Zdravím
Chcel by som sa spýtať že v čom môže byť problém. Počítač bol najprv v poriadku rýchlo sa zapol všetko v pohode, len raz som zapol a odvtedy sa strašne dlho zapína. Už keď zadám prihlasovacie heslo tak mi nahodí prázdnu obrazovku a asi 2 minúty trvá kým sa zobrazia ikony, panel úloh a je aj problém kým zareaguje na pripojené USB...predtým bolo všetko v poriadku...už som aj preištaloval Windows...a spravilo to po čase znova.
Pripájam aj Log
Logfile of random's system information tool 1.06 (written by random/random)
Run by Vlado at 2010-04-02 19:17:26
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 123 GB (80%) free of 153 GB
Total RAM: 1791 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:42, on 2.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Nero\Nero 7\Core\nero.exe
C:\Documents and Settings\Vlado\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Vlado.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MultiFrame] C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 5392 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-07-12 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-07-19 49520]
"ASUSTPE"=C:\WINDOWS\system32\ASUSTPE.exe [2007-01-16 106496]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-07-10 851968]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"MultiFrame"=C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-06-21 999792]
C:\Documents and Settings\Vlado\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\EA Sports\NHL 09\nhl2009.exe"="C:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\orbixd.exe"="C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\orbixd.exe:*:Enabled:orbixd"
"C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CNEXT.exe"="C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CNEXT.exe:*:Enabled:CATIA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-04-02 19:17:27 ----D---- C:\Program Files\trend micro
2010-04-02 19:17:26 ----D---- C:\rsit
2010-04-02 17:58:17 ----A---- C:\WINDOWS\ntbtlog.txt
2010-03-31 11:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-29 20:53:13 ----D---- C:\Program Files\AP Tuner
2010-03-29 20:50:35 ----D---- C:\Documents and Settings\Vlado\Application Data\Help
2010-03-28 18:13:13 ----D---- C:\Program Files\DsNET Corp
2010-03-28 18:10:49 ----D---- C:\Program Files\YouTube Downloader
2010-03-28 18:03:10 ----D---- C:\Program Files\Total Video Converter
2010-03-25 22:51:15 ----D---- C:\Program Files\Dassault Systemes
2010-03-25 22:49:31 ----D---- C:\Documents and Settings\Vlado\Application Data\DassaultSystemes
2010-03-25 22:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2010-03-25 21:28:41 ----D---- C:\Documents and Settings\Vlado\Application Data\WinRAR
2010-03-25 17:04:29 ----D---- C:\Program Files\Hamachi
2010-03-24 22:26:34 ----D---- C:\Documents and Settings\Vlado\Application Data\Hamachi
2010-03-24 17:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-03-24 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-03-24 17:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-24 11:25:54 ----D---- C:\WINDOWS\Prefetch
2010-03-24 09:07:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-24 09:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-24 09:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-24 09:07:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-24 09:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-24 09:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-24 09:06:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-24 09:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-24 09:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-24 09:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-24 09:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-03-24 09:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-03-24 09:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-03-24 09:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-03-24 09:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-03-24 09:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-03-24 09:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-03-24 09:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-03-24 09:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-03-24 09:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-03-24 09:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-24 09:05:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-24 09:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-03-24 09:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-24 09:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-24 09:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-03-24 09:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-24 09:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-03-24 09:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-24 09:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-03-24 09:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-03-24 09:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-24 09:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-03-24 09:04:12 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-03-24 09:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-03-24 09:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-03-24 09:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-03-24 09:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-03-24 09:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-03-24 09:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-24 09:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-03-24 09:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-24 09:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-03-24 09:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-03-24 09:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-03-24 09:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-03-24 09:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-03-24 09:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-03-24 09:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-24 09:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-03-24 09:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-24 09:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-03-24 09:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-03-24 09:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-24 08:59:12 ----D---- C:\WINDOWS\system32\scripting
2010-03-24 08:59:12 ----D---- C:\WINDOWS\l2schemas
2010-03-24 08:59:11 ----D---- C:\WINDOWS\system32\en
2010-03-24 08:59:11 ----D---- C:\WINDOWS\system32\bits
2010-03-24 08:53:56 ----D---- C:\WINDOWS\network diagnostic
2010-03-24 08:45:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-03-24 08:40:06 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-23 18:25:11 ----D---- C:\Documents and Settings\Vlado\Application Data\Miranda
2010-03-23 18:24:57 ----D---- C:\Program Files\Miranda IM
2010-03-23 08:11:38 ----D---- C:\WINDOWS\EHome
2010-03-23 00:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2010-03-23 00:05:56 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2010-03-22 21:01:51 ----D---- C:\Documents and Settings\Vlado\Application Data\ACD Systems
2010-03-22 21:01:23 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2010-03-22 21:01:15 ----D---- C:\Program Files\Common Files\ACD Systems
2010-03-22 21:01:15 ----D---- C:\Program Files\ACD Systems
2010-03-22 16:24:31 ----D---- C:\Documents and Settings\Vlado\Application Data\OpenOffice.org
2010-03-22 14:37:26 ----D---- C:\Program Files\Adobe
2010-03-22 13:33:17 ----D---- C:\Documents and Settings\Vlado\Application Data\BSplayer PRO
2010-03-22 13:33:09 ----D---- C:\Program Files\Webteh
2010-03-22 08:28:47 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-22 08:28:44 ----D---- C:\Program Files\MSBuild
2010-03-22 08:28:43 ----D---- C:\WINDOWS\system32\en-US
2010-03-22 08:28:39 ----D---- C:\Program Files\Reference Assemblies
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-22 08:28:17 ----D---- C:\336050d9b8dd93facfad93ac
2010-03-22 08:26:07 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-22 08:26:01 ----D---- C:\Program Files\MSXML 6.0
2010-03-22 07:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-03-22 07:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-03-22 07:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-03-22 07:58:29 ----D---- C:\Program Files\MSXML 4.0
2010-03-21 23:03:22 ----D---- C:\Program Files\EA Games
2010-03-21 21:42:10 ----D---- C:\Program Files\QuickTime
2010-03-21 21:42:07 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-03-21 21:41:51 ----D---- C:\Program Files\Common Files\Apple
2010-03-21 21:41:42 ----D---- C:\Program Files\Apple Software Update
2010-03-21 21:41:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-03-21 18:23:54 ----D---- C:\Documents and Settings\Vlado\Application Data\dvdcss
2010-03-21 13:12:48 ----D---- C:\Documents and Settings\Vlado\Application Data\Leadertech
2010-03-21 13:05:43 ----D---- C:\Program Files\EA Sports
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-21 13:05:39 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-21 13:05:38 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-21 13:05:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-21 13:05:36 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-21 13:05:36 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-21 13:05:32 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-21 13:05:30 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-21 13:05:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-21 13:05:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-21 13:05:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-21 13:05:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-21 13:05:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-21 13:05:14 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-21 13:04:53 ----D---- C:\WINDOWS\Logs
2010-03-21 13:02:01 ----D---- C:\Program Files\Alcohol Soft
2010-03-21 11:58:08 ----D---- C:\Program Files\WinRAR
2010-03-21 11:44:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-21 00:11:24 ----D---- C:\Documents and Settings\Vlado\Application Data\vlc
2010-03-21 00:10:27 ----D---- C:\Program Files\VideoLAN
2010-03-21 00:07:36 ----D---- C:\Documents and Settings\Vlado\Application Data\Ahead
2010-03-21 00:07:35 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2010-03-21 00:03:42 ----D---- C:\Program Files\Common Files\LightScribe
2010-03-21 00:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2010-03-21 00:00:15 ----D---- C:\Program Files\Nero
2010-03-21 00:00:15 ----D---- C:\Program Files\Common Files\Ahead
2010-03-21 00:00:15 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-03-20 23:59:20 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-20 23:59:01 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-03-20 23:59:00 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-03-20 23:56:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-20 23:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-03-20 23:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-03-20 23:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-03-20 23:55:59 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-03-20 23:55:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-03-20 23:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-03-20 23:55:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-03-20 23:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2010-03-20 23:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978207_0$
2010-03-20 23:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-03-20 23:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-03-20 23:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-03-20 23:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-03-20 23:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-03-20 23:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-03-20 23:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-03-20 23:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-03-20 23:54:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-03-20 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2_0$
2010-03-20 23:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-03-20 23:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-03-20 23:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-03-20 23:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_1$
2010-03-20 23:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_1$
2010-03-20 23:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-03-20 23:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-03-20 23:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-03-20 23:52:58 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-03-20 23:52:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-03-20 23:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-03-20 23:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978251_0$
2010-03-20 23:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-03-20 23:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-03-20 23:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-03-20 23:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-03-20 23:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-03-20 23:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-03-20 23:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-03-20 23:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-03-20 23:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-03-20 23:51:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-03-20 23:51:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-03-20 23:48:43 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-20 23:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-03-20 23:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-03-20 23:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-03-20 23:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-03-20 23:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-03-20 23:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-03-20 23:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-20 23:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-03-20 23:46:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-03-20 23:46:12 ----D---- C:\WINDOWS\ServicePackFiles
2010-03-20 23:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-03-20 23:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-03-20 23:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-03-20 23:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-03-20 23:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-03-20 23:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-03-20 23:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-03-20 23:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-03-20 23:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-03-20 23:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2010-03-20 20:13:09 ----D---- C:\Documents and Settings\Vlado\Application Data\Macromedia
2010-03-20 20:06:01 ----D---- C:\Documents and Settings\Vlado\Application Data\Mozilla
2010-03-20 20:05:41 ----D---- C:\Program Files\Mozilla Firefox
2010-03-20 17:38:21 ----A---- C:\WINDOWS\system32\h323log.txt
2010-03-20 17:33:55 ----A---- C:\WINDOWS\system32\usbui.dll
2010-03-20 17:32:49 ----A---- C:\WINDOWS\imsins.BAK
2010-03-20 17:32:47 ----SHD---- C:\WINDOWS\Installer
2010-03-20 17:32:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-20 17:32:46 ----D---- C:\Program Files\Common Files\ODBC
2010-03-20 17:32:46 ----A---- C:\WINDOWS\ODBCINST.INI
2010-03-20 17:32:42 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-03-20 17:32:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-20 17:32:41 ----RD---- C:\Program Files
2010-03-20 17:32:41 ----D---- C:\Program Files\Common Files
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-03-20 17:32:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-03-20 17:32:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-03-20 17:32:27 ----A---- C:\WINDOWS\system32\irclass.dll
2010-03-20 17:32:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-03-20 17:32:24 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-03-20 17:32:24 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-03-20 17:32:23 ----A---- C:\WINDOWS\system32\batt.dll
2010-03-20 17:32:23 ----A---- C:\WINDOWS\notepad.exe
2010-03-20 17:32:22 ----A---- C:\WINDOWS\system32\storprop.dll
2010-03-20 17:32:15 ----RA---- C:\WINDOWS\SET25.tmp
2010-03-20 17:32:15 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-03-20 17:32:12 ----RA---- C:\WINDOWS\SET8.tmp
2010-03-20 17:32:09 ----RA---- C:\WINDOWS\SET4.tmp
2010-03-20 17:32:07 ----RA---- C:\WINDOWS\SET3.tmp
2010-03-20 17:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-03-20 17:32:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-20 17:32:02 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-20 17:31:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-20 17:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-20 17:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-03-20 17:31:30 ----A---- C:\WINDOWS\setuplog.txt
2010-03-20 17:31:27 ----D---- C:\Documents and Settings
2010-03-20 17:31:26 ----SHD---- C:\System Volume Information
2010-03-20 17:30:42 ----SH---- C:\boot.ini
2010-03-20 17:29:39 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-03-20 17:28:12 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-03-20 17:23:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-20 17:23:25 ----RSD---- C:\WINDOWS\Fonts
2010-03-20 17:23:25 ----RD---- C:\WINDOWS\Web
2010-03-20 17:23:25 ----HD---- C:\WINDOWS\inf
2010-03-20 17:23:25 ----D---- C:\WINDOWS\WinSxS
2010-03-20 17:23:25 ----D---- C:\WINDOWS\twain_32
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Temp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\wins
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\wbem
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\usmt
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\spool
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ShellExt
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\Setup
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ras
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\oobe
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\npp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\mui
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\IME
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\icsxml
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ias
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\export
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\drivers
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\dhcp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\config
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\3com_dmi
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\3076
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\2052
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1054
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1042
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1041
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1037
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1033
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1031
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1028
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1025
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system
2010-03-20 17:23:25 ----D---- C:\WINDOWS\security
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Resources
2010-03-20 17:23:25 ----D---- C:\WINDOWS\repair
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Provisioning
2010-03-20 17:23:25 ----D---- C:\WINDOWS\pchealth
2010-03-20 17:23:25 ----D---- C:\WINDOWS\PeerNet
2010-03-20 17:23:25 ----D---- C:\WINDOWS\mui
2010-03-20 17:23:25 ----D---- C:\WINDOWS\msapps
2010-03-20 17:23:25 ----D---- C:\WINDOWS\msagent
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Media
2010-03-20 17:23:25 ----D---- C:\WINDOWS\java
2010-03-20 17:23:25 ----D---- C:\WINDOWS\ime
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Help
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Driver Cache
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Debug
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Cursors
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Connection Wizard
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Config
2010-03-20 17:23:25 ----D---- C:\WINDOWS\AppPatch
2010-03-20 17:23:25 ----D---- C:\WINDOWS\addins
2010-03-20 17:23:25 ----D---- C:\WINDOWS
2010-03-20 17:23:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-03-20 17:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-03-20 17:21:27 ----D---- C:\Documents and Settings\Vlado\Application Data\ATI
2010-03-20 17:21:20 ----D---- C:\WINDOWS\system32\Lang
2010-03-20 17:21:19 ----D---- C:\Documents and Settings\Vlado\Application Data\Adobe
2010-03-20 17:17:32 ----A---- C:\WINDOWS\system32\wpa.bak
2010-03-20 17:16:39 ----SHD---- C:\RECYCLER
2010-03-20 17:16:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-03-20 17:16:27 ----D---- C:\Program Files\Common Files\Adobe
2010-03-20 17:15:45 ----A---- C:\WINDOWS\system32\ACEngSvr.exe
2010-03-20 17:15:09 ----A---- C:\WINDOWS\system32\TPESetting.dll
2010-03-20 17:15:08 ----A---- C:\WINDOWS\system32\ASUSTPE.exe
2010-03-20 17:13:26 ----D---- C:\Program Files\ASUS
2010-03-20 17:13:05 ----A---- C:\WINDOWS\system32\acs.exe
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wsimd.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wsfwDS.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wgapi.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wcapiU.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wcapi.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\dsaNac.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\dsa.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20U.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20resU.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20res.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20.dll
2010-03-20 17:12:41 ----D---- C:\Program Files\Atheros
2010-03-20 17:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Atheros
2010-03-20 17:11:48 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-03-20 17:11:39 ----D---- C:\Program Files\Wireless Console 2
2010-03-20 17:10:08 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-03-20 17:10:06 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-03-20 17:10:06 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-03-20 17:10:05 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-03-20 17:10:05 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-03-20 17:10:02 ----D---- C:\Program Files\Synaptics
2010-03-20 17:09:28 ----RA---- C:\WINDOWS\system32\sm56co6a.dll
2010-03-20 17:09:25 ----D---- C:\Program Files\Motorola
2010-03-20 17:09:13 ----R---- C:\WINDOWS\system32\ChCfg.exe
2010-03-20 17:09:06 ----D---- C:\WINDOWS\system32\Atheros_L2
2010-03-20 17:08:50 ----D---- C:\WINDOWS\system32\RTCOM
2010-03-20 17:08:43 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-03-20 17:08:35 ----R---- C:\WINDOWS\SoundMan.exe
2010-03-20 17:08:33 ----R---- C:\WINDOWS\SkyTel.exe
2010-03-20 17:08:32 ----R---- C:\WINDOWS\RtlUpd.exe
2010-03-20 17:08:29 ----R---- C:\WINDOWS\RTLCPL.exe
2010-03-20 17:08:22 ----R---- C:\WINDOWS\RTHDCPL.exe
2010-03-20 17:08:21 ----R---- C:\WINDOWS\MicCal.exe
2010-03-20 17:08:16 ----R---- C:\WINDOWS\alcwzrd.exe
2010-03-20 17:08:16 ----R---- C:\WINDOWS\Alcmtr.exe
2010-03-20 17:08:16 ----D---- C:\Program Files\Realtek
2010-03-20 17:08:14 ----R---- C:\WINDOWS\RtlExUpd.dll
2010-03-20 17:07:37 ----D---- C:\Program Files\OpenOffice.org 3
2010-03-20 17:01:04 ----RSD---- C:\WINDOWS\assembly
2010-03-20 17:00:41 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-20 17:00:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-20 17:00:08 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-03-20 16:59:08 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2010-03-20 16:59:06 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-03-20 16:58:46 ----D---- C:\Program Files\ATI Technologies
2010-03-20 16:58:28 ----D---- C:\Program Files\Common Files\InstallShield
2010-03-20 16:58:15 ----D---- C:\Program Files\ATKOSD2
2010-03-20 16:57:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-20 16:57:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-20 16:57:02 ----D---- C:\Program Files\ATK Hotkey
2010-03-20 16:57:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-20 16:56:56 ----D---- C:\Documents and Settings\Vlado\Application Data\InstallShield
2010-03-20 16:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB911164$
2010-03-20 16:54:45 ----A---- C:\Debug.txt
2010-03-20 16:53:07 ----D---- C:\Program Files\ESET
2010-03-20 16:53:07 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-03-20 16:50:48 ----D---- C:\WINDOWS\system32\1051
2010-03-20 16:50:26 ----D---- C:\temp
2010-03-20 16:49:25 ----D---- C:\Documents and Settings\Vlado\Application Data\Identities
2010-03-20 16:49:23 ----HD---- C:\Program Files\Uninstall Information
2010-03-20 16:49:18 ----ASH---- C:\Documents and Settings\Vlado\Application Data\desktop.ini
2010-03-20 16:49:17 ----SD---- C:\Documents and Settings\Vlado\Application Data\Microsoft
2010-03-20 16:48:44 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-20 16:48:43 ----SD---- C:\WINDOWS\system32\Microsoft
2010-03-20 16:48:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-20 16:44:49 ----D---- C:\WINDOWS\system32\xircom
2010-03-20 16:44:49 ----D---- C:\Program Files\xerox
2010-03-20 16:44:49 ----D---- C:\Program Files\microsoft frontpage
2010-03-20 16:44:44 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-20 16:44:43 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-03-20 16:44:28 ----A---- C:\WINDOWS\control.ini
2010-03-20 16:44:28 ----A---- C:\AUTOEXEC.BAT
2010-03-20 16:44:20 ----A---- C:\WINDOWS\OEWABLog.txt
2010-03-20 16:44:16 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-03-20 16:43:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-20 16:43:37 ----RD---- C:\WINDOWS\Offline Web Pages
2010-03-20 16:43:37 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-03-20 16:43:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-03-20 16:43:29 ----HD---- C:\Program Files\WindowsUpdate
2010-03-20 16:43:06 ----D---- C:\WINDOWS\system32\DirectX
2010-03-20 16:42:41 ----A---- C:\WINDOWS\system32\atrace.dll
2010-03-20 16:42:37 ----A---- C:\WINDOWS\system32\desktop.ini
2010-03-20 16:42:37 ----A---- C:\WINDOWS\desktop.ini
2010-03-20 16:42:29 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-03-20 16:42:28 ----A---- C:\WINDOWS\system32\acctres.dll
2010-03-20 16:42:27 ----D---- C:\Program Files\Common Files\Services
2010-03-20 16:42:24 ----SD---- C:\WINDOWS\Tasks
2010-03-20 16:42:24 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-03-20 16:42:23 ----D---- C:\Program Files\Common Files\MSSoap
2010-03-20 16:42:18 ----D---- C:\WINDOWS\srchasst
2010-03-20 16:42:17 ----D---- C:\WINDOWS\system32\Macromed
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wups.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-03-20 16:42:11 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-03-20 16:42:06 ----D---- C:\Program Files\Movie Maker
2010-03-20 16:42:02 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-03-20 16:42:02 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-03-20 16:42:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-03-20 16:42:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-03-20 16:41:57 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-03-20 16:41:57 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-03-20 16:41:56 ----D---- C:\WINDOWS\system32\Restore
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srclient.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\ils.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\msconf.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-03-20 16:41:51 ----D---- C:\Program Files\NetMeeting
2010-03-20 16:41:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-03-20 16:41:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-03-20 16:41:50 ----A---- C:\WINDOWS\system32\inetres.dll
2010-03-20 16:41:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-03-20 16:41:47 ----D---- C:\Program Files\Outlook Express
2010-03-20 16:41:47 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-03-20 16:41:47 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\mstask.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\isign32.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-03-20 16:41:39 ----D---- C:\Program Files\Common Files\System
2010-03-20 16:41:34 ----D---- C:\Program Files\Internet Explorer
2010-03-20 16:41:22 ----D---- C:\Program Files\ComPlus Applications
2010-03-20 16:41:20 ----A---- C:\WINDOWS\vbaddin.ini
2010-03-20 16:41:20 ----A---- C:\WINDOWS\vb.ini
2010-03-20 16:41:16 ----D---- C:\WINDOWS\Registration
2010-03-20 16:40:52 ----D---- C:\Program Files\Windows Media Player
2010-03-20 16:40:52 ----D---- C:\Program Files\Online Services
2010-03-20 16:40:47 ----D---- C:\Program Files\Messenger
2010-03-20 16:40:42 ----D---- C:\Program Files\MSN Gaming Zone
2010-03-20 16:40:42 ----A---- C:\WINDOWS\system32\write.exe
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\hticons.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avwav.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-03-20 16:40:30 ----A---- C:\WINDOWS\system32\winchat.exe
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\charmap.exe
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\getuname.dll
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\calc.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\winmine.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\sol.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\freecell.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tskill.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tscon.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\shadow.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\reset.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\regini.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\msg.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\logoff.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\stclient.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-03-20 16:40:12 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-03-20 16:39:53 ----D---- C:\Program Files\MSN
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-03-20 16:39:51 ----D---- C:\Program Files\Windows NT
2010-03-20 16:39:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-03-20 16:39:51 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-03-20 16:39:50 ----A---- C:\WINDOWS\system32\spider.exe
2010-03-20 16:39:50 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-03-20 16:39:47 ----D---- C:\WINDOWS\system32\MsDtc
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-03-20 16:39:45 ----D---- C:\WINDOWS\system32\Com
2010-03-20 16:39:45 ----A---- C:\WINDOWS\system32\colbact.dll
2010-03-20 16:39:45 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\comuid.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-03-20 16:39:37 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2010-03-21 12:59:06 ----A---- C:\WINDOWS\win.ini
2010-03-20 16:53:16 ----A---- C:\WINDOWS\system.ini
2010-03-10 06:33:41 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-03-10 06:33:38 ----A---- C:\WINDOWS\system32\browseui.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-08-21 30208]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 27520]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-25 25280]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 BBDemon;Backbone Service; C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-05-04 36864]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2006-02-28 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém so spustením Windows
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Zdravím 
Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.
Vyberte si třeba free Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe
Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.
Vyberte si třeba free Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe- Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
- Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.
Re: Problém so spustením Windows
CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd1\v5r18_a\crack\install.txt
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd1\v5r18_a\crack\js0group.dll
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd2\v5r18_b\crack\install.txt
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd2\v5r18_b\crack\js0group.dll
scanner sequence 3.BB.11
----- EOF -----
Plus nový log z RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Vlado at 2010-04-02 19:53:12
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 122 GB (80%) free of 153 GB
Total RAM: 1791 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:16, on 2.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Vlado\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Vlado.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MultiFrame] C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 5971 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-07-12 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-07-19 49520]
"ASUSTPE"=C:\WINDOWS\system32\ASUSTPE.exe [2007-01-16 106496]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-07-10 851968]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"MultiFrame"=C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-06-21 999792]
C:\Documents and Settings\Vlado\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\EA Sports\NHL 09\nhl2009.exe"="C:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\orbixd.exe"="C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\orbixd.exe:*:Enabled:orbixd"
"C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CNEXT.exe"="C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CNEXT.exe:*:Enabled:CATIA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-04-02 19:45:56 ----D---- C:\Program Files\Sunbelt Software
2010-04-02 19:40:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-02 19:40:00 ----D---- C:\Program Files\Alwil Software
2010-04-02 19:40:00 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-04-02 19:17:27 ----D---- C:\Program Files\trend micro
2010-04-02 19:17:26 ----D---- C:\rsit
2010-04-02 17:58:17 ----A---- C:\WINDOWS\ntbtlog.txt
2010-03-31 11:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-29 20:53:13 ----D---- C:\Program Files\AP Tuner
2010-03-29 20:50:35 ----D---- C:\Documents and Settings\Vlado\Application Data\Help
2010-03-28 18:13:13 ----D---- C:\Program Files\DsNET Corp
2010-03-28 18:10:49 ----D---- C:\Program Files\YouTube Downloader
2010-03-28 18:03:10 ----D---- C:\Program Files\Total Video Converter
2010-03-25 22:51:15 ----D---- C:\Program Files\Dassault Systemes
2010-03-25 22:49:31 ----D---- C:\Documents and Settings\Vlado\Application Data\DassaultSystemes
2010-03-25 22:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2010-03-25 21:28:41 ----D---- C:\Documents and Settings\Vlado\Application Data\WinRAR
2010-03-25 17:04:29 ----D---- C:\Program Files\Hamachi
2010-03-24 22:26:34 ----D---- C:\Documents and Settings\Vlado\Application Data\Hamachi
2010-03-24 17:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-03-24 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-03-24 17:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-24 11:25:54 ----D---- C:\WINDOWS\Prefetch
2010-03-24 09:07:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-24 09:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-24 09:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-24 09:07:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-24 09:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-24 09:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-24 09:06:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-24 09:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-24 09:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-24 09:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-24 09:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-03-24 09:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-03-24 09:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-03-24 09:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-03-24 09:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-03-24 09:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-03-24 09:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-03-24 09:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-03-24 09:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-03-24 09:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-03-24 09:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-24 09:05:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-24 09:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-03-24 09:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-24 09:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-24 09:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-03-24 09:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-24 09:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-03-24 09:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-24 09:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-03-24 09:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-03-24 09:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-24 09:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-03-24 09:04:12 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-03-24 09:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-03-24 09:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-03-24 09:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-03-24 09:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-03-24 09:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-03-24 09:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-24 09:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-03-24 09:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-24 09:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-03-24 09:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-03-24 09:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-03-24 09:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-03-24 09:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-03-24 09:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-03-24 09:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-24 09:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-03-24 09:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-24 09:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-03-24 09:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-03-24 09:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-24 08:59:12 ----D---- C:\WINDOWS\system32\scripting
2010-03-24 08:59:12 ----D---- C:\WINDOWS\l2schemas
2010-03-24 08:59:11 ----D---- C:\WINDOWS\system32\en
2010-03-24 08:59:11 ----D---- C:\WINDOWS\system32\bits
2010-03-24 08:53:56 ----D---- C:\WINDOWS\network diagnostic
2010-03-24 08:45:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-03-24 08:40:06 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-23 18:25:11 ----D---- C:\Documents and Settings\Vlado\Application Data\Miranda
2010-03-23 18:24:57 ----D---- C:\Program Files\Miranda IM
2010-03-23 08:11:38 ----D---- C:\WINDOWS\EHome
2010-03-23 00:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2010-03-23 00:05:56 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2010-03-22 21:01:51 ----D---- C:\Documents and Settings\Vlado\Application Data\ACD Systems
2010-03-22 21:01:23 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2010-03-22 21:01:15 ----D---- C:\Program Files\Common Files\ACD Systems
2010-03-22 21:01:15 ----D---- C:\Program Files\ACD Systems
2010-03-22 16:24:31 ----D---- C:\Documents and Settings\Vlado\Application Data\OpenOffice.org
2010-03-22 14:37:26 ----D---- C:\Program Files\Adobe
2010-03-22 13:33:17 ----D---- C:\Documents and Settings\Vlado\Application Data\BSplayer PRO
2010-03-22 13:33:09 ----D---- C:\Program Files\Webteh
2010-03-22 08:28:47 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-22 08:28:44 ----D---- C:\Program Files\MSBuild
2010-03-22 08:28:43 ----D---- C:\WINDOWS\system32\en-US
2010-03-22 08:28:39 ----D---- C:\Program Files\Reference Assemblies
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-22 08:28:17 ----D---- C:\336050d9b8dd93facfad93ac
2010-03-22 08:26:07 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-22 08:26:01 ----D---- C:\Program Files\MSXML 6.0
2010-03-22 07:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-03-22 07:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-03-22 07:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-03-22 07:58:29 ----D---- C:\Program Files\MSXML 4.0
2010-03-21 23:03:22 ----D---- C:\Program Files\EA Games
2010-03-21 21:42:10 ----D---- C:\Program Files\QuickTime
2010-03-21 21:42:07 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-03-21 21:41:51 ----D---- C:\Program Files\Common Files\Apple
2010-03-21 21:41:42 ----D---- C:\Program Files\Apple Software Update
2010-03-21 21:41:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-03-21 18:23:54 ----D---- C:\Documents and Settings\Vlado\Application Data\dvdcss
2010-03-21 13:12:48 ----D---- C:\Documents and Settings\Vlado\Application Data\Leadertech
2010-03-21 13:05:43 ----D---- C:\Program Files\EA Sports
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-21 13:05:39 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-21 13:05:38 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-21 13:05:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-21 13:05:36 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-21 13:05:36 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-21 13:05:32 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-21 13:05:30 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-21 13:05:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-21 13:05:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-21 13:05:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-21 13:05:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-21 13:05:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-21 13:05:14 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-21 13:04:53 ----D---- C:\WINDOWS\Logs
2010-03-21 13:02:01 ----D---- C:\Program Files\Alcohol Soft
2010-03-21 11:58:08 ----D---- C:\Program Files\WinRAR
2010-03-21 11:44:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-21 00:11:24 ----D---- C:\Documents and Settings\Vlado\Application Data\vlc
2010-03-21 00:10:27 ----D---- C:\Program Files\VideoLAN
2010-03-21 00:07:36 ----D---- C:\Documents and Settings\Vlado\Application Data\Ahead
2010-03-21 00:07:35 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2010-03-21 00:03:42 ----D---- C:\Program Files\Common Files\LightScribe
2010-03-21 00:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2010-03-21 00:00:15 ----D---- C:\Program Files\Nero
2010-03-21 00:00:15 ----D---- C:\Program Files\Common Files\Ahead
2010-03-21 00:00:15 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-03-20 23:59:20 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-20 23:59:01 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-03-20 23:59:00 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-03-20 23:56:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-20 23:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-03-20 23:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-03-20 23:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-03-20 23:55:59 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-03-20 23:55:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-03-20 23:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-03-20 23:55:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-03-20 23:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2010-03-20 23:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978207_0$
2010-03-20 23:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-03-20 23:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-03-20 23:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-03-20 23:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-03-20 23:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-03-20 23:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-03-20 23:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-03-20 23:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-03-20 23:54:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-03-20 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2_0$
2010-03-20 23:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-03-20 23:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-03-20 23:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-03-20 23:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_1$
2010-03-20 23:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_1$
2010-03-20 23:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-03-20 23:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-03-20 23:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-03-20 23:52:58 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-03-20 23:52:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-03-20 23:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-03-20 23:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978251_0$
2010-03-20 23:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-03-20 23:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-03-20 23:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-03-20 23:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-03-20 23:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-03-20 23:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-03-20 23:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-03-20 23:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-03-20 23:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-03-20 23:51:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-03-20 23:51:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-03-20 23:48:43 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-20 23:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-03-20 23:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-03-20 23:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-03-20 23:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-03-20 23:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-03-20 23:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-03-20 23:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-20 23:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-03-20 23:46:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-03-20 23:46:12 ----D---- C:\WINDOWS\ServicePackFiles
2010-03-20 23:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-03-20 23:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-03-20 23:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-03-20 23:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-03-20 23:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-03-20 23:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-03-20 23:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-03-20 23:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-03-20 23:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-03-20 23:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2010-03-20 20:13:09 ----D---- C:\Documents and Settings\Vlado\Application Data\Macromedia
2010-03-20 20:06:01 ----D---- C:\Documents and Settings\Vlado\Application Data\Mozilla
2010-03-20 20:05:41 ----D---- C:\Program Files\Mozilla Firefox
2010-03-20 17:38:21 ----A---- C:\WINDOWS\system32\h323log.txt
2010-03-20 17:33:55 ----A---- C:\WINDOWS\system32\usbui.dll
2010-03-20 17:32:49 ----A---- C:\WINDOWS\imsins.BAK
2010-03-20 17:32:47 ----SHD---- C:\WINDOWS\Installer
2010-03-20 17:32:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-20 17:32:46 ----D---- C:\Program Files\Common Files\ODBC
2010-03-20 17:32:46 ----A---- C:\WINDOWS\ODBCINST.INI
2010-03-20 17:32:42 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-03-20 17:32:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-20 17:32:41 ----RD---- C:\Program Files
2010-03-20 17:32:41 ----D---- C:\Program Files\Common Files
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-03-20 17:32:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-03-20 17:32:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-03-20 17:32:27 ----A---- C:\WINDOWS\system32\irclass.dll
2010-03-20 17:32:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-03-20 17:32:24 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-03-20 17:32:24 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-03-20 17:32:23 ----A---- C:\WINDOWS\system32\batt.dll
2010-03-20 17:32:23 ----A---- C:\WINDOWS\notepad.exe
2010-03-20 17:32:22 ----A---- C:\WINDOWS\system32\storprop.dll
2010-03-20 17:32:15 ----RA---- C:\WINDOWS\SET25.tmp
2010-03-20 17:32:15 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-03-20 17:32:12 ----RA---- C:\WINDOWS\SET8.tmp
2010-03-20 17:32:09 ----RA---- C:\WINDOWS\SET4.tmp
2010-03-20 17:32:07 ----RA---- C:\WINDOWS\SET3.tmp
2010-03-20 17:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-03-20 17:32:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-20 17:32:02 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-20 17:31:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-20 17:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-20 17:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-03-20 17:31:30 ----A---- C:\WINDOWS\setuplog.txt
2010-03-20 17:31:27 ----D---- C:\Documents and Settings
2010-03-20 17:31:26 ----SHD---- C:\System Volume Information
2010-03-20 17:30:42 ----SH---- C:\boot.ini
2010-03-20 17:29:39 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-03-20 17:28:12 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-03-20 17:23:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-20 17:23:25 ----RSD---- C:\WINDOWS\Fonts
2010-03-20 17:23:25 ----RD---- C:\WINDOWS\Web
2010-03-20 17:23:25 ----HD---- C:\WINDOWS\inf
2010-03-20 17:23:25 ----D---- C:\WINDOWS\WinSxS
2010-03-20 17:23:25 ----D---- C:\WINDOWS\twain_32
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Temp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\wins
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\wbem
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\usmt
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\spool
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ShellExt
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\Setup
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ras
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\oobe
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\npp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\mui
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\IME
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\icsxml
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ias
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\export
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\drivers
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\dhcp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\config
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\3com_dmi
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\3076
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\2052
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1054
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1042
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1041
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1037
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1033
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1031
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1028
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1025
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system
2010-03-20 17:23:25 ----D---- C:\WINDOWS\security
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Resources
2010-03-20 17:23:25 ----D---- C:\WINDOWS\repair
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Provisioning
2010-03-20 17:23:25 ----D---- C:\WINDOWS\pchealth
2010-03-20 17:23:25 ----D---- C:\WINDOWS\PeerNet
2010-03-20 17:23:25 ----D---- C:\WINDOWS\mui
2010-03-20 17:23:25 ----D---- C:\WINDOWS\msapps
2010-03-20 17:23:25 ----D---- C:\WINDOWS\msagent
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Media
2010-03-20 17:23:25 ----D---- C:\WINDOWS\java
2010-03-20 17:23:25 ----D---- C:\WINDOWS\ime
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Help
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Driver Cache
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Debug
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Cursors
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Connection Wizard
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Config
2010-03-20 17:23:25 ----D---- C:\WINDOWS\AppPatch
2010-03-20 17:23:25 ----D---- C:\WINDOWS\addins
2010-03-20 17:23:25 ----D---- C:\WINDOWS
2010-03-20 17:23:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-03-20 17:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-03-20 17:21:27 ----D---- C:\Documents and Settings\Vlado\Application Data\ATI
2010-03-20 17:21:20 ----D---- C:\WINDOWS\system32\Lang
2010-03-20 17:21:19 ----D---- C:\Documents and Settings\Vlado\Application Data\Adobe
2010-03-20 17:17:32 ----A---- C:\WINDOWS\system32\wpa.bak
2010-03-20 17:16:39 ----SHD---- C:\RECYCLER
2010-03-20 17:16:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-03-20 17:16:27 ----D---- C:\Program Files\Common Files\Adobe
2010-03-20 17:15:45 ----A---- C:\WINDOWS\system32\ACEngSvr.exe
2010-03-20 17:15:09 ----A---- C:\WINDOWS\system32\TPESetting.dll
2010-03-20 17:15:08 ----A---- C:\WINDOWS\system32\ASUSTPE.exe
2010-03-20 17:13:26 ----D---- C:\Program Files\ASUS
2010-03-20 17:13:05 ----A---- C:\WINDOWS\system32\acs.exe
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wsimd.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wsfwDS.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wgapi.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wcapiU.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wcapi.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\dsaNac.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\dsa.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20U.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20resU.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20res.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20.dll
2010-03-20 17:12:41 ----D---- C:\Program Files\Atheros
2010-03-20 17:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Atheros
2010-03-20 17:11:48 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-03-20 17:11:39 ----D---- C:\Program Files\Wireless Console 2
2010-03-20 17:10:08 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-03-20 17:10:06 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-03-20 17:10:06 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-03-20 17:10:05 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-03-20 17:10:05 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-03-20 17:10:02 ----D---- C:\Program Files\Synaptics
2010-03-20 17:09:28 ----RA---- C:\WINDOWS\system32\sm56co6a.dll
2010-03-20 17:09:25 ----D---- C:\Program Files\Motorola
2010-03-20 17:09:13 ----R---- C:\WINDOWS\system32\ChCfg.exe
2010-03-20 17:09:06 ----D---- C:\WINDOWS\system32\Atheros_L2
2010-03-20 17:08:50 ----D---- C:\WINDOWS\system32\RTCOM
2010-03-20 17:08:43 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-03-20 17:08:35 ----R---- C:\WINDOWS\SoundMan.exe
2010-03-20 17:08:33 ----R---- C:\WINDOWS\SkyTel.exe
2010-03-20 17:08:32 ----R---- C:\WINDOWS\RtlUpd.exe
2010-03-20 17:08:29 ----R---- C:\WINDOWS\RTLCPL.exe
2010-03-20 17:08:22 ----R---- C:\WINDOWS\RTHDCPL.exe
2010-03-20 17:08:21 ----R---- C:\WINDOWS\MicCal.exe
2010-03-20 17:08:16 ----R---- C:\WINDOWS\alcwzrd.exe
2010-03-20 17:08:16 ----R---- C:\WINDOWS\Alcmtr.exe
2010-03-20 17:08:16 ----D---- C:\Program Files\Realtek
2010-03-20 17:08:14 ----R---- C:\WINDOWS\RtlExUpd.dll
2010-03-20 17:07:37 ----D---- C:\Program Files\OpenOffice.org 3
2010-03-20 17:01:04 ----RSD---- C:\WINDOWS\assembly
2010-03-20 17:00:41 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-20 17:00:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-20 17:00:08 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-03-20 16:59:08 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2010-03-20 16:59:06 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-03-20 16:58:46 ----D---- C:\Program Files\ATI Technologies
2010-03-20 16:58:28 ----D---- C:\Program Files\Common Files\InstallShield
2010-03-20 16:58:15 ----D---- C:\Program Files\ATKOSD2
2010-03-20 16:57:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-20 16:57:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-20 16:57:02 ----D---- C:\Program Files\ATK Hotkey
2010-03-20 16:57:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-20 16:56:56 ----D---- C:\Documents and Settings\Vlado\Application Data\InstallShield
2010-03-20 16:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB911164$
2010-03-20 16:54:45 ----A---- C:\Debug.txt
2010-03-20 16:53:07 ----D---- C:\Program Files\ESET
2010-03-20 16:53:07 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-03-20 16:50:48 ----D---- C:\WINDOWS\system32\1051
2010-03-20 16:50:26 ----D---- C:\temp
2010-03-20 16:49:25 ----D---- C:\Documents and Settings\Vlado\Application Data\Identities
2010-03-20 16:49:23 ----HD---- C:\Program Files\Uninstall Information
2010-03-20 16:49:18 ----ASH---- C:\Documents and Settings\Vlado\Application Data\desktop.ini
2010-03-20 16:49:17 ----SD---- C:\Documents and Settings\Vlado\Application Data\Microsoft
2010-03-20 16:48:44 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-20 16:48:43 ----SD---- C:\WINDOWS\system32\Microsoft
2010-03-20 16:48:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-20 16:44:49 ----D---- C:\WINDOWS\system32\xircom
2010-03-20 16:44:49 ----D---- C:\Program Files\xerox
2010-03-20 16:44:49 ----D---- C:\Program Files\microsoft frontpage
2010-03-20 16:44:44 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-20 16:44:43 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-03-20 16:44:28 ----A---- C:\WINDOWS\control.ini
2010-03-20 16:44:28 ----A---- C:\AUTOEXEC.BAT
2010-03-20 16:44:20 ----A---- C:\WINDOWS\OEWABLog.txt
2010-03-20 16:44:16 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-03-20 16:43:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-20 16:43:37 ----RD---- C:\WINDOWS\Offline Web Pages
2010-03-20 16:43:37 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-03-20 16:43:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-03-20 16:43:29 ----HD---- C:\Program Files\WindowsUpdate
2010-03-20 16:43:06 ----D---- C:\WINDOWS\system32\DirectX
2010-03-20 16:42:41 ----A---- C:\WINDOWS\system32\atrace.dll
2010-03-20 16:42:37 ----A---- C:\WINDOWS\system32\desktop.ini
2010-03-20 16:42:37 ----A---- C:\WINDOWS\desktop.ini
2010-03-20 16:42:29 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-03-20 16:42:28 ----A---- C:\WINDOWS\system32\acctres.dll
2010-03-20 16:42:27 ----D---- C:\Program Files\Common Files\Services
2010-03-20 16:42:24 ----SD---- C:\WINDOWS\Tasks
2010-03-20 16:42:24 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-03-20 16:42:23 ----D---- C:\Program Files\Common Files\MSSoap
2010-03-20 16:42:18 ----D---- C:\WINDOWS\srchasst
2010-03-20 16:42:17 ----D---- C:\WINDOWS\system32\Macromed
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wups.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-03-20 16:42:11 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-03-20 16:42:06 ----D---- C:\Program Files\Movie Maker
2010-03-20 16:42:02 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-03-20 16:42:02 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-03-20 16:42:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-03-20 16:42:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-03-20 16:41:57 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-03-20 16:41:57 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-03-20 16:41:56 ----D---- C:\WINDOWS\system32\Restore
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srclient.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\ils.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\msconf.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-03-20 16:41:51 ----D---- C:\Program Files\NetMeeting
2010-03-20 16:41:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-03-20 16:41:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-03-20 16:41:50 ----A---- C:\WINDOWS\system32\inetres.dll
2010-03-20 16:41:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-03-20 16:41:47 ----D---- C:\Program Files\Outlook Express
2010-03-20 16:41:47 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-03-20 16:41:47 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\mstask.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\isign32.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-03-20 16:41:39 ----D---- C:\Program Files\Common Files\System
2010-03-20 16:41:34 ----D---- C:\Program Files\Internet Explorer
2010-03-20 16:41:22 ----D---- C:\Program Files\ComPlus Applications
2010-03-20 16:41:20 ----A---- C:\WINDOWS\vbaddin.ini
2010-03-20 16:41:20 ----A---- C:\WINDOWS\vb.ini
2010-03-20 16:41:16 ----D---- C:\WINDOWS\Registration
2010-03-20 16:40:52 ----D---- C:\Program Files\Windows Media Player
2010-03-20 16:40:52 ----D---- C:\Program Files\Online Services
2010-03-20 16:40:47 ----D---- C:\Program Files\Messenger
2010-03-20 16:40:42 ----D---- C:\Program Files\MSN Gaming Zone
2010-03-20 16:40:42 ----A---- C:\WINDOWS\system32\write.exe
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\hticons.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avwav.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-03-20 16:40:30 ----A---- C:\WINDOWS\system32\winchat.exe
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\charmap.exe
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\getuname.dll
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\calc.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\winmine.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\sol.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\freecell.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tskill.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tscon.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\shadow.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\reset.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\regini.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\msg.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\logoff.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\stclient.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-03-20 16:40:12 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-03-20 16:39:53 ----D---- C:\Program Files\MSN
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-03-20 16:39:51 ----D---- C:\Program Files\Windows NT
2010-03-20 16:39:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-03-20 16:39:51 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-03-20 16:39:50 ----A---- C:\WINDOWS\system32\spider.exe
2010-03-20 16:39:50 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-03-20 16:39:47 ----D---- C:\WINDOWS\system32\MsDtc
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-03-20 16:39:45 ----D---- C:\WINDOWS\system32\Com
2010-03-20 16:39:45 ----A---- C:\WINDOWS\system32\colbact.dll
2010-03-20 16:39:45 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\comuid.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-03-20 16:39:37 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2010-03-21 12:59:06 ----A---- C:\WINDOWS\win.ini
2010-03-20 16:53:16 ----A---- C:\WINDOWS\system.ini
2010-03-10 06:33:41 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-03-10 06:33:38 ----A---- C:\WINDOWS\system32\browseui.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-08-21 30208]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 27520]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-25 25280]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 BBDemon;Backbone Service; C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-05-04 36864]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2006-02-28 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd1\v5r18_a\crack\install.txt
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd1\v5r18_a\crack\js0group.dll
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd2\v5r18_b\crack\install.txt
c:\documents and settings\vlado\my documents\catia\catia v5r18 cd2\v5r18_b\crack\js0group.dll
scanner sequence 3.BB.11
----- EOF -----
Plus nový log z RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Vlado at 2010-04-02 19:53:12
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 122 GB (80%) free of 153 GB
Total RAM: 1791 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:16, on 2.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Vlado\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Vlado.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MultiFrame] C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CCC.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
--
End of file - 5971 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-07-12 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-07-19 49520]
"ASUSTPE"=C:\WINDOWS\system32\ASUSTPE.exe [2007-01-16 106496]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-07-10 851968]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-02-15 417792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"MultiFrame"=C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-06-21 999792]
C:\Documents and Settings\Vlado\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\EA Sports\NHL 09\nhl2009.exe"="C:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\orbixd.exe"="C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\orbixd.exe:*:Enabled:orbixd"
"C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CNEXT.exe"="C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CNEXT.exe:*:Enabled:CATIA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-04-02 19:45:56 ----D---- C:\Program Files\Sunbelt Software
2010-04-02 19:40:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-02 19:40:00 ----D---- C:\Program Files\Alwil Software
2010-04-02 19:40:00 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-04-02 19:17:27 ----D---- C:\Program Files\trend micro
2010-04-02 19:17:26 ----D---- C:\rsit
2010-04-02 17:58:17 ----A---- C:\WINDOWS\ntbtlog.txt
2010-03-31 11:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-29 20:53:13 ----D---- C:\Program Files\AP Tuner
2010-03-29 20:50:35 ----D---- C:\Documents and Settings\Vlado\Application Data\Help
2010-03-28 18:13:13 ----D---- C:\Program Files\DsNET Corp
2010-03-28 18:10:49 ----D---- C:\Program Files\YouTube Downloader
2010-03-28 18:03:10 ----D---- C:\Program Files\Total Video Converter
2010-03-25 22:51:15 ----D---- C:\Program Files\Dassault Systemes
2010-03-25 22:49:31 ----D---- C:\Documents and Settings\Vlado\Application Data\DassaultSystemes
2010-03-25 22:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2010-03-25 21:28:41 ----D---- C:\Documents and Settings\Vlado\Application Data\WinRAR
2010-03-25 17:04:29 ----D---- C:\Program Files\Hamachi
2010-03-24 22:26:34 ----D---- C:\Documents and Settings\Vlado\Application Data\Hamachi
2010-03-24 17:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-03-24 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-03-24 17:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-03-24 11:25:54 ----D---- C:\WINDOWS\Prefetch
2010-03-24 09:07:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-03-24 09:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-03-24 09:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-24 09:07:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-03-24 09:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-03-24 09:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-03-24 09:06:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-03-24 09:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-24 09:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-03-24 09:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-03-24 09:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-03-24 09:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-03-24 09:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-03-24 09:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-03-24 09:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-03-24 09:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-03-24 09:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-03-24 09:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-03-24 09:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-03-24 09:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-03-24 09:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-03-24 09:05:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-24 09:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-03-24 09:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-03-24 09:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-24 09:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-03-24 09:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-03-24 09:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-03-24 09:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-03-24 09:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-03-24 09:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-03-24 09:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-24 09:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-03-24 09:04:12 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-03-24 09:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-03-24 09:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-03-24 09:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-03-24 09:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-03-24 09:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-03-24 09:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-03-24 09:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-03-24 09:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-03-24 09:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-03-24 09:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-03-24 09:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-03-24 09:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-03-24 09:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-03-24 09:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-03-24 09:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-03-24 09:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-03-24 09:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-03-24 09:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-03-24 09:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-03-24 09:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-03-24 08:59:12 ----D---- C:\WINDOWS\system32\scripting
2010-03-24 08:59:12 ----D---- C:\WINDOWS\l2schemas
2010-03-24 08:59:11 ----D---- C:\WINDOWS\system32\en
2010-03-24 08:59:11 ----D---- C:\WINDOWS\system32\bits
2010-03-24 08:53:56 ----D---- C:\WINDOWS\network diagnostic
2010-03-24 08:45:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-03-24 08:40:06 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-23 18:25:11 ----D---- C:\Documents and Settings\Vlado\Application Data\Miranda
2010-03-23 18:24:57 ----D---- C:\Program Files\Miranda IM
2010-03-23 08:11:38 ----D---- C:\WINDOWS\EHome
2010-03-23 00:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2010-03-23 00:05:56 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2010-03-22 21:01:51 ----D---- C:\Documents and Settings\Vlado\Application Data\ACD Systems
2010-03-22 21:01:23 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2010-03-22 21:01:15 ----D---- C:\Program Files\Common Files\ACD Systems
2010-03-22 21:01:15 ----D---- C:\Program Files\ACD Systems
2010-03-22 16:24:31 ----D---- C:\Documents and Settings\Vlado\Application Data\OpenOffice.org
2010-03-22 14:37:26 ----D---- C:\Program Files\Adobe
2010-03-22 13:33:17 ----D---- C:\Documents and Settings\Vlado\Application Data\BSplayer PRO
2010-03-22 13:33:09 ----D---- C:\Program Files\Webteh
2010-03-22 08:28:47 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-22 08:28:44 ----D---- C:\Program Files\MSBuild
2010-03-22 08:28:43 ----D---- C:\WINDOWS\system32\en-US
2010-03-22 08:28:39 ----D---- C:\Program Files\Reference Assemblies
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-22 08:28:18 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-22 08:28:17 ----D---- C:\336050d9b8dd93facfad93ac
2010-03-22 08:26:07 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-22 08:26:01 ----D---- C:\Program Files\MSXML 6.0
2010-03-22 07:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-03-22 07:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-03-22 07:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-03-22 07:58:29 ----D---- C:\Program Files\MSXML 4.0
2010-03-21 23:03:22 ----D---- C:\Program Files\EA Games
2010-03-21 21:42:10 ----D---- C:\Program Files\QuickTime
2010-03-21 21:42:07 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-03-21 21:41:51 ----D---- C:\Program Files\Common Files\Apple
2010-03-21 21:41:42 ----D---- C:\Program Files\Apple Software Update
2010-03-21 21:41:42 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-03-21 18:23:54 ----D---- C:\Documents and Settings\Vlado\Application Data\dvdcss
2010-03-21 13:12:48 ----D---- C:\Documents and Settings\Vlado\Application Data\Leadertech
2010-03-21 13:05:43 ----D---- C:\Program Files\EA Sports
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-21 13:05:41 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-21 13:05:40 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-21 13:05:39 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-21 13:05:38 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-21 13:05:38 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-21 13:05:37 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-21 13:05:36 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-21 13:05:36 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-21 13:05:34 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-21 13:05:33 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-21 13:05:32 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-21 13:05:31 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-21 13:05:30 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-21 13:05:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-21 13:05:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-21 13:05:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-21 13:05:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-21 13:05:26 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-21 13:05:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-21 13:05:24 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-21 13:05:16 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-21 13:05:15 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-21 13:05:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-21 13:05:14 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-21 13:04:53 ----D---- C:\WINDOWS\Logs
2010-03-21 13:02:01 ----D---- C:\Program Files\Alcohol Soft
2010-03-21 11:58:08 ----D---- C:\Program Files\WinRAR
2010-03-21 11:44:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-21 00:11:24 ----D---- C:\Documents and Settings\Vlado\Application Data\vlc
2010-03-21 00:10:27 ----D---- C:\Program Files\VideoLAN
2010-03-21 00:07:36 ----D---- C:\Documents and Settings\Vlado\Application Data\Ahead
2010-03-21 00:07:35 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe
2010-03-21 00:03:42 ----D---- C:\Program Files\Common Files\LightScribe
2010-03-21 00:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2010-03-21 00:00:15 ----D---- C:\Program Files\Nero
2010-03-21 00:00:15 ----D---- C:\Program Files\Common Files\Ahead
2010-03-21 00:00:15 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-03-20 23:59:20 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-20 23:59:01 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-03-20 23:59:00 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-03-20 23:56:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-03-20 23:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-03-20 23:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-03-20 23:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-03-20 23:55:59 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-03-20 23:55:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-03-20 23:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-03-20 23:55:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-03-20 23:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2010-03-20 23:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978207_0$
2010-03-20 23:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-03-20 23:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-03-20 23:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-03-20 23:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-03-20 23:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-03-20 23:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-03-20 23:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-03-20 23:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-03-20 23:54:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-03-20 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2_0$
2010-03-20 23:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-03-20 23:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-03-20 23:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-03-20 23:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_1$
2010-03-20 23:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_1$
2010-03-20 23:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-03-20 23:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-03-20 23:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-03-20 23:52:58 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-03-20 23:52:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-03-20 23:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-03-20 23:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978251_0$
2010-03-20 23:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-03-20 23:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-03-20 23:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-03-20 23:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-03-20 23:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-03-20 23:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-03-20 23:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-03-20 23:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-03-20 23:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-03-20 23:51:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-03-20 23:51:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-03-20 23:48:43 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-20 23:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-03-20 23:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-03-20 23:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-03-20 23:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-03-20 23:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-03-20 23:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-03-20 23:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-20 23:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-03-20 23:46:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-03-20 23:46:12 ----D---- C:\WINDOWS\ServicePackFiles
2010-03-20 23:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-03-20 23:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-03-20 23:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-03-20 23:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-03-20 23:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-03-20 23:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-03-20 23:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-03-20 23:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-03-20 23:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-03-20 23:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2010-03-20 20:13:09 ----D---- C:\Documents and Settings\Vlado\Application Data\Macromedia
2010-03-20 20:06:01 ----D---- C:\Documents and Settings\Vlado\Application Data\Mozilla
2010-03-20 20:05:41 ----D---- C:\Program Files\Mozilla Firefox
2010-03-20 17:38:21 ----A---- C:\WINDOWS\system32\h323log.txt
2010-03-20 17:33:55 ----A---- C:\WINDOWS\system32\usbui.dll
2010-03-20 17:32:49 ----A---- C:\WINDOWS\imsins.BAK
2010-03-20 17:32:47 ----SHD---- C:\WINDOWS\Installer
2010-03-20 17:32:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-20 17:32:46 ----D---- C:\Program Files\Common Files\ODBC
2010-03-20 17:32:46 ----A---- C:\WINDOWS\ODBCINST.INI
2010-03-20 17:32:42 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-03-20 17:32:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-20 17:32:41 ----RD---- C:\Program Files
2010-03-20 17:32:41 ----D---- C:\Program Files\Common Files
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-03-20 17:32:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-03-20 17:32:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-03-20 17:32:36 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-03-20 17:32:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-03-20 17:32:32 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-03-20 17:32:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-03-20 17:32:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-03-20 17:32:29 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-03-20 17:32:27 ----A---- C:\WINDOWS\system32\irclass.dll
2010-03-20 17:32:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-03-20 17:32:26 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-03-20 17:32:24 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-03-20 17:32:24 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-03-20 17:32:23 ----A---- C:\WINDOWS\system32\batt.dll
2010-03-20 17:32:23 ----A---- C:\WINDOWS\notepad.exe
2010-03-20 17:32:22 ----A---- C:\WINDOWS\system32\storprop.dll
2010-03-20 17:32:15 ----RA---- C:\WINDOWS\SET25.tmp
2010-03-20 17:32:15 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-03-20 17:32:12 ----RA---- C:\WINDOWS\SET8.tmp
2010-03-20 17:32:09 ----RA---- C:\WINDOWS\SET4.tmp
2010-03-20 17:32:07 ----RA---- C:\WINDOWS\SET3.tmp
2010-03-20 17:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-03-20 17:32:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-20 17:32:02 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-20 17:31:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-03-20 17:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-20 17:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-03-20 17:31:30 ----A---- C:\WINDOWS\setuplog.txt
2010-03-20 17:31:27 ----D---- C:\Documents and Settings
2010-03-20 17:31:26 ----SHD---- C:\System Volume Information
2010-03-20 17:30:42 ----SH---- C:\boot.ini
2010-03-20 17:29:39 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-03-20 17:28:12 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-03-20 17:23:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-20 17:23:25 ----RSD---- C:\WINDOWS\Fonts
2010-03-20 17:23:25 ----RD---- C:\WINDOWS\Web
2010-03-20 17:23:25 ----HD---- C:\WINDOWS\inf
2010-03-20 17:23:25 ----D---- C:\WINDOWS\WinSxS
2010-03-20 17:23:25 ----D---- C:\WINDOWS\twain_32
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Temp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\wins
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\wbem
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\usmt
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\spool
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ShellExt
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\Setup
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ras
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\oobe
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\npp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\mui
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\IME
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\icsxml
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\ias
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\export
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\drivers
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\dhcp
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\config
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\3com_dmi
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\3076
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\2052
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1054
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1042
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1041
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1037
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1033
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1031
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1028
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32\1025
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system32
2010-03-20 17:23:25 ----D---- C:\WINDOWS\system
2010-03-20 17:23:25 ----D---- C:\WINDOWS\security
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Resources
2010-03-20 17:23:25 ----D---- C:\WINDOWS\repair
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Provisioning
2010-03-20 17:23:25 ----D---- C:\WINDOWS\pchealth
2010-03-20 17:23:25 ----D---- C:\WINDOWS\PeerNet
2010-03-20 17:23:25 ----D---- C:\WINDOWS\mui
2010-03-20 17:23:25 ----D---- C:\WINDOWS\msapps
2010-03-20 17:23:25 ----D---- C:\WINDOWS\msagent
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Media
2010-03-20 17:23:25 ----D---- C:\WINDOWS\java
2010-03-20 17:23:25 ----D---- C:\WINDOWS\ime
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Help
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Driver Cache
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Debug
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Cursors
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Connection Wizard
2010-03-20 17:23:25 ----D---- C:\WINDOWS\Config
2010-03-20 17:23:25 ----D---- C:\WINDOWS\AppPatch
2010-03-20 17:23:25 ----D---- C:\WINDOWS\addins
2010-03-20 17:23:25 ----D---- C:\WINDOWS
2010-03-20 17:23:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-03-20 17:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-03-20 17:21:27 ----D---- C:\Documents and Settings\Vlado\Application Data\ATI
2010-03-20 17:21:20 ----D---- C:\WINDOWS\system32\Lang
2010-03-20 17:21:19 ----D---- C:\Documents and Settings\Vlado\Application Data\Adobe
2010-03-20 17:17:32 ----A---- C:\WINDOWS\system32\wpa.bak
2010-03-20 17:16:39 ----SHD---- C:\RECYCLER
2010-03-20 17:16:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-03-20 17:16:27 ----D---- C:\Program Files\Common Files\Adobe
2010-03-20 17:15:45 ----A---- C:\WINDOWS\system32\ACEngSvr.exe
2010-03-20 17:15:09 ----A---- C:\WINDOWS\system32\TPESetting.dll
2010-03-20 17:15:08 ----A---- C:\WINDOWS\system32\ASUSTPE.exe
2010-03-20 17:13:26 ----D---- C:\Program Files\ASUS
2010-03-20 17:13:05 ----A---- C:\WINDOWS\system32\acs.exe
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wsimd.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wsfwDS.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wgapi.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wcapiU.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\wcapi.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\dsaNac.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\dsa.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20U.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20resU.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20res.dll
2010-03-20 17:12:44 ----A---- C:\WINDOWS\system32\athcfg20.dll
2010-03-20 17:12:41 ----D---- C:\Program Files\Atheros
2010-03-20 17:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Atheros
2010-03-20 17:11:48 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-03-20 17:11:39 ----D---- C:\Program Files\Wireless Console 2
2010-03-20 17:10:08 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-03-20 17:10:06 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-03-20 17:10:06 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-03-20 17:10:05 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-03-20 17:10:05 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-03-20 17:10:02 ----D---- C:\Program Files\Synaptics
2010-03-20 17:09:28 ----RA---- C:\WINDOWS\system32\sm56co6a.dll
2010-03-20 17:09:25 ----D---- C:\Program Files\Motorola
2010-03-20 17:09:13 ----R---- C:\WINDOWS\system32\ChCfg.exe
2010-03-20 17:09:06 ----D---- C:\WINDOWS\system32\Atheros_L2
2010-03-20 17:08:50 ----D---- C:\WINDOWS\system32\RTCOM
2010-03-20 17:08:43 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-03-20 17:08:35 ----R---- C:\WINDOWS\SoundMan.exe
2010-03-20 17:08:33 ----R---- C:\WINDOWS\SkyTel.exe
2010-03-20 17:08:32 ----R---- C:\WINDOWS\RtlUpd.exe
2010-03-20 17:08:29 ----R---- C:\WINDOWS\RTLCPL.exe
2010-03-20 17:08:22 ----R---- C:\WINDOWS\RTHDCPL.exe
2010-03-20 17:08:21 ----R---- C:\WINDOWS\MicCal.exe
2010-03-20 17:08:16 ----R---- C:\WINDOWS\alcwzrd.exe
2010-03-20 17:08:16 ----R---- C:\WINDOWS\Alcmtr.exe
2010-03-20 17:08:16 ----D---- C:\Program Files\Realtek
2010-03-20 17:08:14 ----R---- C:\WINDOWS\RtlExUpd.dll
2010-03-20 17:07:37 ----D---- C:\Program Files\OpenOffice.org 3
2010-03-20 17:01:04 ----RSD---- C:\WINDOWS\assembly
2010-03-20 17:00:41 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-20 17:00:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-03-20 17:00:08 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-03-20 16:59:08 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2010-03-20 16:59:06 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-03-20 16:58:46 ----D---- C:\Program Files\ATI Technologies
2010-03-20 16:58:28 ----D---- C:\Program Files\Common Files\InstallShield
2010-03-20 16:58:15 ----D---- C:\Program Files\ATKOSD2
2010-03-20 16:57:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-20 16:57:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-20 16:57:02 ----D---- C:\Program Files\ATK Hotkey
2010-03-20 16:57:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-20 16:56:56 ----D---- C:\Documents and Settings\Vlado\Application Data\InstallShield
2010-03-20 16:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB911164$
2010-03-20 16:54:45 ----A---- C:\Debug.txt
2010-03-20 16:53:07 ----D---- C:\Program Files\ESET
2010-03-20 16:53:07 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-03-20 16:50:48 ----D---- C:\WINDOWS\system32\1051
2010-03-20 16:50:26 ----D---- C:\temp
2010-03-20 16:49:25 ----D---- C:\Documents and Settings\Vlado\Application Data\Identities
2010-03-20 16:49:23 ----HD---- C:\Program Files\Uninstall Information
2010-03-20 16:49:18 ----ASH---- C:\Documents and Settings\Vlado\Application Data\desktop.ini
2010-03-20 16:49:17 ----SD---- C:\Documents and Settings\Vlado\Application Data\Microsoft
2010-03-20 16:48:44 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-20 16:48:43 ----SD---- C:\WINDOWS\system32\Microsoft
2010-03-20 16:48:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-20 16:44:49 ----D---- C:\WINDOWS\system32\xircom
2010-03-20 16:44:49 ----D---- C:\Program Files\xerox
2010-03-20 16:44:49 ----D---- C:\Program Files\microsoft frontpage
2010-03-20 16:44:44 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-20 16:44:43 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-03-20 16:44:28 ----A---- C:\WINDOWS\control.ini
2010-03-20 16:44:28 ----A---- C:\AUTOEXEC.BAT
2010-03-20 16:44:20 ----A---- C:\WINDOWS\OEWABLog.txt
2010-03-20 16:44:16 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-03-20 16:43:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-20 16:43:37 ----RD---- C:\WINDOWS\Offline Web Pages
2010-03-20 16:43:37 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-03-20 16:43:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-03-20 16:43:29 ----HD---- C:\Program Files\WindowsUpdate
2010-03-20 16:43:06 ----D---- C:\WINDOWS\system32\DirectX
2010-03-20 16:42:41 ----A---- C:\WINDOWS\system32\atrace.dll
2010-03-20 16:42:37 ----A---- C:\WINDOWS\system32\desktop.ini
2010-03-20 16:42:37 ----A---- C:\WINDOWS\desktop.ini
2010-03-20 16:42:29 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-03-20 16:42:28 ----A---- C:\WINDOWS\system32\acctres.dll
2010-03-20 16:42:27 ----D---- C:\Program Files\Common Files\Services
2010-03-20 16:42:24 ----SD---- C:\WINDOWS\Tasks
2010-03-20 16:42:24 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-03-20 16:42:23 ----D---- C:\Program Files\Common Files\MSSoap
2010-03-20 16:42:18 ----D---- C:\WINDOWS\srchasst
2010-03-20 16:42:17 ----D---- C:\WINDOWS\system32\Macromed
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-03-20 16:42:13 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wups.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-03-20 16:42:12 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-03-20 16:42:11 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-03-20 16:42:06 ----D---- C:\Program Files\Movie Maker
2010-03-20 16:42:02 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-03-20 16:42:02 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-03-20 16:42:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-03-20 16:42:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-03-20 16:41:57 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-03-20 16:41:57 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-03-20 16:41:56 ----D---- C:\WINDOWS\system32\Restore
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-03-20 16:41:56 ----A---- C:\WINDOWS\system32\srclient.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-03-20 16:41:55 ----A---- C:\WINDOWS\system32\ils.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\msconf.dll
2010-03-20 16:41:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-03-20 16:41:51 ----D---- C:\Program Files\NetMeeting
2010-03-20 16:41:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-03-20 16:41:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-03-20 16:41:50 ----A---- C:\WINDOWS\system32\inetres.dll
2010-03-20 16:41:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-03-20 16:41:47 ----D---- C:\Program Files\Outlook Express
2010-03-20 16:41:47 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-03-20 16:41:47 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\mstask.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\isign32.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-03-20 16:41:46 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-03-20 16:41:39 ----D---- C:\Program Files\Common Files\System
2010-03-20 16:41:34 ----D---- C:\Program Files\Internet Explorer
2010-03-20 16:41:22 ----D---- C:\Program Files\ComPlus Applications
2010-03-20 16:41:20 ----A---- C:\WINDOWS\vbaddin.ini
2010-03-20 16:41:20 ----A---- C:\WINDOWS\vb.ini
2010-03-20 16:41:16 ----D---- C:\WINDOWS\Registration
2010-03-20 16:40:52 ----D---- C:\Program Files\Windows Media Player
2010-03-20 16:40:52 ----D---- C:\Program Files\Online Services
2010-03-20 16:40:47 ----D---- C:\Program Files\Messenger
2010-03-20 16:40:42 ----D---- C:\Program Files\MSN Gaming Zone
2010-03-20 16:40:42 ----A---- C:\WINDOWS\system32\write.exe
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\hticons.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avwav.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-03-20 16:40:31 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-03-20 16:40:30 ----A---- C:\WINDOWS\system32\winchat.exe
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\charmap.exe
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\getuname.dll
2010-03-20 16:40:22 ----A---- C:\WINDOWS\system32\calc.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\winmine.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\sol.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-03-20 16:40:21 ----A---- C:\WINDOWS\system32\freecell.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tskill.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\tscon.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\shadow.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\reset.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\regini.exe
2010-03-20 16:40:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\msg.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\logoff.exe
2010-03-20 16:40:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-03-20 16:40:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\stclient.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-03-20 16:40:17 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-03-20 16:40:12 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-03-20 16:39:53 ----D---- C:\Program Files\MSN
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-03-20 16:39:52 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-03-20 16:39:51 ----D---- C:\Program Files\Windows NT
2010-03-20 16:39:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-03-20 16:39:51 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-03-20 16:39:50 ----A---- C:\WINDOWS\system32\spider.exe
2010-03-20 16:39:50 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-03-20 16:39:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-03-20 16:39:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-03-20 16:39:47 ----D---- C:\WINDOWS\system32\MsDtc
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-03-20 16:39:47 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-03-20 16:39:46 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-03-20 16:39:45 ----D---- C:\WINDOWS\system32\Com
2010-03-20 16:39:45 ----A---- C:\WINDOWS\system32\colbact.dll
2010-03-20 16:39:45 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-03-20 16:39:44 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\comuid.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-03-20 16:39:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-03-20 16:39:37 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-03-20 16:39:36 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2010-03-21 12:59:06 ----A---- C:\WINDOWS\win.ini
2010-03-20 16:53:16 ----A---- C:\WINDOWS\system.ini
2010-03-10 06:33:41 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-03-10 06:33:38 ----A---- C:\WINDOWS\system32\browseui.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-08-21 30208]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 27520]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-25 25280]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 BBDemon;Backbone Service; C:\Program Files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-05-04 36864]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2006-02-28 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe- Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
- Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
- Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
- Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
- Během skenování může být počítač restartován.
Re: Problém so spustením Windows
ComboFix 10-04-01.02 - Vlado 02.04.2010 20:20:27.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1791.1354 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\AppPatch\AcAdProc.dll
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((( Files Created from 2010-03-02 to 2010-04-02 )))))))))))))))))))))))))))))))
.
2010-04-02 17:46 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-04-02 17:46 . 2008-10-31 05:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-04-02 17:45 . 2010-04-02 17:45 -------- d-----w- c:\program files\Sunbelt Software
2010-04-02 17:41 . 2010-03-09 10:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-02 17:41 . 2010-03-09 10:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-02 17:41 . 2010-03-09 10:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-02 17:41 . 2010-03-09 10:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-02 17:41 . 2010-03-09 10:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-02 17:41 . 2010-03-09 10:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-02 17:41 . 2010-03-09 10:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-02 17:40 . 2010-03-09 10:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-02 17:40 . 2010-03-09 10:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\program files\Alwil Software
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-02 17:17 . 2010-04-02 17:53 -------- d-----w- c:\program files\trend micro
2010-04-02 17:17 . 2010-04-02 17:27 -------- d-----w- C:\rsit
2010-04-02 15:47 . 2010-04-02 15:47 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-29 18:53 . 2010-03-29 18:53 -------- d-----w- c:\program files\AP Tuner
2010-03-29 18:50 . 2010-03-29 18:50 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Help
2010-03-28 16:13 . 2010-03-28 16:13 -------- d-----w- c:\program files\DsNET Corp
2010-03-28 16:10 . 2010-03-28 16:12 -------- d-----w- c:\program files\YouTube Downloader
2010-03-28 16:10 . 2010-03-28 16:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-03-28 16:03 . 2010-03-28 16:11 -------- d-----w- c:\program files\Total Video Converter
2010-03-25 20:51 . 2010-03-25 20:51 -------- d-----w- c:\program files\Dassault Systemes
2010-03-25 20:49 . 2010-03-25 20:51 -------- d-----w- c:\documents and settings\All Users\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\DassaultSystemes
2010-03-25 19:26 . 2010-03-25 19:26 -------- d-----w- c:\documents and settings\Vlado\dwhelper
2010-03-25 15:04 . 2010-03-25 15:04 -------- d-----w- c:\program files\Hamachi
2010-03-24 20:26 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\Hamachi
2010-03-24 20:25 . 2010-03-25 15:04 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-03-24 14:11 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\scripting
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\l2schemas
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\en
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\bits
2010-03-24 06:40 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-23 16:25 . 2010-03-23 16:25 -------- d-----w- c:\documents and settings\Vlado\Application Data\Miranda
2010-03-23 16:24 . 2010-03-24 20:25 -------- d-----w- c:\program files\Miranda IM
2010-03-23 06:11 . 2010-03-24 06:45 -------- d-----w- c:\windows\EHome
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\ACD Systems
2010-03-22 18:59 . 2010-03-22 18:59 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Downloaded Installations
2010-03-22 14:24 . 2010-03-22 14:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\OpenOffice.org
2010-03-22 11:33 . 2010-04-01 08:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\BSplayer PRO
2010-03-22 11:33 . 2010-03-22 11:33 -------- d-----w- c:\program files\Webteh
2010-03-22 06:26 . 2010-03-22 06:26 -------- d-----w- c:\program files\MSXML 6.0
2010-03-22 05:58 . 2010-03-22 05:58 -------- d-----w- c:\program files\MSXML 4.0
2010-03-21 21:10 . 2010-03-21 21:19 978 ----a-w- c:\windows\eReg.dat
2010-03-21 21:03 . 2010-03-21 21:15 -------- d-----w- c:\program files\EA Games
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\program files\QuickTime
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Common Files\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Apple Software Update
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple Computer
2010-03-21 16:23 . 2010-03-26 12:02 -------- d-----w- c:\documents and settings\Vlado\Application Data\dvdcss
2010-03-21 11:12 . 2010-03-21 11:12 -------- d-----w- c:\documents and settings\Vlado\Application Data\Leadertech
2010-03-21 11:04 . 2010-03-21 11:04 -------- d-----w- c:\windows\Logs
2010-03-21 11:02 . 2004-04-30 08:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys
2010-03-21 11:02 . 2004-04-30 08:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys
2010-03-21 11:02 . 2010-03-21 11:02 -------- d-----w- c:\program files\Alcohol Soft
2010-03-21 10:53 . 2004-08-03 21:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2010-03-20 22:11 . 2010-04-02 15:38 -------- d-----w- c:\documents and settings\Vlado\Application Data\vlc
2010-03-20 22:10 . 2010-03-20 22:10 -------- d-----w- c:\program files\VideoLAN
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\Vlado\Application Data\Ahead
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\program files\Common Files\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Identities
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Ahead
2010-03-20 22:02 . 2010-03-20 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-03-20 22:00 . 2010-03-20 22:02 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\program files\Nero
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-03-20 21:46 . 2010-03-20 21:46 -------- d-----w- c:\windows\ServicePackFiles
2010-03-20 18:06 . 2010-03-20 18:06 0 ----a-w- c:\windows\nsreg.dat
2010-03-20 18:06 . 2010-03-20 18:06 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Mozilla
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Temp
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Google
2010-03-20 17:37 . 2010-03-20 17:38 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Deployment
2010-03-20 17:37 . 2010-03-20 17:37 -------- d-s---w- c:\documents and settings\Vlado\UserData
2010-03-20 16:55 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-03-20 16:55 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-03-20 16:55 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-03-20 16:55 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-03-20 16:55 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-03-20 16:55 . 2009-12-08 19:26 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-03-20 16:55 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-03-20 16:55 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-03-20 16:55 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-03-20 16:55 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-03-20 16:55 . 2009-12-08 19:27 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-03-20 16:55 . 2009-12-08 18:43 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-03-20 16:44 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-03-20 16:41 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-03-20 16:41 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-03-20 16:35 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-03-20 16:31 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-03-20 16:24 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-03-20 16:24 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-03-20 16:05 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-29 18:56 . 2010-03-20 15:21 22680 ----a-w- c:\documents and settings\Vlado\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-29 16:49 . 2010-03-21 11:05 -------- d-----w- c:\program files\EA Sports
2010-03-24 07:01 . 2010-03-20 14:43 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-24 07:01 . 2010-03-20 14:43 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-03-22 12:37 . 2010-03-20 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\MSBuild
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\Reference Assemblies
2010-03-21 21:10 . 2010-03-20 14:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-21 20:55 . 2010-03-20 14:58 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-20 15:43 . 2010-03-20 15:43 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_F5RL.alu
2010-03-20 15:21 . 2010-03-20 15:21 -------- d-----w- c:\documents and settings\Vlado\Application Data\ATI
2010-03-20 15:18 . 2010-03-20 15:13 -------- d-----w- c:\program files\ASUS
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\program files\Atheros
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros
2010-03-20 15:11 . 2010-03-20 15:11 -------- d-----w- c:\program files\Wireless Console 2
2010-03-20 15:10 . 2010-03-20 15:10 -------- d-----w- c:\program files\Synaptics
2010-03-20 15:09 . 2010-03-20 15:09 -------- d-----w- c:\program files\Motorola
2010-03-20 15:08 . 2010-03-20 15:08 -------- d-----w- c:\program files\Realtek
2010-03-20 15:07 . 2010-03-20 15:07 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-20 15:06 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATI Technologies
2010-03-20 14:58 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATKOSD2
2010-03-20 14:57 . 2010-03-20 14:57 -------- d-----w- c:\program files\ATK Hotkey
2010-03-20 14:56 . 2010-03-20 14:56 -------- d-----w- c:\documents and settings\Vlado\Application Data\InstallShield
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\program files\ESET
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-03-20 14:51 . 2010-03-20 14:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-03-20 14:44 . 2010-03-20 14:44 -------- d-----w- c:\program files\microsoft frontpage
2010-03-20 14:41 . 2010-03-20 14:41 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-26 05:43 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
.
------- Sigcheck -------
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-07-19 49520]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Vlado\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [21.3.2010 13:02 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [21.3.2010 13:02 5248]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.4.2010 19:41 162640]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [14.5.2009 12:43 16688]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2.4.2010 19:46 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.4.2010 19:41 19024]
R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [4.5.2007 15:24 36864]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2.4.2010 19:46 65576]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [28.2.2006 14:00 3584]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\vrzhubnw.default\
FF - prefs.js: browser.startup.homepage - www.centrum.sk
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
ActiveSetup-ccc-core-static - msiexec
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 20:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A1D1758]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba8ecf28
\Driver\ACPI -> ACPI.sys @ 0xba757cb8
\Driver\atapi -> 0x8a1d1758
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Atheros L2 Fast Ethernet 10/100 Base-T Controller -> SendCompleteHandler -> NDIS.sys @ 0xba603bb0
PacketIndicateHandler -> NDIS.sys @ 0xba610a21
SendHandler -> NDIS.sys @ 0xba5ee87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1368)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2192)
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
.
**************************************************************************
.
Completion time: 2010-04-02 20:37:40 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-02 18:37
Pre-Run: 128 069 206 016 bytes free
Post-Run: 8 adresárov, 128 212 430 848 voľných bajtov
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - AED50918F7C3735EE809AE1186B58775
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1791.1354 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\AppPatch\AcAdProc.dll
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((( Files Created from 2010-03-02 to 2010-04-02 )))))))))))))))))))))))))))))))
.
2010-04-02 17:46 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-04-02 17:46 . 2008-10-31 05:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-04-02 17:45 . 2010-04-02 17:45 -------- d-----w- c:\program files\Sunbelt Software
2010-04-02 17:41 . 2010-03-09 10:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-02 17:41 . 2010-03-09 10:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-02 17:41 . 2010-03-09 10:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-02 17:41 . 2010-03-09 10:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-02 17:41 . 2010-03-09 10:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-02 17:41 . 2010-03-09 10:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-02 17:41 . 2010-03-09 10:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-02 17:40 . 2010-03-09 10:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-02 17:40 . 2010-03-09 10:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\program files\Alwil Software
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-02 17:17 . 2010-04-02 17:53 -------- d-----w- c:\program files\trend micro
2010-04-02 17:17 . 2010-04-02 17:27 -------- d-----w- C:\rsit
2010-04-02 15:47 . 2010-04-02 15:47 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-29 18:53 . 2010-03-29 18:53 -------- d-----w- c:\program files\AP Tuner
2010-03-29 18:50 . 2010-03-29 18:50 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Help
2010-03-28 16:13 . 2010-03-28 16:13 -------- d-----w- c:\program files\DsNET Corp
2010-03-28 16:10 . 2010-03-28 16:12 -------- d-----w- c:\program files\YouTube Downloader
2010-03-28 16:10 . 2010-03-28 16:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-03-28 16:03 . 2010-03-28 16:11 -------- d-----w- c:\program files\Total Video Converter
2010-03-25 20:51 . 2010-03-25 20:51 -------- d-----w- c:\program files\Dassault Systemes
2010-03-25 20:49 . 2010-03-25 20:51 -------- d-----w- c:\documents and settings\All Users\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\DassaultSystemes
2010-03-25 19:26 . 2010-03-25 19:26 -------- d-----w- c:\documents and settings\Vlado\dwhelper
2010-03-25 15:04 . 2010-03-25 15:04 -------- d-----w- c:\program files\Hamachi
2010-03-24 20:26 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\Hamachi
2010-03-24 20:25 . 2010-03-25 15:04 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-03-24 14:11 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\scripting
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\l2schemas
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\en
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\bits
2010-03-24 06:40 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-23 16:25 . 2010-03-23 16:25 -------- d-----w- c:\documents and settings\Vlado\Application Data\Miranda
2010-03-23 16:24 . 2010-03-24 20:25 -------- d-----w- c:\program files\Miranda IM
2010-03-23 06:11 . 2010-03-24 06:45 -------- d-----w- c:\windows\EHome
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\ACD Systems
2010-03-22 18:59 . 2010-03-22 18:59 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Downloaded Installations
2010-03-22 14:24 . 2010-03-22 14:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\OpenOffice.org
2010-03-22 11:33 . 2010-04-01 08:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\BSplayer PRO
2010-03-22 11:33 . 2010-03-22 11:33 -------- d-----w- c:\program files\Webteh
2010-03-22 06:26 . 2010-03-22 06:26 -------- d-----w- c:\program files\MSXML 6.0
2010-03-22 05:58 . 2010-03-22 05:58 -------- d-----w- c:\program files\MSXML 4.0
2010-03-21 21:10 . 2010-03-21 21:19 978 ----a-w- c:\windows\eReg.dat
2010-03-21 21:03 . 2010-03-21 21:15 -------- d-----w- c:\program files\EA Games
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\program files\QuickTime
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Common Files\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Apple Software Update
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple Computer
2010-03-21 16:23 . 2010-03-26 12:02 -------- d-----w- c:\documents and settings\Vlado\Application Data\dvdcss
2010-03-21 11:12 . 2010-03-21 11:12 -------- d-----w- c:\documents and settings\Vlado\Application Data\Leadertech
2010-03-21 11:04 . 2010-03-21 11:04 -------- d-----w- c:\windows\Logs
2010-03-21 11:02 . 2004-04-30 08:37 160640 ----a-w- c:\windows\system32\drivers\a347bus.sys
2010-03-21 11:02 . 2004-04-30 08:33 5248 ----a-w- c:\windows\system32\drivers\a347scsi.sys
2010-03-21 11:02 . 2010-03-21 11:02 -------- d-----w- c:\program files\Alcohol Soft
2010-03-21 10:53 . 2004-08-03 21:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2010-03-20 22:11 . 2010-04-02 15:38 -------- d-----w- c:\documents and settings\Vlado\Application Data\vlc
2010-03-20 22:10 . 2010-03-20 22:10 -------- d-----w- c:\program files\VideoLAN
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\Vlado\Application Data\Ahead
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\program files\Common Files\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Identities
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Ahead
2010-03-20 22:02 . 2010-03-20 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-03-20 22:00 . 2010-03-20 22:02 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\program files\Nero
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-03-20 21:46 . 2010-03-20 21:46 -------- d-----w- c:\windows\ServicePackFiles
2010-03-20 18:06 . 2010-03-20 18:06 0 ----a-w- c:\windows\nsreg.dat
2010-03-20 18:06 . 2010-03-20 18:06 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Mozilla
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Temp
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Google
2010-03-20 17:37 . 2010-03-20 17:38 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Deployment
2010-03-20 17:37 . 2010-03-20 17:37 -------- d-s---w- c:\documents and settings\Vlado\UserData
2010-03-20 16:55 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-03-20 16:55 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-03-20 16:55 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-03-20 16:55 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-03-20 16:55 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-03-20 16:55 . 2009-12-08 19:26 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-03-20 16:55 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-03-20 16:55 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-03-20 16:55 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-03-20 16:55 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-03-20 16:55 . 2009-12-08 19:27 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-03-20 16:55 . 2009-12-08 18:43 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-03-20 16:44 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-03-20 16:41 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-03-20 16:41 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-03-20 16:35 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-03-20 16:31 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-03-20 16:24 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-03-20 16:24 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-03-20 16:05 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-29 18:56 . 2010-03-20 15:21 22680 ----a-w- c:\documents and settings\Vlado\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-29 16:49 . 2010-03-21 11:05 -------- d-----w- c:\program files\EA Sports
2010-03-24 07:01 . 2010-03-20 14:43 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-24 07:01 . 2010-03-20 14:43 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-03-22 12:37 . 2010-03-20 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\MSBuild
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\Reference Assemblies
2010-03-21 21:10 . 2010-03-20 14:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-21 20:55 . 2010-03-20 14:58 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-20 15:43 . 2010-03-20 15:43 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_F5RL.alu
2010-03-20 15:21 . 2010-03-20 15:21 -------- d-----w- c:\documents and settings\Vlado\Application Data\ATI
2010-03-20 15:18 . 2010-03-20 15:13 -------- d-----w- c:\program files\ASUS
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\program files\Atheros
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros
2010-03-20 15:11 . 2010-03-20 15:11 -------- d-----w- c:\program files\Wireless Console 2
2010-03-20 15:10 . 2010-03-20 15:10 -------- d-----w- c:\program files\Synaptics
2010-03-20 15:09 . 2010-03-20 15:09 -------- d-----w- c:\program files\Motorola
2010-03-20 15:08 . 2010-03-20 15:08 -------- d-----w- c:\program files\Realtek
2010-03-20 15:07 . 2010-03-20 15:07 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-20 15:06 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATI Technologies
2010-03-20 14:58 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATKOSD2
2010-03-20 14:57 . 2010-03-20 14:57 -------- d-----w- c:\program files\ATK Hotkey
2010-03-20 14:56 . 2010-03-20 14:56 -------- d-----w- c:\documents and settings\Vlado\Application Data\InstallShield
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\program files\ESET
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-03-20 14:51 . 2010-03-20 14:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-03-20 14:44 . 2010-03-20 14:44 -------- d-----w- c:\program files\microsoft frontpage
2010-03-20 14:41 . 2010-03-20 14:41 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-26 05:43 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
.
------- Sigcheck -------
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-07-19 49520]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Vlado\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [21.3.2010 13:02 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [21.3.2010 13:02 5248]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.4.2010 19:41 162640]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [14.5.2009 12:43 16688]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2.4.2010 19:46 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.4.2010 19:41 19024]
R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [4.5.2007 15:24 36864]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2.4.2010 19:46 65576]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [28.2.2006 14:00 3584]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\vrzhubnw.default\
FF - prefs.js: browser.startup.homepage - www.centrum.sk
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
ActiveSetup-ccc-core-static - msiexec
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 20:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A1D1758]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba8ecf28
\Driver\ACPI -> ACPI.sys @ 0xba757cb8
\Driver\atapi -> 0x8a1d1758
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Atheros L2 Fast Ethernet 10/100 Base-T Controller -> SendCompleteHandler -> NDIS.sys @ 0xba603bb0
PacketIndicateHandler -> NDIS.sys @ 0xba610a21
SendHandler -> NDIS.sys @ 0xba5ee87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1368)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2192)
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
.
**************************************************************************
.
Completion time: 2010-04-02 20:37:40 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-02 18:37
Pre-Run: 128 069 206 016 bytes free
Post-Run: 8 adresárov, 128 212 430 848 voľných bajtov
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - AED50918F7C3735EE809AE1186B58775
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Odinstalujte všechny emulátory virtuálních mechanik. Stáhněte SPTD http://www.duplexsecure.com/en/downloads
- Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
- zvolte možnost Uninstall a restartujte PC.
Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe
- Klikněte na "Disable" a restartujte PC.
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe Start > Spustit (Win + R)- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Re: Problém so spustením Windows
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Pokud nemáte, přesuňte Combofix na plochu
- Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.
Kód: Vybrat vše
Driver::
NOD32FiXTemDono
File::
c:\windows\system32\regedt32.exe- Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
- Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
- Po aplikaci na Vás vypadne další log,vložte ho sem
Re: Problém so spustením Windows
ComboFix 10-04-01.02 - Vlado 02.04.2010 21:09:37.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1791.1254 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Vlado\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
FILE ::
"c:\windows\system32\regedt32.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\regedt32.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NOD32FiXTemDono
((((((((((((((((((((((((( Files Created from 2010-03-02 to 2010-04-02 )))))))))))))))))))))))))))))))
.
2010-04-02 17:46 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-04-02 17:46 . 2008-10-31 05:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-04-02 17:45 . 2010-04-02 17:45 -------- d-----w- c:\program files\Sunbelt Software
2010-04-02 17:41 . 2010-03-09 10:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-02 17:41 . 2010-03-09 10:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-02 17:41 . 2010-03-09 10:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-02 17:41 . 2010-03-09 10:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-02 17:41 . 2010-03-09 10:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-02 17:41 . 2010-03-09 10:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-02 17:41 . 2010-03-09 10:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-02 17:40 . 2010-03-09 10:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-02 17:40 . 2010-03-09 10:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\program files\Alwil Software
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-02 17:17 . 2010-04-02 17:53 -------- d-----w- c:\program files\trend micro
2010-04-02 17:17 . 2010-04-02 17:27 -------- d-----w- C:\rsit
2010-04-02 15:47 . 2010-04-02 15:47 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-29 18:53 . 2010-03-29 18:53 -------- d-----w- c:\program files\AP Tuner
2010-03-29 18:50 . 2010-03-29 18:50 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Help
2010-03-28 16:13 . 2010-03-28 16:13 -------- d-----w- c:\program files\DsNET Corp
2010-03-28 16:10 . 2010-03-28 16:12 -------- d-----w- c:\program files\YouTube Downloader
2010-03-28 16:10 . 2010-03-28 16:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-03-28 16:03 . 2010-03-28 16:11 -------- d-----w- c:\program files\Total Video Converter
2010-03-25 20:51 . 2010-03-25 20:51 -------- d-----w- c:\program files\Dassault Systemes
2010-03-25 20:49 . 2010-03-25 20:51 -------- d-----w- c:\documents and settings\All Users\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\DassaultSystemes
2010-03-25 19:26 . 2010-03-25 19:26 -------- d-----w- c:\documents and settings\Vlado\dwhelper
2010-03-25 15:04 . 2010-03-25 15:04 -------- d-----w- c:\program files\Hamachi
2010-03-24 20:26 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\Hamachi
2010-03-24 20:25 . 2010-03-25 15:04 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-03-24 14:11 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\scripting
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\l2schemas
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\en
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\bits
2010-03-24 06:40 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-23 16:25 . 2010-03-23 16:25 -------- d-----w- c:\documents and settings\Vlado\Application Data\Miranda
2010-03-23 16:24 . 2010-03-24 20:25 -------- d-----w- c:\program files\Miranda IM
2010-03-23 06:11 . 2010-03-24 06:45 -------- d-----w- c:\windows\EHome
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\ACD Systems
2010-03-22 18:59 . 2010-03-22 18:59 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Downloaded Installations
2010-03-22 14:24 . 2010-03-22 14:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\OpenOffice.org
2010-03-22 11:33 . 2010-04-01 08:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\BSplayer PRO
2010-03-22 11:33 . 2010-03-22 11:33 -------- d-----w- c:\program files\Webteh
2010-03-22 06:26 . 2010-03-22 06:26 -------- d-----w- c:\program files\MSXML 6.0
2010-03-22 05:58 . 2010-03-22 05:58 -------- d-----w- c:\program files\MSXML 4.0
2010-03-21 21:10 . 2010-03-21 21:19 978 ----a-w- c:\windows\eReg.dat
2010-03-21 21:03 . 2010-03-21 21:15 -------- d-----w- c:\program files\EA Games
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\program files\QuickTime
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Common Files\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Apple Software Update
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple Computer
2010-03-21 16:23 . 2010-03-26 12:02 -------- d-----w- c:\documents and settings\Vlado\Application Data\dvdcss
2010-03-21 11:12 . 2010-03-21 11:12 -------- d-----w- c:\documents and settings\Vlado\Application Data\Leadertech
2010-03-21 11:04 . 2010-03-21 11:04 -------- d-----w- c:\windows\Logs
2010-03-21 10:53 . 2004-08-03 21:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2010-03-20 22:11 . 2010-04-02 15:38 -------- d-----w- c:\documents and settings\Vlado\Application Data\vlc
2010-03-20 22:10 . 2010-03-20 22:10 -------- d-----w- c:\program files\VideoLAN
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\Vlado\Application Data\Ahead
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\program files\Common Files\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Identities
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Ahead
2010-03-20 22:02 . 2010-03-20 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-03-20 22:00 . 2010-03-20 22:02 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\program files\Nero
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-03-20 21:46 . 2010-03-20 21:46 -------- d-----w- c:\windows\ServicePackFiles
2010-03-20 18:06 . 2010-03-20 18:06 0 ----a-w- c:\windows\nsreg.dat
2010-03-20 18:06 . 2010-03-20 18:06 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Mozilla
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Temp
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Google
2010-03-20 17:37 . 2010-03-20 17:38 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Deployment
2010-03-20 17:37 . 2010-03-20 17:37 -------- d-s---w- c:\documents and settings\Vlado\UserData
2010-03-20 16:55 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-03-20 16:55 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-03-20 16:55 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-03-20 16:55 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-03-20 16:55 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-03-20 16:55 . 2009-12-08 19:26 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-03-20 16:55 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-03-20 16:55 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-03-20 16:55 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-03-20 16:55 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-03-20 16:55 . 2009-12-08 19:27 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-03-20 16:55 . 2009-12-08 18:43 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-03-20 16:44 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-03-20 16:41 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-03-20 16:41 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-03-20 16:35 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-03-20 16:31 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-03-20 16:24 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-03-20 16:24 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-03-20 16:05 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-29 18:56 . 2010-03-20 15:21 22680 ----a-w- c:\documents and settings\Vlado\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-29 16:49 . 2010-03-21 11:05 -------- d-----w- c:\program files\EA Sports
2010-03-24 09:03 . 2010-03-22 14:25 1 ----a-w- c:\documents and settings\Vlado\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-24 07:01 . 2010-03-20 14:43 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-24 07:01 . 2010-03-20 14:43 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-03-22 12:37 . 2010-03-20 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\MSBuild
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\Reference Assemblies
2010-03-21 21:10 . 2010-03-20 14:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-21 20:55 . 2010-03-20 14:58 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-20 15:43 . 2010-03-20 15:43 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_F5RL.alu
2010-03-20 15:21 . 2010-03-20 15:21 -------- d-----w- c:\documents and settings\Vlado\Application Data\ATI
2010-03-20 15:18 . 2010-03-20 15:13 -------- d-----w- c:\program files\ASUS
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\program files\Atheros
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros
2010-03-20 15:11 . 2010-03-20 15:11 -------- d-----w- c:\program files\Wireless Console 2
2010-03-20 15:10 . 2010-03-20 15:10 -------- d-----w- c:\program files\Synaptics
2010-03-20 15:09 . 2010-03-20 15:09 -------- d-----w- c:\program files\Motorola
2010-03-20 15:08 . 2010-03-20 15:08 -------- d-----w- c:\program files\Realtek
2010-03-20 15:07 . 2010-03-20 15:07 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-20 15:06 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATI Technologies
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{FD9B0D38-7B82-5A3A-E046-D8DBF3F06A93}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{C6D7BC96-A608-0908-F6E7-53C118423087}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{815B5312-F7B5-EDD5-A899-B0228C3C7F3A}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{6AF75C96-2093-51F4-0412-501CB317A7F9}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{C9B7D4A2-7A42-96BC-DE77-6EB23F1116A8}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{57EF4BC7-0C52-1872-C0CE-AEAB996E5626}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{6D219284-A368-A0A5-AA55-8BAAE9EA60CC}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{B02A3921-F7B7-C73F-395B-8172C9EE4006}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{9D7802F0-3C39-ED52-10D9-AE8A7FB5A94C}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{5B701396-48C3-A3FA-43DB-FF975446759C}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{0EA06F05-4320-E4DC-4374-E6C0986C964D}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{89EAD7B4-1CAC-CC9E-F040-FE041A2EA77C}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{4B546AE5-DF17-6D39-A846-A9ECD0153C9A}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{68B84920-CD46-8C5B-DABE-EC0FF6F0C703}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 9158 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\ARPPRODUCTICON.exe
2010-03-20 14:58 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATKOSD2
2010-03-20 14:57 . 2010-03-20 14:57 -------- d-----w- c:\program files\ATK Hotkey
2010-03-20 14:56 . 2010-03-20 14:56 -------- d-----w- c:\documents and settings\Vlado\Application Data\InstallShield
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\program files\ESET
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-03-20 14:51 . 2010-03-20 14:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-03-20 14:44 . 2010-03-20 14:44 -------- d-----w- c:\program files\microsoft frontpage
2010-03-20 14:41 . 2010-03-20 14:41 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-26 05:43 . 2006-02-28 12:00 667136 ------w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-04-02_18.29.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-02-28 12:00 . 2010-04-02 18:17 67646 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2010-04-02 19:01 67646 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2010-04-02 19:01 432690 c:\windows\system32\perfh009.dat
- 2006-02-28 12:00 . 2010-04-02 18:17 432690 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-07-19 49520]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Vlado\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.4.2010 19:41 162640]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [14.5.2009 12:43 16688]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2.4.2010 19:46 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.4.2010 19:41 19024]
R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [4.5.2007 15:24 36864]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2.4.2010 19:46 65576]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\vrzhubnw.default\
FF - prefs.js: browser.startup.homepage - www.centrum.sk
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 21:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1344)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\ATL.DLL
- - - - - - - > 'explorer.exe'(3056)
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2010-04-02 21:28:22 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-02 19:28
ComboFix2.txt 2010-04-02 18:37
Pre-Run: 128 173 613 056 bytes free
Post-Run: 8 adresárov, 128 098 082 816 voľných bajtov
- - End Of File - - 5065BA4E421E11168499163258835468
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1791.1254 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Vlado\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
FILE ::
"c:\windows\system32\regedt32.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\regedt32.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NOD32FiXTemDono
((((((((((((((((((((((((( Files Created from 2010-03-02 to 2010-04-02 )))))))))))))))))))))))))))))))
.
2010-04-02 17:46 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-04-02 17:46 . 2008-10-31 05:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-04-02 17:45 . 2010-04-02 17:45 -------- d-----w- c:\program files\Sunbelt Software
2010-04-02 17:41 . 2010-03-09 10:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-02 17:41 . 2010-03-09 10:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-02 17:41 . 2010-03-09 10:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-02 17:41 . 2010-03-09 10:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-02 17:41 . 2010-03-09 10:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-02 17:41 . 2010-03-09 10:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-02 17:41 . 2010-03-09 10:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-02 17:40 . 2010-03-09 10:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-02 17:40 . 2010-03-09 10:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\program files\Alwil Software
2010-04-02 17:40 . 2010-04-02 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-02 17:17 . 2010-04-02 17:53 -------- d-----w- c:\program files\trend micro
2010-04-02 17:17 . 2010-04-02 17:27 -------- d-----w- C:\rsit
2010-04-02 15:47 . 2010-04-02 15:47 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-29 18:53 . 2010-03-29 18:53 -------- d-----w- c:\program files\AP Tuner
2010-03-29 18:50 . 2010-03-29 18:50 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Help
2010-03-28 16:13 . 2010-03-28 16:13 -------- d-----w- c:\program files\DsNET Corp
2010-03-28 16:10 . 2010-03-28 16:12 -------- d-----w- c:\program files\YouTube Downloader
2010-03-28 16:10 . 2010-03-28 16:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-03-28 16:03 . 2010-03-28 16:11 -------- d-----w- c:\program files\Total Video Converter
2010-03-25 20:51 . 2010-03-25 20:51 -------- d-----w- c:\program files\Dassault Systemes
2010-03-25 20:49 . 2010-03-25 20:51 -------- d-----w- c:\documents and settings\All Users\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\DassaultSystemes
2010-03-25 20:49 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\DassaultSystemes
2010-03-25 19:26 . 2010-03-25 19:26 -------- d-----w- c:\documents and settings\Vlado\dwhelper
2010-03-25 15:04 . 2010-03-25 15:04 -------- d-----w- c:\program files\Hamachi
2010-03-24 20:26 . 2010-03-25 20:49 -------- d-----w- c:\documents and settings\Vlado\Application Data\Hamachi
2010-03-24 20:25 . 2010-03-25 15:04 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-03-24 14:11 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\scripting
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\l2schemas
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\en
2010-03-24 06:59 . 2010-03-24 06:59 -------- d-----w- c:\windows\system32\bits
2010-03-24 06:40 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-23 16:25 . 2010-03-23 16:25 -------- d-----w- c:\documents and settings\Vlado\Application Data\Miranda
2010-03-23 16:24 . 2010-03-24 20:25 -------- d-----w- c:\program files\Miranda IM
2010-03-23 06:11 . 2010-03-24 06:45 -------- d-----w- c:\windows\EHome
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\Vlado\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-03-22 19:01 . 2010-03-22 19:01 -------- d-----w- c:\program files\ACD Systems
2010-03-22 18:59 . 2010-03-22 18:59 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Downloaded Installations
2010-03-22 14:24 . 2010-03-22 14:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\OpenOffice.org
2010-03-22 11:33 . 2010-04-01 08:24 -------- d-----w- c:\documents and settings\Vlado\Application Data\BSplayer PRO
2010-03-22 11:33 . 2010-03-22 11:33 -------- d-----w- c:\program files\Webteh
2010-03-22 06:26 . 2010-03-22 06:26 -------- d-----w- c:\program files\MSXML 6.0
2010-03-22 05:58 . 2010-03-22 05:58 -------- d-----w- c:\program files\MSXML 4.0
2010-03-21 21:10 . 2010-03-21 21:19 978 ----a-w- c:\windows\eReg.dat
2010-03-21 21:03 . 2010-03-21 21:15 -------- d-----w- c:\program files\EA Games
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\program files\QuickTime
2010-03-21 19:42 . 2010-03-21 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Common Files\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\program files\Apple Software Update
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-21 19:41 . 2010-03-21 19:41 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Apple Computer
2010-03-21 16:23 . 2010-03-26 12:02 -------- d-----w- c:\documents and settings\Vlado\Application Data\dvdcss
2010-03-21 11:12 . 2010-03-21 11:12 -------- d-----w- c:\documents and settings\Vlado\Application Data\Leadertech
2010-03-21 11:04 . 2010-03-21 11:04 -------- d-----w- c:\windows\Logs
2010-03-21 10:53 . 2004-08-03 21:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2010-03-20 22:11 . 2010-04-02 15:38 -------- d-----w- c:\documents and settings\Vlado\Application Data\vlc
2010-03-20 22:10 . 2010-03-20 22:10 -------- d-----w- c:\program files\VideoLAN
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\Vlado\Application Data\Ahead
2010-03-20 22:07 . 2010-03-20 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\program files\Common Files\LightScribe
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Identities
2010-03-20 22:03 . 2010-03-20 22:03 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Ahead
2010-03-20 22:02 . 2010-03-20 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-03-20 22:00 . 2010-03-20 22:02 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\program files\Nero
2010-03-20 22:00 . 2010-03-20 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-03-20 21:46 . 2010-03-20 21:46 -------- d-----w- c:\windows\ServicePackFiles
2010-03-20 18:06 . 2010-03-20 18:06 0 ----a-w- c:\windows\nsreg.dat
2010-03-20 18:06 . 2010-03-20 18:06 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Mozilla
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Temp
2010-03-20 17:38 . 2010-03-20 17:40 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Google
2010-03-20 17:37 . 2010-03-20 17:38 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Application Data\Deployment
2010-03-20 17:37 . 2010-03-20 17:37 -------- d-s---w- c:\documents and settings\Vlado\UserData
2010-03-20 16:55 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-03-20 16:55 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-03-20 16:55 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-03-20 16:55 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-03-20 16:55 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-03-20 16:55 . 2009-12-08 19:26 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-03-20 16:55 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-03-20 16:55 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-03-20 16:55 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-03-20 16:55 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-03-20 16:55 . 2009-12-08 19:27 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-03-20 16:55 . 2009-12-08 18:43 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-03-20 16:44 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-03-20 16:41 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-03-20 16:41 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-03-20 16:35 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-03-20 16:31 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-03-20 16:24 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-03-20 16:24 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-03-20 16:05 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-29 18:56 . 2010-03-20 15:21 22680 ----a-w- c:\documents and settings\Vlado\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-29 16:49 . 2010-03-21 11:05 -------- d-----w- c:\program files\EA Sports
2010-03-24 09:03 . 2010-03-22 14:25 1 ----a-w- c:\documents and settings\Vlado\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-24 07:01 . 2010-03-20 14:43 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-24 07:01 . 2010-03-20 14:43 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-03-22 12:37 . 2010-03-20 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\MSBuild
2010-03-22 06:28 . 2010-03-22 06:28 -------- d-----w- c:\program files\Reference Assemblies
2010-03-21 21:10 . 2010-03-20 14:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-21 20:55 . 2010-03-20 14:58 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-20 15:43 . 2010-03-20 15:43 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_F5RL.alu
2010-03-20 15:21 . 2010-03-20 15:21 -------- d-----w- c:\documents and settings\Vlado\Application Data\ATI
2010-03-20 15:18 . 2010-03-20 15:13 -------- d-----w- c:\program files\ASUS
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\program files\Atheros
2010-03-20 15:12 . 2010-03-20 15:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros
2010-03-20 15:11 . 2010-03-20 15:11 -------- d-----w- c:\program files\Wireless Console 2
2010-03-20 15:10 . 2010-03-20 15:10 -------- d-----w- c:\program files\Synaptics
2010-03-20 15:09 . 2010-03-20 15:09 -------- d-----w- c:\program files\Motorola
2010-03-20 15:08 . 2010-03-20 15:08 -------- d-----w- c:\program files\Realtek
2010-03-20 15:07 . 2010-03-20 15:07 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-20 15:06 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATI Technologies
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{FD9B0D38-7B82-5A3A-E046-D8DBF3F06A93}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{C6D7BC96-A608-0908-F6E7-53C118423087}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{815B5312-F7B5-EDD5-A899-B0228C3C7F3A}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{6AF75C96-2093-51F4-0412-501CB317A7F9}\ARPPRODUCTICON.exe
2010-03-20 15:05 . 2010-03-20 15:05 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{C9B7D4A2-7A42-96BC-DE77-6EB23F1116A8}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{57EF4BC7-0C52-1872-C0CE-AEAB996E5626}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{6D219284-A368-A0A5-AA55-8BAAE9EA60CC}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{B02A3921-F7B7-C73F-395B-8172C9EE4006}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{9D7802F0-3C39-ED52-10D9-AE8A7FB5A94C}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{5B701396-48C3-A3FA-43DB-FF975446759C}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{0EA06F05-4320-E4DC-4374-E6C0986C964D}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{89EAD7B4-1CAC-CC9E-F040-FE041A2EA77C}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{4B546AE5-DF17-6D39-A846-A9ECD0153C9A}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{68B84920-CD46-8C5B-DABE-EC0FF6F0C703}\ARPPRODUCTICON.exe
2010-03-20 15:03 . 2010-03-20 15:03 9158 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\NewShortcut1_45160C5661F6468DA5B09FAE2C3E68D6.exe
2010-03-20 15:03 . 2010-03-20 15:03 10134 ----a-r- c:\documents and settings\Vlado\Application Data\Microsoft\Installer\{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}\ARPPRODUCTICON.exe
2010-03-20 14:58 . 2010-03-20 14:58 -------- d-----w- c:\program files\ATKOSD2
2010-03-20 14:57 . 2010-03-20 14:57 -------- d-----w- c:\program files\ATK Hotkey
2010-03-20 14:56 . 2010-03-20 14:56 -------- d-----w- c:\documents and settings\Vlado\Application Data\InstallShield
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\program files\ESET
2010-03-20 14:53 . 2010-03-20 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-03-20 14:51 . 2010-03-20 14:44 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-03-20 14:44 . 2010-03-20 14:44 -------- d-----w- c:\program files\microsoft frontpage
2010-03-20 14:41 . 2010-03-20 14:41 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-26 05:43 . 2006-02-28 12:00 667136 ------w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-04-02_18.29.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-02-28 12:00 . 2010-04-02 18:17 67646 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2010-04-02 19:01 67646 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2010-04-02 19:01 432690 c:\windows\system32\perfh009.dat
- 2006-02-28 12:00 . 2010-04-02 18:17 432690 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-07-19 49520]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-16 106496]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Vlado\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\EA Sports\\NHL 09\\nhl2009.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B18\\intel_a\\code\\bin\\CNEXT.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.4.2010 19:41 162640]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [14.5.2009 12:43 16688]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2.4.2010 19:46 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.4.2010 19:41 19024]
R2 BBDemon;Backbone Service;c:\program files\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [4.5.2007 15:24 36864]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2.4.2010 19:46 65576]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\vrzhubnw.default\
FF - prefs.js: browser.startup.homepage - www.centrum.sk
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-02 21:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1344)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\ATL.DLL
- - - - - - - > 'explorer.exe'(3056)
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2010-04-02 21:28:22 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-02 19:28
ComboFix2.txt 2010-04-02 18:37
Pre-Run: 128 173 613 056 bytes free
Post-Run: 8 adresárov, 128 098 082 816 voľných bajtov
- - End Of File - - 5065BA4E421E11168499163258835468
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Stále rovnako 
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229- Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
- Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
- Log vložte sem.
Re: Problém so spustením Windows
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Verzia databázy: 3930
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2.4.2010 21:53:53
mbam-log-2010-04-02 (21-53-53).txt
Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 105331
Uplynulý čas: 7 min, 1 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
(Škodlivé položky neboli zistené)
Infikované registračné kľúče:
(Škodlivé položky neboli zistené)
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
(Škodlivé položky neboli zistené)
www.malwarebytes.org
Verzia databázy: 3930
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2.4.2010 21:53:53
mbam-log-2010-04-02 (21-53-53).txt
Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 105331
Uplynulý čas: 7 min, 1 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
(Škodlivé položky neboli zistené)
Infikované registračné kľúče:
(Škodlivé položky neboli zistené)
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
(Škodlivé položky neboli zistené)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Problém so spustením Windows
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Verzia databázy: 3930
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
3.4.2010 9:26:20
mbam-log-2010-04-03 (09-26-20).txt
Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 183138
Uplynulý čas: 1 hod, 4 min, 6 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
(Škodlivé položky neboli zistené)
Infikované registračné kľúče:
(Škodlivé položky neboli zistené)
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
(Škodlivé položky neboli zistené)
www.malwarebytes.org
Verzia databázy: 3930
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
3.4.2010 9:26:20
mbam-log-2010-04-03 (09-26-20).txt
Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 183138
Uplynulý čas: 1 hod, 4 min, 6 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
(Škodlivé položky neboli zistené)
Infikované registračné kľúče:
(Škodlivé položky neboli zistené)
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
(Škodlivé položky neboli zistené)
Přispějete na provoz fóra?