 15:33:56 ----D---- C:\Users\Minh\AppData\Roaming\gtk-2.0
2011-06-29 15:42:08 ----D---- C:\ProgramData\DivX
2011-06-29 15:41:41 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 15:41:40 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 15:41:39 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 15:41:39 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 15:41:39 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 15:41:39 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 15:41:38 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 15:41:38 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 15:41:37 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-29 15:41:10 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 15:41:10 ----A---- C:\Windows\system32\cfgmgr32.dll

[vyosek]

======List of files/folders modified in the last 1 month======

2011-07-27 14:56:13 ----RD---- C:\Program Files
2011-07-27 14:54:33 ----A---- C:\Windows\system32\rpcnetp.exe
2011-07-27 14:54:31 ----A---- C:\Windows\system32\rpcnet.dll
2011-07-27 14:53:42 ----D---- C:\Windows\system32\config
2011-07-27 14:53:41 ----D---- C:\Windows\Temp
2011-07-27 14:49:37 ----D---- C:\Program Files\QIP 2010
2011-07-27 08:40:21 ----A---- C:\Windows\system32\rpcnetp.dll
2011-07-27 08:38:12 ----D---- C:\Windows\system32\catroot2
2011-07-26 22:37:12 ----SHD---- C:\System Volume Information
2011-07-25 21:51:03 ----D---- C:\Windows
2011-07-25 21:22:59 ----D---- C:\Windows\System32
2011-07-25 21:22:59 ----D---- C:\Windows\inf
2011-07-25 21:22:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-23 18:17:58 ----D---- C:\Windows\Tasks
2011-07-23 18:17:58 ----D---- C:\Windows\system32\wfp
2011-07-23 18:17:58 ----D---- C:\Windows\system32\DriverStore
2011-07-23 18:17:58 ----D---- C:\Windows\system32\drivers\etc
2011-07-23 18:17:57 ----D---- C:\Windows\system32\NDF
2011-07-23 18:17:57 ----D---- C:\Windows\system32\CodeIntegrity
2011-07-23 18:17:56 ----D---- C:\Windows\system32\wbem
2011-07-23 18:17:56 ----D---- C:\Windows\registration
2011-07-23 18:12:18 ----D---- C:\Windows\system32\LogFiles
2011-07-23 17:25:37 ----D---- C:\Windows\Prefetch
2011-07-19 20:48:29 ----SHD---- C:\Windows\Installer
2011-07-19 20:48:09 ----HD---- C:\ProgramData
2011-07-19 12:22:44 ----D---- C:\Windows\system32\drivers
2011-07-19 09:42:13 ----D---- C:\Windows\system32\catroot
2011-07-19 09:35:07 ----D---- C:\Windows\winsxs
2011-07-19 09:35:01 ----D---- C:\Windows\AppCompat
2011-07-19 09:35:01 ----D---- C:\Users\Minh\AppData\Roaming\vlc
2011-07-19 09:35:00 ----SHD---- C:\$Recycle.Bin
2011-07-19 09:35:00 ----D---- C:\Program Files\Windows Sidebar
2011-07-19 09:34:23 ----D---- C:\Users\Minh\AppData\Roaming\Skype
2011-07-19 09:34:22 ----SD---- C:\Users\Minh\AppData\Roaming\Microsoft
2011-07-19 09:34:19 ----D---- C:\ProgramData\Skype Extras
2011-07-19 08:31:55 ----D---- C:\Program Files\Common Files
2011-07-18 21:51:03 ----D---- C:\Windows\system32\wdi
2011-07-18 21:21:26 ----D---- C:\Program Files\Garena
2011-07-18 20:44:41 ----D---- C:\Users\Minh\AppData\Roaming\skypePM
2011-07-17 20:01:39 ----D---- C:\Program Files\Warcraft III
2011-07-13 08:33:42 ----A---- C:\Windows\system32\MRT.exe
2011-07-12 22:31:11 ----D---- C:\Users\Minh\AppData\Roaming\GHISLER
2011-07-06 10:24:45 ----D---- C:\Windows\Microsoft.NET
2011-07-06 10:17:16 ----RSD---- C:\Windows\assembly
2011-07-05 22:21:04 ----D---- C:\Program Files\Java
2011-07-05 10:29:53 ----D---- C:\Windows\rescache
2011-07-04 20:57:54 ----D---- C:\Program Files\Opera
2011-07-04 20:52:46 ----SHD---- C:\Boot
2011-07-04 20:46:42 ----D---- C:\Program Files\Windows Portable Devices
2011-07-04 20:46:42 ----D---- C:\Program Files\Windows Photo Viewer
2011-07-04 20:46:42 ----D---- C:\Program Files\Windows Media Player
2011-07-04 20:46:42 ----D---- C:\Program Files\Windows Mail
2011-07-04 20:46:42 ----D---- C:\Program Files\Windows Journal
2011-07-04 20:46:42 ----D---- C:\Program Files\Internet Explorer
2011-07-04 20:46:42 ----D---- C:\Program Files\DVD Maker
2011-07-04 20:46:40 ----D---- C:\Windows\servicing
2011-07-04 20:46:40 ----D---- C:\Windows\ehome
2011-07-04 20:46:40 ----D---- C:\Program Files\Windows Defender
2011-07-04 20:46:36 ----D---- C:\Windows\system32\sysprep
2011-07-04 20:46:36 ----D---- C:\Windows\system32\oobe
2011-07-04 20:46:36 ----D---- C:\Windows\system32\en-US
2011-07-04 20:46:36 ----D---- C:\Windows\system32\da-DK
2011-07-04 20:46:36 ----D---- C:\Windows\PolicyDefinitions
2011-07-04 20:46:35 ----D---- C:\Windows\system32\migration
2011-07-04 20:46:32 ----D---- C:\Windows\system32\Setup
2011-07-04 20:46:32 ----D---- C:\Windows\system32\cs
2011-07-04 20:46:32 ----D---- C:\Windows\system32\AdvancedInstallers
2011-07-04 20:46:31 ----D---- C:\Windows\system32\cs-CZ
2011-07-04 20:46:30 ----D---- C:\Windows\system32\sppui
2011-07-04 20:46:30 ----D---- C:\Windows\system32\manifeststore
2011-07-04 20:46:30 ----D---- C:\Windows\system32\es-ES
2011-07-04 20:46:29 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-07-04 20:46:28 ----D---- C:\Windows\system32\migwiz
2011-07-04 20:46:28 ----D---- C:\Windows\system32\Dism
2011-07-04 20:46:13 ----RSD---- C:\Windows\Fonts
2011-07-04 20:46:12 ----D---- C:\Windows\AppPatch
2011-07-04 20:46:02 ----D---- C:\Windows\system32\Boot
2011-07-04 19:23:51 ----A---- C:\Windows\system32\msclmd.dll
2011-07-04 13:43:51 ----A---- C:\Windows\system32\aswBoot.exe
2011-07-02 14:13:17 ----D---- C:\Windows\ModemLogs
2011-06-30 10:40:20 ----D---- C:\Windows\Minidump
2011-06-29 15:45:09 ----D---- C:\Program Files\DivX
2011-06-29 15:44:37 ----D---- C:\Program Files\Common Files\DivX Shared
2011-06-28 19:05:02 ----D---- C:\Users\Minh\AppData\Roaming\Nokia
2011-06-28 18:12:34 ----D---- C:\Users\Minh\AppData\Roaming\PC Suite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-07-19 142592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-04-16 2661368]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-07-01 1805872]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-29 213680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2011-06-21 58288]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-07-19 496128]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-07-26 348672]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-07-27 502272]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-07-25 256000]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-07-18 1150976]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-17 1343400]

-----------------EOF-----------------

[vyosek]

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  msconfig

• Kliknete na OK
• Prepnete se na zalozku Spuštění počítače
• Podivejte se, ci nemate zaskrtnute Bezpecne spousteni - pokud ano, tak odskrtnete
• Nasledny restart by jiz mel vest do normalniho rezimu

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost 2 a potvrte enterem
• Utilita provede svou cinnost a da log - ten sem vlozte
• Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

[marlow]

log 2 RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Minh [Admin rights]
Mode: Remove -- Date : 07/27/2011 17:36:35

Bad processes: 0

Registry Entries: 0

HOSTS File:
127.0.0.1 localhost


Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

[marlow]

log 3

RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Minh [Admin rights]
Mode: HOSTSFix -- Date : 07/27/2011 17:37:13

Bad processes: 0

HOSTS File:
127.0.0.1 localhost


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

[marlow]

log 4

RogueKiller V5.2.8 [07/23/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: Minh [Admin rights]
Mode: ProxyFix -- Date : 07/27/2011 17:37:46

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt


snad jsem to udělal správně..

[vyosek]

Vyborne, jdeme dale

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
[list[*]Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
[*]Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
[*]Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
[*]Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
[*]Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
[*]Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix[/list]

[BaruskaB2]

Ahoj, prosím o kontrolu logu z ComboFixu, mám podobný problém jak byl vypsán už vejš.
Omlouvám se za svou neznalost, ale jsem holka znáte to. MOC DĚKUJU ZA POMOC

[vyosek]

Zdravim BaruskaB2

Prectete si prosim tohle http://viry.cz/forum/viewtopic.php?f=13&t=113441 = zalozte si sve tema

[marlow]

tady je ten log z toho programu, co na který jste mne odkázal:

ComboFix 11-07-27.02 - Minh 27.07.2011 21:31:05.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1976.1250 [GMT 2:00]
Spuštěný z: c:\users\Minh\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Config
c:\programdata\Config\qutim\qutim.prednastaveny_profil\fmtune.ini
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\services32.exe
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.3
c:\windows\update.3\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\update.tray-2-0\svchost.exe
c:\windows\update.tray-7-0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
Nakažená kopie c:\windows\System32\autochk.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy7_!Windows!System32!autochk.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srvbtcclient
-------\Service_srviecheck
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 19:28 . 2011-07-27 19:28 -------- d-----w- C:\32788R22FWJFW
2011-07-27 12:56 . 2011-07-27 15:33 -------- d-----w- C:\rsit
2011-07-27 12:56 . 2011-07-27 12:56 -------- d-----w- c:\program files\trend micro
2011-07-26 20:37 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{175BFDDF-5AC3-41F3-B733-D5DB0C526AE0}\mpengine.dll
2011-07-19 10:22 . 2011-07-19 10:26 -------- d-----w- c:\users\Minh\AppData\Roaming\Spyware Terminator
2011-07-19 10:22 . 2011-07-19 10:22 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-07-19 10:22 . 2011-07-27 12:50 -------- d-----w- c:\programdata\Spyware Terminator
2011-07-19 10:22 . 2011-07-19 18:13 -------- d-----w- c:\program files\Spyware Terminator
2011-07-19 07:53 . 2011-07-19 07:53 -------- d-----w- c:\users\Minh\AppData\Roaming\Fighters
2011-07-19 07:15 . 2011-07-27 19:36 -------- d--h--w- c:\windows\update.tray-2-0
2011-07-19 07:15 . 2011-07-23 16:17 -------- d--h--w- c:\windows\update.tray-2-0-lnk
2011-07-18 19:39 . 2011-07-19 07:35 -------- d-----w- c:\programdata\clp
2011-07-18 19:37 . 2011-07-18 19:37 -------- d-----w- c:\users\Minh\AppData\Local\PackageAware
2011-07-18 19:16 . 2011-07-19 07:35 -------- d-----w- c:\windows\rpcminer
2011-07-18 19:16 . 2011-07-19 07:35 -------- d-----w- c:\windows\ufa
2011-07-18 19:16 . 2011-07-19 07:35 -------- d-----w- c:\windows\phoenix
2011-07-18 19:15 . 2011-07-19 06:51 246272 ----a-w- c:\windows\unrar.exe
2011-07-18 19:13 . 2011-07-23 16:17 -------- d-----w- c:\windows\av_ico
2011-07-18 19:12 . 2011-07-27 19:36 -------- d--h--w- c:\windows\update.tray-7-0
2011-07-18 19:12 . 2011-07-23 16:17 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-07-07 11:33 . 2011-07-07 11:33 -------- d-----w- C:\PFiles
2011-07-05 20:21 . 2011-07-05 20:21 -------- d-----w- c:\program files\Common Files\Java
2011-07-04 17:09 . 2011-07-04 17:09 -------- d-----w- c:\windows\system32\SPReview
2011-07-04 17:05 . 2011-07-04 17:05 -------- d-----w- c:\windows\system32\EventProviders
2011-07-04 15:41 . 2010-11-20 12:29 520064 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-07-04 15:40 . 2010-11-20 12:21 1003008 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-07-04 15:39 . 2010-11-20 12:21 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-07-04 15:39 . 2010-11-20 12:21 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-07-04 15:39 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-07-04 15:39 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-07-04 15:39 . 2010-11-20 12:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-07-04 15:39 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-07-04 15:39 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-07-04 15:38 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-07-04 15:38 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2011-07-01 13:33 . 2011-07-01 13:33 -------- d-----w- c:\users\Minh\AppData\Roaming\gtk-2.0
2011-06-29 14:41 . 2011-06-29 14:41 -------- d-----w- c:\users\Minh\AppData\Local\DDMSettings
2011-06-29 13:42 . 2011-06-29 13:45 -------- d-----w- c:\programdata\DivX
2011-06-29 13:41 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 13:41 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 13:41 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 13:41 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 13:41 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 13:41 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 13:41 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 13:41 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 13:41 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 13:41 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 13:41 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-27 19:41 . 2011-04-16 12:06 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-07-27 19:41 . 2011-04-28 18:25 58288 ----a-w- c:\windows\system32\rpcnet.dll
2011-07-27 18:50 . 2011-04-16 12:07 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-07-04 17:23 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-07-04 11:43 . 2011-04-16 17:01 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-04-16 17:01 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-04-16 17:02 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2011-04-16 17:02 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-04-16 17:02 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2011-04-16 17:02 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-04-16 17:02 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2011-04-16 17:02 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-21 21:40 . 2011-04-28 18:25 58288 ------w- c:\windows\system32\rpcnet.exe
2011-06-19 13:19 . 2011-06-19 13:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-28 02:53 . 2011-06-16 18:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2011-04-16 17:07 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-13 16:57 . 2011-05-13 16:57 14392 ----a-w- c:\windows\system32\HPMDPCoInst12.dll
2011-05-13 16:57 . 2011-05-13 16:57 25656 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2011-05-13 16:57 . 2011-05-13 16:57 26168 ----a-w- c:\windows\system32\hpservice.exe
2011-05-13 16:57 . 2011-05-13 16:57 16952 ----a-w- c:\windows\system32\accelerometerdll.DLL
2011-05-13 16:57 . 2011-05-13 16:57 35896 ----a-w- c:\windows\system32\drivers\Accelerometer.sys
2011-05-04 02:52 . 2011-04-26 07:34 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-16 16:36 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-16 16:38 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-16 16:38 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-16 16:38 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ce18769b-c7fa-42d2-860d-17c4662c70ad}"= "c:\program files\Babylon-English\tbBaby.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\Babylon-English\tbBaby.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ce18769b-c7fa-42d2-860d-17c4662c70ad}"= "c:\program files\Babylon-English\tbBaby.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CE18769B-C7FA-42D2-860D-17C4662C70AD}"= "c:\program files\Babylon-English\tbBaby.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-07-19 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-02 151064]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1029 /KBD:4 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-17 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-07-19 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-20 313856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000Core.job
- c:\users\Minh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 16:56]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000UA.job
- c:\users\Minh\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-16 16:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.babylon.com/home?AF=15000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShell.dll
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico0 - c:\windows\update.tray-7-0\svchost.exe
HKLM-Run-tray_ico1 - c:\windows\update.tray-2-0\svchost.exe
HKLM-Run-tray_ico2 - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
HKLM-Run-avast - c:\program files\AVAST Software\Avast\avastUI.exe
HKLM-Run-w_distrib.exe - c:\windows\update.3\svchost.exe
HKLM-Run-wxpdrv - c:\windows\services32.exe
AddRemove-avast - c:\program files\AVAST Software\Avast\aswRunDll.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5184)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\System32\SyncCenter.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\windows\system32\rpcnet.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 21:45:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 19:45
.
Před spuštěním: Volných bajtů: 249 429 532 672
Po spuštění: Volných bajtů: 250 514 628 608
.
- - End Of File - - DB62B4EEF1A4A7FFA14DB770CC322EC3

[vyosek]

Prejmenujte ComboFix na pitomec.com at si uvedomite ze na blbiny se neklika

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\windows\rpcminer
  c:\windows\phoenix
  c:\windows\av_ico
  c:\windows\ufa
  c:\windows\update.tray-2-0
  c:\windows\update.tray-2-0-lnk
  c:\windows\update.tray-7-0
  c:\windows\update.tray-7-0-lnk
  
  File::
  c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000Core.job
  c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000UA.job
  
  Collect::
  c:\windows\unrar.exe
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SpywareTerminatorUpdate"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  "DivXUpdate"=-
  "SunJavaUpdateSched"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "FirewallOverride"=dword:00000000
  "DisableThumbnailCache"=dword:00000000
  
  DDS::
  uStart Page = hxxp://search.babylon.com/home?AF=15000
  
  RegLock::
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  
  Reboot::
  

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[marlow]

ComboFix 11-07-27.02 - Minh 28.07.2011 9:55.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1976.1454 [GMT 2:00]
Spuštěný z: c:\users\Minh\Desktop\pitomec.com.exe
Použité ovládací přepínače :: c:\users\Minh\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000UA.job"
.
file zipped: c:\windows\unrar.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_NOD_AV_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2422173533-2054130759-3779852269-1000UA.job
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-2-0-lnk
c:\windows\update.tray-2-0-lnk\svchost.exe
c:\windows\update.tray-2-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
.
.
2011-07-28 08:02 . 2011-07-28 08:02 -------- d-----w- c:\users\Minh\AppData\Local\temp
2011-07-28 08:02 . 2011-07-28 08:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-27 12:56 . 2011-07-27 15:33 -------- d-----w- C:\rsit
2011-07-27 12:56 . 2011-07-27 12:56 -------- d-----w- c:\program files\trend micro
2011-07-26 20:37 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{175BFDDF-5AC3-41F3-B733-D5DB0C526AE0}\mpengine.dll
2011-07-19 10:22 . 2011-07-19 10:26 -------- d-----w- c:\users\Minh\AppData\Roaming\Spyware Terminator
2011-07-19 10:22 . 2011-07-19 10:22 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-07-19 10:22 . 2011-07-27 12:50 -------- d-----w- c:\programdata\Spyware Terminator
2011-07-19 10:22 . 2011-07-19 18:13 -------- d-----w- c:\program files\Spyware Terminator
2011-07-19 07:53 . 2011-07-19 07:53 -------- d-----w- c:\users\Minh\AppData\Roaming\Fighters
2011-07-18 19:39 . 2011-07-19 07:35 -------- d-----w- c:\programdata\clp
2011-07-18 19:37 . 2011-07-18 19:37 -------- d-----w- c:\users\Minh\AppData\Local\PackageAware
2011-07-07 11:33 . 2011-07-07 11:33 -------- d-----w- C:\PFiles
2011-07-05 20:21 . 2011-07-05 20:21 -------- d-----w- c:\program files\Common Files\Java
2011-07-04 17:09 . 2011-07-04 17:09 -------- d-----w- c:\windows\system32\SPReview
2011-07-04 17:05 . 2011-07-04 17:05 -------- d-----w- c:\windows\system32\EventProviders
2011-07-04 15:41 . 2010-11-20 12:29 520064 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-07-04 15:40 . 2010-11-20 12:21 1003008 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-07-04 15:39 . 2010-11-20 12:21 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-07-04 15:39 . 2010-11-20 12:21 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-07-04 15:39 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-07-04 15:39 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-07-04 15:39 . 2010-11-20 12:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-07-04 15:39 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-07-04 15:39 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-07-04 15:38 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-07-04 15:38 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2011-07-01 13:33 . 2011-07-01 13:33 -------- d-----w- c:\users\Minh\AppData\Roaming\gtk-2.0
2011-06-29 14:41 . 2011-06-29 14:41 -------- d-----w- c:\users\Minh\AppData\Local\DDMSettings
2011-06-29 13:42 . 2011-06-29 13:45 -------- d-----w- c:\programdata\DivX
2011-06-29 13:41 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 13:41 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 13:41 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 13:41 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 13:41 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 13:41 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 13:41 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 13:41 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 13:41 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 13:41 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 13:41 . 2010-11-20 12:18 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-28 08:03 . 2011-04-16 12:06 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-07-28 08:03 . 2011-04-28 18:25 58288 ----a-w- c:\windows\system32\rpcnet.dll
2011-07-27 18:50 . 2011-04-16 12:07 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-07-04 17:23 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-07-04 11:43 . 2011-04-16 17:01 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-04-16 17:01 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-04-16 17:02 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2011-04-16 17:02 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-04-16 17:02 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2011-04-16 17:02 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-04-16 17:02 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2011-04-16 17:02 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-21 21:40 . 2011-04-28 18:25 58288 ------w- c:\windows\system32\rpcnet.exe
2011-06-19 13:19 . 2011-06-19 13:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-28 02:53 . 2011-06-16 18:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2011-04-16 17:07 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-13 16:57 . 2011-05-13 16:57 14392 ----a-w- c:\windows\system32\HPMDPCoInst12.dll
2011-05-13 16:57 . 2011-05-13 16:57 25656 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2011-05-13 16:57 . 2011-05-13 16:57 26168 ----a-w- c:\windows\system32\hpservice.exe
2011-05-13 16:57 . 2011-05-13 16:57 16952 ----a-w- c:\windows\system32\accelerometerdll.DLL
2011-05-13 16:57 . 2011-05-13 16:57 35896 ----a-w- c:\windows\system32\drivers\Accelerometer.sys
2011-05-04 02:52 . 2011-04-26 07:34 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-16 16:36 741376 ----a-w- c:\windows\system32\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ce18769b-c7fa-42d2-860d-17c4662c70ad}"= "c:\program files\Babylon-English\tbBaby.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\Babylon-English\tbBaby.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ce18769b-c7fa-42d2-860d-17c4662c70ad}"= "c:\program files\Babylon-English\tbBaby.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CE18769B-C7FA-42D2-860D-17C4662C70AD}"= "c:\program files\Babylon-English\tbBaby.dll" [2010-06-13 2734688]
.
[HKEY_CLASSES_ROOT\clsid\{ce18769b-c7fa-42d2-860d-17c4662c70ad}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-02 151064]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1029 /KBD:4 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
R3 CFcatchme;CFcatchme;c:\users\Minh\AppData\Local\Temp\CFcatchme.sys [x]
R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-17 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-07-19 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-20 313856]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2320)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\windows\system32\rpcnet.exe
c:\windows\system32\taskhost.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-28 10:06:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-28 08:06
ComboFix2.txt 2011-07-27 19:45
.
Před spuštěním: Volných bajtů: 250 263 412 736
Po spuštění: Volných bajtů: 250 161 414 144
.
- - End Of File - - CC54C73A6C30837B41F0A8BD1C7A0AA3
Nahr nˇ probŘhlo ŁspŘçnŘ

[vyosek]

Vidim, ze jste prejmenoval - neberte to nikterak osobne

Jak se chova PC

[marlow]

Vše běží v pořádku jen avast mi nechrání počítač.. nejde..