wuauclt.exe + log

[Branno]

Kód: Vybrat vše

oLogfile of random's system information tool 1.06 (written by random/random)
Run by pc at 2010-01-13 16:00:52
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (4%) free of 76 GB
Total RAM: 1535 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:54:56, on 13.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\pc\Start Menu\Programs\Startup\smgr32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\pc\My Documents\Downloady\dnl\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: smgr32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll prio.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98dafefb9e360) (gupdate1c98dafefb9e360) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 9697 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Automatic troubleshooting.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-05 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_0.dll [2009-07-02 2215960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_0.dll [2009-07-02 2215960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"TWCU"=C:\Program Files\TP-LINK\TWCU\TWCU.exe [2005-08-09 413696]
""= []
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"Device Detector"=DevDetect.exe -autorun []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-10-05 185896]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-03-19 2029640]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2008-04-04 88584]
"QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe [2009-05-26 413696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Uniblue RegistryBooster2"=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2007-06-13 1650720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"UniblueRegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe [2009-12-02 60208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-01-15 37376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^pc^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk]
C:\PROGRA~1\OPENOF~1.1\program\QUICKS~1.EXE [2006-12-01 393216]

C:\Documents and Settings\pc\Start Menu\Programs\Startup
smgr32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll prio.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"NoDispCPL"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoStartMenuMorePrograms"=0
"StartMenuLogOff"=0
"NoDrives"=0
"NoToolbarCustomize"=0
"NoSetFolders"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Hry\Battlefield 2\BF2.exe"="C:\Program Files\Hry\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Hry\The Battle fot Middle-Earth 2\game.dat"="C:\Program Files\Hry\The Battle fot Middle-Earth 2\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\Valve\Steam\SteamApps\luckerko\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\luckerko\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Hry\Valve\hl.exe"="C:\Program Files\Hry\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Hry\Valve\hlds.exe"="C:\Program Files\Hry\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX01.484\netctrl_full\Osa9.exe"="C:\Documents and Settings\pc\Local Settings\Temp\Rar$EX01.484\netctrl_full\Osa9.exe:*:Enabled:Osa9"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\MOBILedit!\WebVideoDownloader.exe"="C:\Program Files\MOBILedit!\WebVideoDownloader.exe:*:Enabled:MobilEdit! Web Video Downloader Proxy"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ\Icq.exe"="C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ Application"
"C:\Program Files\City Interactive\Combat Wings - Battle of Britain\game.exe"="C:\Program Files\City Interactive\Combat Wings - Battle of Britain\game.exe:*:Enabled:game"
"C:\Program Files\EA SPORTS\NHL 09\nhl2009.exe"="C:\Program Files\EA SPORTS\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"C:\Program Files\Valve\Steam\SteamApps\luckerko\day of defeat\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\luckerko\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\css\hl2.exe"="C:\Program Files\css\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\Capcom\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08\Launcher.exe:*:Enabled:MotoGP 08"
"C:\Program Files\EA Sports\NHL 2004\nhl2004.exe"="C:\Program Files\EA Sports\NHL 2004\nhl2004.exe:*:Enabled:NHL 2004"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Prijímacie skúšky\ps.exe"="C:\Program Files\Prijímacie skúšky\ps.exe:*:Enabled:Prijímacie skúšky"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Documents and Settings\pc\Application Data\uTorrent\utorrent.exe"="C:\Documents and Settings\pc\Application Data\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b15fce8-015b-11dd-9c84-001a4dfcf13a}]
shell\Auto\command - infrom.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f2971f85-16ae-11dd-9cd3-001a4dfcf13a}]
shell\AutoRun\command - 1


======List of files/folders created in the last 1 months======

2010-01-13 16:00:52 ----D---- C:\rsit
2010-01-13 15:49:59 ----D---- C:\Program Files\Enigma Software Group
2010-01-13 14:54:21 ----D---- C:\Documents and Settings\pc\Application Data\Uniblue
2010-01-13 14:54:15 ----D---- C:\Program Files\Uniblue
2010-01-13 14:36:47 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-01-13 14:15:57 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-01-13 14:04:54 ----D---- C:\Config.Msi
2010-01-12 14:29:27 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-01-12 14:25:21 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-01-12 14:25:16 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-01-12 14:11:49 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-01-11 19:00:22 ----D---- C:\Program Files\Zaparit
2010-01-08 09:09:15 ----D---- C:\Program Files\Left4Dead
2010-01-05 12:44:37 ----RHD---- C:\Documents and Settings\pc\Application Data\SecuROM
2009-12-30 17:58:15 ----D---- C:\Documents and Settings\pc\Application Data\dvdcss
2009-12-29 11:50:57 ----D---- C:\Documents and Settings\pc\Application Data\BSplayer
2009-12-26 13:51:16 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-12-26 10:51:37 ----A---- C:\winupd.bat
2009-12-24 21:04:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-12-23 18:27:20 ----D---- C:\Program Files\Conduit
2009-12-23 18:27:17 ----D---- C:\Program Files\BS_Player
2009-12-23 18:27:11 ----D---- C:\Documents and Settings\pc\Application Data\BSplayer Pro

======List of files/folders modified in the last 1 months======

2010-01-13 16:00:36 ----D---- C:\WINDOWS\Temp
2010-01-13 15:58:04 ----D---- C:\WINDOWS\system32
2010-01-13 15:51:25 ----D---- C:\Program Files\Mozilla Firefox
2010-01-13 15:50:52 ----D---- C:\WINDOWS\system32\drivers
2010-01-13 15:49:59 ----D---- C:\Program Files
2010-01-13 15:45:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 15:42:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-13 15:39:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-13 14:38:08 ----D---- C:\WINDOWS\system32\config
2010-01-13 14:37:47 ----D---- C:\WINDOWS\system32\wbem
2010-01-13 14:37:46 ----D---- C:\WINDOWS\Registration
2010-01-13 14:36:36 ----SHD---- C:\WINDOWS\Installer
2010-01-13 14:36:24 ----D---- C:\WINDOWS\system32\LogFiles
2010-01-13 14:23:19 ----D---- C:\WINDOWS\Prefetch
2010-01-13 14:22:00 ----D---- C:\WINDOWS
2010-01-13 14:16:54 ----SD---- C:\WINDOWS\Tasks
2010-01-13 14:15:34 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-01-12 14:14:14 ----D---- C:\ProgramData
2010-01-11 17:03:08 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-10 18:25:59 ----D---- C:\Program Files\Magic Video Converter
2010-01-10 13:33:04 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-10 13:33:02 ----D---- C:\Program Files\Ubisoft
2010-01-09 19:12:59 ----D---- C:\Documents and Settings\pc\Application Data\vlc
2010-01-08 11:48:42 ----D---- C:\Documents and Settings\pc\Application Data\Skype
2010-01-08 11:48:28 ----D---- C:\Documents and Settings\pc\Application Data\skypePM
2010-01-05 12:08:12 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-01-05 12:07:52 ----D---- C:\WINDOWS\system32\DirectX
2010-01-05 12:07:51 ----HD---- C:\WINDOWS\inf
2010-01-05 12:06:27 ----RSD---- C:\WINDOWS\assembly
2010-01-05 12:04:01 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-05 12:03:49 ----A---- C:\WINDOWS\system32\pbsvc.exe
2010-01-03 12:09:44 ----D---- C:\Program Files\EA Sports
2009-12-31 19:47:12 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-31 16:26:58 ----D---- C:\Fraps
2009-12-29 11:50:47 ----D---- C:\Program Files\Webteh
2009-12-27 09:43:57 ----D---- C:\Program Files\Activision
2009-12-26 18:10:51 ----D---- C:\Documents and Settings\pc\Application Data\uTorrent
2009-12-24 21:05:00 ----D---- C:\Documents and Settings\pc\Application Data\Adobe
2009-12-24 21:05:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-24 21:04:56 ----D---- C:\Program Files\Common Files
2009-12-24 17:34:33 ----D---- C:\Documents and Settings\pc\Application Data\OpenOffice.org2
2009-12-17 20:47:46 ----RSD---- C:\WINDOWS\Fonts
2009-12-17 16:59:23 ----D---- C:\Program Files\RCrawler
2009-12-17 16:00:37 ----D---- C:\WINDOWS\network diagnostic
2009-12-17 14:44:51 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-03-19 107256]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-03-19 55768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 Prio;Prio; C:\WINDOWS\System32\drivers\prio.sys [2008-03-31 34576]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-03 17801]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-03-19 113960]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-03-19 131976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-03-19 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-05-18 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-04-12 10368]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2008-01-24 48904]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-06-25 463168]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-04-17 25280]
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2008-01-24 28168]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2008-01-24 14728]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2005-05-04 36864]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-03-19 731840]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-09-05 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-05 107832]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-01-12 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 gupdate1c98dafefb9e360;Google Update Service (gupdate1c98dafefb9e360); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-03-19 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-24 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

môj log z RSIT prosím vás pozrie sa nato niekto ? mám problém z ničoho nič mi od rána začalo naskakovať odoslanie chyby presnejšie išlo o wuauclt.exe našiel som cez google že tento súbor môže byť aj akvirus a ani nemôžem ho odstrániť v spravca úloh to vypnem a v system32 som ten súbor zmazal a ochvilu tam bol znova

a od kedy mi to nabehuje pc mi strašne pomaly a ani pridanie alebo odstranenie súborov mi nespustí ... pls. help

[Branno]

čau


tu je log

ComboFix 10-01-12.05 - pc 13.01.2010 17:55:10.1.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1535.1067 [GMT 1:00]
Running from: c:\documents and settings\pc\My Documents\Downloady\dnl\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\pc\Application Data\BITS
c:\documents and settings\pc\Application Data\BITS\BITS.ini
c:\documents and settings\pc\Application Data\BITS\DHTTable.dat
c:\documents and settings\pc\Application Data\BITS\ProxyList.ini
c:\documents and settings\pc\Application Data\Desktopicon
c:\documents and settings\pc\Application Data\Desktopicon\config.ini
c:\documents and settings\pc\Application Data\inst.exe
C:\install.exe
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\windows\system32\Ijl11.dll
c:\windows\system32\SIntf16.dll
c:\windows\system32\twain_32.dll
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Files Created from 2009-12-13 to 2010-01-13 )))))))))))))))))))))))))))))))
.

2010-01-13 15:43 . 2010-01-13 16:47 -------- d-----w- c:\program files\Spyware Doctor
2010-01-13 15:43 . 2010-01-13 16:47 -------- d-----w- c:\program files\Common Files\PC Tools
2010-01-13 15:43 . 2010-01-13 15:43 -------- d-----w- c:\documents and settings\pc\Application Data\PC Tools
2010-01-13 15:43 . 2010-01-13 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-13 15:00 . 2010-01-13 15:01 -------- d-----w- C:\rsit
2010-01-13 14:49 . 2010-01-13 14:49 -------- d-----w- c:\program files\Enigma Software Group
2010-01-13 13:54 . 2010-01-13 14:14 -------- d-----w- c:\documents and settings\pc\Application Data\Uniblue
2010-01-13 13:37 . 2010-01-13 13:37 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-13 13:36 . 2010-01-13 13:37 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-13 13:15 . 2010-01-13 13:36 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-01-12 13:29 . 2008-12-11 12:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2010-01-12 13:25 . 2010-01-12 13:25 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2010-01-12 13:25 . 2010-01-12 13:25 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-01-12 13:11 . 2010-01-12 13:11 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-01-11 18:00 . 2010-01-11 18:00 -------- d-----w- c:\program files\Zaparit
2010-01-08 08:09 . 2010-01-12 18:48 -------- d-----w- c:\program files\Left4Dead
2010-01-05 12:44 . 2010-01-05 12:44 -------- d-----w- c:\documents and settings\pc\WINDOWS
2010-01-05 11:44 . 2010-01-05 11:44 -------- d--h--r- c:\documents and settings\pc\Application Data\SecuROM
2010-01-03 17:51 . 2009-12-23 16:56 52224 ----a-w- c:\documents and settings\pc\Application Data\Mozilla\Firefox\Profiles\raf7obt6.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
2010-01-03 17:51 . 2009-12-23 16:56 101376 ----a-w- c:\documents and settings\pc\Application Data\Mozilla\Firefox\Profiles\raf7obt6.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
2009-12-30 16:58 . 2009-12-30 16:58 -------- d-----w- c:\documents and settings\pc\Application Data\dvdcss
2009-12-29 10:51 . 2008-06-10 08:11 41412 ----a-w- c:\documents and settings\pc\Application Data\BSplayer\Haali media splitter\uninstall.exe
2009-12-29 10:50 . 2009-12-29 11:02 -------- d-----w- c:\documents and settings\pc\Application Data\BSplayer
2009-12-26 16:48 . 2009-11-25 20:34 289584 ----a-w- c:\documents and settings\pc\Application Data\uTorrent\utorrent.exe
2009-12-26 12:51 . 2009-12-26 12:51 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-12-26 09:51 . 2009-12-26 09:51 2567 ----a-w- C:\winupd.bat
2009-12-24 20:04 . 2009-12-24 20:04 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-12-23 17:27 . 2009-12-23 17:27 -------- d-----w- c:\documents and settings\pc\Local Settings\Application Data\Conduit
2009-12-23 17:27 . 2009-12-23 17:27 -------- d-----w- c:\program files\Conduit
2009-12-23 17:27 . 2009-12-27 11:08 -------- d-----w- c:\documents and settings\pc\Local Settings\Application Data\BS_Player
2009-12-23 17:27 . 2009-12-29 11:01 -------- d-----w- c:\program files\BS_Player
2009-12-23 17:27 . 2009-12-23 17:27 -------- d-----w- c:\documents and settings\pc\Application Data\BSplayer Pro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 16:06 . 2008-04-18 13:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-13 13:15 . 2008-12-08 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2010-01-10 17:25 . 2008-04-27 09:03 -------- d-----w- c:\program files\Magic Video Converter
2010-01-10 12:33 . 2008-04-02 23:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-10 12:33 . 2009-03-18 14:14 -------- d-----w- c:\program files\Ubisoft
2010-01-09 18:12 . 2009-11-07 17:04 -------- d-----w- c:\documents and settings\pc\Application Data\vlc
2010-01-08 10:48 . 2009-03-23 13:25 -------- d-----w- c:\documents and settings\pc\Application Data\Skype
2010-01-08 10:48 . 2008-11-11 20:14 -------- d-----w- c:\documents and settings\pc\Application Data\skypePM
2010-01-05 11:08 . 2008-05-24 10:57 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-05 11:04 . 2008-05-16 13:23 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-05 11:04 . 2008-05-16 13:23 22328 ----a-w- c:\documents and settings\pc\Application Data\PnkBstrK.sys
2010-01-05 11:04 . 2008-05-16 13:23 22328 ----a-w- c:\documents and settings\pc\Application Data\PnkBstrK.sys
2010-01-05 11:04 . 2008-05-16 13:23 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-05 11:03 . 2008-12-23 16:11 2250024 ----a-w- c:\windows\system32\pbsvc.exe
2010-01-03 11:09 . 2009-06-11 13:06 -------- d-----w- c:\program files\EA Sports
2009-12-29 10:50 . 2008-11-01 09:29 -------- d-----w- c:\program files\Webteh
2009-12-27 08:43 . 2009-06-20 07:30 -------- d-----w- c:\program files\Activision
2009-12-26 17:10 . 2008-05-01 18:04 -------- d-----w- c:\documents and settings\pc\Application Data\uTorrent
2009-12-24 16:34 . 2008-12-17 18:39 -------- d-----w- c:\documents and settings\pc\Application Data\OpenOffice.org2
2009-12-17 19:48 . 2008-11-23 13:40 42976 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-17 15:59 . 2009-11-07 19:34 -------- d-----w- c:\program files\RCrawler
2009-12-12 14:49 . 2009-12-12 14:46 -------- d-----w- c:\program files\DU Super Controler
2009-12-12 14:21 . 2009-12-12 14:22 1536 ----a-w- c:\windows\system32\bcevent.dll
2009-12-12 14:14 . 2009-12-12 14:14 -------- d-----w- c:\documents and settings\pc\Application Data\Locktime
2009-12-12 14:13 . 2009-12-12 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Locktime
2009-11-28 14:14 . 2008-04-27 09:04 -------- d-----w- c:\documents and settings\pc\Application Data\Vso
2009-11-26 18:24 . 2008-05-10 14:02 1272 ----a-w- c:\windows\eReg.dat
2009-11-20 19:33 . 2008-07-01 16:55 -------- d-----w- c:\program files\QIP Infium
2009-11-20 19:30 . 2009-11-20 19:29 -------- d-----w- c:\program files\QIP
2009-11-17 15:31 . 2008-04-16 15:44 -------- d-----w- c:\documents and settings\pc\Application Data\Hamachi
2009-11-07 22:49 . 2009-11-07 22:49 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-10-29 07:45 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2006-02-28 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-02-28 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-02-28 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2003-08-16 19:56 . 2005-10-27 00:39 579584 --sha-r- c:\windows\system32\cd.exe
2005-10-27 19:20 . 2005-10-27 00:16 67127 --sha-r- c:\windows\system32\cheat_plugin.exe
2003-08-16 19:56 . 2005-10-27 00:39 579584 --sha-r- c:\windows\system32\suf490E.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 09:18 2215960 ----a-w- c:\program files\BS_Player\tbBS_0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_0.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detector"="DevDetect.exe -autorun" [X]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2005-08-09 413696]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-05 185896]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2009-05-26 413696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\pc\Start Menu\Programs\Startup\
smgr32.exe [2009-3-4 13824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Documents and Settings^pc^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk]
path=c:\documents and settings\pc\Start Menu\Programs\Startup\OpenOffice.org 2.1.lnk
backup=c:\windows\pss\OpenOffice.org 2.1.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-01-15 22:54 37376 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\luckerko\\counter-strike\\hl.exe"=
"c:\\Program Files\\MOBILedit!\\WebVideoDownloader.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\EA SPORTS\\NHL 09\\nhl2009.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Documents and Settings\\pc\\Application Data\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port

R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [19.4.2008 14:40 5248]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [13.10.2005 14:46 35328]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [19.3.2009 10:44 107256]
R1 Prio;Prio;c:\windows\system32\drivers\prio.sys [31.3.2008 11:28 34576]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [19.3.2009 10:44 731840]
S0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [19.4.2008 14:40 160640]
S2 gupdate1c98dafefb9e360;Google Update Service (gupdate1c98dafefb9e360);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page =
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
FF - ProfilePath - c:\documents and settings\pc\Application Data\Mozilla\Firefox\Profiles\raf7obt6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - BS Player Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=
FF - component: c:\documents and settings\pc\Application Data\Mozilla\Firefox\Profiles\raf7obt6.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\pc\Application Data\Mozilla\Firefox\Profiles\raf7obt6.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmaud.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmprog.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmvid.dll
FF - plugin: c:\program files\Opera\program\plugins\npmmzip.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Uniblue RegistryBooster2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-Google Update - c:\documents and settings\pc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-13 18:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-343818398-1604221776-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-343818398-1604221776-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:00,23,4a,d2,d4,b0,b7,d4,4f,99,81,c2,58,4a,43,42,75,cf,71,b3,e3,
75,60,d3,d3,d7,ff,7d,61,f8,54,10,d1,84,55,c0,70,51,b1,97,c0,4b,b4,1c,2d,14,\
"rkeysecu"=hex:d2,e9,e0,ba,a0,81,50,f8,73,9c,89,f6,be,2e,b7,ff

[HKEY_LOCAL_MACHINE\software\Classes\.xaml\bootstrap]
@DACL=(02 0000)
@="bootstrap.xaml.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xbap\bootstrap]
@DACL=(02 0000)
@="bootstrap.xbap.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xps\bootstrap]
@DACL=(02 0000)
@="bootstrap.xps.1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="28021C594294D485A0889E5189AECD1983512F3415F903923345D0BA1171117DE81DAF5FF4F6EAAE983792AF10BA2A5D9A0B82AEE032A8CC3027DBC638A0EB8A573C98CF3CA7E5B26341FA1C2672FCCF739CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79339DB7CE019D40AA5CC038D530D6EB3452B9857C96EA77ADD04602984EF6CD12F4DEB82CB6F2D89507966FFC3DDF340B39E67FA71AF333226A58E667F521BDE05077EAB19EF33D5D3B97CC9A504392D2E36409920DA5237CC3CEAD687EC5F2CD0CB9B6A8F079D06C1F810A3FD8B18C829ECF7075E5B246E20C42ABB8B026C373F8D91D3268F1E2F141C770AFA0E90B02D977E55CA3C73D1134FC1D495AF92C02A7437FC5C34268B2F2902D08F81D9B4849600027C501CED36F82205ECDECC83CEE90A7ABC44278074EB6CE3734EEED63E5C0B78850F1648DB8053610DF9DDEF8E7163E03B3BCD0DBAC48CB002B7AD8F5EA846A894C9E8C344C6EC6CD6A1E5324F1D7D43DD8F24E31AE88F979394BD23259CA5905470379D32CD99C554BF6333D2E905D208519F599B5EC988C3D62FAE375E7A92CD10D7F881D99E3BCE3A2AA56832CB0C30BD6F13FE9A0C67A1BB511E6C6636581FE1D9906A7B130EB998F8F989B4D89973FC78A5EB58188543CADF8AE9977FA5D690B6692195A7822D6A1D6BDE4C907DD7DFCB2C6C9A345810927BDBDFD95B9EA2DA0A608037F976D89AF9C95122AAC2B2679FBDC974C4C3DF4F28BAEC8DF572AE91ABFD4BA424AB3A1839E03182CE1E898B52018D6F64C947057B22E90AEEEEEC4ABBD7A5977B4AD175D407D314172573E1E7A86045159EBF38CA8FE330CFBE1E6F94C10BB27DAE8E0F088915D100D8501128AC65C3D6D7A7CBF06F4D0B961FDFCA0BD40838D2A447FE3225C5CF0C55ACD65730E645263C9091287794C29E312B6AB8948159B6F76F1D25C92B672931099DF7F23E15B7BB71C188E0BCD04AB434A1E487B9976DB07BFCAA9FA3454D2B3DABF98E46156DAF93E5A9FB9C324C8096E6EB73F7EF608D371CFA071648D41A68AB24FC1B0768A15FBD7E4ABDA19AAAF6105BA8EF5276D8C95D87EE31948839F285E573FE3207565E30029980B282756E3C2D5F6734AEAB63E519ED6E8E02128B7590AF3D1706D9709B7DF4F89C5F7EFB9F6359BB153C1AA7F9707622DE7041E3D30608C17B5A52F84599AB0D2213AC6AAE824312CEB9915F37EDB2F84A5FD3346E27CCA10EFB784F0B0953228966FF30552160425EEFBF6B8CEEA7ED090C06C5F662101E1581EC1EEFEAADC0EBBFC6899E021F0226FD8A570C120A33958E2A59BA1B71A73D7BB64A1F9DD4DCAD6AC68BB377DEA6BAE00493F86118426DE620A12704A8F6F8E53BF304A52"

[HKEY_LOCAL_MACHINE\software\Sony Media Software]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Sony Media Software\File Formats 2]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Sony Media Software\SFTrans1]
@DACL=(02 0000)
@=""

[HKEY_LOCAL_MACHINE\software\Sony Media Software\SFTrans1\1.0]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Sony Media Software\Sony Vegas Video Plug-In Pack]
@DACL=(02 0000)
@=""

[HKEY_LOCAL_MACHINE\software\Sony Media Software\Sony Vegas Video Plug-In Pack\1.0]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Sony Media Software\Sound Forge\9.0\Lang]
@DACL=(02 0000)
"ULangID"=dword:00000409

[HKEY_LOCAL_MACHINE\software\Sony Media Software\Video Capture]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(940)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-01-13 18:03:31
ComboFix-quarantined-files.txt 2010-01-13 17:03

Pre-Run: 2 771 578 880 bytes free
Post-Run: 2 870 661 120 voľných bajtov

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - B448ECF2D84479EB524AD7E1A76D8820

[Branno]

c:\windows\system32\drivers\prio.sys

Result: 0/41 (0%)

a-squared 4.5.0.48 2010.01.13 -
AhnLab-V3 5.0.0.2 2010.01.13 -
AntiVir 7.9.1.134 2010.01.13 -
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.12 -
Avast 4.8.1351.0 2010.01.13 -
AVG 9.0.0.725 2010.01.13 -
BitDefender 7.2 2010.01.13 -
CAT-QuickHeal 10.00 2010.01.13 -
ClamAV 0.94.1 2010.01.13 -
Comodo 3570 2010.01.13 -
DrWeb 5.0.1.12222 2010.01.13 -
eSafe 7.0.17.0 2010.01.13 -
eTrust-Vet 35.2.7234 2010.01.13 -
F-Prot 4.5.1.85 2010.01.12 -
F-Secure 9.0.15370.0 2010.01.13 -
Fortinet 4.0.14.0 2010.01.13 -
GData 19 2010.01.13 -
Ikarus T3.1.1.80.0 2010.01.13 -
Jiangmin 13.0.900 2010.01.13 -
K7AntiVirus 7.10.946 2010.01.13 -
Kaspersky 7.0.0.125 2010.01.13 -
McAfee 5859 2010.01.12 -
McAfee+Artemis 5859 2010.01.12 -
McAfee-GW-Edition 6.8.5 2010.01.13 -
Microsoft 1.5302 2010.01.13 -
NOD32 4767 2010.01.13 -
Norman 6.04.03 2010.01.13 -
nProtect 2009.1.8.0 2010.01.13 -
Panda 10.0.2.2 2010.01.13 -
PCTools 7.0.3.5 2010.01.13 -
Prevx 3.0 2010.01.13 -
Rising 22.30.02.06 2010.01.13 -
Sophos 4.49.0 2010.01.13 -
Sunbelt 3.2.1858.2 2010.01.13 -
Symantec 20091.2.0.41 2010.01.13 -
TheHacker 6.5.0.3.148 2010.01.13 -
TrendMicro 9.120.0.1004 2010.01.13 -
VBA32 3.12.12.1 2010.01.13 -
ViRobot 2010.1.13.2134 2010.01.13 -
VirusBuster 5.0.21.0 2010.01.13 -

C:\winupd.bat

Result: 13/41 (31.71%)

a-squared 4.5.0.48 2010.01.13 Trojan.BAT.Zapchast!IK
AhnLab-V3 5.0.0.2 2010.01.13 BAT/Zapchast
AntiVir 7.9.1.134 2010.01.13 BAT/Zapchast.7
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.12 -
Avast 4.8.1351.0 2010.01.13 -
AVG 9.0.0.725 2010.01.13 -
BitDefender 7.2 2010.01.13 -
CAT-QuickHeal 10.00 2010.01.13 -
ClamAV 0.94.1 2010.01.13 Trojan.Bat.Zapchast-4
Comodo 3570 2010.01.13 -
DrWeb 5.0.1.12222 2010.01.13 -
eSafe 7.0.17.0 2010.01.13 -
eTrust-Vet 35.2.7234 2010.01.13 BAT/AVKiller.P
F-Prot 4.5.1.85 2010.01.12 -
F-Secure 9.0.15370.0 2010.01.13 -
Fortinet 4.0.14.0 2010.01.13 BAT/Zapchast.A!tr
GData 19 2010.01.13 -
Ikarus T3.1.1.80.0 2010.01.13 Trojan.BAT.Zapchast
Jiangmin 13.0.900 2010.01.13 -
K7AntiVirus 7.10.946 2010.01.13 -
Kaspersky 7.0.0.125 2010.01.13 Trojan.BAT.Zapchast
McAfee 5859 2010.01.12 ZapChast!bat
McAfee+Artemis 5859 2010.01.12 ZapChast!bat
McAfee-GW-Edition 6.8.5 2010.01.13 Script.Zapchast.7
Microsoft None 2010.01.13 -
NOD32 4767 2010.01.13 -
Norman 6.04.03 2010.01.13 -
nProtect 2009.1.8.0 2010.01.13 -
Panda 10.0.2.2 2010.01.13 Trj/Zapchast.BI
PCTools 7.0.3.5 2010.01.13 -
Prevx 3.0 2010.01.13 -
Rising 22.30.02.06 2010.01.13 Trojan.BAT.Zapchast.di
Sophos 4.49.0 2010.01.13 -
Sunbelt 3.2.1858.2 2010.01.13 -
Symantec 20091.2.0.41 2010.01.13 -
TheHacker 6.5.0.3.148 2010.01.13 -
TrendMicro 9.120.0.1004 2010.01.13 -
VBA32 3.12.12.1 2010.01.13 -
ViRobot 2010.1.13.2134 2010.01.13 -
VirusBuster 5.0.21.0 2010.01.13 -


c:\documents and settings\pc\Start Menu\Programs\Startup\smgr32.exe


Result: 7/41 (17.08%)

a-squared 4.5.0.48 2010.01.13 Virus.Win32.Sality!IK
AhnLab-V3 5.0.0.2 2010.01.13 -
AntiVir 7.9.1.134 2010.01.13 -
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.12 -
Avast 4.8.1351.0 2010.01.13 -
AVG 9.0.0.725 2010.01.13 -
BitDefender 7.2 2010.01.13 -
CAT-QuickHeal 10.00 2010.01.13 Trojan.Agent.IRC
ClamAV 0.94.1 2010.01.13 -
Comodo 3570 2010.01.13 -
DrWeb 5.0.1.12222 2010.01.13 -
eSafe 7.0.17.0 2010.01.13 -
eTrust-Vet 35.2.7234 2010.01.13 -
F-Prot 4.5.1.85 2010.01.12 -
F-Secure 9.0.15370.0 2010.01.13 -
Fortinet 4.0.14.0 2010.01.13 -
GData 19 2010.01.13 -
Ikarus T3.1.1.80.0 2010.01.13 Virus.Win32.Sality
Jiangmin 13.0.900 2010.01.13 -
K7AntiVirus 7.10.946 2010.01.13 -
Kaspersky 7.0.0.125 2010.01.13 -
McAfee 5859 2010.01.12 -
McAfee+Artemis 5859 2010.01.12 Artemis!D2EDCD46A1E3
McAfee-GW-Edition 6.8.5 2010.01.13 -
Microsoft None 2010.01.13 -
NOD32 4767 2010.01.13 -
Norman 6.04.03 2010.01.13 Suspicious_Gen.AHBU
nProtect 2009.1.8.0 2010.01.13 -
Panda 10.0.2.2 2010.01.13 -
PCTools 7.0.3.5 2010.01.13 -
Prevx 3.0 2010.01.13 High Risk Worm
Rising 22.30.02.06 2010.01.13 -
Sophos 4.49.0 2010.01.13 -
Sunbelt 3.2.1858.2 2010.01.13 -
Symantec 20091.2.0.41 2010.01.13 -
TheHacker 6.5.0.3.148 2010.01.13 -
TrendMicro 9.120.0.1004 2010.01.13 -
VBA32 3.12.12.1 2010.01.13 Trojan-GameThief.Win32.OnLineGames.vdvz
ViRobot 2010.1.13.2134 2010.01.13 -
VirusBuster 5.0.21.0 2010.01.13 -




soubor otevri v notepadu C:\winupd.bat , jeho obsah mi sem zkopci.

@ECHO OFF
SETLOCAL
SET DEBUG=FALSE
IF "%2"=="" goto Usage
SET fAmt=%1
SET fCmd=%2
IF %fAmt% GTR 60 GOTO Usage
IF %fAmt% LSS 1 GOTO Usage
SET fOpt=
IF %DEBUG%==TRUE ECHO fAmt %fAmt% fCmd %fCmd% fOpt %fOpt%
START /W REGEDIT /E %TEMP%.\_TEMP.REG "HKEY_CURRENT_USER\Control Panel\International"
FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "iDate"') DO SET iDate=%%B
FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "sDate"') DO SET sDate=%%B
FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "iTime" ^| FIND /I /V "iTimePrefix"') DO SET iTime=%%B
FOR /F "tokens=1* delims==" %%A IN ('TYPE %TEMP%.\_TEMP.REG ^| FIND /I "sTime" ^| FIND /I /V "sTimeFormat" ^| FIND /I /V "sTimePrefix"') DO SET sTime=%%B
SET iDate=%iDate:"=%
SET sDate=%sDate:"=%
SET iTime=%iTime:"=%
SET sTime=%sTime:"=%
IF EXIST %TEMP%.\_TEMP.REG DEL %TEMP%.\_TEMP.REG
IF %iDate%==0 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO (
SET CYear=%%D
SET CMonth=%%B
SET CDay=%%C
SET SortDate=%%D%%B%%C
)
IF %iDate%==1 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO (
SET CYear=%%D
SET CMonth=%%C
SET CDay=%%B
SET SortDate=%%D%%C%%B
)
IF %iDate%==2 FOR /F "TOKENS=1-4* DELIMS=%sDate% " %%A IN ('DATE/T') DO (
SET CYear=%%B
SET CMonth=%%C
SET CDay=%%D
SET SortDate=%%B%%C%%D
)
SET /A CMonth = 1%CMonth% - 100
SET /A CDay = 1%CDay% - 100
FOR /F "TOKENS=1,2* DELIMS=%sTime% " %%A IN ('TIME/T') DO (
SET CHour=%%A
SET CMins=%%B
SET SortTime=%%A%%B
)
IF %iTime%==1 GOTO SkipAmPm
SET AMPM=%CMins:~2,1%
SET CMins=%CMins:~0,2%
IF "%CHour:~0,1%"=="0" IF NOT "%CHour%"=="0" SET /A CHour = 1%CHour% - 100
IF %CHour% LSS 12 IF /I %AMPM%==P SET /A CHour = %CHour% + 12
IF %CHour% EQU 12 IF /I %AMPM%==A SET CHour=0
:SkipAmPm
SET /A CMins = 1%CMins% - 100
IF "%CHour:~0,1%"=="0" IF NOT "%CHour%"=="0" SET /A CHour = 1%CHour% - 100
IF /I "%DEBUG%"=="TRUE" SET C | FIND /I /V "COM"
IF /I "%DEBUG%"=="TRUE" SET SORT
SET /A tMax = 59 - %fAmt%
IF %CMins% GTR %tMax% (CALL :RollHour) ELSE (SET /A CMins = %CMins% + %fAmt%)
IF %CMins% LSS 10 SET CMins = 0%CMins%
IF %CHour% LSS 10 SET CHour = 0%CHour%

:: Unload Live Protection Modules
AT %CHour%:%CMins% C:\DOCUME~1\pc\LOCALS~1\Temp\upd.exe thguard.exe
AT %CHour%:%CMins% C:\DOCUME~1\pc\LOCALS~1\Temp\upd.exe -t safensec.exe


GOTO End


:RollHour
SET /A CMins = %CMins% - 60 + %fAmt%
IF %CHour% EQU 23 SET CHour=-1
SET /A CHour = %CHour% + 1
GOTO:EOF

:Usage
GOTO End

:End
ENDLOCAL

[Branno]

súbory zmazané

tu je info

verzia súboru 1.9.8.1536
Popis: Prio Network Activity Driver
Autorské 2005 Xeno

všetko čo tam bolo napísané a tu chybu wauclt.exe stále zobrazuje alebo aj ked dam pridať alebo odstrániť súbory tiež dlho strašne zapína a ked zapnem pc a internet tak asi 2-3 min. musím počkať kým mi pôjde internet

[Branno]

Rozhodnuti enchama na Tobe vymazat ci nechat?

a ked ho zmažem ? nič mi to nepokazí ? a ten problém mi to asi neopraví ? ..

inač tento problém s tým wauclt mám od včera ako som nechtiac vypol pc zo zástrčky a následne zapol nabehla modra obrazovka voľačo robilo potom zaplo normálne pc a ráno už zobrazovalo túto chybu ...

[Branno]

wuauclt.exe

Result: 0/40 (0%)

a-squared 4.5.0.48 2010.01.13 -
AhnLab-V3 5.0.0.2 2010.01.13 -
AntiVir 7.9.1.134 2010.01.13 -
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.12 -
Avast 4.8.1351.0 2010.01.13 -
AVG 9.0.0.725 2010.01.13 -
BitDefender 7.2 2010.01.13 -
CAT-QuickHeal 10.00 2010.01.13 -
ClamAV 0.94.1 2010.01.13 -
Comodo None 2010.01.13 -
DrWeb 5.0.1.12222 2010.01.13 -
eSafe 7.0.17.0 2010.01.13 -
eTrust-Vet 35.2.7234 2010.01.13 -
F-Prot 4.5.1.85 2010.01.12 -
F-Secure 9.0.15370.0 2010.01.13 -
Fortinet 4.0.14.0 2010.01.13 -
GData 19 2010.01.13 -
Ikarus T3.1.1.80.0 2010.01.13 -
Jiangmin 13.0.900 2010.01.13 -
K7AntiVirus 7.10.946 2010.01.13 -
Kaspersky 7.0.0.125 2010.01.13 -
McAfee 5859 2010.01.12 -
McAfee+Artemis 5859 2010.01.12 -
McAfee-GW-Edition 6.8.5 2010.01.13 -
Microsoft 1.5302 2010.01.13 -
NOD32 4767 2010.01.13 -
Norman 6.04.03 2010.01.13 -
nProtect 2009.1.8.0 2010.01.13 -
Panda 10.0.2.2 2010.01.13 -
PCTools 7.0.3.5 2010.01.13 -
Prevx 3.0 2010.01.13 -
Rising 22.30.02.06 2010.01.13 -
Sophos None 2010.01.13 -
Sunbelt 3.2.1858.2 2010.01.13 -
Symantec 20091.2.0.41 2010.01.13 -
TrendMicro 9.120.0.1004 2010.01.13 -
VBA32 3.12.12.1 2010.01.13 -
ViRobot 2010.1.13.2134 2010.01.13 -
VirusBuster 5.0.21.0 2010.01.13 -

wuauclt1.exe

Result: 0/41 (0%)

a-squared 4.5.0.48 2010.01.13 -
AhnLab-V3 5.0.0.2 2010.01.13 -
AntiVir 7.9.1.134 2010.01.13 -
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.12 -
Avast 4.8.1351.0 2010.01.13 -
AVG 9.0.0.725 2010.01.13 -
BitDefender 7.2 2010.01.13 -
CAT-QuickHeal 10.00 2010.01.13 -
ClamAV 0.94.1 2010.01.13 -
Comodo 3570 2010.01.13 -
DrWeb 5.0.1.12222 2010.01.13 -
eSafe 7.0.17.0 2010.01.13 -
eTrust-Vet 35.2.7234 2010.01.13 -
F-Prot 4.5.1.85 2010.01.12 -
F-Secure 9.0.15370.0 2010.01.13 -
Fortinet 4.0.14.0 2010.01.13 -
GData 19 2010.01.13 -
Ikarus T3.1.1.80.0 2010.01.13 -
Jiangmin 13.0.900 2010.01.13 -
K7AntiVirus 7.10.946 2010.01.13 -
Kaspersky 7.0.0.125 2010.01.13 -
McAfee 5859 2010.01.12 -
McAfee+Artemis 5859 2010.01.12 -
McAfee-GW-Edition 6.8.5 2010.01.13 -
Microsoft None 2010.01.13 -
NOD32 4767 2010.01.13 -
Norman 6.04.03 2010.01.13 -
nProtect 2009.1.8.0 2010.01.13 -
Panda 10.0.2.2 2010.01.13 -
PCTools 7.0.3.5 2010.01.13 -
Prevx 3.0 2010.01.13 -
Rising 22.30.02.06 2010.01.13 -
Sophos 4.49.0 2010.01.13 -
Sunbelt 3.2.1858.2 2010.01.13 -
Symantec 20091.2.0.41 2010.01.13 -
TheHacker 6.5.0.3.148 2010.01.13 -
TrendMicro 9.120.0.1004 2010.01.13 -
VBA32 3.12.12.1 2010.01.13 -
ViRobot 2010.1.13.2134 2010.01.13 -
VirusBuster 5.0.21.0 2010.01.13 -

čisté tak kto vie v čom môže byť problém

[Branno]

Co presne vypisuje BSOD - cislo chyby atd?

BSOD??..


/---

Vyskystol sa problém s aplikáciu gmer.exe pre je ju nutne ukončiť ešte ani nespravilo ten scan ...
a MBAM akurát sťahujem

[Branno]

BSOD je modra obrazovka s vypisem chyby

to už neviem čo tam písalo nejaký scan mi vtedy spravilo...


tu je log


Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13.1.2010 19:49:15
mbam-log-2010-01-13 (19-49-15).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 104776
Uplynutý cas: 7 minute(s), 46 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

[Branno]

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/13 19:57
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name:
Image Path:
Address: 0xB9F09000 Size: 98304 File Visible: No Signed: -
Status: -

Name:
Image Path:
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: a347bus.sys
Image Path: a347bus.sys
Address: 0xB9F7F000 Size: 160640 File Visible: - Signed: -
Status: -

Name: a347scsi.sys
Image Path: a347scsi.sys
Address: 0xBA5AC000 Size: 5248 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xB9F51000 Size: 187776 File Visible: - Signed: -
Status: -

Name: pxtdapob.sys
Image Path: C:\DOCUME~1\pc\LOCALS~1\Temp\pxtdapob.sys
Address: 0xA7FCF000 Size: 93056 File Visible: No Signed: -
Status: -

Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBF060000 Size: 638976 File Visible: - Signed: -
Status: -

Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF012000 Size: 319488 File Visible: - Signed: -
Status: -

Name: ati3duag.dll
Image Path: C:\WINDOWS\System32\ati3duag.dll
Address: 0xBF1FC000 Size: 3506176 File Visible: - Signed: -
Status: -

Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBF0FC000 Size: 626688 File Visible: - Signed: -
Status: -

Name: atiok3x2.dll
Image Path: C:\WINDOWS\System32\atiok3x2.dll
Address: 0xBF195000 Size: 421888 File Visible: - Signed: -
Status: -

Name: ativvaxx.dll
Image Path: C:\WINDOWS\System32\ativvaxx.dll
Address: 0xBF554000 Size: 2097152 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xBA4B8000 Size: 12288 File Visible: - Signed: -
Status: -

Name: AegisP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AegisP.sys
Address: 0xA9143000 Size: 15968 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xABE53000 Size: 138496 File Visible: - Signed: -
Status: -

Name: ati2mtag.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Address: 0xB8D0B000 Size: 4812800 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xBA7AE000 Size: 3072 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xBA5F6000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xBA318000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xBA1A8000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xBA0F8000 Size: 53248 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xBA278000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xABD78000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA60E000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xAC5C1000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xBA751000 Size: 4096 File Visible: - Signed: -
Status: -

Name: eamon.sys
Image Path: C:\WINDOWS\system32\DRIVERS\eamon.sys
Address: 0xA9193000 Size: 770048 File Visible: - Signed: -
Status: -

Name: ehdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ehdrv.sys
Address: 0xAC590000 Size: 118784 File Visible: - Signed: -
Status: -

Name: epfw.sys
Image Path: C:\WINDOWS\system32\DRIVERS\epfw.sys
Address: 0xA9120000 Size: 143360 File Visible: - Signed: -
Status: -

Name: Epfwndis.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
Address: 0xBA1C8000 Size: 45056 File Visible: - Signed: -
Status: -

Name: epfwtdi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
Address: 0xAC21A000 Size: 77824 File Visible: - Signed: -
Status: -

Name: Fastfat.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Address: 0xA7FAB000 Size: 143744 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys
Address: 0xBA490000 Size: 27392 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xBA2E8000 Size: 44544 File Visible: - Signed: -
Status: -

Name: flpydisk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Address: 0xBA370000 Size: 20480 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xBA5F4000 Size: 7936 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xB8CCF000 Size: 163840 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xBA380000 Size: 28672 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA8101000 Size: 265728 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xBA188000 Size: 52480 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xBA198000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xB91A2000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xABF3D000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xAC286000 Size: 75264 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xBA4A0000 Size: 24576 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xA7F80000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xB8C5F000 Size: 143360 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xBA5F8000 Size: 4224 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xBA498000 Size: 23040 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xA8DFB000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xABDB8000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xBA390000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xBA208000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xBA564000 Size: 15488 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xB9C96000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xA928B000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xB8C48000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xBA248000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xBA2D8000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xABE75000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xBA398000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xBA6D2000 Size: 2944 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xB8C82000 Size: 80128 File Visible: - Signed: -
Status: -

Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xBA5DA000 Size: 6784 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xBA328000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcouffin.sys
Image Path: C:\WINDOWS\System32\Drivers\pcouffin.sys
Address: 0xBA218000 Size: 47360 File Visible: - Signed: -
Status: -

Name: pfc.sys
Image Path: C:\WINDOWS\system32\drivers\pfc.sys
Address: 0xB9C9E000 Size: 10368 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xAC5FD000 Size: 147456 File Visible: - Signed: -
Status: -

Name: prio.sys
Image Path: C:\WINDOWS\System32\drivers\prio.sys
Address: 0xBA2C8000 Size: 49152 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xB8C37000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xBA4B0000 Size: 17792 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xB9CAE000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xBA1D8000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xBA1E8000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xBA1F8000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xBA368000 Size: 16512 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xABE28000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xBA5FA000 Size: 4224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xBA1B8000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA86DA000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xAC621000 Size: 4225920 File Visible: - Signed: -
Status: -

Name: Rtnicxp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
Address: 0xB8C96000 Size: 85120 File Visible: - Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xB9EF1000 Size: 98304 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xB9CA2000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xBA178000 Size: 64512 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xA8872000 Size: 333952 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xBA5E8000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xA8F90000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xAC22D000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xBA4A8000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xBA228000 Size: 40704 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xB8A73000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xBA5F2000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xBA488000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xBA288000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xB8CAB000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xBA480000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xBA388000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xB8CF7000 Size: 81920 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xBA2B8000 Size: 34560 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA8CF6000 Size: 83072 File Visible: - Signed: -
Status: -

Name: WmBEnum.sys
Image Path: C:\WINDOWS\system32\drivers\WmBEnum.sys
Address: 0xBA568000 Size: 12672 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xBA5AA000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WmXlCore.sys
Image Path: C:\WINDOWS\system32\drivers\WmXlCore.sys
Address: 0xBA238000 Size: 42240 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806D0000 Size: 131840 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xBA5A8000 Size: 8192 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xBA3E8000 Size: 20480 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xBA0E8000 Size: 36352 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xB9ED1000 Size: 129792 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xB9F21000 Size: 125056 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xBA0A8000 Size: 37248 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xB9EA8000 Size: 92928 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xBA0B8000 Size: 42368 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xB9D9B000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xB9DDB000 Size: 182656 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xB9E08000 Size: 574976 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xBA330000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xB9F40000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xBA670000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xBA108000 Size: 35712 File Visible: - Signed: -
Status: -

Name: sfdrv01.sys
Image Path: sfdrv01.sys
Address: 0xB9DB5000 Size: 73728 File Visible: - Signed: -
Status: -

Name: sfhlp02.sys
Image Path: sfhlp02.sys
Address: 0xBA338000 Size: 32768 File Visible: - Signed: -
Status: -

Name: sfsync03.sys
Image Path: sfsync03.sys
Address: 0xBA0C8000 Size: 57344 File Visible: - Signed: -
Status: -

Name: sfvfs02.sys
Image Path: sfvfs02.sys
Address: 0xB9DC7000 Size: 81920 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xB9EBF000 Size: 73472 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xBA0D8000 Size: 52352 File Visible: - Signed: -
Status: -

Name: WudfPf.sys
Image Path: WudfPf.sys
Address: 0xB9E95000 Size: 77568 File Visible: - Signed: -
Status: -

[Branno]

čau díki ale už to nechajme tak strašne to mrzlo ani na net sa už nedalo ísť musel som preinštalovať win

[Branno]

ešte by som ťa chcel poprosiť či by si mi ešte tento log z RSIT neskontroloval


Logfile of random's system information tool 1.06 (written by random/random)
Run by Branislav at 2010-01-15 18:41:40
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 33 GB (44%) free of 76 GB
Total RAM: 1535 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:42:02, on 15.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Branislav\My Documents\Stiahnute subory\RSIT.exe
C:\Program Files\trend micro\Branislav.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 4280 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-13 327748]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2009-10-22 1171760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-13 327748]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2009-10-22 1171760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"TWCU"=C:\Program Files\TP-LINK\TWCU\TWCU.exe [2005-08-09 413696]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2008-04-04 88584]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-01-15 37376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-04-01 507904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{587ad1d0-01b1-11df-b27b-001a4dfcf13a}]
shell\AutoRun\command - E:\setup\rsrc\Autorun.exe
shell\dinstall\command - E:\Directx\dxsetup.exe


======List of files/folders created in the last 1 months======

2010-01-15 18:41:42 ----D---- C:\Program Files\trend micro
2010-01-15 18:41:40 ----D---- C:\rsit
2010-01-15 17:37:08 ----D---- C:\Program Files\Left 4 Dead
2010-01-15 16:33:58 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-01-15 16:33:58 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-01-15 16:33:56 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-01-15 16:33:53 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-01-15 16:33:53 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-01-15 16:33:51 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-01-15 16:33:50 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-01-15 16:33:47 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-01-15 16:33:47 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-01-15 16:33:43 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-01-15 16:33:40 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-01-15 16:33:40 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-01-15 16:33:38 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-01-15 16:33:37 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-01-15 16:33:33 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-01-15 16:33:33 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-01-15 16:33:30 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-01-15 16:33:28 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-01-15 16:33:28 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-01-15 16:33:25 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-01-15 16:33:22 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-01-15 16:33:22 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-01-15 16:33:19 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-01-15 16:33:17 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-01-15 16:33:15 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-01-15 16:33:15 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-01-15 16:33:12 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-01-15 16:33:11 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-01-15 16:33:09 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-01-15 16:33:07 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-01-15 16:33:02 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-01-15 16:33:02 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-01-15 16:33:00 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-01-15 16:32:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-01-15 16:32:53 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-01-15 16:32:53 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-01-15 16:32:51 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-01-15 16:32:47 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-01-15 16:32:44 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-01-15 16:32:44 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-01-15 16:32:41 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-01-15 16:32:36 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-01-15 16:32:36 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-01-15 16:32:33 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-01-15 16:32:33 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-01-15 16:32:31 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-01-15 16:32:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-01-15 16:32:25 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-01-15 16:32:21 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-01-15 16:32:21 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-01-15 16:32:14 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-01-15 16:32:13 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-01-15 16:32:12 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-01-15 16:32:11 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-01-15 16:32:11 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-01-15 16:32:11 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-01-15 16:32:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-01-15 16:32:09 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-01-15 16:32:09 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-01-15 16:32:08 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-01-15 16:32:08 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-01-15 16:32:07 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-01-15 16:31:51 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-01-15 16:31:51 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-01-15 16:31:51 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-01-15 16:31:50 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-01-15 16:31:49 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-01-15 16:31:49 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-01-15 16:31:48 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-01-15 16:31:47 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-01-15 16:31:47 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-01-15 16:31:44 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-01-15 16:31:23 ----D---- C:\WINDOWS\Logs
2010-01-15 16:31:03 ----D---- C:\WINDOWS\SxsCaPendDel
2010-01-15 16:13:05 ----D---- C:\Program Files\Activision
2010-01-15 16:12:11 ----SHD---- C:\WINDOWS\ftpcache
2010-01-15 11:07:52 ----D---- C:\Documents and Settings\Branislav\Application Data\Skype
2010-01-15 11:07:20 ----D---- C:\Program Files\Common Files\Skype
2010-01-15 11:07:16 ----RD---- C:\Program Files\Skype
2010-01-15 11:07:12 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-01-15 11:03:40 ----D---- C:\Program Files\Webteh
2010-01-15 09:55:03 ----D---- C:\Program Files\EA Sports
2010-01-15 09:51:19 ----D---- C:\WINDOWS\LastGood
2010-01-15 09:51:13 ----A---- C:\WINDOWS\system32\psisdecd.dll
2010-01-15 09:51:08 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2010-01-15 09:44:37 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-01-15 09:44:37 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-01-15 09:44:37 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-01-15 09:44:37 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-01-15 09:44:30 ----A---- C:\WINDOWS\system32\WMV9VCM.dll
2010-01-15 09:44:29 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-01-15 09:44:29 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-01-15 09:44:28 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2010-01-15 09:44:26 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-01-15 09:44:26 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-01-15 09:44:20 ----D---- C:\Program Files\K-Lite Codec Pack
2010-01-15 09:44:20 ----D---- C:\Documents and Settings\Branislav\Application Data\Real
2010-01-15 09:44:20 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2010-01-15 09:38:10 ----D---- C:\Program Files\Alcohol Soft
2010-01-15 09:34:34 ----D---- C:\Program Files\CCleaner
2010-01-15 09:31:26 ----A---- C:\Documents and Settings\Branislav\Application Data\ezpinst.exe
2010-01-15 09:31:25 ----D---- C:\Documents and Settings\Branislav\Application Data\Vso
2010-01-15 09:31:10 ----A---- C:\WINDOWS\system32\devil.dll
2010-01-15 09:31:08 ----A---- C:\WINDOWS\system32\avisynth.dll
2010-01-15 09:31:03 ----D---- C:\Program Files\Magic Video Converter
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-01-15 09:24:09 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-01-15 09:24:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-15 09:23:25 ----D---- C:\Program Files\ATI
2010-01-15 09:22:28 ----D---- C:\ATI
2010-01-15 09:16:31 ----D---- C:\Program Files\Common Files\Adobe
2010-01-15 09:14:53 ----D---- C:\Documents and Settings\Branislav\Application Data\Publish Providers
2010-01-15 09:11:56 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll
2010-01-15 09:11:56 ----N---- C:\WINDOWS\system32\dbmsgnet.dll
2010-01-15 09:11:53 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-15 09:11:17 ----D---- C:\Program Files\Microsoft SQL Server
2010-01-15 09:10:50 ----D---- C:\Documents and Settings\Branislav\Application Data\Sony
2010-01-15 09:10:01 ----D---- C:\Program Files\Vstplugins
2010-01-15 09:09:57 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2010-01-15 09:09:42 ----D---- C:\Program Files\Sony
2010-01-15 09:08:36 ----D---- C:\Program Files\Sony Setup
2010-01-15 09:08:21 ----D---- C:\Documents and Settings\Branislav\Application Data\WinRAR
2010-01-15 09:07:55 ----D---- C:\totalcmd
2010-01-15 09:07:55 ----A---- C:\WINDOWS\wincmd.ini
2010-01-15 09:05:59 ----D---- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2010-01-15 09:05:55 ----D---- C:\Program Files\Winamp Remote
2010-01-15 09:04:26 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-01-15 09:02:14 ----N---- C:\WINDOWS\system32\px.dll
2010-01-15 09:02:11 ----D---- C:\Program Files\Winamp
2010-01-15 09:02:11 ----D---- C:\Documents and Settings\Branislav\Application Data\Winamp
2010-01-15 09:01:50 ----D---- C:\Program Files\WinRAR
2010-01-15 09:01:34 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-01-15 09:01:34 ----A---- C:\WINDOWS\system32\ccrpbds6.dll
2010-01-15 09:01:32 ----D---- C:\Program Files\PIXresizer
2010-01-15 08:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-01-15 08:43:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-01-15 08:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-01-15 08:42:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-01-15 08:42:39 ----D---- C:\Documents and Settings\Branislav\Application Data\vlc
2010-01-15 08:33:50 ----D---- C:\WINDOWS\system32\XPSViewer
2010-01-15 08:33:38 ----D---- C:\Program Files\MSBuild
2010-01-15 08:33:24 ----D---- C:\Program Files\Reference Assemblies
2010-01-15 08:32:27 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-01-15 08:32:27 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-01-15 08:32:26 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-01-15 08:32:26 ----D---- C:\4addd55ec3d5ed8291d80d
2010-01-15 08:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-01-15 08:27:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-01-15 08:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-01-15 08:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-15 08:23:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-01-15 08:22:30 ----D---- C:\Program Files\Call of Duty
2010-01-15 07:06:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-01-15 07:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-01-15 07:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-01-15 07:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-01-15 06:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-01-15 06:59:35 ----D---- C:\Program Files\VideoLAN
2010-01-15 06:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-01-15 06:59:18 ----D---- C:\Program Files\SopCast
2010-01-15 06:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-01-15 06:59:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-01-15 06:59:00 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-15 06:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-15 06:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-01-15 06:58:29 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-01-15 06:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-01-15 06:58:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-01-15 06:58:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-01-15 06:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-01-15 06:57:46 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-15 06:57:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-01-15 06:57:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-01-15 06:57:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-01-15 06:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-01-15 06:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-01-15 06:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-01-15 06:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-15 06:56:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-01-15 06:56:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-01-15 06:56:05 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-01-15 06:55:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-01-15 06:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-01-15 06:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-01-15 06:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-01-15 06:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-01-15 06:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-01-15 06:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-01-15 06:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-01-15 06:54:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-01-15 06:54:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-01-15 06:54:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-01-15 06:54:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-01-15 06:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-01-15 06:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-01-15 06:53:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-01-15 06:53:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-01-15 06:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-01-15 06:53:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-01-15 06:53:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-15 06:52:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-01-15 06:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-01-15 06:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-15 06:51:59 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-15 06:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-01-14 22:04:12 ----D---- C:\WINDOWS\Prefetch
2010-01-14 22:00:55 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-01-14 21:54:59 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-01-14 21:54:59 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-01-14 21:54:21 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-01-14 21:54:21 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-01-14 21:54:21 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-01-14 21:54:21 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-01-14 21:54:20 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-01-14 21:54:20 ----N---- C:\WINDOWS\system32\azroles.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-01-14 21:54:19 ----N---- C:\WINDOWS\system32\credssp.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-01-14 21:54:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-01-14 21:54:16 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-01-14 21:54:15 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-01-14 21:54:15 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-01-14 21:54:15 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-01-14 21:54:15 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-01-14 21:54:15 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-01-14 21:54:14 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-01-14 21:54:14 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-01-14 21:54:13 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-01-14 21:54:13 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-01-14 21:54:13 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-01-14 21:54:13 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-01-14 21:54:12 ----N---- C:\WINDOWS\system32\napstat.exe
2010-01-14 21:54:12 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-01-14 21:54:12 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-01-14 21:54:12 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-01-14 21:54:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-01-14 21:54:12 ----N---- C:\WINDOWS\system32\mssha.dll
2010-01-14 21:54:11 ----N---- C:\WINDOWS\system32\onex.dll
2010-01-14 21:54:11 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\qutil.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\qagent.dll
2010-01-14 21:54:10 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-01-14 21:54:09 ----N---- C:\WINDOWS\system32\slserv.exe
2010-01-14 21:54:09 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-01-14 21:54:09 ----N---- C:\WINDOWS\system32\slgen.dll
2010-01-14 21:54:09 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-01-14 21:54:09 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-01-14 21:54:09 ----N---- C:\WINDOWS\system32\setupn.exe
2010-01-14 21:54:08 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-01-14 21:54:08 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-01-14 21:54:07 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-01-14 21:54:07 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-01-14 21:54:06 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-01-14 21:54:06 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-01-14 21:54:06 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-01-14 21:54:06 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-01-14 21:54:04 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-01-14 21:54:03 ----N---- C:\WINDOWS\slrundll.exe
2010-01-14 21:54:03 ----D---- C:\WINDOWS\system32\en-us
2010-01-14 21:54:01 ----D---- C:\WINDOWS\system32\scripting
2010-01-14 21:54:01 ----D---- C:\WINDOWS\l2schemas
2010-01-14 21:53:59 ----D---- C:\WINDOWS\system32\en
2010-01-14 21:53:58 ----D---- C:\WINDOWS\system32\bits
2010-01-14 21:47:50 ----D---- C:\WINDOWS\ServicePackFiles
2010-01-14 21:43:33 ----D---- C:\WINDOWS\network diagnostic
2010-01-14 21:40:36 ----A---- C:\WINDOWS\002596_.tmp
2010-01-14 21:36:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-01-14 21:35:03 ----D---- C:\WINDOWS\EHome
2010-01-14 21:30:09 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-01-14 20:43:57 ----D---- C:\Program Files\QuickTime
2010-01-14 20:43:56 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-01-14 20:43:34 ----D---- C:\Program Files\Common Files\Apple
2010-01-14 20:43:13 ----D---- C:\Program Files\Apple Software Update
2010-01-14 20:43:13 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-01-14 20:42:21 ----D---- C:\Program Files\Mozilla Firefox
2010-01-14 20:42:16 ----D---- C:\Documents and Settings\All Users\Application Data\CentrumczToolbar
2010-01-14 20:42:14 ----D---- C:\Program Files\CentrumczToolbar
2010-01-14 20:40:47 ----D---- C:\Documents and Settings\Branislav\Application Data\ESET
2010-01-14 20:38:57 ----D---- C:\Program Files\ESET
2010-01-14 20:38:57 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-01-14 19:25:13 ----A---- C:\WINDOWS\system32\h323log.txt
2010-01-14 19:24:10 ----D---- C:\WINDOWS\system32\PreInstall
2010-01-14 19:24:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-01-14 19:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-01-14 19:23:47 ----D---- C:\Documents and Settings\Branislav\Application Data\Macromedia
2010-01-14 19:23:47 ----D---- C:\Documents and Settings\Branislav\Application Data\Adobe
2010-01-14 19:22:32 ----A---- C:\WINDOWS\system32\usbui.dll
2010-01-14 19:21:37 ----A---- C:\WINDOWS\imsins.BAK
2010-01-14 19:21:35 ----SHD---- C:\WINDOWS\Installer
2010-01-14 19:21:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-14 19:21:34 ----D---- C:\Program Files\Common Files\ODBC
2010-01-14 19:21:34 ----A---- C:\WINDOWS\ODBCINST.INI
2010-01-14 19:21:30 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-01-14 19:21:29 ----RD---- C:\Program Files
2010-01-14 19:21:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-14 19:21:29 ----D---- C:\Program Files\Common Files
2010-01-14 19:21:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-01-14 19:21:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-01-14 19:21:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-01-14 19:21:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-01-14 19:21:23 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-01-14 19:21:23 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-01-14 19:21:23 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-01-14 19:21:23 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-01-14 19:21:23 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-01-14 19:21:21 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-01-14 19:21:19 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-01-14 19:21:19 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-01-14 19:21:19 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-01-14 19:21:19 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-01-14 19:21:19 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-01-14 19:21:16 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-01-14 19:21:13 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-01-14 19:21:13 ----A---- C:\WINDOWS\system32\irclass.dll
2010-01-14 19:21:13 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-01-14 19:21:13 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-01-14 19:21:13 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-01-14 19:21:10 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-01-14 19:21:10 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-01-14 19:21:10 ----A---- C:\WINDOWS\system32\batt.dll
2010-01-14 19:21:09 ----A---- C:\WINDOWS\notepad.exe
2010-01-14 19:21:08 ----A---- C:\WINDOWS\system32\storprop.dll
2010-01-14 19:21:01 ----RA---- C:\WINDOWS\SET25.tmp
2010-01-14 19:21:01 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-01-14 19:20:56 ----RA---- C:\WINDOWS\SET8.tmp
2010-01-14 19:20:54 ----RA---- C:\WINDOWS\SET4.tmp
2010-01-14 19:20:52 ----RA---- C:\WINDOWS\SET3.tmp
2010-01-14 19:20:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-14 19:20:47 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-14 19:20:41 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-14 19:20:21 ----A---- C:\WINDOWS\setuplog.txt
2010-01-14 19:20:17 ----SHD---- C:\System Volume Information
2010-01-14 19:20:17 ----D---- C:\Documents and Settings
2010-01-14 19:15:14 ----D---- C:\Program Files\Common Files\Logitech
2010-01-14 19:14:58 ----D---- C:\Program Files\Logitech
2010-01-14 19:13:55 ----D---- C:\Documents and Settings\Branislav\Application Data\Mozilla
2010-01-14 19:10:04 ----A---- C:\WINDOWS\system32\wpa.bak
2010-01-14 19:09:51 ----SH---- C:\boot.ini
2010-01-14 19:05:35 ----A---- C:\WINDOWS\system32\results.txt
2010-01-14 19:05:35 ----A---- C:\WINDOWS\system32\acs.exe
2010-01-14 19:05:30 ----A---- C:\WINDOWS\system32\wgapi.dll
2010-01-14 19:05:30 ----A---- C:\WINDOWS\system32\wcapi.dll
2010-01-14 19:05:30 ----A---- C:\WINDOWS\system32\athcfg11res.dll
2010-01-14 19:05:30 ----A---- C:\WINDOWS\system32\athcfg11.dll
2010-01-14 19:05:30 ----A---- C:\WINDOWS\system32\AegisI5.exe
2010-01-14 19:05:30 ----A---- C:\WINDOWS\system32\AegisE5.dll
2010-01-14 19:05:28 ----D---- C:\Program Files\TP-LINK
2010-01-14 19:05:11 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-01-14 19:05:01 ----D---- C:\temp
2010-01-14 19:03:50 ----D---- C:\WINDOWS\system32\Lang
2010-01-14 19:03:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-14 19:03:43 ----RSD---- C:\WINDOWS\Fonts
2010-01-14 19:03:43 ----RD---- C:\WINDOWS\Web
2010-01-14 19:03:43 ----HD---- C:\WINDOWS\inf
2010-01-14 19:03:43 ----D---- C:\WINDOWS\WinSxS
2010-01-14 19:03:43 ----D---- C:\WINDOWS\twain_32
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Temp
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\wins
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\wbem
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\usmt
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\spool
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\ShellExt
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\Setup
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\ras
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\oobe
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\npp
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\mui
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\inetsrv
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\IME
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\icsxml
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\ias
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\export
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\drivers
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\dhcp
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\config
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\3com_dmi
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\3076
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\2052
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1054
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1042
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1041
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1037
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1033
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1031
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1028
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32\1025
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system32
2010-01-14 19:03:43 ----D---- C:\WINDOWS\system
2010-01-14 19:03:43 ----D---- C:\WINDOWS\security
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Resources
2010-01-14 19:03:43 ----D---- C:\WINDOWS\repair
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Provisioning
2010-01-14 19:03:43 ----D---- C:\WINDOWS\pchealth
2010-01-14 19:03:43 ----D---- C:\WINDOWS\PeerNet
2010-01-14 19:03:43 ----D---- C:\WINDOWS\mui
2010-01-14 19:03:43 ----D---- C:\WINDOWS\msapps
2010-01-14 19:03:43 ----D---- C:\WINDOWS\msagent
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Media
2010-01-14 19:03:43 ----D---- C:\WINDOWS\java
2010-01-14 19:03:43 ----D---- C:\WINDOWS\ime
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Help
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Driver Cache
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Debug
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Cursors
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Connection Wizard
2010-01-14 19:03:43 ----D---- C:\WINDOWS\Config
2010-01-14 19:03:43 ----D---- C:\WINDOWS\AppPatch
2010-01-14 19:03:43 ----D---- C:\WINDOWS\addins
2010-01-14 19:03:43 ----D---- C:\WINDOWS
2010-01-14 19:02:36 ----R---- C:\WINDOWS\system32\ChCfg.exe
2010-01-14 19:02:13 ----D---- C:\WINDOWS\OPTIONS
2010-01-14 19:02:07 ----D---- C:\WINDOWS\system32\RTCOM
2010-01-14 19:01:59 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-01-14 19:01:56 ----D---- C:\Documents and Settings\Branislav\Application Data\InstallShield
2010-01-14 19:01:47 ----R---- C:\WINDOWS\SoundMan.exe
2010-01-14 19:01:44 ----R---- C:\WINDOWS\SkyTel.exe
2010-01-14 19:01:42 ----R---- C:\WINDOWS\RtlUpd.exe
2010-01-14 19:01:13 ----R---- C:\WINDOWS\RTLCPL.exe
2010-01-14 19:01:07 ----R---- C:\WINDOWS\RTHDCPL.exe
2010-01-14 19:01:06 ----R---- C:\WINDOWS\MicCal.exe
2010-01-14 19:01:02 ----R---- C:\WINDOWS\Alcmtr.exe
2010-01-14 19:00:59 ----R---- C:\WINDOWS\alcwzrd.exe
2010-01-14 19:00:59 ----D---- C:\Program Files\Realtek
2010-01-14 19:00:52 ----R---- C:\WINDOWS\RtlExUpd.dll
2010-01-14 18:59:58 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-01-14 18:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-01-14 18:57:50 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-14 18:57:48 ----D---- C:\Program Files\Intel
2010-01-14 18:57:42 ----D---- C:\Program Files\Yahoo!
2010-01-14 18:56:03 ----D---- C:\Documents and Settings\Branislav\Application Data\ATI
2010-01-14 18:51:22 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-01-14 18:48:59 ----RSD---- C:\WINDOWS\assembly
2010-01-14 18:48:38 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-14 18:48:01 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-01-14 18:47:32 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2010-01-14 18:47:30 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-01-14 18:47:27 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-01-14 18:46:57 ----D---- C:\Program Files\ATI Technologies
2010-01-14 18:46:54 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-14 18:46:00 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-14 18:45:24 ----SHD---- C:\RECYCLER
2010-01-14 06:41:07 ----D---- C:\WINDOWS\system32\1051
2010-01-14 06:38:27 ----D---- C:\Documents and Settings\Branislav\Application Data\Identities
2010-01-14 06:38:26 ----HD---- C:\Program Files\Uninstall Information
2010-01-14 06:38:19 ----ASH---- C:\Documents and Settings\Branislav\Application Data\desktop.ini
2010-01-14 06:38:18 ----SD---- C:\Documents and Settings\Branislav\Application Data\Microsoft
2010-01-14 06:37:17 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-14 06:37:15 ----SD---- C:\WINDOWS\system32\Microsoft
2010-01-14 06:37:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-14 06:34:27 ----D---- C:\WINDOWS\system32\xircom
2010-01-14 06:34:27 ----D---- C:\Program Files\xerox
2010-01-14 06:34:27 ----D---- C:\Program Files\microsoft frontpage
2010-01-14 06:34:21 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-14 06:34:20 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2010-01-14 06:34:08 ----A---- C:\WINDOWS\control.ini
2010-01-14 06:34:08 ----A---- C:\AUTOEXEC.BAT
2010-01-14 06:33:53 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-14 06:33:49 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-01-14 06:33:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-14 06:33:03 ----RD---- C:\WINDOWS\Offline Web Pages
2010-01-14 06:33:02 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-01-14 06:32:56 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-01-14 06:32:52 ----HD---- C:\Program Files\WindowsUpdate
2010-01-14 06:32:28 ----D---- C:\WINDOWS\system32\DirectX
2010-01-14 06:32:03 ----A---- C:\WINDOWS\system32\atrace.dll
2010-01-14 06:32:00 ----A---- C:\WINDOWS\system32\desktop.ini
2010-01-14 06:32:00 ----A---- C:\WINDOWS\desktop.ini
2010-01-14 06:31:52 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-01-14 06:31:51 ----A---- C:\WINDOWS\system32\acctres.dll
2010-01-14 06:31:50 ----D---- C:\Program Files\Common Files\Services
2010-01-14 06:31:47 ----SD---- C:\WINDOWS\Tasks
2010-01-14 06:31:47 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-01-14 06:31:46 ----D---- C:\Program Files\Common Files\MSSoap
2010-01-14 06:31:41 ----D---- C:\WINDOWS\srchasst
2010-01-14 06:31:40 ----D---- C:\WINDOWS\system32\Macromed
2010-01-14 06:31:37 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-01-14 06:31:37 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-01-14 06:31:37 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-01-14 06:31:37 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-01-14 06:31:36 ----A---- C:\WINDOWS\system32\wups.dll
2010-01-14 06:31:36 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-01-14 06:31:36 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-01-14 06:31:36 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-01-14 06:31:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-01-14 06:31:35 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-01-14 06:31:35 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-01-14 06:31:35 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-01-14 06:31:35 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-01-14 06:31:31 ----D---- C:\Program Files\Movie Maker
2010-01-14 06:31:26 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-01-14 06:31:26 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-01-14 06:31:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-01-14 06:31:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-01-14 06:31:22 ----D---- C:\WINDOWS\system32\Restore
2010-01-14 06:31:22 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-01-14 06:31:22 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-01-14 06:31:21 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-01-14 06:31:21 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-01-14 06:31:21 ----A---- C:\WINDOWS\system32\srclient.dll
2010-01-14 06:31:21 ----A---- C:\WINDOWS\system32\ils.dll
2010-01-14 06:31:20 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-01-14 06:31:20 ----A---- C:\WINDOWS\system32\msconf.dll
2010-01-14 06:31:20 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-01-14 06:31:20 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-01-14 06:31:20 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-01-14 06:31:17 ----D---- C:\Program Files\NetMeeting
2010-01-14 06:31:17 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-01-14 06:31:16 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-01-14 06:31:15 ----A---- C:\WINDOWS\system32\inetres.dll
2010-01-14 06:31:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-01-14 06:31:13 ----D---- C:\Program Files\Outlook Express
2010-01-14 06:31:13 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-01-14 06:31:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-01-14 06:31:12 ----A---- C:\WINDOWS\system32\mstask.dll
2010-01-14 06:31:12 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-01-14 06:31:12 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-01-14 06:31:11 ----A---- C:\WINDOWS\system32\isign32.dll
2010-01-14 06:31:11 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-01-14 06:31:05 ----D---- C:\Program Files\Common Files\System
2010-01-14 06:31:03 ----D---- C:\Program Files\Internet Explorer
2010-01-14 06:30:52 ----D---- C:\Program Files\ComPlus Applications
2010-01-14 06:30:50 ----A---- C:\WINDOWS\vbaddin.ini
2010-01-14 06:30:50 ----A---- C:\WINDOWS\vb.ini
2010-01-14 06:30:46 ----D---- C:\WINDOWS\Registration
2010-01-14 06:30:17 ----D---- C:\Program Files\Windows Media Player
2010-01-14 06:30:17 ----D---- C:\Program Files\Online Services
2010-01-14 06:30:12 ----D---- C:\Program Files\Messenger
2010-01-14 06:30:06 ----D---- C:\Program Files\MSN Gaming Zone
2010-01-14 06:30:06 ----A---- C:\WINDOWS\system32\write.exe
2010-01-14 06:29:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-01-14 06:29:54 ----A---- C:\WINDOWS\system32\hticons.dll
2010-01-14 06:29:53 ----A---- C:\WINDOWS\system32\winchat.exe
2010-01-14 06:29:53 ----A---- C:\WINDOWS\system32\avwav.dll
2010-01-14 06:29:53 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-01-14 06:29:53 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-01-14 06:29:45 ----A---- C:\WINDOWS\system32\getuname.dll
2010-01-14 06:29:44 ----A---- C:\WINDOWS\system32\sol.exe
2010-01-14 06:29:44 ----A---- C:\WINDOWS\system32\charmap.exe
2010-01-14 06:29:44 ----A---- C:\WINDOWS\system32\calc.exe
2010-01-14 06:29:43 ----A---- C:\WINDOWS\system32\winmine.exe
2010-01-14 06:29:43 ----A---- C:\WINDOWS\system32\reset.exe
2010-01-14 06:29:43 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-01-14 06:29:43 ----A---- C:\WINDOWS\system32\freecell.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\tskill.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\tscon.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\shadow.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\regini.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-01-14 06:29:42 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-01-14 06:29:41 ----A---- C:\WINDOWS\system32\msg.exe
2010-01-14 06:29:41 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-01-14 06:29:41 ----A---- C:\WINDOWS\system32\logoff.exe
2010-01-14 06:29:41 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\stclient.dll
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-01-14 06:29:40 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-01-14 06:29:39 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-01-14 06:29:34 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-01-14 06:29:21 ----D---- C:\Program Files\MSN
2010-01-14 06:29:20 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-01-14 06:29:20 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-01-14 06:29:20 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-01-14 06:29:20 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-01-14 06:29:19 ----D---- C:\Program Files\Windows NT
2010-01-14 06:29:19 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-01-14 06:29:19 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-01-14 06:29:18 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-01-14 06:29:18 ----A---- C:\WINDOWS\system32\spider.exe
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-01-14 06:29:17 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-01-14 06:29:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-01-14 06:29:15 ----D---- C:\WINDOWS\system32\MsDtc
2010-01-14 06:29:15 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-01-14 06:29:15 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-01-14 06:29:15 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-01-14 06:29:15 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-01-14 06:29:14 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-01-14 06:29:14 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-01-14 06:29:14 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-01-14 06:29:13 ----D---- C:\WINDOWS\system32\Com
2010-01-14 06:29:13 ----A---- C:\WINDOWS\system32\colbact.dll
2010-01-14 06:29:13 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-01-14 06:29:13 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-01-14 06:29:13 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-01-14 06:29:12 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-01-14 06:29:12 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-01-14 06:29:11 ----A---- C:\WINDOWS\system32\comuid.dll
2010-01-14 06:29:11 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-01-14 06:29:05 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-01-14 06:29:05 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-01-14 06:29:05 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-01-14 06:29:05 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-01-15 09:43:29 ----A---- C:\WINDOWS\win.ini
2010-01-14 06:43:39 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-14 17801]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-15 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2010-01-15 223128]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2008-01-24 28168]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2008-01-24 14728]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2008-01-24 48904]
S3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-06-25 463168]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2005-05-05 36864]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-06 520192]
S2 dxregsvc;DirectX DLL register; C:\WINDOWS\system32\dxdllreg.exe [2009-03-16 80896]
S2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------