Nejdou spustit některé .exe soubory..

[majkl655]

SystemLook 30.07.11 by jpshortstuff
Log created at 16:08 on 31/08/2011 by Administrator
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"LocalSystemNetworkRestricted"="hidserv Netman AudioEndpointBuilder dot3svc WPDBusEnum wlansvc"
"termsvcs"="TermService"
"LocalService"="NSI SSDPSRV upnphost SCardSvr RemoteRegistry WinHttpAutoProxySvc TBS SLUINotify netprofm QWAVE WebClient"
"netsvcs"="AeLookupSvc Themes CertPropSvc SCPolicySvc lanmanserver gpsvc AudioSrv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp TermService wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr iphlpsvc msiscsi SessionEnv schedule winmgmt AppMgmt"
"rpcss"="RpcSs"
"LocalServiceNetworkRestricted"="AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc PnrpAutoReg WPCSvc"
"wcssvc"="WcsPlugInService"
"DcomLaunch"="PlugPlay DcomLaunch"
"NetworkService"="DHCP TermService DNSCache NapAgent nlasvc WinRM WECSVC Tapisrv"
"imgsvc"="StiSvc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]


-= EOF =-

[vyosek]

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :Commands
  [CreateRestorePoint]
  [EmptyTemp]
  
  :reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
  "netsvcs"=hex(2):41,65,4C,6F,6F,6B,75,70,53,76,63,00
  43,65,72,74,50,72,6F,70,53,76,63,00
  53,43,50,6F,6C,69,63,79,53,76,63,00
  6C,61,6E,6D,61,6E,73,65,72,76,65,72,00
  67,70,73,76,63,00
  49,4B,45,45,58,54,00
  41,75,64,69,6F,53,72,76,00
  46,61,73,74,55,73,65,72,53,77,69,74,63,68,\
    69,6E,67,43,6F,6D,70,61,74,69,62,69,6C,69,74,79,00
  49,61,73,00
  49,72,6D,6F,6E,00
  4E,6C,61,00
  4E,74,6D,73,73,76,63,00
  4E,57,43,57,6F,72,6B,73,74,61,74,69,6F,6E,\
    00
  4E,77,73,61,70,61,67,65,6E,74,00
  52,61,73,61,75,74,6F,00
  52,61,73,6D,61,6E,00
  52,65,6D,6F,74,65,61,63,63,65,73,73,00
  53,45,4E,53,00
  53,68,61,72,65,64,61,63,63,65,73,73,00
  53,52,53,65,72,76,69,63,65,00
  54,61,70,69,73,72,76,00
  57,6D,69,00
  57,6D,64,6D,50,6D,53,70,00
  54,65,72,6D,53,65,72,76,69,63,65,00
  77,75,61,75,73,65,72,76,00
  42,49,54,53,00
  53,68,65,6C,6C,48,57,44,65,74,65,63,74,69,\
    6F,6E,00
  4C,6F,67,6F,6E,48,6F,75,72,73,00
  50,43,41,75,64,69,74,00
  68,65,6C,70,73,76,63,00
  75,70,6C,6F,61,64,6D,67,72,00
  69,70,68,6C,70,73,76,63,00
  73,65,63,6C,6F,67,6F,6E,00
  41,70,70,49,6E,66,6F,00
  6D,73,69,73,63,73,69,00
  4D,4D,43,53,53,00
  77,65,72,63,70,6C,73,75,70,70,6F,72,74,00
  45,61,70,48,6F,73,74,00
  50,72,6F,66,53,76,63,00
  73,63,68,65,64,75,6C,65,00
  68,6B,6D,73,76,63,00
  53,65,73,73,69,6F,6E,45,6E,76,00
  77,69,6E,6D,67,6D,74,00
  62,72,6F,77,73,65,72,00
  54,68,65,6D,65,73,00
  42,44,45,53,56,43,00
  41,70,70,4D,67,6D,74,00

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

[majkl655]

All processes killed
========== COMMANDS ==========
Restore point Set: OTM Restore Point

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 774127 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DZ
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: uzivatel
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32768 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 18198840383 bytes

Total Files Cleaned = 17 357,00 mb

========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\"netsvcs"|hex(2):41,65,4C,6F,6F,6B,75,70,53,76,63,0043,65,72,74,50,72,6F,70,53,76,63,0053,43,50,6F,6C,69,63,79,53,76,63,006C,61,6E,6D,61,6E,73,65,72,76,65,72,0067,70,73,76,63,0049,4B,45,45,58,54,0041,75,64,69,6F,53,72,76,0046,61,73,74,55,73,65,72,53,77,69,74,63,68,69,6E,67,43,6F,6D,70,61,74,69,62,69,6C,69,74,79,0049,61,73,0049,72,6D,6F,6E,004E,6C,61,004E,74,6D,73,73,76,63,004E,57,43,57,6F,72,6B,73,74,61,74,69,6F,6E,004E,77,73,61,70,61,67,65,6E,74,0052,61,73,61,75,74,6F,0052,61,73,6D,61,6E,0052,65,6D,6F,74,65,61,63,63,65,73,73,0053,45,4E,53,0053,68,61,72,65,64,61,63,63,65,73,73,0053,52,53,65,72,76,69,63,65,0054,61,70,69,73,72,76,0057,6D,69,0057,6D,64,6D,50,6D,53,70,0054,65,72,6D,53,65,72,76,69,63,65,0077,75,61,75,73,65,72,76,0042,49,54,53,0053,68,65,6C,6C,48,57,44,65,74,65,63,74,69,6F,6E,004C,6F,67,6F,6E,48,6F,75,72,73,0050,43,41,75,64,69,74,0068,65,6C,70,73,76,63,0075,70,6C,6F,61,64,6D,67,72,0069,70,68,6C,70,73,76,63,0073,65,63,6C,6F,67,6F,6E,0041,70,70,49,6E,66,6F,006D,73,69,73,63,73,69,004D,4D,43,53,53,0077,65,72,63,70,6C,73,75,70,70,6F,72,74,0045,61,70,48,6F,73,74,0050,72,6F,66,53,76,63,0073,63,68,65,64,75,6C,65,0068,6B,6D,73,76,63,0053,65,73,73,69,6F,6E,45,6E,76,0077,69,6E,6D,67,6D,74,0062,72,6F,77,73,65,72,0054,68,65,6D,65,73,0042,44,45,53,56,43,0041,70,70,4D,67,6D,74,00 /E : value set successfully!

OTM by OldTimer - Version 3.1.18.0 log created on 08312011_175541

Files moved on Reboot...
File C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

[vyosek]

Jak se chova PC

[majkl655]

No takhle..Je to ještě horší teď už všechny soubory nejdou spustit ..Musim je spustit přes správce pak teprve jdou..Takže velmi děkuji..

[vyosek]

Poprosim o novy log z RSIT

[majkl655]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-08-31 20:07:21
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 6 GB (9%) free of 71 GB
Total RAM: 8190 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:40:31, on 30.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\PROGRA~1\ASUS\AISUIT~1\AiGear3\CPUPOW~1.EXE
C:\PROGRA~2\DivX\DIVXUP~1\DIVXUP~1.EXE
C:\PROGRA~1\AVASTS~1\Avast\AvastUI.exe
C:\PROGRA~2\Intel\INTELM~1\IAAnotif.exe
C:\Program Files (x86)\ASUS\AASP\1.00.40\aaCenter.exe
C:\PROGRA~2\BITTOR~1\BITTOR~1.EXE
C:\PROGRA~2\DAEMON~1\DTLite.exe
C:\PROGRA~2\Hamachi\hamachi.exe
C:\PROGRA~2\ICQ7.5\ICQ.exe
C:\PROGRA~2\MOZILL~1\firefox.exe
C:\PROGRA~2\MOZILL~1\plugin-container.exe
C:\Users\ADMINI~1\AppData\Local\Temp\winpbebwb.exe
C:\Users\ADMINI~1\AppData\Local\Temp\winkjvvfb.exe
C:\PROGRA~1\TRENDM~1\ADMINI~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/pivotstickfig ... A6D93936BD}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Pivot Stickfigure Toolbar\tbhelper.dll
R3 - URLSearchHook: (no name) - {9a29aeac-5ebd-407c-b5e2-144157d51936} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9a29aeac-5ebd-407c-b5e2-144157d51936} - (no file)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Pivot Stickfigure Toolbar\tbcore3.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: Pivot Stickfigure Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Pivot Stickfigure Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {9a29aeac-5ebd-407c-b5e2-144157d51936} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [4StoryPrePatch] "D:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
O4 - HKCU\..\Run: [System Smart Security] "C:\ProgramData\b7c20c\SSb7c_2140.exe" /s /d
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent] "C:\PROGRA~2\BITTOR~1\BITTOR~1.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\PROGRA~2\DAEMON~1\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe
O4 - Global Startup: AutoClicker.lnk = C:\AutoClickExtreme\AutoClicker.exe
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files (x86)\DynDNS Updater\DynTray.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17C5919F-1FA8-487F-90AF-5F9E31C2B18C}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF7DD46C-4A79-4268-A3DE-EF61F58CF371}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CS1\Services\Tcpip\..\{17C5919F-1FA8-487F-90AF-5F9E31C2B18C}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CS7\Services\Tcpip\..\{17C5919F-1FA8-487F-90AF-5F9E31C2B18C}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CS8\Services\Tcpip\..\{17C5919F-1FA8-487F-90AF-5F9E31C2B18C}: NameServer = 216.146.35.35,216.146.36.36
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Skype Recorder\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - D:\wamp\bin\apache\apache2.2.11\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - D:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11192 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {5AE5B89B-F654-4A22-8467-C92DB40D821E}
taskeng.exe {7A45413D-A1F4-4CEC-9EB1-F0DD349949FC}
C:\Users\ADMINI~1\AppData\Local\Temp\3582-490\aaCenter.exe
C:\PROGRA~1\WICC9F~1\sidebar.exe /autoRun
C:\PROGRA~2\DAEMON~1\DTLite.exe -autorun
C:\PROGRA~1\AVASTS~1\Avast\AvastUI.exe /nogui
C:\PROGRA~1\ASUS\AISUIT~1\AiGear3\CPUPOW~1.EXE
C:\PROGRA~2\LOGMEI~1\HAMACH~2.EXE --auto-start
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\PROGRA~2\Intel\INTELM~1\IAAnotif.exe
C:\Windows\system32\AEADISRV.EXE
"C:\xampp\apache\bin\httpd.exe" -k runservice
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe"
C:\xampp\apache\bin\httpd.exe -d C:/xampp/apache
C:\PROGRA~1\WICC9F~1\sidebar.exe /autoRun
"C:\Windows\Explorer.exe" /separate,/idlist,:49182:2096,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
c:\xampp\mysql\bin\mysqld.exe --defaults-file=c:\xampp\mysql\bin\my.ini mysql
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-18233850-0932-466c-8242-daabafefe1fc -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-54eee700-c80e-4443-9d25-f86340d58f67 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-7e7ad8be-88dd-4422-82ab-d0d6a3d1c324 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a6bf86ea-006c-413e-b5ea-183ea575c21b
"C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5932.aeb8a80.72894955 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 5932 "\\.\pipe\gecko-crash-server-pipe.5932" plugin
C:\Windows\TEMP\3582-490\MBAMSE~1.EXE
C:\Users\ADMINI~1\AppData\Local\Temp\winpcghyk.exe
C:\PROGRA~1\Sun\VIRTUA~1\VIRTUA~1.EXE
C:\PROGRA~1\Sun\VIRTUA~1\VBoxSVC.exe -Embedding
C:\Windows\TEMP\whtm.exe
C:\Users\ADMINI~1\AppData\Local\Temp\wincxpx.exe
C:\Windows\TEMP\winhfwtjo.exe
C:\xampp\XAMPP-~1.EXE
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe25_ Global\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 668 672 680 65536 676
C:\Users\ADMINI~1\AppData\Local\Temp\3582-490\RSITX6~1.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\ADMINI~1.EXE /silentautolog

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1052879530-2571350418-974908233-500Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1052879530-2571350418-974908233-500UA.job
C:\Windows\tasks\User_Feed_Synchronization-{B97A25D9-03BE-46A8-B934-C7C86E756055}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-05-10 977472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-16 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a29aeac-5ebd-407c-b5e2-144157d51936}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files (x86)\Pivot Stickfigure Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-05-10 977472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{9a29aeac-5ebd-407c-b5e2-144157d51936}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-05-10 819840]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-26 1875048]
"IAAnotif"=C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2011-08-30 248600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"DAEMON Tools Lite"=C:\PROGRA~2\DAEMON~1\DTLite.exe [2011-08-31 4980544]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-09-06 707584]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2011-08-30 1220096]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 785968]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 2024840]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoClicker.lnk - D:\C\AutoClickExtreme\AutoClicker.exe
DynDNS Updater Tray Icon.lnk - C:\Program Files (x86)\DynDNS Updater\DynTray.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
"DisableCMD"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=2
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe:*:Enabled:ipsec"
"C:\Program Files (x86)\BitTorrent\BitTorrent.exe"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\knobcj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\knobcj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\qdjcm.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\qdjcm.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winybsgqg.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winybsgqg.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winhdimu.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winhdimu.exe:*:Enabled:ipsec"
"C:\PROGRA~1\ASUS\AISUIT~1\AiGear3\CPUPOW~1.EXE"="C:\PROGRA~1\ASUS\AISUIT~1\AiGear3\CPUPOW~1.EXE:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winfvlw.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winfvlw.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\ykhids.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\ykhids.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winifbj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winifbj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wineiiljp.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wineiiljp.exe:*:Enabled:ipsec"
"C:\Program Files (x86)\ASUS\AASP\1.00.40\aaCenter.exe"="C:\Program Files (x86)\ASUS\AASP\1.00.40\aaCenter.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\isueh.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\isueh.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\dtyqv.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\dtyqv.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winrqeqe.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winrqeqe.exe:*:Enabled:ipsec"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"="C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winhytyo.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winhytyo.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\drnn.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\drnn.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winmnxl.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winmnxl.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\vlqg.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\vlqg.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\txut.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\txut.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wqcu.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wqcu.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winklqn.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winklqn.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\cwnff.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\cwnff.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\xvewj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\xvewj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\yyyan.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\yyyan.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winpocjv.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winpocjv.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wincjit.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wincjit.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winfweo.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winfweo.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wincwqtdw.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wincwqtdw.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\pwfax.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\pwfax.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winrgnq.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winrgnq.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winleir.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winleir.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\windaaiky.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\windaaiky.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\kglx.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\kglx.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\iyaga.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\iyaga.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winjdmr.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winjdmr.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winjkppkv.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winjkppkv.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\ppid.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\ppid.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winoprcxx.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winoprcxx.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winwhkfo.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winwhkfo.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winbovc.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winbovc.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winoudr.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winoudr.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winrvcnbs.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winrvcnbs.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winbqkd.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winbqkd.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\dvujb.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\dvujb.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winutqck.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winutqck.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\orcawj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\orcawj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winvvjgjo.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winvvjgjo.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winbpuf.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winbpuf.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winvnkw.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winvnkw.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winmmiolj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winmmiolj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\pfki.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\pfki.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wintatxk.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wintatxk.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winitdw.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winitdw.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\qvkmd.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\qvkmd.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\qdrj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\qdrj.exe:*:Enabled:ipsec"
"c:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winmann.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winmann.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winevtu.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winevtu.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winluqacc.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winluqacc.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wincekk.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wincekk.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\tlxid.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\tlxid.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winykdgvq.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winykdgvq.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\irbjpr.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\irbjpr.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\giodkc.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\giodkc.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\ldlbbp.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\ldlbbp.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wodiyb.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wodiyb.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\kylabp.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\kylabp.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\lrpfwe.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\lrpfwe.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\ourx.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\ourx.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winobwxk.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winobwxk.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\cgle.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\cgle.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winonws.exe"="C:\Windows\TEMP\winonws.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winiobt.exe"="C:\Windows\TEMP\winiobt.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\cpwp.exe"="C:\Windows\TEMP\cpwp.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winkjpbu.exe"="C:\Windows\TEMP\winkjpbu.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winhkcrb.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winhkcrb.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winifsj.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winifsj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winxbarjb.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winxbarjb.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winvokib.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winvokib.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\tqqt.exe"="C:\Windows\TEMP\tqqt.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winxjfrrl.exe"="C:\Windows\TEMP\winxjfrrl.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winqwrj.exe"="C:\Windows\TEMP\winqwrj.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wvtpt.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wvtpt.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\doapo.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\doapo.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winyknv.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winyknv.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winsumptj.exe"="C:\Windows\TEMP\winsumptj.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\wintrxofp.exe"="C:\Windows\TEMP\wintrxofp.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\fbxjt.exe"="C:\Windows\TEMP\fbxjt.exe:*:Enabled:ipsec"
"D:\OTM.exe"="D:\OTM.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winpcghyk.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winpcghyk.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winlnays.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winlnays.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\winopxwad.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\winopxwad.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\whtm.exe"="C:\Windows\TEMP\whtm.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\windlhdt.exe"="C:\Windows\TEMP\windlhdt.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winmqtfgh.exe"="C:\Windows\TEMP\winmqtfgh.exe:*:Enabled:ipsec"
"C:\Users\ADMINI~1\AppData\Local\Temp\wincxpx.exe"="C:\Users\ADMINI~1\AppData\Local\Temp\wincxpx.exe:*:Enabled:ipsec"
"C:\Windows\TEMP\winhfwtjo.exe"="C:\Windows\TEMP\winhfwtjo.exe:*:Enabled:ipsec"
"C:\PROGRA~2\WinSCP\WinSCP.exe"="C:\PROGRA~2\WinSCP\WinSCP.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi1"=wdmaud.drv

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*
.txt - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2011-08-31 20:07:21 ----D---- C:\rsit
2011-08-31 19:31:43 ----D---- C:\games
2011-08-31 17:53:33 ----D---- C:\_OTM
2011-08-31 16:12:49 ----A---- C:\Windows\isRS-000.tmp
2011-08-31 08:00:07 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-08-31 01:00:23 ----A---- C:\Windows\SYSWOW64\debug.txt
2011-08-30 21:36:10 ----A---- C:\Windows\SYSWOW64\exehelperlog.txt
2011-08-30 21:21:51 ----A---- C:\Windows\svchost.com
2011-08-30 19:25:51 ----D---- C:\Users\Administrator\AppData\Roaming\Malwarebytes
2011-08-30 19:25:46 ----D---- C:\ProgramData\Malwarebytes
2011-08-30 19:25:46 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-08-30 19:25:43 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-08-30 19:25:43 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-30 18:54:18 ----SHD---- C:\$RECYCLE.BIN
2011-08-30 16:58:31 ----A---- C:\Windows\directx.sys
2011-08-30 16:55:22 ----D---- C:\Windows\temp
2011-08-30 15:17:59 ----D---- C:\Qoobox
2011-08-30 14:40:25 ----D---- C:\Program Files\trend micro
2011-08-30 10:04:38 ----D---- C:\Windows\Microsoft_app
2011-08-29 00:36:56 ----D---- C:\FR
2011-08-28 12:06:09 ----D---- C:\Nová složka (2)
2011-08-28 11:48:12 ----D---- C:\Nová složka
2011-08-28 11:43:38 ----D---- C:\tutorial
2011-08-28 11:39:07 ----A---- C:\m2.exe
2011-08-28 11:39:07 ----A---- C:\Extraction Helper .exe
2011-08-28 11:39:07 ----A---- C:\Archiver Helper.exe
2011-08-28 11:39:06 ----RD---- C:\system
2011-08-28 11:29:03 ----D---- C:\extract
2011-08-28 11:27:30 ----D---- C:\Source
2011-08-28 11:25:28 ----A---- C:\Easy File Extract0r by Eddy² 4 epvp.exe
2011-08-27 12:33:00 ----D---- C:\ProgramData\DynDNS
2011-08-24 12:13:49 ----D---- C:\Users\Administrator\AppData\Roaming\SynthMaker
2011-08-24 11:50:25 ----D---- C:\Users\Administrator\AppData\Roaming\.minecraft
2011-08-24 11:23:28 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-08-24 11:23:28 ----A---- C:\Windows\system32\tzres.dll
2011-08-24 01:31:02 ----D---- C:\Program Files\Yamaha
2011-08-24 01:26:14 ----D---- C:\Program Files (x86)\YAMAHA
2011-08-21 16:13:32 ----D---- C:\Eddy2
2011-08-20 13:39:26 ----A---- C:\Game-Tool.exe
2011-08-20 11:45:01 ----A---- C:\MT2ExpMod_1.1.0.0(1).exe
2011-08-19 22:08:15 ----D---- C:\Program Files (x86)\ConTEXT
2011-08-19 14:49:00 ----A---- C:\MT2ExpMod_1.2.0.0(1).exe
2011-08-19 13:33:05 ----A---- C:\EXP Edit.exe
2011-08-19 13:32:35 ----D---- C:\Users\Administrator\AppData\Roaming\expedit
2011-08-19 13:32:27 ----RD---- C:\EXP Edit
2011-08-19 13:32:27 ----D---- C:\Free_UPX
2011-08-18 22:57:26 ----D---- C:\Users\Administrator\AppData\Roaming\EditPlus 3
2011-08-18 22:57:26 ----D---- C:\Program Files (x86)\EditPlus 3
2011-08-18 22:31:54 ----A---- C:\MT2ExpMod_1.2.0.0.exe
2011-08-18 22:12:06 ----A---- C:\EXP_Edit_v1.5_by_Eddy².exe
2011-08-18 00:08:44 ----D---- C:\Program Files (x86)\DynDNS Updater
2011-08-16 21:28:15 ----D---- C:\Program Files (x86)\Conduit
2011-08-16 21:28:14 ----D---- C:\Program Files (x86)\BS_Player
2011-08-16 21:28:10 ----D---- C:\Users\Administrator\AppData\Roaming\BSplayer Pro
2011-08-16 21:28:10 ----D---- C:\Users\Administrator\AppData\Roaming\BSplayer
2011-08-16 21:28:10 ----D---- C:\Program Files (x86)\Webteh
2011-08-16 17:54:10 ----D---- C:\hl2
2011-08-16 12:17:27 ----D---- C:\Program Files (x86)\GIMP-2.0
2011-08-15 17:45:02 ----D---- C:\Program Files\Peter
2011-08-13 12:05:05 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-08-10 10:37:38 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-10 10:37:38 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 10:37:38 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 10:37:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 10:37:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 10:37:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 10:37:16 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 10:37:16 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 10:37:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-10 10:37:15 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-10 10:37:15 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-10 10:37:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-10 10:37:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-10 10:37:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-10 10:37:15 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 10:37:15 ----A---- C:\Windows\system32\url.dll
2011-08-10 10:37:15 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 10:37:15 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 10:37:15 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 10:37:14 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-08-10 10:37:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-08-10 10:37:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-08-10 10:37:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-10 10:37:14 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2011-08-10 10:37:14 ----A---- C:\Windows\system32\mstime.dll
2011-08-10 10:37:14 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-10 10:37:14 ----A---- C:\Windows\system32\iepeers.dll
2011-08-10 10:37:14 ----A---- C:\Windows\system32\ieapfltr.dll
2011-08-07 14:33:15 ----D---- C:\Program Files (x86)\RTF Viewer
2011-08-05 19:22:19 ----D---- C:\Program Files\Tracker Software
2011-08-05 12:19:06 ----D---- C:\ProgramData\ICQ
2011-08-05 12:18:34 ----D---- C:\Users\Administrator\AppData\Roaming\ICQ
2011-08-05 12:18:30 ----D---- C:\Program Files (x86)\ICQ7.5
2011-08-04 18:46:54 ----D---- C:\Program Files\Valve
2011-08-04 18:42:05 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2011-08-31 19:32:00 ----D---- C:\Windows
2011-08-31 18:05:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-31 18:05:04 ----D---- C:\Windows\System32
2011-08-31 18:05:04 ----D---- C:\Windows\inf
2011-08-31 18:05:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-31 17:58:56 ----D---- C:\ProgramData\NVIDIA
2011-08-31 17:57:44 ----D---- C:\Program Files (x86)\WinSCP
2011-08-31 17:55:48 ----SHD---- C:\System Volume Information
2011-08-31 17:34:14 ----D---- C:\Users\Administrator\AppData\Roaming\Skype
2011-08-31 11:17:49 ----D---- C:\Windows\Prefetch
2011-08-31 09:06:35 ----D---- C:\xampp
2011-08-31 08:00:34 ----SHD---- C:\Windows\Installer
2011-08-31 08:00:10 ----D---- C:\Windows\system32\drivers
2011-08-31 08:00:07 ----RD---- C:\Program Files (x86)
2011-08-31 01:00:23 ----D---- C:\Windows\SysWOW64
2011-08-30 22:29:31 ----RSD---- C:\Windows\Fonts
2011-08-30 20:58:12 ----D---- C:\Users\Administrator\AppData\Roaming\Hamachi
2011-08-30 19:30:34 ----D---- C:\Windows\SYSWOW64\drivers
2011-08-30 19:25:46 ----D---- C:\ProgramData
2011-08-30 19:23:37 ----D---- C:\Windows\Minidump
2011-08-30 16:57:28 ----A---- C:\Windows\system.ini
2011-08-30 16:57:20 ----D---- C:\Windows\system32\drivers\etc
2011-08-30 16:55:45 ----D---- C:\Windows\system32\config
2011-08-30 16:54:51 ----D---- C:\Program Files (x86)\ConduitEngine
2011-08-30 16:52:00 ----D---- C:\Windows\AppPatch
2011-08-30 16:51:58 ----D---- C:\Program Files\Common Files
2011-08-30 16:51:58 ----D---- C:\Program Files (x86)\Common Files
2011-08-30 16:24:33 ----D---- C:\Users\Administrator\AppData\Roaming\BitTorrent
2011-08-30 15:24:14 ----D---- C:\Program Files (x86)\Pivot Stickfigure Toolbar
2011-08-30 15:15:22 ----D---- C:\Windows\system32\WDI
2011-08-30 14:40:25 ----RD---- C:\Program Files
2011-08-30 13:33:55 ----RAS---- C:\BOOTSECT.BAK
2011-08-30 13:33:45 ----D---- C:\Boot
2011-08-30 13:24:16 ----D---- C:\AutoClickExtreme
2011-08-29 15:20:11 ----D---- C:\Users\Administrator\AppData\Roaming\FileZilla
2011-08-28 01:07:31 ----D---- C:\Users\Administrator\AppData\Roaming\uTorrent
2011-08-27 13:27:05 ----D---- C:\Windows\Tasks
2011-08-27 13:27:05 ----D---- C:\Windows\system32\Tasks
2011-08-26 23:36:20 ----D---- C:\Windows\system32\NDF
2011-08-25 11:59:24 ----D---- C:\Windows\rescache
2011-08-25 01:45:43 ----D---- C:\Windows\winsxs
2011-08-25 01:45:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-08-25 01:45:40 ----D---- C:\Windows\system32\cs-CZ
2011-08-24 11:22:32 ----D---- C:\Windows\system32\catroot2
2011-08-24 11:22:32 ----D---- C:\Windows\system32\catroot
2011-08-24 01:26:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-08-16 21:28:15 ----RD---- C:\Users
2011-08-13 12:10:22 ----D---- C:\Program Files (x86)\PhotoFiltre Studio X
2011-08-13 12:05:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-08-13 12:00:32 ----RSD---- C:\Windows\assembly
2011-08-11 13:42:47 ----D---- C:\ProgramData\Electronic Arts
2011-08-10 21:18:50 ----D---- C:\Windows\Microsoft.NET
2011-08-10 20:30:41 ----D---- C:\Program Files\Windows Mail
2011-08-10 20:30:41 ----D---- C:\Program Files (x86)\Windows Mail
2011-08-10 20:10:40 ----A---- C:\Windows\system32\MRT.INI
2011-08-10 20:08:36 ----A---- C:\Windows\system32\mrt.exe
2011-08-05 18:07:05 ----SD---- C:\Windows\Downloaded Program Files
2011-08-05 09:59:58 ----A---- C:\Windows\win.ini
2011-08-04 21:51:06 ----D---- C:\Program Files\Zrychleni Pocitace

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 160744]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-03-21 381720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-08-13 526392]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2006-10-18 13632]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-05-10 31064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-05-10 600920]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-05-10 287576]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-05-10 53592]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2009-12-17 193232]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2009-12-17 53264]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-05-10 22360]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-05-10 64344]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-07-18 432640]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-13 270912]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 25912]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-31 15680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-09-02 12500840]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 35112]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2009-12-17 165200]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-10 21504]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 108544]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys [2007-05-24 335872]
S3 ab5watl9;ab5watl9; C:\Windows\system32\drivers\ab5watl9.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 7936]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 145360]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM); C:\Windows\system32\drivers\ymidusbx64.sys [2011-01-31 49256]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-06-07 89088]
R2 Apache2.2;Apache2.2; C:\xampp\apache\bin\httpd.exe [2010-10-18 90181]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 DynDNS Updater;DynDNS Updater; C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe [2011-04-15 93048]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 mysql;mysql; c:\xampp\mysql\bin\mysqld.exe [2010-12-03 8133120]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 4297728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-09-01 159336]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-09-01 235624]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-17 185640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 490032]
S2 wampapache;wampapache; D:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -k runservice []
S3 FileZilla Server;FileZilla Server FTP server; c:\xampp\FileZillaFTP\FileZillaServer.exe [2011-08-31 784384]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-18 19968]
S3 wampmysqld;wampmysqld; D:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe wampmysqld []
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

-----------------EOF-----------------

[vyosek]

Se nam tam ta havet zas obnovila

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[majkl655]

Tak to už je ale moc...Naštval jsem se přeinstaloval celej Pc..A je to tu zas.

[vyosek]

Dejte mi tedy novy log z RSIT

[majkl655]

Tady to je



Logfile of random's system information tool 1.09 (written by random/random)
Run by DangerAge at 2011-09-05 19:11:55
Microsoft® Windows Vista™ Ultimate
System drive C: has 20 GB (28%) free of 71 GB
Total RAM: 8190 MB (26% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe"
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d3a902eb-92ed-443b-a58e-b1bacb984499 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9edbc920-bcd3-4be3-8da5-c8068ea3986a -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1e09319e-af4e-4bf1-ad16-8fa4e325ccad -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ba5c3d9e-d677-4638-a93b-5c6af2d84964
taskeng.exe {26A43885-BF85-4C90-B58F-B611FBF00BE3}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {E7A719BA-8258-44D0-8989-B77504AA1188}
"C:\Program Files (x86)\ASUS\AASP\1.00.40\aaCenter.exe"
"C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe"
C:\Windows\Explorer.EXE
C:\PROGRA~2\ASUS\AIDIRE~1\AsShare.exe
C:\PROGRA~2\ANALOG~1\SoundMAX\SOUNDT~1.EXE
C:\PROGRA~2\ANALOG~1\Core\smax4pnp.exe
C:\PROGRA~2\ASUS\AISUIT~1\AiNap\AiNap.exe
C:\PROGRA~2\Corel\CORELS~1\CORELP~1.EXE
C:\PROGRA~1\WINDOW~3\MSASCui.exe -hide
C:\PROGRA~1\WICC9F~1\sidebar.exe /autoRun
C:\PROGRA~2\ASUS\AISUIT~1\AiGear3\CPUPOW~1.EXE
C:\PROGRA~2\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE
C:\PROGRA~2\LOGMEI~1\HAMACH~2.EXE --auto-start
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRA~2\Intel\INTELM~1\IAAnotif.exe
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Users\DANGER~1\AppData\Local\Temp\synx.exe
C:\Users\DANGER~1\AppData\Local\Temp\wingvdxiy.exe
"C:\PROGRA~2\MOZILL~1\firefox.exe"
"C:\PROGRA~2\MOZILL~1\plugin-container.exe" --channel=1164.7a794c0.98562314 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" - -greomni "C:\PROGRA~2\MOZILL~1\omni.jar" 1164 "\\.\pipe\gecko-crash-server-pipe.1164" plugin
C:\PROGRA~2\WI4EB4~1\wmplayer.exe /prefetch:6 /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAAAAOABAAAAAAAAAAAAAAMAAAAAAAAAAAAGEAAAAAAAAFAAAAAAAKNDJHEGHMJNOJAEAIPAPFJOBMDNMCODJDAECAAAAMIEAIKCBDGNMOHBLIOAHELDEAAAAAAAA
C:\Windows\system32\conime.exe
apache\bin\httpd.exe -f conf\httpd.conf
mysql\bin\mysqld.exe --defaults-file=mysql\bin\my.ini --standalone
C:\xampp\XAMPP-~1.EXE
C:\xampp\apache\bin\httpd.exe -d C:/xampp/apache -f conf\httpd.conf
C:\PROGRA~1\Sun\VIRTUA~1\VBoxSVC.exe -Embedding
C:\PROGRA~1\Sun\VIRTUA~1\VirtualBox.exe --startvm f30b1a95-ea2a-4c70-b232-dcb5fc80c0f9
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe26_ Global\UsGthrCtrlFltPipeMssGthrPipe26 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot) " "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 644 648 656 65536 652
"C:\Users\DangerAge\Desktop\RSITx64.exe"
C:\PROGRA~1\TRENDM~1\DANGER~1.EXE /silentautolog

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2011-09-04 1581752]
"IAAnotif"=C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-12-16 1712232]
"Corel Photo Downloader"=C:\PROGRA~2\Corel\CORELS~1\CORELP~1.EXE [2007-02-06 478800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2011-09-04 1554432]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2011-09-05 1261568]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-05-21 49152]
"Ai Nap"=C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe [2007-09-06 1426432]
"CPU Power Monitor"=C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe [2007-09-06 626688]
"Cpu Level Up help"=C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [2011-09-05 1026048]
"Launch Direct Link"=C:\Program Files (x86)\ASUS\AI Direct Link\AsShare.exe [2007-08-20 1209856]
"Launch As Cmd Runner"=C:\Program Files (x86)\ASUS\AI Direct Link\AsCmd.exe [2007-04-11 376832]
"Corel Photo Downloader"=C:\Program Files (x86)\Corel\Corel Snapfire Plus\Corel PhotoDownloader.exe []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.exe - open - C:\Windows\svchost.com "%1" %*

======List of files/folders created in the last 1 month======

2011-09-05 19:11:55 ----D---- C:\rsit
2011-09-05 19:11:55 ----D---- C:\Program Files\trend micro
2011-09-05 18:52:28 ----A---- C:\Windows\SYSWOW64\libmysql_d.dll
2011-09-05 18:52:25 ----D---- C:\Program Files (x86)\PremiumSoft
2011-09-05 18:25:15 ----D---- C:\xampp
2011-09-05 17:30:32 ----D---- C:\ProgramData\Apple Computer
2011-09-05 17:30:32 ----D---- C:\Program Files (x86)\Safari
2011-09-05 17:30:18 ----D---- C:\ProgramData\Apple
2011-09-05 17:30:18 ----D---- C:\Program Files (x86)\Apple Software Update
2011-09-05 17:24:14 ----D---- C:\Program Files (x86)\Opera
2011-09-05 17:07:05 ----D---- C:\Program Files (x86)\Namoroka
2011-09-05 16:55:29 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-09-05 16:55:29 ----A---- C:\Windows\system32\winhttp.dll
2011-09-05 16:54:38 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2011-09-05 16:54:38 ----A---- C:\Windows\system32\setupapi.dll
2011-09-05 16:54:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2011-09-05 16:54:27 ----A---- C:\Windows\system32\wpd_ci.dll
2011-09-05 16:54:27 ----A---- C:\Windows\system32\winresume.exe
2011-09-05 16:54:27 ----A---- C:\Windows\system32\srdelayed.exe
2011-09-05 16:54:27 ----A---- C:\Windows\system32\srcore.dll
2011-09-05 16:54:27 ----A---- C:\Windows\system32\srclient.dll
2011-09-05 16:54:27 ----A---- C:\Windows\system32\rstrui.exe
2011-09-05 16:54:27 ----A---- C:\Windows\system32\kd1394.dll
2011-09-05 16:54:26 ----A---- C:\Windows\system32\winload.exe
2011-09-05 16:54:26 ----A---- C:\Windows\system32\schedsvc.dll
2011-09-05 16:54:26 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2011-09-05 16:54:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2011-09-05 16:54:26 ----A---- C:\Windows\system32\clfs.sys
2011-09-05 16:54:26 ----A---- C:\Windows\system32\ci.dll
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\prflbmsg.dll
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\lodctr.exe
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\loadperf.dll
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\kbd106n.dll
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-09-05 16:54:25 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-09-05 16:54:25 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-09-05 16:54:25 ----A---- C:\Windows\system32\oleaut32.dll
2011-09-05 16:54:25 ----A---- C:\Windows\system32\kbd106n.dll
2011-09-05 16:54:25 ----A---- C:\Windows\system32\drvinst.exe
2011-09-05 16:54:25 ----A---- C:\Windows\system32\dispci.dll
2011-09-05 16:54:25 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-09-05 16:54:25 ----A---- C:\Windows\system32\batt.dll
2011-09-05 16:54:24 ----A---- C:\Windows\SYSWOW64\f3ahvoas.dll
2011-09-05 16:54:24 ----A---- C:\Windows\SYSWOW64\dpx.dll
2011-09-05 16:54:24 ----A---- C:\Windows\system32\unlodctr.exe
2011-09-05 16:54:24 ----A---- C:\Windows\system32\prflbmsg.dll
2011-09-05 16:54:24 ----A---- C:\Windows\system32\lodctr.exe
2011-09-05 16:54:24 ----A---- C:\Windows\system32\loadperf.dll
2011-09-05 16:54:24 ----A---- C:\Windows\system32\f3ahvoas.dll
2011-09-05 16:54:24 ----A---- C:\Windows\system32\dpx.dll
2011-09-05 16:54:23 ----A---- C:\Windows\system32\drivers\sermouse.sys
2011-09-05 16:54:23 ----A---- C:\Windows\system32\drivers\mouhid.sys
2011-09-05 16:54:23 ----A---- C:\Windows\system32\drivers\mouclass.sys
2011-09-05 16:54:23 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-09-05 16:54:23 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2011-09-05 16:54:23 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2011-09-05 16:35:54 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-09-05 16:32:56 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-09-05 16:32:44 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-09-05 16:32:41 ----D---- C:\Program Files\Sun
2011-09-05 16:30:47 ----A---- C:\ProgramData\nvModes.dat
2011-09-05 16:28:11 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-09-05 16:26:53 ----D---- C:\ProgramData\NVIDIA Corporation
2011-09-05 16:26:48 ----D---- C:\Program Files\NVIDIA Corporation
2011-09-05 16:26:03 ----A---- C:\Windows\system32\nvudisp.exe
2011-09-05 16:25:58 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-09-05 16:25:58 ----A---- C:\Windows\system32\dpinst.exe
2011-09-05 16:25:57 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-09-05 16:25:57 ----A---- C:\Windows\system32\nvwgf2umx.dll
2011-09-05 16:25:56 ----A---- C:\Windows\system32\nvoglv64.dll
2011-09-05 16:25:55 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-09-05 16:25:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-09-05 16:25:54 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2011-09-05 16:25:54 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-09-05 16:25:54 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-09-05 16:25:54 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-09-05 16:25:54 ----A---- C:\Windows\system32\nvcuvid.dll
2011-09-05 16:25:54 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-09-05 16:25:54 ----A---- C:\Windows\system32\nvcuda.dll
2011-09-05 16:25:54 ----A---- C:\Windows\system32\nvcod188.dll
2011-09-05 16:25:54 ----A---- C:\Windows\system32\nvcod.dll
2011-09-05 16:25:52 ----D---- C:\NVIDIA
2011-09-05 16:13:24 ----A---- C:\Windows\directx.sys
2011-09-05 16:01:13 ----A---- C:\Windows\svchost.com
2011-09-05 15:16:23 ----A---- C:\Windows\system32\nvcpluir.dll
2011-09-05 15:16:22 ----A---- C:\Windows\system32\nvexpbar.dll
2011-09-05 15:15:09 ----A---- C:\Windows\system32\nvuninst.exe
2011-09-05 14:40:52 ----A---- C:\Windows\Ascd_tmp.ini
2011-09-05 14:40:39 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-09-05 14:40:39 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-09-05 14:40:39 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-09-05 14:40:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-09-05 14:39:47 ----A---- C:\Windows\SYSWOW64\cmifw.dll
2011-09-05 14:39:47 ----A---- C:\Windows\system32\wfapigp.dll
2011-09-05 14:39:47 ----A---- C:\Windows\system32\MPSSVC.dll
2011-09-05 14:39:47 ----A---- C:\Windows\system32\icfupgd.dll
2011-09-05 14:39:47 ----A---- C:\Windows\system32\FirewallAPI.dll
2011-09-05 14:39:47 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2011-09-05 14:39:47 ----A---- C:\Windows\system32\cmifw.dll
2011-09-05 14:39:46 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2011-09-05 14:39:46 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2011-09-05 14:39:18 ----A---- C:\Windows\system32\drivers\csc.sys
2011-09-05 14:39:18 ----A---- C:\Windows\system32\CscMig.dll
2011-09-05 14:39:15 ----A---- C:\Windows\system32\ntprint.exe
2011-09-05 14:39:15 ----A---- C:\Windows\system32\ntprint.dll
2011-09-05 14:39:15 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2011-09-05 14:39:14 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2011-09-05 14:39:14 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2011-09-05 14:39:14 ----A---- C:\Windows\SYSWOW64\dhcpcmonitor.dll
2011-09-05 14:39:14 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2011-09-05 14:39:14 ----A---- C:\Windows\system32\dhcpcsvc.dll
2011-09-05 14:39:14 ----A---- C:\Windows\system32\authui.dll
2011-09-05 14:39:13 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2011-09-05 14:39:13 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2011-09-05 14:39:13 ----A---- C:\Windows\SYSWOW64\authui.dll
2011-09-05 14:39:08 ----A---- C:\Windows\SYSWOW64\sendmail.dll
2011-09-05 14:39:08 ----A---- C:\Windows\system32\sendmail.dll
2011-09-05 14:39:07 ----A---- C:\Windows\SYSWOW64\ssBranded.scr
2011-09-05 14:39:07 ----A---- C:\Windows\system32\ssBranded.scr
2011-09-05 14:38:31 ----A---- C:\Windows\SYSWOW64\rastls.dll
2011-09-05 14:38:31 ----A---- C:\Windows\SYSWOW64\raschap.dll
2011-09-05 14:38:31 ----A---- C:\Windows\system32\rastls.dll
2011-09-05 14:38:31 ----A---- C:\Windows\system32\raschap.dll
2011-09-05 14:38:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-09-05 14:38:07 ----A---- C:\Windows\system32\kernel32.dll
2011-09-05 14:38:06 ----A---- C:\Windows\SYSWOW64\apilogen.dll
2011-09-05 14:38:06 ----A---- C:\Windows\SYSWOW64\amxread.dll
2011-09-05 14:38:06 ----A---- C:\Windows\system32\apilogen.dll
2011-09-05 14:38:06 ----A---- C:\Windows\system32\amxread.dll
2011-09-05 14:37:37 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2011-09-05 14:37:37 ----A---- C:\Windows\system32\gdi32.dll
2011-09-05 14:37:05 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2011-09-05 14:37:05 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2011-09-05 14:37:05 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2011-09-05 14:37:05 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2011-09-05 14:37:05 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2011-09-05 14:37:05 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2011-09-05 14:37:04 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2011-09-05 14:37:04 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2011-09-05 14:37:04 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2011-09-05 14:37:04 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2011-09-05 14:37:03 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2011-09-05 14:37:03 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2011-09-05 14:37:03 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2011-09-05 14:37:03 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2011-09-05 14:37:02 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2011-09-05 14:37:02 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2011-09-05 14:37:02 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2011-09-05 14:37:01 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2011-09-05 14:37:01 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2011-09-05 14:37:01 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2011-09-05 14:37:01 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2011-09-05 14:37:01 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2011-09-05 14:37:00 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2011-09-05 14:37:00 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2011-09-05 14:37:00 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2011-09-05 14:37:00 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2011-09-05 14:37:00 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2011-09-05 14:37:00 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2011-09-05 14:36:59 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2011-09-05 14:36:59 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2011-09-05 14:36:59 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2011-09-05 14:36:58 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2011-09-05 14:36:58 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2011-09-05 14:36:58 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2011-09-05 14:36:58 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2011-09-05 14:36:57 ----A---- C:\Windows\system32\NlsModels0011.dll
2011-09-05 14:36:57 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2011-09-05 14:36:57 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2011-09-05 14:36:57 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2011-09-05 14:36:56 ----A---- C:\Windows\system32\NlsData0049.dll
2011-09-05 14:36:56 ----A---- C:\Windows\system32\NlsData0047.dll
2011-09-05 14:36:56 ----A---- C:\Windows\system32\NlsData0046.dll
2011-09-05 14:36:56 ----A---- C:\Windows\system32\NlsData0045.dll
2011-09-05 14:36:56 ----A---- C:\Windows\system32\NlsData0039.dll
2011-09-05 14:36:55 ----A---- C:\Windows\system32\NlsData0026.dll
2011-09-05 14:36:55 ----A---- C:\Windows\system32\NlsData0024.dll
2011-09-05 14:36:55 ----A---- C:\Windows\system32\NlsData0022.dll
2011-09-05 14:36:55 ----A---- C:\Windows\system32\NlsData0021.dll
2011-09-05 14:36:55 ----A---- C:\Windows\system32\NlsData0020.dll
2011-09-05 14:36:54 ----A---- C:\Windows\system32\NlsData0027.dll
2011-09-05 14:36:54 ----A---- C:\Windows\system32\NlsData0018.dll
2011-09-05 14:36:54 ----A---- C:\Windows\system32\NlsData0013.dll
2011-09-05 14:36:54 ----A---- C:\Windows\system32\NlsData0011.dll
2011-09-05 14:36:54 ----A---- C:\Windows\system32\NlsData0010.dll
2011-09-05 14:36:53 ----A---- C:\Windows\system32\NlsData0019.dll
2011-09-05 14:36:53 ----A---- C:\Windows\system32\NlsData0007.dll
2011-09-05 14:36:53 ----A---- C:\Windows\system32\NlsData0003.dll
2011-09-05 14:36:53 ----A---- C:\Windows\system32\NlsData0002.dll
2011-09-05 14:36:53 ----A---- C:\Windows\system32\NlsData0001.dll
2011-09-05 14:36:53 ----A---- C:\Windows\system32\NlsData0000.dll
2011-09-05 14:36:52 ----A---- C:\Windows\system32\NlsData004c.dll
2011-09-05 14:36:52 ----A---- C:\Windows\system32\NlsData004b.dll
2011-09-05 14:36:52 ----A---- C:\Windows\system32\NlsData004a.dll
2011-09-05 14:36:52 ----A---- C:\Windows\system32\NlsData0009.dll
2011-09-05 14:36:51 ----A---- C:\Windows\system32\NlsData004e.dll
2011-09-05 14:36:51 ----A---- C:\Windows\system32\NlsData003e.dll
2011-09-05 14:36:51 ----A---- C:\Windows\system32\NlsData002a.dll
2011-09-05 14:36:51 ----A---- C:\Windows\system32\NlsData001d.dll
2011-09-05 14:36:51 ----A---- C:\Windows\system32\NlsData001b.dll
2011-09-05 14:36:51 ----A---- C:\Windows\system32\NlsData001a.dll
2011-09-05 14:36:50 ----A---- C:\Windows\system32\NlsData000d.dll
2011-09-05 14:36:50 ----A---- C:\Windows\system32\NlsData000c.dll
2011-09-05 14:36:50 ----A---- C:\Windows\system32\NlsData000a.dll
2011-09-05 14:36:49 ----A---- C:\Windows\system32\NlsData081a.dll
2011-09-05 14:36:49 ----A---- C:\Windows\system32\NlsData0816.dll
2011-09-05 14:36:49 ----A---- C:\Windows\system32\NlsData0416.dll
2011-09-05 14:36:49 ----A---- C:\Windows\system32\NlsData0414.dll
2011-09-05 14:36:49 ----A---- C:\Windows\system32\NlsData000f.dll
2011-09-05 14:36:49 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-09-05 14:36:48 ----A---- C:\Windows\SYSWOW64\NlsLexicons0045.dll
2011-09-05 14:36:48 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2011-09-05 14:36:48 ----A---- C:\Windows\system32\NlsData0c1a.dll
2011-09-05 14:36:47 ----A---- C:\Windows\SYSWOW64\NlsLexicons0049.dll
2011-09-05 14:36:47 ----A---- C:\Windows\SYSWOW64\NlsLexicons0047.dll
2011-09-05 14:36:47 ----A---- C:\Windows\SYSWOW64\NlsLexicons0046.dll
2011-09-05 14:36:47 ----A---- C:\Windows\SYSWOW64\NlsLexicons0039.dll
2011-09-05 14:36:47 ----A---- C:\Windows\SYSWOW64\NlsLexicons0021.dll
2011-09-05 14:36:47 ----A---- C:\Windows\SYSWOW64\NlsLexicons0020.dll
2011-09-05 14:36:46 ----A---- C:\Windows\SYSWOW64\NlsLexicons0026.dll
2011-09-05 14:36:46 ----A---- C:\Windows\SYSWOW64\NlsLexicons0024.dll
2011-09-05 14:36:46 ----A---- C:\Windows\SYSWOW64\NlsLexicons0022.dll
2011-09-05 14:36:45 ----A---- C:\Windows\SYSWOW64\NlsLexicons0027.dll
2011-09-05 14:36:44 ----A---- C:\Windows\SYSWOW64\NlsLexicons0013.dll
2011-09-05 14:36:44 ----A---- C:\Windows\SYSWOW64\NlsLexicons0011.dll
2011-09-05 14:36:44 ----A---- C:\Windows\SYSWOW64\NlsLexicons0010.dll
2011-09-05 14:36:43 ----A---- C:\Windows\SYSWOW64\NlsLexicons0019.dll
2011-09-05 14:36:43 ----A---- C:\Windows\SYSWOW64\NlsLexicons0018.dll
2011-09-05 14:36:43 ----A---- C:\Windows\SYSWOW64\NlsLexicons0001.dll
2011-09-05 14:36:42 ----A---- C:\Windows\SYSWOW64\NlsLexicons0009.dll
2011-09-05 14:36:42 ----A---- C:\Windows\SYSWOW64\NlsLexicons0007.dll
2011-09-05 14:36:42 ----A---- C:\Windows\SYSWOW64\NlsLexicons0003.dll
2011-09-05 14:36:42 ----A---- C:\Windows\SYSWOW64\NlsLexicons0002.dll
2011-09-05 14:36:41 ----A---- C:\Windows\SYSWOW64\NlsLexicons004e.dll
2011-09-05 14:36:41 ----A---- C:\Windows\SYSWOW64\NlsLexicons004c.dll
2011-09-05 14:36:41 ----A---- C:\Windows\SYSWOW64\NlsLexicons004b.dll
2011-09-05 14:36:41 ----A---- C:\Windows\SYSWOW64\NlsLexicons004a.dll
2011-09-05 14:36:40 ----A---- C:\Windows\SYSWOW64\NlsLexicons003e.dll
2011-09-05 14:36:40 ----A---- C:\Windows\SYSWOW64\NlsLexicons002a.dll
2011-09-05 14:36:40 ----A---- C:\Windows\SYSWOW64\NlsLexicons001b.dll
2011-09-05 14:36:40 ----A---- C:\Windows\SYSWOW64\NlsLexicons001a.dll
2011-09-05 14:36:39 ----A---- C:\Windows\SYSWOW64\NlsLexicons001d.dll
2011-09-05 14:36:39 ----A---- C:\Windows\SYSWOW64\NlsLexicons000a.dll
2011-09-05 14:36:38 ----A---- C:\Windows\SYSWOW64\NlsLexicons0414.dll
2011-09-05 14:36:38 ----A---- C:\Windows\SYSWOW64\NlsLexicons000f.dll
2011-09-05 14:36:38 ----A---- C:\Windows\SYSWOW64\NlsLexicons000d.dll
2011-09-05 14:36:38 ----A---- C:\Windows\SYSWOW64\NlsLexicons000c.dll
2011-09-05 14:36:37 ----A---- C:\Windows\SYSWOW64\NlsLexicons081a.dll
2011-09-05 14:36:37 ----A---- C:\Windows\SYSWOW64\NlsLexicons0816.dll
2011-09-05 14:36:37 ----A---- C:\Windows\SYSWOW64\NlsLexicons0416.dll
2011-09-05 14:36:36 ----A---- C:\Windows\SYSWOW64\NlsModels0011.dll
2011-09-05 14:36:36 ----A---- C:\Windows\SYSWOW64\NlsData0049.dll
2011-09-05 14:36:36 ----A---- C:\Windows\SYSWOW64\NlsData0047.dll
2011-09-05 14:36:36 ----A---- C:\Windows\SYSWOW64\NlsData0046.dll
2011-09-05 14:36:36 ----A---- C:\Windows\SYSWOW64\NlsData0045.dll
2011-09-05 14:36:35 ----A---- C:\Windows\SYSWOW64\NlsData0039.dll
2011-09-05 14:36:35 ----A---- C:\Windows\SYSWOW64\NlsData0022.dll
2011-09-05 14:36:35 ----A---- C:\Windows\SYSWOW64\NlsData0021.dll
2011-09-05 14:36:35 ----A---- C:\Windows\SYSWOW64\NlsData0020.dll
2011-09-05 14:36:34 ----A---- C:\Windows\SYSWOW64\NlsData0027.dll
2011-09-05 14:36:34 ----A---- C:\Windows\SYSWOW64\NlsData0026.dll
2011-09-05 14:36:34 ----A---- C:\Windows\SYSWOW64\NlsData0024.dll
2011-09-05 14:36:34 ----A---- C:\Windows\SYSWOW64\NlsData0011.dll
2011-09-05 14:36:34 ----A---- C:\Windows\SYSWOW64\NlsData0010.dll
2011-09-05 14:36:33 ----A---- C:\Windows\SYSWOW64\NlsData0019.dll
2011-09-05 14:36:33 ----A---- C:\Windows\SYSWOW64\NlsData0018.dll
2011-09-05 14:36:33 ----A---- C:\Windows\SYSWOW64\NlsData0013.dll
2011-09-05 14:36:33 ----A---- C:\Windows\SYSWOW64\NlsData0000.dll
2011-09-05 14:36:32 ----A---- C:\Windows\SYSWOW64\NlsData0009.dll
2011-09-05 14:36:32 ----A---- C:\Windows\SYSWOW64\NlsData0007.dll
2011-09-05 14:36:32 ----A---- C:\Windows\SYSWOW64\NlsData0003.dll
2011-09-05 14:36:32 ----A---- C:\Windows\SYSWOW64\NlsData0002.dll
2011-09-05 14:36:32 ----A---- C:\Windows\SYSWOW64\NlsData0001.dll
2011-09-05 14:36:31 ----A---- C:\Windows\SYSWOW64\NlsData004e.dll
2011-09-05 14:36:31 ----A---- C:\Windows\SYSWOW64\NlsData004c.dll
2011-09-05 14:36:31 ----A---- C:\Windows\SYSWOW64\NlsData004b.dll
2011-09-05 14:36:31 ----A---- C:\Windows\SYSWOW64\NlsData004a.dll
2011-09-05 14:36:31 ----A---- C:\Windows\SYSWOW64\NlsData003e.dll
2011-09-05 14:36:31 ----A---- C:\Windows\SYSWOW64\NlsData002a.dll
2011-09-05 14:36:30 ----A---- C:\Windows\SYSWOW64\NlsData001d.dll
2011-09-05 14:36:30 ----A---- C:\Windows\SYSWOW64\NlsData001b.dll
2011-09-05 14:36:30 ----A---- C:\Windows\SYSWOW64\NlsData001a.dll
2011-09-05 14:36:29 ----A---- C:\Windows\SYSWOW64\NlsData0414.dll
2011-09-05 14:36:29 ----A---- C:\Windows\SYSWOW64\NlsData000f.dll
2011-09-05 14:36:29 ----A---- C:\Windows\SYSWOW64\NlsData000d.dll
2011-09-05 14:36:29 ----A---- C:\Windows\SYSWOW64\NlsData000c.dll
2011-09-05 14:36:29 ----A---- C:\Windows\SYSWOW64\NlsData000a.dll
2011-09-05 14:36:28 ----A---- C:\Windows\SYSWOW64\NlsData0416.dll
2011-09-05 14:36:27 ----A---- C:\Windows\SYSWOW64\NlsData081a.dll
2011-09-05 14:36:27 ----A---- C:\Windows\SYSWOW64\NlsData0816.dll
2011-09-05 14:36:27 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2011-09-05 14:36:26 ----A---- C:\Windows\SYSWOW64\NlsLexicons0c1a.dll
2011-09-05 14:36:26 ----A---- C:\Windows\SYSWOW64\NlsData0c1a.dll
2011-09-05 14:33:45 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2011-09-05 14:33:45 ----A---- C:\Windows\SYSWOW64\LAPRXY.DLL
2011-09-05 14:33:45 ----A---- C:\Windows\SYSWOW64\asferror.dll
2011-09-05 14:33:45 ----A---- C:\Windows\system32\WMASF.DLL
2011-09-05 14:33:45 ----A---- C:\Windows\system32\LAPRXY.DLL
2011-09-05 14:33:45 ----A---- C:\Windows\system32\asferror.dll
2011-09-05 14:31:54 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-09-05 14:31:40 ----A---- C:\Windows\system32\MUILanguageCleanup.dll
2011-09-05 14:31:40 ----A---- C:\Windows\system32\lpremove.exe
2011-09-05 14:31:40 ----A---- C:\Windows\system32\lpksetup.exe
2011-09-05 14:31:40 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2011-09-05 14:31:18 ----A---- C:\Windows\system32\riched32.dll
2011-09-05 14:31:18 ----A---- C:\Windows\system32\riched20.dll
2011-09-05 14:31:17 ----A---- C:\Windows\system32\rasser.dll
2011-09-05 14:31:17 ----A---- C:\Windows\system32\rasdiag.dll
2011-09-05 14:31:17 ----A---- C:\Windows\system32\rascfg.dll
2011-09-05 14:31:17 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-09-05 14:31:17 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2011-09-05 14:31:16 ----A---- C:\Windows\SYSWOW64\riched32.dll
2011-09-05 14:31:16 ----A---- C:\Windows\SYSWOW64\riched20.dll
2011-09-05 14:31:16 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2011-09-05 14:31:16 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2011-09-05 14:31:16 ----A---- C:\Windows\system32\rasmxs.dll
2011-09-05 14:31:16 ----A---- C:\Windows\system32\netcfgx.dll
2011-09-05 14:31:16 ----A---- C:\Windows\system32\msftedit.dll
2011-09-05 14:31:16 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-09-05 14:31:15 ----A---- C:\Windows\SYSWOW64\rasser.dll
2011-09-05 14:31:15 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2011-09-05 14:31:15 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2011-09-05 14:31:15 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2011-09-05 14:31:14 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2011-09-05 14:31:14 ----A---- C:\Windows\SYSWOW64\traffic.dll
2011-09-05 14:31:14 ----A---- C:\Windows\SYSWOW64\pacerprf.dll
2011-09-05 14:31:14 ----A---- C:\Windows\SYSWOW64\icsunattend.exe
2011-09-05 14:31:14 ----A---- C:\Windows\system32\wshqos.dll
2011-09-05 14:31:14 ----A---- C:\Windows\system32\traffic.dll
2011-09-05 14:31:14 ----A---- C:\Windows\system32\ipnathlp.dll
2011-09-05 14:31:14 ----A---- C:\Windows\system32\icsunattend.exe
2011-09-05 14:31:14 ----A---- C:\Windows\system32\drivers\pacer.sys
2011-09-05 14:31:13 ----A---- C:\Windows\system32\pacerprf.dll
2011-09-05 14:31:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-09-05 14:31:13 ----A---- C:\Windows\system32\dps.dll
2011-09-05 14:31:13 ----A---- C:\Windows\system32\cdd.dll
2011-09-05 14:30:26 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-09-05 14:30:26 ----A---- C:\Windows\system32\drivers\srv.sys
2011-09-05 14:30:07 ----A---- C:\Windows\SYSWOW64\PortableDeviceTypes.dll
2011-09-05 14:30:07 ----A---- C:\Windows\SYSWOW64\PortableDeviceClassExtension.dll
2011-09-05 14:30:07 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2011-09-05 14:30:07 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2011-09-05 14:30:07 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2011-09-05 14:30:07 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-09-05 14:29:46 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2011-09-05 14:29:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-09-05 14:29:46 ----A---- C:\Windows\system32\INETRES.dll
2011-09-05 14:29:46 ----A---- C:\Windows\system32\inetcomm.dll
2011-09-05 14:23:17 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2011-09-05 14:23:17 ----A---- C:\Windows\SYSWOW64\icardres.dll
2011-09-05 14:23:17 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2011-09-05 14:23:17 ----A---- C:\Windows\system32\infocardapi.dll
2011-09-05 14:23:17 ----A---- C:\Windows\system32\icardres.dll
2011-09-05 14:23:17 ----A---- C:\Windows\system32\icardagt.exe
2011-09-05 14:23:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2011-09-05 14:23:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-05 14:23:13 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2011-09-05 14:23:13 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-09-05 14:23:13 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-09-05 14:23:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2011-09-05 14:23:13 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-09-05 14:23:13 ----A---- C:\Windows\system32\PresentationHost.exe
2011-09-05 14:14:38 ----A---- C:\Windows\SYSWOW64\es.dll
2011-09-05 14:14:37 ----A---- C:\Windows\system32\es.dll
2011-09-04 23:15:13 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-09-04 23:15:13 ----A---- C:\Windows\system32\dnsapi.dll
2011-09-04 23:15:12 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-09-04 23:15:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-09-04 23:15:12 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-09-04 23:14:35 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-09-04 23:14:35 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-09-04 23:14:35 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2011-09-04 23:14:34 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2011-09-04 23:14:34 ----A---- C:\Windows\system32\wmploc.DLL
2011-09-04 23:14:33 ----A---- C:\Windows\system32\wmp.dll
2011-09-04 23:14:33 ----A---- C:\Windows\system32\spwmp.dll
2011-09-04 23:14:32 ----A---- C:\Windows\system32\dxmasf.dll
2011-09-04 23:14:29 ----A---- C:\Windows\SYSWOW64\unregmp2.exe
2011-09-04 23:14:28 ----A---- C:\Windows\system32\unregmp2.exe
2011-09-04 23:13:30 ----A---- C:\Windows\SYSWOW64\connect.dll
2011-09-04 23:13:30 ----A---- C:\Windows\system32\connect.dll
2011-09-04 23:12:39 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-09-04 23:12:04 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2011-09-04 23:12:04 ----A---- C:\Windows\SYSWOW64\quartz.dll
2011-09-04 23:12:04 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2011-09-04 23:12:04 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2011-09-04 23:12:04 ----A---- C:\Windows\SYSWOW64\avicap32.dll
2011-09-04 23:12:04 ----A---- C:\Windows\system32\tsbyuv.dll
2011-09-04 23:12:04 ----A---- C:\Windows\system32\quartz.dll
2011-09-04 23:12:04 ----A---- C:\Windows\system32\msyuv.dll
2011-09-04 23:12:04 ----A---- C:\Windows\system32\iyuv_32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\system32\msvidc32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\system32\msvfw32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\system32\msrle32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\system32\mciavi32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\system32\avifil32.dll
2011-09-04 23:12:03 ----A---- C:\Windows\system32\avicap32.dll
2011-09-04 23:10:45 ----A---- C:\Windows\SYSWOW64\msoert2.dll
2011-09-04 23:10:45 ----A---- C:\Windows\SYSWOW64\msoeacct.dll
2011-09-04 23:10:45 ----A---- C:\Windows\SYSWOW64\ACCTRES.dll
2011-09-04 23:10:45 ----A---- C:\Windows\system32\msoert2.dll
2011-09-04 23:10:45 ----A---- C:\Windows\system32\msoeacct.dll
2011-09-04 23:10:45 ----A---- C:\Windows\system32\ACCTRES.dll
2011-09-04 23:10:01 ----A---- C:\Windows\system32\mcmde.dll
2011-09-04 23:09:58 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-09-04 23:09:58 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-09-04 23:09:58 ----A---- C:\Windows\system32\psisdecd.dll
2011-09-04 23:09:58 ----A---- C:\Windows\system32\EncDec.dll
2011-09-04 23:08:36 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2011-09-04 23:08:36 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-09-04 23:08:34 ----A---- C:\Windows\SYSWOW64\GameUXLegacyGDFs.dll
2011-09-04 23:08:34 ----A---- C:\Windows\SYSWOW64\gameux.dll
2011-09-04 23:08:33 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-09-04 23:08:33 ----A---- C:\Windows\system32\gameux.dll
2011-09-04 23:07:44 ----A---- C:\Windows\SYSWOW64\lpk.dll
2011-09-04 23:07:44 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2011-09-04 23:07:44 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2011-09-04 23:07:44 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-09-04 23:07:44 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-09-04 23:07:44 ----A---- C:\Windows\system32\lpk.dll
2011-09-04 23:07:44 ----A---- C:\Windows\system32\fontsub.dll
2011-09-04 23:07:44 ----A---- C:\Windows\system32\dciman32.dll
2011-09-04 23:07:44 ----A---- C:\Windows\system32\atmlib.dll
2011-09-04 23:07:44 ----A---- C:\Windows\system32\atmfd.dll
2011-09-04 23:07:43 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-09-04 23:07:43 ----A---- C:\Windows\system32\t2embed.dll
2011-09-04 23:07:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-09-04 23:06:17 ----A---- C:\Windows\system32\qmgr.dll
2011-09-04 23:05:47 ----A---- C:\Windows\SYSWOW64\localspl.dll
2011-09-04 23:05:47 ----A---- C:\Windows\system32\localspl.dll
2011-09-04 23:05:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2011-09-04 23:05:12 ----A---- C:\Windows\system32\rpcrt4.dll
2011-09-04 23:04:38 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-09-04 23:04:38 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-09-04 23:04:38 ----A---- C:\Windows\system32\schannel.dll
2011-09-04 23:04:38 ----A---- C:\Windows\system32\kerberos.dll
2011-09-04 23:04:03 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2011-09-04 23:04:03 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2011-09-04 23:04:03 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-09-04 23:04:03 ----A---- C:\Windows\system32\netiougc.exe
2011-09-04 23:04:03 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-09-04 23:04:03 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-09-04 23:04:03 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2011-09-04 23:04:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-09-04 23:03:27 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2011-09-04 23:03:27 ----A---- C:\Windows\system32\WSDApi.dll
2011-09-04 23:02:41 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2011-09-04 23:02:41 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-09-04 23:02:06 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2011-09-04 23:02:06 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-09-04 23:01:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2011-09-04 23:01:33 ----A---- C:\Windows\SYSWOW64\printcom.dll
2011-09-04 23:01:32 ----A---- C:\Windows\system32\win32spl.dll
2011-09-04 23:01:32 ----A---- C:\Windows\system32\printcom.dll
2011-09-04 22:59:11 ----A---- C:\Windows\system32\win32k.sys
2011-09-04 22:55:42 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-09-04 22:55:42 ----A---- C:\Windows\system32\tzres.dll
2011-09-04 22:46:31 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-09-04 22:46:31 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-09-04 22:46:31 ----A---- C:\Windows\system32\netfxperf.dll
2011-09-04 22:46:31 ----A---- C:\Windows\system32\dfshim.dll
2011-09-04 22:46:29 ----A---- C:\Windows\SYSWOW64\mscories.dll
2011-09-04 22:46:29 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2011-09-04 22:46:29 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-09-04 22:46:29 ----A---- C:\Windows\system32\mscories.dll
2011-09-04 22:46:29 ----A---- C:\Windows\system32\mscorier.dll
2011-09-04 22:46:29 ----A---- C:\Windows\system32\mscoree.dll
2011-09-04 22:41:49 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-09-04 22:41:49 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2011-09-04 22:41:49 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-09-04 22:41:49 ----A---- C:\Windows\system32\msxml3r.dll
2011-09-04 22:41:49 ----A---- C:\Windows\system32\msxml3.dll
2011-09-04 22:41:48 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2011-09-04 22:41:48 ----A---- C:\Windows\system32\msxml6r.dll
2011-09-04 22:41:48 ----A---- C:\Windows\system32\msxml6.dll
2011-09-04 22:41:34 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2011-09-04 22:41:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-09-04 22:41:34 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2011-09-04 22:41:33 ----A---- C:\Windows\system32\tsgqec.dll
2011-09-04 22:41:33 ----A---- C:\Windows\system32\mstscax.dll
2011-09-04 22:41:33 ----A---- C:\Windows\system32\aaclient.dll
2011-09-04 22:41:22 ----A---- C:\Windows\system32\browserchoice.exe
2011-09-04 22:41:15 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2011-09-04 22:41:15 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2011-09-04 22:41:14 ----A---- C:\Windows\SYSWOW64\polstore.dll
2011-09-04 22:41:14 ----A---- C:\Windows\system32\winipsec.dll
2011-09-04 22:41:14 ----A---- C:\Windows\system32\polstore.dll
2011-09-04 22:41:14 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-09-04 22:41:14 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2011-09-04 22:39:54 ----A---- C:\Windows\SYSWOW64\sbunattend.exe
2011-09-04 22:39:54 ----A---- C:\Windows\system32\sbunattend.exe
2011-09-04 22:15:08 ----D---- C:\Users\DangerAge\AppData\Roaming\Corel
2011-09-04 22:06:17 ----DC---- C:\Windows\system32\DRVSTORE
2011-09-04 21:33:03 ----D---- C:\Users\DangerAge\AppData\Roaming\Macromedia
2011-09-04 21:33:03 ----D---- C:\Users\DangerAge\AppData\Roaming\Adobe
2011-09-04 21:32:16 ----D---- C:\Windows\SYSWOW64\Macromed
2011-09-04 21:32:02 ----D---- C:\ProgramData\McAfee Security Scan
2011-09-04 21:32:02 ----D---- C:\ProgramData\McAfee
2011-09-04 21:32:01 ----D---- C:\Program Files (x86)\McAfee Security Scan
2011-09-04 16:03:27 ----D---- C:\ProgramData\Corel
2011-09-04 16:03:26 ----D---- C:\Windows\SYSWOW64\Spool
2011-09-04 16:03:18 ----D---- C:\Program Files (x86)\Corel
2011-09-04 16:03:17 ----A---- C:\ProgramData\pswi_preloaded.exe
2011-09-04 15:56:53 ----A---- C:\Windows\SYSWOW64\nshhttp.dll
2011-09-04 15:56:53 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2011-09-04 15:56:53 ----A---- C:\Windows\system32\nshhttp.dll
2011-09-04 15:56:53 ----A---- C:\Windows\system32\httpapi.dll
2011-09-04 15:56:53 ----A---- C:\Windows\system32\drivers\http.sys
2011-09-04 15:55:32 ----A---- C:\Windows\system32\rpcss.dll
2011-09-04 15:55:31 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-09-04 15:55:31 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-09-04 15:55:30 ----A---- C:\Windows\system32\iasdatastore.dll
2011-09-04 15:55:30 ----A---- C:\Windows\system32\iasads.dll
2011-09-04 15:55:29 ----A---- C:\Windows\SYSWOW64\sdohlp.dll
2011-09-04 15:55:29 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2011-09-04 15:55:29 ----A---- C:\Windows\SYSWOW64\iasdatastore.dll
2011-09-04 15:55:29 ----A---- C:\Windows\SYSWOW64\iasads.dll
2011-09-04 15:55:29 ----A---- C:\Windows\system32\sdohlp.dll
2011-09-04 15:55:29 ----A---- C:\Windows\system32\iasrecst.dll
2011-09-04 15:54:46 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2011-09-04 15:54:46 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2011-09-04 15:54:46 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2011-09-04 15:54:46 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2011-09-04 15:54:46 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2011-09-04 15:54:46 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-09-04 15:54:46 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-09-04 15:54:46 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-09-04 15:54:46 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-09-04 15:54:46 ----A---- C:\Windows\system32\msdrm.dll
2011-09-04 15:54:45 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2011-09-04 15:54:45 ----A---- C:\Windows\SYSWOW64\secproc.dll
2011-09-04 15:54:45 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2011-09-04 15:54:45 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2011-09-04 15:54:45 ----A---- C:\Windows\system32\secproc_isv.dll
2011-09-04 15:54:45 ----A---- C:\Windows\system32\secproc.dll
2011-09-04 15:54:45 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-09-04 15:54:45 ----A---- C:\Windows\system32\RMActivate.exe
2011-09-04 15:54:11 ----A---- C:\Windows\SYSWOW64\slwmi.dll
2011-09-04 15:54:11 ----A---- C:\Windows\SYSWOW64\SLCommDlg.dll
2011-09-04 15:54:11 ----A---- C:\Windows\SYSWOW64\SLC.dll
2011-09-04 15:54:11 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2011-09-04 15:54:11 ----A---- C:\Windows\system32\slwmi.dll
2011-09-04 15:54:11 ----A---- C:\Windows\system32\SLC.dll
2011-09-04 15:54:11 ----A---- C:\Windows\system32\mcbuilder.exe
2011-09-04 15:54:10 ----A---- C:\Windows\system32\SLUINotify.dll
2011-09-04 15:54:10 ----A---- C:\Windows\system32\SLUI.exe
2011-09-04 15:54:10 ----A---- C:\Windows\system32\SLsvc.exe
2011-09-04 15:54:10 ----A---- C:\Windows\system32\SLLUA.exe
2011-09-04 15:54:10 ----A---- C:\Windows\system32\SLCommDlg.dll
2011-09-04 15:54:10 ----A---- C:\Windows\system32\slcinst.dll
2011-09-04 15:53:41 ----A---- C:\Windows\system32\winsrv.dll
2011-09-04 15:53:41 ----A---- C:\Windows\system32\csrsrv.dll
2011-09-04 15:53:09 ----A---- C:\Windows\SYSWOW64\capicom.dll
2011-09-04 15:52:48 ----D---- C:\ProgramData\Symantec
2011-09-04 15:52:36 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2011-09-04 15:52:36 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2011-09-04 15:52:36 ----A---- C:\Windows\SYSWOW64\admparse.dll
2011-09-04 15:52:36 ----A---- C:\Windows\system32\ieUnatt.exe
2011-09-04 15:52:36 ----A---- C:\Windows\system32\ieakui.dll
2011-09-04 15:52:36 ----A---- C:\Windows\system32\ieaksie.dll
2011-09-04 15:52:36 ----A---- C:\Windows\system32\admparse.dll
2011-09-04 15:52:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-09-04 15:52:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-09-04 15:52:35 ----A---- C:\Windows\SYSWOW64\advpack.dll
2011-09-04 15:52:35 ----A---- C:\Windows\system32\occache.dll
2011-09-04 15:52:35 ----A---- C:\Windows\system32\advpack.dll
2011-09-04 15:52:34 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-09-04 15:52:34 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2011-09-04 15:52:34 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2011-09-04 15:52:34 ----A---- C:\Windows\system32\iedkcs32.dll
2011-09-04 15:52:34 ----A---- C:\Windows\system32\ieapfltr.dll
2011-09-04 15:52:34 ----A---- C:\Windows\system32\ieapfltr.dat
2011-09-04 15:52:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-09-04 15:52:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-09-04 15:52:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2011-09-04 15:52:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2011-09-04 15:52:33 ----A---- C:\Windows\system32\wininet.dll
2011-09-04 15:52:33 ----A---- C:\Windows\system32\jsproxy.dll
2011-09-04 15:52:32 ----A---- C:\Windows\system32\dxtrans.dll
2011-09-04 15:52:32 ----A---- C:\Windows\system32\dxtmsft.dll
2011-09-04 15:52:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-09-04 15:52:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-09-04 15:52:31 ----A---- C:\Windows\system32\msfeeds.dll
2011-09-04 15:52:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-09-04 15:52:30 ----A---- C:\Windows\system32\ieui.dll
2011-09-04 15:52:30 ----A---- C:\Windows\system32\ieframe.dll
2011-09-04 15:52:27 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2011-09-04 15:52:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-09-04 15:52:27 ----A---- C:\Windows\SYSWOW64\ieencode.dll
2011-09-04 15:52:27 ----A---- C:\Windows\system32\mshtmler.dll
2011-09-04 15:52:27 ----A---- C:\Windows\system32\mshtmled.dll
2011-09-04 15:52:27 ----A---- C:\Windows\system32\ieencode.dll
2011-09-04 15:52:26 ----A---- C:\Windows\system32\mshtml.dll
2011-09-04 15:52:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-09-04 15:52:23 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-09-04 15:52:23 ----A---- C:\Windows\SYSWOW64\icardie.dll
2011-09-04 15:52:23 ----A---- C:\Windows\system32\mstime.dll
2011-09-04 15:52:23 ----A---- C:\Windows\system32\icardie.dll
2011-09-04 15:52:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-09-04 15:52:20 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2011-09-04 15:52:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-09-04 15:52:20 ----A---- C:\Windows\system32\urlmon.dll
2011-09-04 15:52:20 ----A---- C:\Windows\system32\pngfilt.dll
2011-09-04 15:52:20 ----A---- C:\Windows\system32\iertutil.dll
2011-09-04 15:52:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-09-04 15:52:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-09-04 15:52:19 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-09-04 15:52:19 ----A---- C:\Windows\system32\iesetup.dll
2011-09-04 15:52:19 ----A---- C:\Windows\system32\iernonce.dll
2011-09-04 15:52:19 ----A---- C:\Windows\system32\ie4uinit.exe
2011-09-04 15:51:30 ----D---- C:\ProgramData\Adobe
2011-09-04 15:50:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-09-04 15:50:52 ----A---- C:\Windows\system32\jscript.dll
2011-09-04 15:50:43 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-09-04 15:50:42 ----A---- C:\Windows\system32\drivers\monitor.sys
2011-09-04 15:50:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-09-04 15:50:35 ----A---- C:\Windows\explorer.exe
2011-09-04 15:49:02 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2011-09-04 15:49:01 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2011-09-04 15:49:01 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-09-04 15:49:01 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2011-09-04 15:49:00 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2011-09-04 15:49:00 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2011-09-04 15:48:43 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-09-04 15:48:43 ----A---- C:\Windows\bfsvc.exe
2011-09-04 15:31:41 ----D---- C:\Users\DangerAge\AppData\Roaming\Skype
2011-09-04 15:30:58 ----D---- C:\Users\DangerAge\AppData\Roaming\WinRAR
2011-09-04 15:30:56 ----D---- C:\Program Files\WinRAR
2011-09-04 15:25:04 ----D---- C:\Windows\system32\CSY
2011-09-04 15:25:04 ----A---- C:\Windows\system32\Imsmudlg.exe
2011-09-04 15:24:30 ----A---- C:\Windows\system32\drivers\iaStor.sys
2011-09-04 15:23:54 ----D---- C:\Program Files (x86)\Marvell
2011-09-04 15:23:02 ----SHD---- C:\Windows\Installer
2011-09-04 15:22:56 ----D---- C:\Users\DangerAge\AppData\Roaming\TMP
2011-09-04 15:21:39 ----RA---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2011-09-04 15:21:39 ----RA---- C:\Windows\SYSWOW64\AsIO.dll
2011-09-04 15:21:37 ----D---- C:\Program Files (x86)\ASUS
2011-09-04 15:21:37 ----A---- C:\Windows\SYSWOW64\drivers\AsInsHelp64.sys
2011-09-04 15:21:37 ----A---- C:\Windows\SYSWOW64\drivers\AsInsHelp32.sys
2011-09-04 15:06:18 ----D---- C:\Users\DangerAge\AppData\Roaming\Mozilla
2011-09-04 15:04:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-09-04 14:40:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-09-04 14:40:38 ----A---- C:\Windows\system32\vbscript.dll
2011-09-04 14:40:07 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2011-09-04 14:40:07 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2011-09-04 14:40:04 ----A---- C:\Windows\system32\wtsapi32.dll
2011-09-04 14:40:03 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-09-04 14:40:02 ----A---- C:\Windows\system32\sysmain.dll
2011-09-04 14:39:59 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2011-09-04 14:39:27 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2011-09-04 14:39:27 ----A---- C:\Windows\system32\crypt32.dll
2011-09-04 14:39:03 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-09-04 14:38:37 ----A---- C:\Windows\system32\rrinstaller.exe
2011-09-04 14:38:37 ----A---- C:\Windows\system32\mfps.dll
2011-09-04 14:38:37 ----A---- C:\Windows\system32\mfpmp.exe
2011-09-04 14:38:37 ----A---- C:\Windows\system32\mferror.dll
2011-09-04 14:38:37 ----A---- C:\Windows\system32\mf.dll
2011-09-04 14:38:36 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2011-09-04 14:38:36 ----A---- C:\Windows\SYSWOW64\mfps.dll
2011-09-04 14:38:36 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2011-09-04 14:38:36 ----A---- C:\Windows\SYSWOW64\mferror.dll
2011-09-04 14:38:36 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-09-04 14:38:33 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2011-09-04 14:38:33 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-09-04 14:37:52 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2011-09-04 14:37:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2011-09-04 14:37:52 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2011-09-04 14:37:51 ----A---- C:\Windows\system32\wdigest.dll
2011-09-04 14:37:51 ----A---- C:\Windows\system32\secur32.dll
2011-09-04 14:37:51 ----A---- C:\Windows\system32\msv1_0.dll
2011-09-04 14:37:51 ----A---- C:\Windows\system32\lsass.exe
2011-09-04 14:37:51 ----A---- C:\Windows\system32\lsasrv.dll
2011-09-04 14:37:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-09-04 14:37:19 ----A---- C:\Windows\SYSWOW64\atl.dll
2011-09-04 14:37:19 ----A---- C:\Windows\system32\atl.dll
2011-09-04 14:36:56 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2011-09-04 14:36:56 ----A---- C:\Windows\system32\wmpeffects.dll
2011-09-04 14:36:27 ----A---- C:\Windows\SYSWOW64\netevent.dll
2011-09-04 14:36:27 ----A---- C:\Windows\system32\TCPSVCS.EXE
2011-09-04 14:36:27 ----A---- C:\Windows\system32\ROUTE.EXE
2011-09-04 14:36:27 ----A---- C:\Windows\system32\NETSTAT.EXE
2011-09-04 14:36:27 ----A---- C:\Windows\system32\netiohlp.dll
2011-09-04 14:36:27 ----A---- C:\Windows\system32\netevent.dll
2011-09-04 14:36:27 ----A---- C:\Windows\system32\MRINFO.EXE
2011-09-04 14:36:27 ----A---- C:\Windows\system32\HOSTNAME.EXE
2011-09-04 14:36:27 ----A---- C:\Windows\system32\finger.exe
2011-09-04 14:36:27 ----A---- C:\Windows\system32\ARP.EXE
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\TCPSVCS.EXE
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\ROUTE.EXE
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\NETSTAT.EXE
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\MRINFO.EXE
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\HOSTNAME.EXE
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\finger.exe
2011-09-04 14:36:26 ----A---- C:\Windows\SYSWOW64\ARP.EXE
2011-09-04 14:36:25 ----A---- C:\Windows\system32\drivers\netio.sys
2011-09-04 14:35:46 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-09-04 14:35:21 ----A---- C:\Windows\SYSWOW64\logagent.exe
2011-09-04 14:35:21 ----A---- C:\Windows\system32\logagent.exe
2011-09-04 14:35:20 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2011-09-04 14:35:20 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-09-04 14:34:53 ----A---- C:\Windows\SYSWOW64\DWWIN.EXE
2011-09-04 14:34:53 ----A---- C:\Windows\system32\DWWIN.EXE
2011-09-04 14:34:32 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2011-09-04 14:34:32 ----A---- C:\Windows\system32\wshrm.dll
2011-09-04 14:34:32 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-09-04 14:34:09 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2011-09-04 14:34:09 ----A---- C:\Windows\system32\msasn1.dll
2011-09-04 14:33:25 ----A---- C:\Windows\system32\wkssvc.dll
2011-09-04 14:32:39 ----A---- C:\Windows\system32\poqexec.exe
2011-09-04 14:31:54 ----A---- C:\Windows\SYSWOW64\wmi.dll
2011-09-04 14:31:54 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2011-09-04 14:31:54 ----A---- C:\Windows\system32\wmi.dll
2011-09-04 14:31:54 ----A---- C:\Windows\system32\imagehlp.dll
2011-09-04 14:31:54 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2011-09-04 14:31:33 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2011-09-04 14:31:33 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2011-09-04 14:31:33 ----A---- C:\Windows\system32\xolehlp.dll
2011-09-04 14:31:33 ----A---- C:\Windows\system32\msdtcprx.dll
2011-09-04 14:31:02 ----A---- C:\Windows\system32\drivers\pciidex.sys
2011-09-04 14:31:02 ----A---- C:\Windows\system32\drivers\pciide.sys
2011-09-04 14:31:02 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-09-04 14:31:02 ----A---- C:\Windows\system32\drivers\atapi.sys
2011-09-04 14:31:01 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-09-04 14:31:01 ----A---- C:\Windows\system32\drivers\nwifi.sys
2011-09-04 14:30:16 ----A---- C:\Windows\system32\netcfg.exe
2011-09-04 14:29:12 ----A---- C:\Windows\system32\wmpdxm.dll
2011-09-04 14:29:11 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2011-09-04 14:27:22 ----A---- C:\Windows\system32\shell32.dll
2011-09-04 14:27:20 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-09-04 14:26:40 ----A---- C:\Windows\system32\user32.dll
2011-09-04 14:26:39 ----A---- C:\Windows\SYSWOW64\user32.dll
2011-09-04 14:26:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-09-04 14:26:26 ----A---- C:\Windows\system32\WebClnt.dll
2011-09-04 14:26:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-09-04 14:26:07 ----A---- C:\Windows\SYSWOW64\L2SecHC.dll
2011-09-04 14:26:06 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2011-09-04 14:26:06 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2011-09-04 14:26:06 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2011-09-04 14:26:06 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2011-09-04 14:26:06 ----A---- C:\Windows\system32\wlanapi.dll
2011-09-04 14:26:06 ----A---- C:\Windows\system32\L2SecHC.dll
2011-09-04 14:26:05 ----A---- C:\Windows\system32\wlansvc.dll
2011-09-04 14:26:05 ----A---- C:\Windows\system32\wlansec.dll
2011-09-04 14:26:05 ----A---- C:\Windows\system32\wlanmsm.dll
2011-09-04 14:26:05 ----A---- C:\Windows\system32\wlanhlp.dll
2011-09-04 14:25:49 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2011-09-04 14:25:49 ----A---- C:\Windows\SYSWOW64\msscp.dll
2011-09-04 14:25:49 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2011-09-04 14:25:49 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2011-09-04 14:25:49 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2011-09-04 14:25:49 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2011-09-04 14:25:49 ----A---- C:\Windows\system32\msscp.dll
2011-09-04 14:24:22 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2011-09-04 14:24:22 ----A---- C:\Windows\system32\netapi32.dll
2011-09-04 14:23:08 ----D---- C:\Windows\Panther
2011-09-04 14:22:54 ----RAS---- C:\BOOTSECT.BAK
2011-09-04 14:22:52 ----SHD---- C:\Boot
2011-09-04 14:22:05 ----D---- C:\Program Files (x86)\Adobe
2011-09-04 14:22:05 ----A---- C:\Windows\SYSWOW64\MSVCP50.DLL
2011-09-04 14:21:59 ----A---- C:\Windows\IsUninst.exe
2011-09-04 14:15:20 ----D---- C:\ProgramData\NVIDIA
2011-09-04 14:13:33 ----N---- C:\Windows\system32\MpSigStub.exe
2011-09-04 13:46:43 ----D---- C:\Windows\ASUSInstAll
2011-09-04 13:41:44 ----A---- C:\Windows\SYSWOW64\cabview.dll
2011-09-04 13:41:44 ----A---- C:\Windows\system32\cabview.dll
2011-09-04 13:41:36 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2011-09-04 13:41:36 ----A---- C:\Windows\system32\wintrust.dll
2011-09-04 13:40:50 ----D---- C:\Program Files (x86)\Intel
2011-09-04 13:40:45 ----D---- C:\Intel
2011-09-04 13:40:33 ----A---- C:\Windows\Ascd_log.ini
2011-09-04 13:40:12 ----N---- C:\Windows\system32\adi_oal.dll
2011-09-04 13:40:12 ----D---- C:\Program Files (x86)\Creative
2011-09-04 13:40:12 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2011-09-04 13:40:12 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2011-09-04 13:40:12 ----A---- C:\Windows\SYSWOW64\adi_oal.dll
2011-09-04 13:40:12 ----A---- C:\Windows\system32\wrap_oal.dll
2011-09-04 13:40:12 ----A---- C:\Windows\system32\OpenAL32.dll
2011-09-04 13:40:01 ----A---- C:\Windows\SYSWOW64\SFFXComm.dll
2011-09-04 13:40:01 ----A---- C:\Windows\SYSWOW64\SFBH.dll
2011-09-04 13:40:01 ----A---- C:\Windows\SYSWOW64\AEADICom.dll
2011-09-04 13:39:57 ----D---- C:\ProgramData\SonicFocus
2011-09-04 13:39:50 ----A---- C:\Windows\system32\SmaxCo.dll
2011-09-04 13:39:50 ----A---- C:\Windows\system32\SFFXCPStr.dll
2011-09-04 13:39:50 ----A---- C:\Windows\system32\drivers\ADIHdAud.sys
2011-09-04 13:39:50 ----A---- C:\Windows\system32\AEADISRV.EXE
2011-09-04 13:39:50 ----A---- C:\Windows\system32\AEADIExt.dll
2011-09-04 13:39:50 ----A---- C:\Windows\system32\AEADIAPR.dll
2011-09-04 13:39:50 ----A---- C:\Windows\system32\AEADIAPO.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFSAPO64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFProc64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFMAPO64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFLAPO64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFHAPO64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFDAPO64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFCTPL64.dll
2011-09-04 13:39:49 ----A---- C:\Windows\system32\SFComm64.dll
2011-09-04 13:39:47 ----D---- C:\Program Files (x86)\Analog Devices
2011-09-04 13:39:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-04 13:39:32 ----D---- C:\Users\DangerAge\AppData\Roaming\InstallShield
2011-09-04 13:39:19 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2011-09-04 13:39:09 ----A---- C:\Windows\SYSWOW64\drivers\ASUSHWIO.SYS
2011-09-04 13:34:12 ----D---- C:\Users\DangerAge\AppData\Roaming\Identities
2011-09-04 13:34:06 ----SD---- C:\Users\DangerAge\AppData\Roaming\Microsoft
2011-09-04 13:34:06 ----D---- C:\Users\DangerAge\AppData\Roaming\Media Center Programs
2011-09-04 13:33:01 ----A---- C:\Windows\system32\wups2.dll
2011-09-04 13:33:01 ----A---- C:\Windows\system32\wucltux.dll
2011-09-04 13:33:01 ----A---- C:\Windows\system32\wuaueng.dll
2011-09-04 13:33:01 ----A---- C:\Windows\system32\wuauclt.exe
2011-09-04 13:32:54 ----A---- C:\Windows\SYSWOW64\wups.dll
2011-09-04 13:32:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2011-09-04 13:32:53 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2011-09-04 13:32:53 ----A---- C:\Windows\system32\wups.dll
2011-09-04 13:32:53 ----A---- C:\Windows\system32\wudriver.dll
2011-09-04 13:32:53 ----A---- C:\Windows\system32\wuapi.dll
2011-09-04 13:32:46 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2011-09-04 13:32:46 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2011-09-04 13:32:46 ----A---- C:\Windows\system32\wuwebv.dll
2011-09-04 13:32:46 ----A---- C:\Windows\system32\wuapp.exe
2011-09-04 13:32:06 ----SHD---- C:\ProgramData\Šablony
2011-09-04 13:32:06 ----SHD---- C:\ProgramData\Plocha
2011-09-04 13:32:06 ----SHD---- C:\ProgramData\Oblíbené položky
2011-09-04 13:32:06 ----SHD---- C:\ProgramData\Nabídka Start
2011-09-04 13:32:06 ----SHD---- C:\ProgramData\Dokumenty
2011-09-04 13:32:06 ----SHD---- C:\ProgramData\Data aplikací
2011-09-04 13:29:52 ----ASH---- C:\hiberfil.sys
2011-09-04 13:26:25 ----D---- C:\Windows\SoftwareDistribution
2011-09-04 13:25:24 ----D---- C:\Windows\system32\catroot2
2011-09-04 13:25:19 ----D---- C:\Windows\Debug
2011-09-04 13:25:18 ----D---- C:\Windows\CSC
2011-09-04 13:24:29 ----D---- C:\Windows\Prefetch
2011-09-04 13:24:21 ----ASH---- C:\pagefile.sys
2011-09-04 13:24:14 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 month======

2011-09-05 19:11:58 ----D---- C:\Windows\Temp
2011-09-05 19:11:55 ----RD---- C:\Program Files
2011-09-05 18:52:28 ----D---- C:\Windows\SysWOW64
2011-09-05 18:52:25 ----RD---- C:\Program Files (x86)
2011-09-05 18:44:52 ----SD---- C:\ProgramData\Microsoft
2011-09-05 18:05:04 ----D---- C:\Windows\Microsoft.NET
2011-09-05 18:05:00 ----RSD---- C:\Windows\assembly
2011-09-05 17:30:32 ----HD---- C:\ProgramData
2011-09-05 17:09:29 ----D---- C:\Windows\System32
2011-09-05 17:09:29 ----D---- C:\Windows\inf
2011-09-05 17:09:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-05 17:00:49 ----D---- C:\Windows\system32\drivers
2011-09-05 17:00:49 ----D---- C:\Windows
2011-09-05 17:00:39 ----D---- C:\Windows\rescache
2011-09-05 16:59:33 ----D---- C:\Program Files\Windows Mail
2011-09-05 16:59:33 ----D---- C:\Program Files\Common Files\System
2011-09-05 16:59:33 ----D---- C:\Program Files (x86)\Windows Mail
2011-09-05 16:59:32 ----D---- C:\Windows\SYSWOW64\wbem
2011-09-05 16:59:32 ----D---- C:\Windows\SYSWOW64\migration
2011-09-05 16:59:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-09-05 16:59:32 ----D---- C:\Windows\servicing
2011-09-05 16:59:30 ----D---- C:\Windows\system32\migration
2011-09-05 16:59:30 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-09-05 16:59:30 ----D---- C:\Windows\system32\cs-CZ
2011-09-05 16:55:29 ----D---- C:\Windows\winsxs
2011-09-05 16:55:01 ----D---- C:\Windows\system32\catroot
2011-09-05 16:27:35 ----D---- C:\Windows\Help
2011-09-05 15:52:47 ----A---- C:\Windows\system.ini
2011-09-05 15:41:02 ----D---- C:\Program Files\Common Files
2011-09-05 15:40:47 ----D---- C:\Program Files (x86)\Common Files
2011-09-05 14:48:14 ----D---- C:\Windows\SYSWOW64\manifeststore
2011-09-05 14:48:14 ----D---- C:\Windows\system32\manifeststore
2011-09-05 14:48:14 ----D---- C:\Windows\AppPatch
2011-09-05 14:48:11 ----D---- C:\Windows\SYSWOW64\ras
2011-09-05 14:48:11 ----D---- C:\Windows\SYSWOW64\icsxml
2011-09-05 14:48:11 ----D---- C:\Windows\system32\ras
2011-09-05 14:48:11 ----D---- C:\Windows\system32\icsxml
2011-09-05 14:48:11 ----D---- C:\Program Files\Windows Calendar
2011-09-05 14:48:11 ----D---- C:\Program Files (x86)\Windows Calendar
2011-09-05 14:48:07 ----D---- C:\Windows\SYSWOW64\XPSViewer
2011-09-05 14:48:05 ----D---- C:\Windows\SYSWOW64\en-US
2011-09-05 14:48:05 ----D---- C:\Windows\system32\wbem
2011-09-05 14:48:05 ----D---- C:\Windows\system32\en-US
2011-09-05 14:06:42 ----D---- C:\Program Files\Windows Media Player
2011-09-05 14:06:42 ----D---- C:\Program Files (x86)\Windows Media Player
2011-09-05 14:06:41 ----D---- C:\Windows\ehome
2011-09-04 23:06:46 ----A---- C:\Windows\system32\hal.dll
2011-09-04 22:39:58 ----D---- C:\Program Files\Windows Sidebar
2011-09-04 22:39:58 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-09-04 15:59:58 ----D---- C:\Windows\SYSWOW64\ias
2011-09-04 15:59:57 ----D---- C:\Windows\SYSWOW64\SLUI
2011-09-04 15:59:57 ----D---- C:\Windows\system32\SLUI
2011-09-04 15:59:56 ----D---- C:\Program Files\Internet Explorer
2011-09-04 15:59:56 ----D---- C:\Program Files (x86)\Internet Explorer
2011-09-04 15:59:50 ----D---- C:\Windows\system32\Boot
2011-09-04 15:57:15 ----D---- C:\Windows\system32\WDI
2011-09-04 15:21:39 ----D---- C:\Windows\SYSWOW64\drivers
2011-09-04 14:58:53 ----ASH---- C:\Program Files (x86)\desktop.ini
2011-09-04 14:58:45 ----ASH---- C:\Program Files\desktop.ini
2011-09-04 14:53:26 ----RSD---- C:\Windows\Fonts
2011-09-04 14:53:11 ----D---- C:\Program Files\Windows Defender
2011-09-04 14:24:06 ----D---- C:\Program Files\Movie Maker
2011-09-04 13:46:47 ----D---- C:\Windows\system32\Tasks
2011-09-04 13:36:37 ----D---- C:\Windows\Logs
2011-09-04 13:34:23 ----SHD---- C:\$Recycle.Bin
2011-09-04 13:33:56 ----RD---- C:\Users
2011-09-04 13:33:24 ----D---- C:\Windows\PolicyDefinitions
2011-09-04 13:32:26 ----D---- C:\Windows\system32\restore
2011-09-04 13:32:06 ----D---- C:\Program Files\Windows NT
2011-09-04 13:26:51 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 138856]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-03-21 381720]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2006-10-18 13632]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2009-12-17 193232]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2009-12-17 53264]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-07-18 432640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-31 15680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-12-18 11337704]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 145360]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2009-12-17 165200]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 108032]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys [2007-05-24 335872]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 7936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-06-07 89088]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-12-17 383592]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2006-11-02 174656]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-12-17 239208]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2011-09-05 346528]

-----------------EOF-----------------

[vyosek]

Pustte tam ten ComboFix jak jsem psal o kousek vys

[majkl655]

Tady...Je možný že CombFix udělá něco se souborama?Teď už mě nejde spustit skoro nic...To snad ne...To mi udělalo i minule...Hlásí to že to není aplikace typu Win32..

ComboFix 11-09-05.03 - DangerAge 05.09.2011 19:24:23.1.4 - x64
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.420.1029.18.8190.6368 [GMT 2:00]
Spuštěný z: c:\users\DANGER~1\DOWNLO~1\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\pswi_preloaded.exe
c:\windows\directx.sys
c:\windows\svchost.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-05 do 2011-09-05 )))))))))))))))))))))))))))))))
.
.
2011-09-05 17:11 . 2011-09-05 17:12 -------- d-----w- c:\program files\trend micro
2011-09-05 17:11 . 2011-09-05 17:12 -------- d-----w- C:\rsit
2011-09-05 16:52 . 2009-07-10 10:43 1589248 ----a-w- c:\windows\SysWow64\libmysql_d.dll
2011-09-05 16:52 . 2011-09-05 16:52 -------- d-----w- c:\program files (x86)\PremiumSoft
2011-09-05 16:25 . 2011-09-05 16:26 -------- d-----w- C:\xampp
2011-09-05 15:30 . 2011-09-05 15:30 -------- d-----w- c:\program files (x86)\Safari
2011-09-05 15:30 . 2011-09-05 15:30 -------- d-----w- c:\programdata\Apple Computer
2011-09-05 15:30 . 2011-09-05 15:30 -------- d-----w- c:\programdata\Apple
2011-09-05 15:30 . 2011-09-05 15:30 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-09-05 15:24 . 2011-09-05 15:24 -------- d-----w- c:\program files (x86)\Opera
2011-09-05 15:07 . 2011-09-05 15:07 -------- d-----w- c:\program files (x86)\Namoroka
2011-09-05 14:55 . 2011-09-05 14:55 441856 ----a-w- c:\windows\system32\winhttp.dll
2011-09-05 14:55 . 2011-09-05 14:55 378368 ----a-w- c:\windows\SysWow64\winhttp.dll
2011-09-05 14:53 . 2011-09-05 14:53 32256 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-09-05 14:35 . 2011-09-05 14:35 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2011-09-05 14:32 . 2009-12-17 12:58 193232 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-09-05 14:32 . 2009-12-17 12:58 53264 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-09-05 14:32 . 2011-09-05 14:32 -------- d-----w- c:\program files\Sun
2011-09-05 14:28 . 2011-09-05 14:28 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-09-05 14:26 . 2011-09-05 14:26 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-09-05 14:26 . 2011-09-05 14:26 -------- d-----w- c:\program files\NVIDIA Corporation
2011-09-05 14:26 . 2009-12-17 22:31 646248 ----a-w- c:\windows\system32\nvudisp.exe
2011-09-05 13:16 . 2007-07-21 13:27 1064448 ----a-w- c:\windows\system32\nvcpluir.dll
2011-09-05 13:16 . 2007-07-21 13:27 381952 ----a-w- c:\windows\system32\nvexpbar.dll
2011-09-05 13:15 . 2009-12-16 15:36 646248 ----a-w- c:\windows\system32\nvuninst.exe
2011-09-05 12:40 . 2011-09-05 12:40 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-09-05 12:40 . 2011-09-05 12:40 272896 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-09-05 12:40 . 2011-09-05 12:40 134144 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-09-05 12:40 . 2011-09-05 12:40 4424072 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-09-05 12:38 . 2011-09-05 12:38 287744 ----a-w- c:\windows\system32\raschap.dll
2011-09-05 12:38 . 2011-09-05 12:38 274432 ----a-w- c:\windows\SysWow64\raschap.dll
2011-09-05 12:38 . 2011-09-05 12:38 267264 ----a-w- c:\windows\system32\rastls.dll
2011-09-05 12:38 . 2011-09-05 12:38 232960 ----a-w- c:\windows\SysWow64\rastls.dll
2011-09-05 12:38 . 2011-09-05 12:38 25600 ----a-w- c:\windows\SysWow64\amxread.dll
2011-09-05 12:38 . 2011-09-05 12:38 25600 ----a-w- c:\windows\system32\amxread.dll
2011-09-05 12:38 . 2011-09-05 12:38 15872 ----a-w- c:\windows\system32\apilogen.dll
2011-09-05 12:38 . 2011-09-05 12:38 14848 ----a-w- c:\windows\SysWow64\apilogen.dll
2011-09-05 12:36 . 2011-09-05 12:36 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2011-09-05 12:33 . 2011-09-05 12:33 9728 ----a-w- c:\windows\SysWow64\LAPRXY.DLL
2011-09-05 12:33 . 2011-09-05 12:33 301056 ----a-w- c:\windows\system32\WMASF.DLL
2011-09-05 12:33 . 2011-09-05 12:33 223232 ----a-w- c:\windows\SysWow64\WMASF.DLL
2011-09-05 12:33 . 2011-09-05 12:33 2048 ----a-w- c:\windows\SysWow64\asferror.dll
2011-09-05 12:33 . 2011-09-05 12:33 2048 ----a-w- c:\windows\system32\asferror.dll
2011-09-05 12:33 . 2011-09-05 12:33 11776 ----a-w- c:\windows\system32\LAPRXY.DLL
2011-09-05 12:30 . 2011-09-05 12:30 461824 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-05 12:30 . 2011-09-05 12:30 118272 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-09-05 12:30 . 2011-09-05 12:30 241152 ----a-w- c:\windows\SysWow64\PortableDeviceApi.dll
2011-09-05 12:30 . 2011-09-05 12:30 95232 ----a-w- c:\windows\SysWow64\PortableDeviceClassExtension.dll
2011-09-05 12:30 . 2011-09-05 12:30 331264 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-05 12:30 . 2011-09-05 12:30 214528 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-09-05 12:30 . 2011-09-05 12:30 160768 ----a-w- c:\windows\SysWow64\PortableDeviceTypes.dll
2011-09-05 12:30 . 2011-09-05 12:30 105984 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-09-05 12:29 . 2011-09-05 12:29 996352 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-05 12:29 . 2011-09-05 12:29 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2011-09-05 12:29 . 2011-09-05 12:29 84480 ----a-w- c:\windows\system32\INETRES.dll
2011-09-05 12:29 . 2011-09-05 12:29 737792 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-09-05 12:14 . 2011-09-05 12:14 268800 ----a-w- c:\windows\SysWow64\es.dll
2011-09-05 12:14 . 2011-09-05 12:14 361472 ----a-w- c:\windows\system32\es.dll
2011-09-04 21:15 . 2011-09-04 21:15 114176 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-09-04 21:15 . 2011-09-04 21:15 27648 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-09-04 21:15 . 2011-09-04 21:15 24576 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-09-04 21:13 . 2011-09-04 21:13 1691648 ----a-w- c:\windows\system32\connect.dll
2011-09-04 21:13 . 2011-09-04 21:13 1645568 ----a-w- c:\windows\SysWow64\connect.dll
2011-09-04 21:10 . 2011-09-04 21:10 707072 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-09-04 21:09 . 2011-09-04 21:09 99328 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-09-04 21:08 . 2011-09-04 21:08 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-04 21:08 . 2011-09-04 21:08 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll
2011-09-04 21:08 . 2011-09-04 21:08 4247552 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll
2011-09-04 21:08 . 2011-09-04 21:08 1686528 ----a-w- c:\windows\SysWow64\gameux.dll
2011-09-04 21:08 . 2011-09-04 21:08 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-04 21:08 . 2011-09-04 21:08 1916416 ----a-w- c:\windows\system32\gameux.dll
2011-09-04 21:06 . 2011-09-04 21:06 1039872 ----a-w- c:\windows\system32\qmgr.dll
2011-09-04 21:05 . 2011-09-04 21:05 836608 ----a-w- c:\windows\system32\localspl.dll
2011-09-04 21:05 . 2011-09-04 21:05 696832 ----a-w- c:\windows\SysWow64\localspl.dll
2011-09-04 21:05 . 2011-09-04 21:05 672256 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2011-09-04 21:05 . 2011-09-04 21:05 1260544 ----a-w- c:\windows\system32\rpcrt4.dll
2011-09-04 21:04 . 2011-09-04 21:04 658944 ----a-w- c:\windows\system32\kerberos.dll
2011-09-04 21:04 . 2011-09-04 21:04 494592 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-09-04 21:04 . 2011-09-04 21:04 343040 ----a-w- c:\windows\system32\schannel.dll
2011-09-04 21:04 . 2011-09-04 21:04 272384 ----a-w- c:\windows\SysWow64\schannel.dll
2011-09-04 21:04 . 2011-09-04 21:04 29696 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-09-04 21:04 . 2011-09-04 21:04 25600 ----a-w- c:\windows\system32\netiougc.exe
2011-09-04 21:04 . 2011-09-04 21:04 232960 ----a-w- c:\windows\system32\tcpipcfg.dll
2011-09-04 21:04 . 2011-09-04 21:04 22016 ----a-w- c:\windows\SysWow64\netiougc.exe
2011-09-04 21:04 . 2011-09-04 21:04 199168 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-09-04 21:04 . 2011-09-04 21:04 18432 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-09-04 21:04 . 2011-09-04 21:04 167424 ----a-w- c:\windows\SysWow64\tcpipcfg.dll
2011-09-04 21:04 . 2011-09-04 21:04 1200640 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-04 21:03 . 2011-09-04 21:03 399872 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-04 21:03 . 2011-09-04 21:03 321536 ----a-w- c:\windows\SysWow64\WSDApi.dll
2011-09-04 21:02 . 2011-09-04 21:02 402944 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2011-09-04 21:02 . 2011-09-04 21:02 356864 ----a-w- c:\windows\SysWow64\MediaMetadataHandler.dll
2011-09-04 21:02 . 2011-09-04 21:02 817152 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-09-04 21:02 . 2011-09-04 21:02 604672 ----a-w- c:\windows\SysWow64\WMSPDMOD.DLL
2011-09-04 21:01 . 2011-09-04 21:01 441856 ----a-w- c:\windows\SysWow64\win32spl.dll
2011-09-04 21:01 . 2011-09-04 21:01 37376 ----a-w- c:\windows\SysWow64\printcom.dll
2011-09-04 21:01 . 2011-09-04 21:01 664064 ----a-w- c:\windows\system32\win32spl.dll
2011-09-04 21:01 . 2011-09-04 21:01 44544 ----a-w- c:\windows\system32\printcom.dll
2011-09-04 20:59 . 2011-09-04 20:59 2758656 ----a-w- c:\windows\system32\win32k.sys
2011-09-04 20:55 . 2011-09-04 20:55 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-09-04 20:55 . 2011-09-04 20:55 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-04 20:46 . 2011-09-04 20:46 96760 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-09-04 20:46 . 2011-09-04 20:46 41984 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-09-04 20:46 . 2011-09-04 20:46 13824 ----a-w- c:\windows\system32\netfxperf.dll
2011-09-04 20:46 . 2011-09-04 20:46 112120 ----a-w- c:\windows\system32\dfshim.dll
2011-09-04 20:46 . 2011-09-04 20:46 83968 ----a-w- c:\windows\SysWow64\mscories.dll
2011-09-04 20:46 . 2011-09-04 20:46 76288 ----a-w- c:\windows\system32\mscories.dll
2011-09-04 20:46 . 2011-09-04 20:46 406528 ----a-w- c:\windows\system32\mscoree.dll
2011-09-04 20:46 . 2011-09-04 20:46 282112 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-09-04 20:46 . 2011-09-04 20:46 158720 ----a-w- c:\windows\SysWow64\mscorier.dll
2011-09-04 20:46 . 2011-09-04 20:46 158208 ----a-w- c:\windows\system32\mscorier.dll
2011-09-04 20:39 . 2011-09-04 20:39 67584 ----a-w- c:\program files\Windows Sidebar\sbdrop.dll
2011-09-04 20:39 . 2011-09-04 20:39 66048 ----a-w- c:\program files (x86)\Windows Sidebar\sbdrop.dll
2011-09-04 20:39 . 2011-09-04 20:39 1554432 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
2011-09-04 20:39 . 2011-09-04 20:39 13312 ----a-w- c:\windows\system32\sbunattend.exe
2011-09-04 20:39 . 2011-09-04 20:39 1232896 ----a-w- c:\program files (x86)\Windows Sidebar\sidebar.exe
2011-09-04 20:39 . 2011-09-04 20:39 11776 ----a-w- c:\windows\SysWow64\sbunattend.exe
2011-09-04 20:39 . 2011-09-04 20:39 880640 ----a-w- c:\windows\system32\timedate.cpl
2011-09-04 20:39 . 2011-09-04 20:39 713728 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-09-04 20:06 . 2011-09-05 14:32 -------- dc----w- c:\windows\system32\DRVSTORE
2011-09-04 19:33 . 2011-09-05 15:20 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-04 19:32 . 2011-09-04 19:32 -------- d-----w- c:\windows\SysWow64\Macromed
2011-09-04 19:32 . 2011-09-04 19:32 -------- d-----w- c:\programdata\McAfee
2011-09-04 19:32 . 2011-09-04 19:32 -------- d-----w- c:\programdata\McAfee Security Scan
2011-09-04 19:32 . 2011-09-04 19:32 -------- d-----w- c:\program files (x86)\McAfee Security Scan
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-05 14:54 . 2011-09-05 14:54 844288 ----a-w- c:\windows\system32\schedsvc.dll
2011-09-05 12:38 . 2011-09-05 12:38 55296 ----a-w- c:\windows\apppatch\AppPatch64\apihex64.dll
2011-09-05 12:38 . 2011-09-05 12:38 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-09-04 21:08 . 2011-09-04 21:08 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-09-04 21:08 . 2011-09-04 21:08 537600 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-09-04 21:08 . 2011-09-04 21:08 327680 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-09-04 21:08 . 2011-09-04 21:08 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-09-04 21:08 . 2011-09-04 21:08 275456 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-09-04 21:08 . 2011-09-04 21:08 2143744 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-09-04 21:08 . 2011-09-04 21:08 87040 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-09-04 21:08 . 2011-09-04 21:08 449024 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-09-04 21:04 . 2011-09-04 21:04 343040 ----a-w- c:\windows\system32\schannel.dll
2011-09-04 21:04 . 2011-09-04 21:04 272384 ----a-w- c:\windows\SysWow64\schannel.dll
2011-09-04 13:52 . 2011-09-04 13:52 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2011-09-04 13:52 . 2011-09-04 13:52 145408 ----a-w- c:\windows\apppatch\AppPatch64\iebrshim.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2011-09-04 1554432]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 2159104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2011-09-05 1380864]
"SoundTray"="c:\program files (x86)\Analog Devices\SoundMAX\SoundTray.exe" [2011-09-05 160256]
"Ai Nap"="c:\program files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" [2011-09-05 2367488]
"CPU Power Monitor"="c:\program files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" [2011-09-05 1451008]
"Cpu Level Up help"="c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2011-09-05 1178624]
"Launch Direct Link"="c:\program files (x86)\ASUS\AI Direct Link\AsShare.exe" [2007-08-20 1289728]
"Launch As Cmd Runner"="c:\program files (x86)\ASUS\AI Direct Link\AsCmd.exe" [2007-04-11 454656]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-09-05 2811784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 186368]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 297008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2011-09-05 346528]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-12-17 239208]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
NETSVCS MUSÍ BÝT OPRAVENY - dosavadní položky jsou:
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\DangerAge\AppData\Roaming\Mozilla\Firefox\Profiles\bct8bse2.default\
.
.
------- Asociace souborů -------
.
exefile=c:\windows\svchost.com "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-Corel Photo Downloader - c:\program files (x86)\Corel\Corel Snapfire Plus\Corel PhotoDownloader.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-783085882-635583114-2787245633-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-783085882-635583114-2787245633-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-783085882-635583114-2787245633-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-783085882-635583114-2787245633-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-783085882-635583114-2787245633-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-783085882-635583114-2787245633-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\AASP\1.00.40\aaCenter.exe
c:\progra~2\Intel\INTELM~1\IAAnotif.exe
c:\progra~2\Corel\CORELS~1\CORELP~1.EXE
c:\program files (x86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\SysWOW64\PSIService.exe
c:\windows\TEMP\3582-490\HAMACH~1.EXE
c:\users\DANGER~1\AppData\Local\Temp\xxbqhm.exe
c:\users\DANGER~1\AppData\Local\Temp\winksein.exe
.
**************************************************************************
.
Celkový čas: 2011-09-05 19:44:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-05 17:44
.
Před spuštěním: Volných bajtů: 20 820 180 992
Po spuštění: Volných bajtů: 22 151 012 352
.
- - End Of File - - 4A4AB90B14F57712F1E69BA2C639626A

[vyosek]

Aplikujte exeHelper by Raktor

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/exeHelper.com
  • SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
• Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

Prejmenujte ComboFix na Beruska.com

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
  
  Registry::
  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
  "DisableTaskMgr"=-
  "DisableRegistryTools"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "AntiVirusOverride"=dword:00000000
  "AntiVirusDisableNotify"=dword:00000000
  "FirewallDisableNotify"=dword:00000000
  "FirewallOverride"=dword:00000000
  "UpdatesDisableNotify"=dword:0000000
  "UacDisableNotify"=dword:00000000
  
  Collect::
  c:\windows\svchost.com
  
  Folder::
  c:\users\DANGER~1\AppData\Local\Temp
  
  Reboot::
  

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[majkl655]

Aha děkuju a odpověď...


exeHelper by Raktor
Build 20100414
Run at 15:20:08 on 09/06/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--