Prosim o kontrolu logu spomaleny pc

[duso]

Zdravim vas poprosil by som o kontrolu logu.V poslednom čase mi pc vypisuje že neje pripojeny k internetu a internet ide.Napr..kliknem na nejaku stranku otvori mi ju dvakrat kliknem na nejaky priečinok otvori mi ho 2 krat atd...prosim o kontrolu.

Logfile of random's system information tool 1.06 (written by random/random)
Run by PC at 2010-05-03 19:37:32
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (12%) free of 238 GB
Total RAM: 3071 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:34, on 3.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Documents and Settings\PC\Application Data\QipGuard\QipGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\PC\Application Data\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Unknown owner - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 8171 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AWC AutoSweep.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-06-29 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-16 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-13 16239616]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-09-01 75048]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184]
"Flashget"=C:\Program Files\FlashGet\flashget.exe [2007-06-29 1990704]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"QIP Internet Guardian"=C:\Documents and Settings\PC\Application Data\QipGuard\QipGuard.exe [2010-03-12 184272]
"Steam"=c:\program files\steam\steam.exe [2010-04-26 1238352]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-04 2334856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\SEGA\Vancouver 2010\Vancouver.exe"="C:\Program Files\SEGA\Vancouver 2010\Vancouver.exe:*:Enabled:Vancouver 2010™"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Codemasters\DiRT2\dirt2_game.exe"="C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Miranda pack by sssugi 2.4\miranda32.exe"="C:\Program Files\Miranda pack by sssugi 2.4\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Steam\SteamApps\duso4\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\duso4\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Steam\SteamApps\duso4\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\duso4\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-05-03 19:37:32 ----D---- C:\rsit
2010-05-03 19:37:32 ----D---- C:\Program Files\trend micro
2010-05-03 18:51:10 ----D---- C:\ComboFix
2010-05-03 18:19:37 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-24 15:55:15 ----D---- C:\Program Files\Rockstar Games
2010-04-24 13:44:05 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-24 13:43:54 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-24 13:43:54 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-24 13:43:54 ----A---- C:\WINDOWS\system32\java.exe
2010-04-24 13:43:54 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-19 16:26:11 ----SHD---- C:\Documents and Settings\All Users\Application Data\SecuROM
2010-04-14 15:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 15:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-14 15:14:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 15:14:30 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 15:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 15:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 15:14:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-13 16:21:02 ----N---- C:\WINDOWS\system32\browserchoice.exe

======List of files/folders modified in the last 1 months======

2010-05-03 19:37:32 ----RD---- C:\Program Files
2010-05-03 19:34:11 ----D---- C:\WINDOWS\system32
2010-05-03 19:34:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-03 19:34:02 ----D---- C:\Program Files\Mozilla Firefox
2010-05-03 19:32:05 ----D---- C:\Documents and Settings\PC\Application Data\Skype
2010-05-03 19:31:38 ----D---- C:\Program Files\Steam
2010-05-03 19:30:42 ----D---- C:\Program Files\FlashGet
2010-05-03 19:30:01 ----D---- C:\WINDOWS\Temp
2010-05-03 19:25:10 ----D---- C:\WINDOWS\Prefetch
2010-05-03 19:25:07 ----AD---- C:\Qoobox
2010-05-03 19:23:39 ----AD---- C:\WINDOWS
2010-05-03 19:23:39 ----A---- C:\WINDOWS\system.ini
2010-05-03 19:23:10 ----SD---- C:\Documents and Settings\PC\Application Data\Microsoft
2010-05-03 19:15:25 ----D---- C:\WINDOWS\system32\drivers
2010-05-03 19:15:25 ----D---- C:\WINDOWS\AppPatch
2010-05-03 19:15:19 ----D---- C:\Program Files\Common Files
2010-05-03 19:01:49 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-03 18:54:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-03 18:45:42 ----D---- C:\Program Files\Rapget.RS_Premium_v1.0.4.8_cz
2010-05-03 18:30:59 ----D---- C:\WINDOWS\system32\CatRoot
2010-05-03 18:30:51 ----D---- C:\Documents and Settings\PC\Application Data\ICQ
2010-05-03 18:30:26 ----HD---- C:\WINDOWS\inf
2010-05-03 18:20:37 ----D---- C:\Program Files\Alwil Software
2010-05-03 18:19:46 ----SHD---- C:\WINDOWS\Installer
2010-05-03 18:19:45 ----D---- C:\Config.Msi
2010-05-03 18:19:44 ----D---- C:\WINDOWS\WinSxS
2010-05-03 17:54:19 ----D---- C:\Downloads
2010-05-03 16:05:51 ----D---- C:\Documents and Settings\PC\Application Data\skypePM
2010-05-02 21:55:12 ----D---- C:\Program Files\JDownloader
2010-05-02 09:50:05 ----D---- C:\Documents and Settings\PC\Application Data\Vso
2010-04-28 21:10:04 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-04-26 15:58:12 ----A---- C:\WINDOWS\PEV.exe
2010-04-25 23:23:54 ----D---- C:\Documents and Settings\PC\Application Data\Mozilla
2010-04-25 21:03:07 ----RSD---- C:\WINDOWS\assembly
2010-04-25 21:02:44 ----D---- C:\WINDOWS\system32\DirectX
2010-04-25 20:45:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-25 09:16:20 ----A---- C:\WINDOWS\wincmd.ini
2010-04-25 08:57:30 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-04-24 16:22:21 ----DC---- C:\WINDOWS\system32\dllcache
2010-04-24 13:43:52 ----D---- C:\Program Files\Java
2010-04-14 15:17:36 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 15:17:34 ----A---- C:\WINDOWS\imsins.BAK
2010-04-10 20:46:04 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-04-14 28880]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-04-14 102736]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-04-14 297552]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-04-14 46672]
R1 BIOS;BIOS; \??\C:\WINDOWS\System32\drivers\BIOS.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/17 17:47:08]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-04-14 100432]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-12-19 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-12-19 25416]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-04-14 23376]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-14 4299264]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-16 47360]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 aa7y40sd;aa7y40sd; C:\WINDOWS\system32\drivers\aa7y40sd.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\catchme.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-04-14 119200]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe [2007-10-19 63040]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-27 107832]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 NeroMediaHomeService.4;Nero MediaHome 4 Service; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[duso]

tu je ješte log z COMBbofix ComboFix 10-05-02.03 - PC 03.05.2010 19:07:23.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3071.2705 [GMT 2:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: avast! Internet Security *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-4040263688-4082959443-190435821-1000
c:\documents and settings\PC\Application Data\Microsoft\svchosts.exe
c:\program files\WindowsUpdate
c:\windows\eSellerateEngine.dll

.
((((((((((((((((((((((((( Files Created from 2010-04-03 to 2010-05-03 )))))))))))))))))))))))))))))))
.

2010-05-03 16:30 . 2010-04-14 16:37 102736 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-05-03 16:30 . 2010-04-14 16:36 196048 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-05-03 16:30 . 2010-03-19 19:10 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2010-05-03 16:19 . 2010-04-14 16:37 297552 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-05-03 16:19 . 2010-04-14 16:35 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-03 16:19 . 2010-04-14 16:31 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-03 16:19 . 2010-04-14 16:35 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-03 16:19 . 2010-04-14 16:31 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-03 16:19 . 2010-04-14 16:31 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-05-03 16:19 . 2010-04-14 16:31 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-05-03 16:19 . 2010-04-14 16:30 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-05-03 16:19 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-05-03 16:19 . 2010-04-14 16:47 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-24 13:55 . 2010-04-25 18:45 -------- d-----w- c:\program files\Rockstar Games
2010-04-24 11:43 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-19 14:26 . 2010-04-19 14:26 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2010-04-13 14:21 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-03 16:51 . 2010-01-01 13:11 1022272 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-05-03 16:45 . 2009-12-16 22:55 -------- d-----w- c:\program files\Rapget.RS_Premium_v1.0.4.8_cz
2010-05-03 16:34 . 2010-01-20 19:07 -------- d-----w- c:\documents and settings\PC\Application Data\Skype
2010-05-03 16:34 . 2010-03-26 18:48 -------- d-----w- c:\program files\Steam
2010-05-03 16:34 . 2010-02-01 18:41 -------- d-----w- c:\program files\FlashGet
2010-05-03 16:30 . 2009-12-17 15:45 -------- d-----w- c:\documents and settings\PC\Application Data\ICQ
2010-05-03 16:20 . 2009-12-16 21:50 -------- d-----w- c:\program files\Alwil Software
2010-05-03 14:05 . 2009-12-17 15:51 -------- d-----w- c:\documents and settings\PC\Application Data\skypePM
2010-05-02 19:55 . 2010-01-10 17:01 -------- d-----w- c:\program files\JDownloader
2010-05-02 07:50 . 2009-12-16 21:59 -------- d-----w- c:\documents and settings\PC\Application Data\Vso
2010-04-28 19:10 . 2009-12-17 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-25 18:45 . 2007-03-28 10:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-24 11:43 . 2009-12-25 20:20 -------- d-----w- c:\program files\Java
2010-03-31 16:21 . 2009-12-17 15:49 -------- d-----w- c:\documents and settings\PC\Application Data\BSplayer PRO
2010-03-30 21:43 . 2010-03-30 21:43 -------- d-----w- c:\program files\Common Files\Java
2010-03-30 21:42 . 2010-03-30 21:42 503808 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7bb368ab-n\msvcp71.dll
2010-03-30 21:42 . 2010-03-30 21:42 499712 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7bb368ab-n\jmc.dll
2010-03-30 21:42 . 2010-03-30 21:42 61440 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4cb33731-n\decora-sse.dll
2010-03-30 21:42 . 2010-03-30 21:42 348160 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7bb368ab-n\msvcr71.dll
2010-03-30 21:42 . 2010-03-30 21:42 12800 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4cb33731-n\decora-d3d.dll
2010-03-26 18:48 . 2010-03-26 18:48 15872 ----a-r- c:\documents and settings\PC\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2010-03-26 18:28 . 2010-03-09 16:11 -------- d-----w- c:\program files\UnitedAdmins
2010-03-26 14:05 . 2010-03-26 14:05 -------- d-----w- c:\documents and settings\PC\Application Data\Canon
2010-03-26 14:04 . 2009-12-20 14:10 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM
2010-03-24 21:03 . 2010-03-24 14:00 -------- d-----w- c:\program files\Just Cause 2
2010-03-23 22:16 . 2010-03-23 22:16 -------- d-----w- c:\documents and settings\PC\Application Data\Media Player Classic
2010-03-23 22:12 . 2010-03-23 22:09 -------- d-----w- c:\program files\GRETECH
2010-03-22 14:30 . 2010-03-22 14:29 -------- d-----w- c:\documents and settings\PC\Application Data\Winamp
2010-03-22 14:29 . 2010-03-22 14:29 -------- d-----w- c:\program files\Winamp
2010-03-22 14:29 . 2010-03-22 14:29 -------- d-----w- c:\program files\Winamp Detect
2010-03-22 14:02 . 2010-01-29 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-03-22 12:52 . 2010-03-31 16:21 697690 ----a-w- c:\documents and settings\PC\Application Data\BSplayer PRO\AC3 Filter\unins000.exe
2010-03-14 19:59 . 2010-02-13 17:54 69 ----a-w- c:\documents and settings\PC\jagex_runescape_preferences2.dat
2010-03-14 19:59 . 2010-02-13 17:52 41 ----a-w- c:\documents and settings\PC\jagex_runescape_preferences.dat
2010-03-14 13:22 . 2010-03-14 13:21 -------- d-----w- c:\program files\QIP Infium
2010-03-14 13:21 . 2010-03-14 13:21 -------- d-----w- c:\documents and settings\PC\Application Data\QipGuard
2010-03-14 12:36 . 2010-03-14 12:36 -------- d-----w- c:\documents and settings\PC\Application Data\QIP
2010-03-14 12:04 . 2010-03-06 10:39 -------- d-----w- c:\program files\Miranda pack by sssugi 2.4
2010-03-13 17:34 . 2009-12-20 14:04 -------- d--h--w- c:\program files\CanonBJ
2010-03-12 13:20 . 2010-03-14 13:21 280440 ----a-w- c:\documents and settings\PC\Application Data\QipGuard\sqlite3.dll
2010-03-12 13:20 . 2010-03-14 13:21 184272 ----a-w- c:\documents and settings\PC\Application Data\QipGuard\QipGuard.exe
2010-03-12 13:20 . 2010-03-14 12:36 149968 ----a-w- c:\documents and settings\PC\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
2010-03-12 13:20 . 2010-03-14 12:36 127440 ----a-w- c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\vhbyml6w.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
2010-03-12 13:20 . 2010-03-14 13:21 20944 ----a-w- c:\documents and settings\PC\Application Data\QipGuard\chrome.dll
2010-03-11 22:23 . 2009-12-17 16:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp
2010-03-09 11:09 . 2002-08-29 03:41 430080 ------w- c:\windows\system32\vbscript.dll
2010-03-05 21:20 . 2009-12-20 21:23 -------- d-----w- c:\program files\Electronic Arts
2010-03-04 22:08 . 2010-03-04 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-03-04 11:22 . 2010-03-04 11:22 1923768 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2010-02-26 16:34 . 2010-02-26 16:34 152576 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-26 16:34 . 2010-02-26 16:34 79488 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-02-26 05:43 . 2002-08-29 03:41 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2007-03-28 11:55 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2002-08-29 01:59 455680 ------w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 15:01 . 2010-03-31 16:21 1185871 ----a-w- c:\documents and settings\PC\Application Data\BSplayer PRO\FFDShow\unins000.exe
2010-02-23 14:00 . 2010-03-31 16:21 42288 ----a-w- c:\documents and settings\PC\Application Data\BSplayer PRO\Haali media splitter\uninstall.exe
2010-02-16 14:08 . 2002-08-29 01:04 2146304 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2002-08-29 01:04 2024448 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2002-08-29 03:40 100864 ------w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2002-08-29 01:37 226880 ------w- c:\windows\system32\drivers\tcpip6.sys
2010-02-10 17:13 . 2010-03-23 22:28 165376 ----a-w- c:\windows\system32\unrar.dll
2010-02-08 21:30 . 2007-03-28 12:02 130608 ----a-w- c:\documents and settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2004-03-11 11:27 . 2007-03-28 12:19 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2010-04-29 19:34 . 2010-04-26 19:51 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2010-04-29 19:34 . 2010-04-26 19:51 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2010-04-29 19:34 . 2010-04-26 19:51 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2010-04-29 19:34 . 2010-04-26 19:51 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2010-04-29 19:34 . 2010-04-26 19:51 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((( SnapShot_2010-01-24_13.56.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2010-05-03 16:53 . 2010-05-03 16:53 16384 c:\windows\Temp\Perflib_Perfdata_748.dat
- 2006-10-18 20:47 . 2006-10-18 20:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-18 20:47 . 2006-10-18 19:47 38400 c:\windows\system32\wpdshextres.dll
+ 2009-12-17 16:39 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
- 2009-12-17 16:39 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2007-03-28 10:41 . 2007-07-27 21:11 26488 c:\windows\system32\spupdsvc.exe
- 2007-03-28 10:41 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2000-01-01 00:59 . 2010-05-03 16:57 68292 c:\windows\system32\perfc009.dat
- 2000-01-01 00:59 . 2010-01-24 13:52 68292 c:\windows\system32\perfc009.dat
+ 2001-08-17 22:36 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2000-01-01 00:59 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
- 2002-08-29 03:41 . 2008-04-14 00:12 11264 c:\windows\system32\msrle32.dll
+ 2002-08-29 03:41 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
- 2009-12-16 21:46 . 2009-12-16 21:46 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-12-16 21:46 . 2010-03-04 11:22 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2001-08-17 22:36 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2000-01-01 00:59 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2009-09-25 05:56 . 2009-12-22 05:20 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-09-25 05:56 . 2010-02-26 05:43 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2009-06-10 14:13 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2002-08-29 03:40 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2000-01-01 00:59 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
- 2002-08-29 03:40 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
+ 2002-08-29 03:40 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
+ 2010-01-04 12:53 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-02-13 17:51 . 2010-03-14 19:59 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2010-02-13 17:51 . 2010-03-14 19:59 94208 c:\windows\.jagex_cache_32\runescape\jaggl.dll
+ 2010-04-01 11:05 . 2009-12-22 05:20 81920 c:\windows\$NtUninstallKB980182$\ieencode.dll
+ 2010-02-25 13:59 . 2009-10-28 15:07 46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-25 13:59 . 2010-01-23 10:40 16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-02-12 15:29 . 2008-04-14 00:11 32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-12 15:29 . 2000-01-01 00:59 25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-12 15:29 . 2008-04-14 00:12 11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-12 15:29 . 2008-04-14 00:11 47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-12 15:29 . 2009-06-10 14:13 84992 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2010-02-12 15:29 . 2008-04-14 00:12 16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2010-04-01 11:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB980182\update\spcustom.dll
+ 2010-04-01 11:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB980182\spmsg.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 81920 c:\windows\$hf_mig$\KB980182\SP3QFE\ieencode.dll
+ 2010-02-12 15:28 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-02-12 15:28 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-02-12 15:30 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-12 15:30 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 84992 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-02-23 15:47 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-23 15:47 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-03-11 22:29 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-03-11 22:29 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 17:23 . 2009-11-27 17:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2010-02-12 15:30 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-12 15:30 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-02-12 15:29 . 2000-01-01 00:59 8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2000-01-01 00:59 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2002-08-29 03:41 . 2010-02-26 05:43 627712 c:\windows\system32\urlmon.dll
- 2002-08-29 03:41 . 2009-12-22 05:21 627712 c:\windows\system32\urlmon.dll
- 2002-08-29 03:41 . 2008-04-14 00:12 474112 c:\windows\system32\shlwapi.dll
+ 2002-08-29 03:41 . 2009-12-08 09:23 474112 c:\windows\system32\shlwapi.dll
+ 2000-01-01 00:59 . 2010-05-03 16:57 435396 c:\windows\system32\perfh009.dat
- 2000-01-01 00:59 . 2010-01-24 13:52 435396 c:\windows\system32\perfh009.dat
+ 1993-07-23 18:31 . 1993-07-23 18:31 210944 c:\windows\system32\Msvcrt10.dll
+ 2007-03-28 09:55 . 2009-12-16 18:43 343040 c:\windows\system32\mspaint.exe
- 2007-03-28 09:55 . 2008-04-14 00:12 343040 c:\windows\system32\mspaint.exe
+ 2010-01-27 01:07 . 2010-01-27 01:07 256280 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2010-04-24 11:43 . 2010-04-12 15:29 153376 c:\windows\system32\javaws.exe
+ 2010-04-24 11:43 . 2010-04-12 15:29 145184 c:\windows\system32\javaw.exe
- 2009-12-25 20:20 . 2009-12-25 20:20 145184 c:\windows\system32\javaw.exe
+ 2010-04-24 11:43 . 2010-04-12 15:29 145184 c:\windows\system32\java.exe
- 2009-12-25 20:20 . 2009-12-25 20:20 145184 c:\windows\system32\java.exe
- 2002-08-29 03:40 . 2008-04-14 00:11 251904 c:\windows\system32\iepeers.dll
+ 2002-08-29 03:40 . 2010-02-26 05:43 251904 c:\windows\system32\iepeers.dll
+ 2007-03-28 11:48 . 2010-02-09 14:24 431776 c:\windows\system32\FNTCACHE.DAT
+ 2000-01-01 00:59 . 2009-12-31 16:50 353792 c:\windows\system32\drivers\srv.sys
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
- 2009-10-29 05:38 . 2009-12-22 05:21 667136 c:\windows\system32\dllcache\wininet.dll
+ 2009-10-29 05:38 . 2010-02-26 05:43 667136 c:\windows\system32\dllcache\wininet.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:53 . 2010-03-09 11:09 430080 c:\windows\system32\dllcache\vbscript.dll
- 2009-10-29 05:38 . 2009-12-22 05:21 627712 c:\windows\system32\dllcache\urlmon.dll
+ 2009-10-29 05:38 . 2010-02-26 05:43 627712 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2009-12-17 16:32 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2009-12-08 09:23 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2010-01-04 12:53 . 2006-10-18 19:47 211456 c:\windows\system32\dllcache\qasf.dll
+ 2009-12-16 18:43 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2009-12-17 16:36 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-02-26 05:43 . 2010-02-26 05:43 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
- 2010-01-14 20:31 . 2010-01-14 20:31 290816 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2010-01-14 20:31 . 2010-01-29 20:30 290816 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2010-01-29 21:38 . 2010-01-29 21:38 219648 c:\windows\Installer\a8890.msi
+ 2010-02-08 15:01 . 2010-02-08 15:01 462848 c:\windows\Installer\4ebf31.msi
+ 2010-04-25 19:05 . 2010-04-25 19:05 867328 c:\windows\Installer\2a1a1b1.msi
+ 2010-03-30 21:43 . 2010-03-30 21:43 180224 c:\windows\Installer\17131dc.msi
+ 1996-10-14 02:38 . 1996-10-14 02:38 253952 c:\windows\Installer\$PatchCache$\Managed\EA1B26F4877E2E94C9751C6CA5210289\5.0.5000\msvcrt20.dll
+ 2009-12-17 16:36 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
- 2010-01-18 21:24 . 2010-01-18 21:24 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:02 . 2010-04-25 19:02 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:02 . 2010-04-25 19:02 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:02 . 2010-04-25 19:02 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:02 . 2010-04-25 19:02 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-04-25 19:03 . 2010-04-25 19:03 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-02-13 17:51 . 2010-03-14 19:59 824320 c:\windows\.jagex_cache_32\runescape\sw3d.dll
+ 2010-03-14 19:37 . 2010-03-14 19:48 127185 c:\windows\.jagex_cache_32\loginapplet\cache--936736818.dat
+ 2010-04-01 11:05 . 2009-12-22 05:21 667136 c:\windows\$NtUninstallKB980182$\wininet.dll
+ 2010-04-01 11:05 . 2009-12-22 05:21 627712 c:\windows\$NtUninstallKB980182$\urlmon.dll
+ 2010-04-01 11:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980182$\spuninst\updspapi.dll
+ 2010-04-01 11:05 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB980182$\spuninst\spuninst.exe
+ 2010-04-01 11:05 . 2008-04-14 00:11 251904 c:\windows\$NtUninstallKB980182$\iepeers.dll
+ 2010-02-25 13:59 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979306$\spuninst\updspapi.dll
+ 2010-02-25 13:59 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979306$\spuninst\spuninst.exe
+ 2010-02-12 15:28 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978706$\spuninst\updspapi.dll
+ 2010-02-12 15:28 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978706$\spuninst\spuninst.exe
+ 2010-02-12 15:28 . 2008-04-14 00:12 343040 c:\windows\$NtUninstallKB978706$\mspaint.exe
+ 2010-02-12 15:30 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-12 15:30 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-12 15:29 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-02-23 15:47 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-23 15:47 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-12 15:29 . 2008-04-14 00:12 474112 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-03-11 22:29 . 2009-05-26 16:10 382840 c:\windows\$NtUninstallKB975561$\spuninst\updspapi.dll
+ 2010-03-11 22:29 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975561$\spuninst\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2010-02-12 15:30 . 2008-12-11 10:57 333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-12 15:30 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-12 15:30 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2010-04-01 11:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980182\update\updspapi.dll
+ 2010-04-01 11:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980182\update\update.exe
+ 2010-04-01 11:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB980182\spuninst.exe
+ 2010-02-26 05:37 . 2010-02-26 05:37 668672 c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 628736 c:\windows\$hf_mig$\KB980182\SP3QFE\urlmon.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 251904 c:\windows\$hf_mig$\KB980182\SP3QFE\iepeers.dll
+ 2010-02-12 15:28 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-02-12 15:28 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-02-12 15:28 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2009-12-16 18:27 . 2009-12-16 18:27 343040 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-02-12 15:30 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-12 15:30 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-12 15:30 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-11 13:20 . 2009-12-04 17:25 456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-02-23 15:47 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-23 15:47 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-23 15:47 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474112 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-03-11 22:29 . 2009-05-26 16:10 382840 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-11 22:29 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-11 22:29 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-12 15:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-12 15:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2010-02-12 15:30 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-12 15:30 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-12 15:30 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-11 13:20 . 2010-01-01 07:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2007-03-28 11:55 . 2010-03-19 16:05 4874240 c:\windows\system32\wmp.dll
- 2007-03-28 11:55 . 2009-07-12 11:21 4874240 c:\windows\system32\wmp.dll
- 2002-08-29 03:41 . 2009-12-22 05:21 1509888 c:\windows\system32\shdocvw.dll
+ 2002-08-29 03:41 . 2010-03-10 04:33 1509888 c:\windows\system32\shdocvw.dll
+ 2002-08-29 03:41 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll
+ 2002-08-29 03:41 . 2010-02-26 05:43 3073024 c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 3884312 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-07-13 01:18 . 2010-03-19 16:05 4874240 c:\windows\system32\dllcache\wmp.dll
- 2009-07-13 01:18 . 2009-07-12 11:21 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2009-10-29 05:38 . 2010-03-10 04:33 1509888 c:\windows\system32\dllcache\shdocvw.dll
- 2009-10-29 05:38 . 2009-12-22 05:21 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-06-03 19:09 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2009-12-17 16:33 . 2010-02-17 07:10 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-12-17 16:33 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 18:02 . 2010-02-16 13:25 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-12-17 16:33 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-10-29 19:08 . 2010-02-26 05:43 3073024 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-11 15:19 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2010-03-10 04:33 . 2010-03-10 04:33 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2002-08-29 03:40 . 2010-03-10 04:33 1025024 c:\windows\system32\browseui.dll
- 2002-08-29 03:40 . 2008-04-14 00:11 1025024 c:\windows\system32\browseui.dll
+ 2010-03-26 19:01 . 2010-03-26 19:01 1295872 c:\windows\Installer\53421d.msi
+ 2010-03-26 18:58 . 2010-03-26 18:58 1366016 c:\windows\Installer\534219.msi
+ 2010-03-26 18:48 . 2010-03-26 18:48 1470976 c:\windows\Installer\534215.msi
+ 2010-03-05 21:23 . 2010-03-05 21:24 9960960 c:\windows\Installer\16079d6.msi
+ 2010-03-05 21:24 . 2010-03-05 21:24 1693048 c:\windows\Installer\{3AC8457C-0385-4BEA-A959-E095F05D6D67}\BFBC2Updater.exe
+ 2009-12-17 16:33 . 2010-02-17 07:10 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-12-17 16:33 . 2010-02-16 13:25 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 18:02 . 2010-02-16 13:25 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-12-17 16:33 . 2010-02-16 14:08 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2010-01-18 21:24 . 2010-01-18 21:24 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:02 . 2010-04-25 19:02 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-25 19:02 . 2010-04-25 19:02 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-01-18 21:24 . 2010-01-18 21:24 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-01 11:05 . 2009-12-22 05:21 1509888 c:\windows\$NtUninstallKB980182$\shdocvw.dll
+ 2010-04-01 11:05 . 2009-12-22 05:21 3071488 c:\windows\$NtUninstallKB980182$\mshtml.dll
+ 2010-04-01 11:05 . 2008-04-14 00:11 1025024 c:\windows\$NtUninstallKB980182$\browseui.dll
+ 2010-02-23 15:47 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-23 15:47 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-23 15:47 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-23 15:47 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-03-11 22:29 . 2008-04-14 00:12 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-12 15:29 . 2009-06-03 19:09 1291264 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2010-03-10 04:54 . 2010-03-10 04:54 1509888 c:\windows\$hf_mig$\KB980182\SP3QFE\shdocvw.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 3073536 c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
+ 2010-03-10 04:54 . 2010-03-10 04:54 1025024 c:\windows\$hf_mig$\KB980182\SP3QFE\browseui.dll
+ 2009-12-08 22:52 . 2009-12-08 22:52 2189312 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-23 15:22 . 2009-12-08 17:40 2023936 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-08 22:10 . 2009-12-08 22:10 2066176 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-23 15:22 . 2009-12-08 18:20 2145280 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2010-03-11 15:19 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1291776 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-12-17 16:55 . 2010-04-06 17:52 31971272 c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-04-14 16:33 140288 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"QIP Internet Guardian"="c:\documents and settings\PC\Application Data\QipGuard\QipGuard.exe" [2010-03-12 184272]
"Steam"="c:\program files\steam\steam.exe" [2010-04-26 1238352]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-04 2334856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"nwiz"="nwiz.exe" [BU]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"Flashget"="c:\program files\FlashGet\flashget.exe" [2007-06-29 1990704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\SEGA\\Vancouver 2010\\Vancouver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"c:\\Program Files\\Miranda pack by sssugi 2.4\\miranda32.exe"=
"c:\\Program Files\\Steam\\SteamApps\\duso4\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Steam\\SteamApps\\duso4\\counter-strike\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [3.5.2010 18:30 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [3.5.2010 18:30 196048]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [3.5.2010 18:30 102736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3.5.2010 18:19 297552]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.5.2010 18:19 162768]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [28.3.2007 12:25 13696]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/17 17:47];c:\program files\CyberLink\PowerDVD9\000.fcl [1.9.2009 17:59 87536]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 7:51 277736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.5.2010 18:19 19024]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [3.5.2010 18:30 119200]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.12.2009 18:58 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-05-03 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-12-17 14:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: &Stáhnout &vše FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\vhbyml6w.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - plugin: c:\program files\Magic Video Converter\codec\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Magic Video Converter\codec\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-svchosts.exe - c:\documents and settings\PC\Application Data\Microsoft\svchosts.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-03 19:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1979792683-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:03,3e,ec,ba,24,8b,c3,f5,c1,32,e8,d1,bc,c9,89,ee,f3,7e,76,77,23,
e7,91,f0,39,3d,55,d1,df,ab,92,5b,84,16,6f,f7,04,80,17,c9,da,5a,75,77,08,77,\
"rkeysecu"=hex:10,44,f4,ee,11,e0,7a,87,05,11,0b,b2,2c,df,17,6c
.
Completion time: 2010-05-03 19:25:10
ComboFix-quarantined-files.txt 2010-05-03 17:25
ComboFix2.txt 2010-01-03 16:43

Pre-Run: 28 795 088 896 bytes free
Post-Run: 14 adresárov, 28 816 347 136 voľných bajtov

- - End Of File - - 5E8EB93673C76A99C8D5E319F7FF745D

[motji]

Dobrý večer

Odstrante logy z code a já se na to mrknu

[motji]

Dejte soubor otestovat na http://www.virustotal.com

c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4cb33731-n\decora-d3d.dll
c:\windows\Installer\a8890.msi
c:\windows\Installer\4ebf31.msi
c:\windows\Installer\2a1a1b1.msi
c:\windows\Installer\17131dc.msi


-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače



Po použití combofixu se něco změnilo?

[duso]

Zdravim tak dal sem to testovat na tom total virus tu su visledky čo mi nahodilo....a po použiti combofixu se zmenilo že pracuje rychleji..ale zas je to dost blbe všechno napr..kliknem na nejakou internetovu adresu otvori mi ju niekolko krat otvorim niejaky priečinok a ono to otvori 3 krat stale tak robi....nevim co s tim je..teraz je pc da se to nazvat jak v NUDZOVOM REžIMU...pod ikonami mam velmi velke tiene atd....internet stale vibehuje že je odpojeny sietovy kabel...

http://www.virustotal.com/reanalisis.ht ... 1272985149
http://www.virustotal.com/reanalisis.ht ... 1272985326
http://www.virustotal.com/reanalisis.ht ... 1272985356
http://www.virustotal.com/analisis/35b0 ... 1272985385
http://www.virustotal.com/analisis/22db ... 1272985544
http://www.virustotal.com/analisis/6f3a ... 1272985677
http://www.virustotal.com/analisis/241f ... 1272985807

NAPRIKLAD TOTO JAK PRESUVAM NIEČO tak to robi

[motji]

Musíte dát to reanalyse file now

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[duso]

zdravim tak zrobil sem log z mbam...no nenašlo viry-ale pc ide uplne zle nejsem vobec spokojen..proste zle sa klika jak kliknem strašne rychle to otvori atd..ja newim co s tim je..

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4069

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

5.5.2010 19:37:49
mbam-log-2010-05-05 (19-37-49).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 128176
Uplynulý čas: 7 min, 12 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

[motji]

Počkám na log z uplného skenu.

[duso]

zdravim tak tu je ten uplny log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4069

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

5.5.2010 22:09:50
mbam-log-2010-05-05 (22-09-50).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 348310
Uplynulý čas: 2 hod, 22 min, 6 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 6

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
C:\Program Files\proDAD\Vitascene-1.0\Keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A152A7B6-6E35-483B-9056-92BDE35348E4}\RP180\A0044767.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A152A7B6-6E35-483B-9056-92BDE35348E4}\RP180\A0044775.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A152A7B6-6E35-483B-9056-92BDE35348E4}\RP180\A0044780.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A152A7B6-6E35-483B-9056-92BDE35348E4}\RP180\A0045006.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A152A7B6-6E35-483B-9056-92BDE35348E4}\RP180\A0045024.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

[motji]

Jak to vypadá s počítačem?

[duso]

zdravim počitač ide velmi dobre už...dakujem....ale jedna vec je tu zla že ked kliknem na nejaky subor tak mi to strašne rychlo pootvara abo vojde až do priečinku

[motji]

Vymyslím co s tím, zatím ještě jeden skript pro combofix.



Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=-

DDS::
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie

Firefox::
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\vhbyml6w.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[duso]

Zdravim,Hezkej den no tu je tel log zrobil som to tak ako to je tu dal som ten cript.......

a tu je log...

ComboFix 10-05-08.02 - PC 09.05.2010 11:02:54.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3071.2702 [GMT 2:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\PC\Desktop\CFScript.txt
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\PC\Application Data\PnkBstrK.sys

.
((((((((((((((((((((((((( Files Created from 2010-04-09 to 2010-05-09 )))))))))))))))))))))))))))))))
.

2010-05-08 11:59 . 2010-05-08 11:59 -------- d-----w- c:\documents and settings\PC\Application Data\Ubisoft
2010-05-06 21:10 . 2010-05-06 21:10 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\storage
2010-05-05 17:30 . 2010-05-05 17:30 -------- d-----w- c:\documents and settings\PC\Application Data\Malwarebytes
2010-05-05 17:30 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-05 17:30 . 2010-05-05 17:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-05 17:30 . 2010-05-05 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-05 17:30 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-03 17:37 . 2010-05-03 17:37 -------- d-----w- C:\rsit
2010-05-03 17:37 . 2010-05-03 17:37 -------- d-----w- c:\program files\trend micro
2010-05-03 16:30 . 2010-05-06 20:41 99280 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-05-03 16:30 . 2010-05-06 20:40 190416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-05-03 16:30 . 2010-03-19 19:10 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2010-05-03 16:19 . 2010-05-06 20:41 307280 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-05-03 16:19 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-03 16:19 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-03 16:19 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-03 16:19 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-03 16:19 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-05-03 16:19 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-05-03 16:19 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-05-03 16:19 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-03 16:19 . 2010-04-14 16:47 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-24 13:55 . 2010-04-25 18:45 -------- d-----w- c:\program files\Rockstar Games
2010-04-24 11:43 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-19 14:26 . 2010-04-19 14:26 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SecuROM
2010-04-13 14:21 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-09 08:54 . 2010-01-01 13:11 1022272 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-05-09 08:53 . 2009-12-17 15:45 -------- d-----w- c:\documents and settings\PC\Application Data\ICQ
2010-05-09 08:43 . 2010-02-01 18:41 -------- d-----w- c:\program files\FlashGet
2010-05-09 08:21 . 2010-01-20 19:07 -------- d-----w- c:\documents and settings\PC\Application Data\Skype
2010-05-09 07:49 . 2010-03-26 18:48 -------- d-----w- c:\program files\Steam
2010-05-09 07:04 . 2009-12-17 15:51 -------- d-----w- c:\documents and settings\PC\Application Data\skypePM
2010-05-08 11:59 . 2010-01-05 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft
2010-05-07 21:05 . 2009-12-20 21:10 -------- d-----w- c:\program files\Ubisoft
2010-05-07 21:05 . 2007-03-28 10:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-07 14:44 . 2010-01-10 17:01 -------- d-----w- c:\program files\JDownloader
2010-05-04 15:38 . 2009-12-17 22:13 -------- d-----w- c:\documents and settings\PC\Application Data\IObit
2010-05-03 16:45 . 2009-12-16 22:55 -------- d-----w- c:\program files\Rapget.RS_Premium_v1.0.4.8_cz
2010-05-03 16:20 . 2009-12-16 21:50 -------- d-----w- c:\program files\Alwil Software
2010-05-02 07:50 . 2009-12-16 21:59 -------- d-----w- c:\documents and settings\PC\Application Data\Vso
2010-04-28 19:10 . 2009-12-17 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-24 11:43 . 2009-12-25 20:20 -------- d-----w- c:\program files\Java
2010-03-31 16:21 . 2009-12-17 15:49 -------- d-----w- c:\documents and settings\PC\Application Data\BSplayer PRO
2010-03-30 21:43 . 2010-03-30 21:43 -------- d-----w- c:\program files\Common Files\Java
2010-03-30 21:42 . 2010-03-30 21:42 503808 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7bb368ab-n\msvcp71.dll
2010-03-30 21:42 . 2010-03-30 21:42 499712 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7bb368ab-n\jmc.dll
2010-03-30 21:42 . 2010-03-30 21:42 61440 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4cb33731-n\decora-sse.dll
2010-03-30 21:42 . 2010-03-30 21:42 348160 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7bb368ab-n\msvcr71.dll
2010-03-30 21:42 . 2010-03-30 21:42 12800 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4cb33731-n\decora-d3d.dll
2010-03-26 18:48 . 2010-03-26 18:48 15872 ----a-r- c:\documents and settings\PC\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2010-03-26 18:28 . 2010-03-09 16:11 -------- d-----w- c:\program files\UnitedAdmins
2010-03-26 14:05 . 2010-03-26 14:05 -------- d-----w- c:\documents and settings\PC\Application Data\Canon
2010-03-26 14:04 . 2009-12-20 14:10 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM
2010-03-24 21:03 . 2010-03-24 14:00 -------- d-----w- c:\program files\Just Cause 2
2010-03-23 22:16 . 2010-03-23 22:16 -------- d-----w- c:\documents and settings\PC\Application Data\Media Player Classic
2010-03-23 22:12 . 2010-03-23 22:09 -------- d-----w- c:\program files\GRETECH
2010-03-22 14:30 . 2010-03-22 14:29 -------- d-----w- c:\documents and settings\PC\Application Data\Winamp
2010-03-22 14:29 . 2010-03-22 14:29 -------- d-----w- c:\program files\Winamp
2010-03-22 14:29 . 2010-03-22 14:29 -------- d-----w- c:\program files\Winamp Detect
2010-03-22 14:02 . 2010-01-29 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-03-22 12:52 . 2010-03-31 16:21 697690 ----a-w- c:\documents and settings\PC\Application Data\BSplayer PRO\AC3 Filter\unins000.exe
2010-03-14 19:59 . 2010-02-13 17:54 69 ----a-w- c:\documents and settings\PC\jagex_runescape_preferences2.dat
2010-03-14 19:59 . 2010-02-13 17:52 41 ----a-w- c:\documents and settings\PC\jagex_runescape_preferences.dat
2010-03-14 13:22 . 2010-03-14 13:21 -------- d-----w- c:\program files\QIP Infium
2010-03-14 13:21 . 2010-03-14 13:21 -------- d-----w- c:\documents and settings\PC\Application Data\QipGuard
2010-03-14 12:36 . 2010-03-14 12:36 -------- d-----w- c:\documents and settings\PC\Application Data\QIP
2010-03-14 12:04 . 2010-03-06 10:39 -------- d-----w- c:\program files\Miranda pack by sssugi 2.4
2010-03-13 17:34 . 2009-12-20 14:04 -------- d--h--w- c:\program files\CanonBJ
2010-03-12 13:20 . 2010-03-14 13:21 280440 ----a-w- c:\documents and settings\PC\Application Data\QipGuard\sqlite3.dll
2010-03-12 13:20 . 2010-03-14 13:21 184272 ----a-w- c:\documents and settings\PC\Application Data\QipGuard\QipGuard.exe
2010-03-12 13:20 . 2010-03-14 12:36 149968 ----a-w- c:\documents and settings\PC\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
2010-03-12 13:20 . 2010-03-14 12:36 127440 ----a-w- c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\vhbyml6w.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
2010-03-12 13:20 . 2010-03-14 13:21 20944 ----a-w- c:\documents and settings\PC\Application Data\QipGuard\chrome.dll
2010-03-11 22:23 . 2009-12-17 16:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp
2010-03-09 11:09 . 2002-08-29 03:41 430080 ------w- c:\windows\system32\vbscript.dll
2010-03-04 11:22 . 2010-03-04 11:22 1923768 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2010-02-26 16:34 . 2010-02-26 16:34 152576 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-26 16:34 . 2010-02-26 16:34 79488 ----a-w- c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-02-26 05:43 . 2002-08-29 03:41 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2007-03-28 11:55 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2002-08-29 01:59 455680 ------w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 15:01 . 2010-03-31 16:21 1185871 ----a-w- c:\documents and settings\PC\Application Data\BSplayer PRO\FFDShow\unins000.exe
2010-02-23 14:00 . 2010-03-31 16:21 42288 ----a-w- c:\documents and settings\PC\Application Data\BSplayer PRO\Haali media splitter\uninstall.exe
2010-02-16 14:08 . 2002-08-29 01:04 2146304 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2002-08-29 01:04 2024448 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2002-08-29 03:40 100864 ------w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2002-08-29 01:37 226880 ------w- c:\windows\system32\drivers\tcpip6.sys
2010-02-10 17:13 . 2010-03-23 22:28 165376 ----a-w- c:\windows\system32\unrar.dll
2010-02-08 21:30 . 2007-03-28 12:02 130608 ----a-w- c:\documents and settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2004-03-11 11:27 . 2007-03-28 12:19 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2010-04-29 19:34 . 2010-04-26 19:51 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2010-04-29 19:34 . 2010-04-26 19:51 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2010-04-29 19:34 . 2010-04-26 19:51 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2010-04-29 19:34 . 2010-04-26 19:51 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2010-04-29 19:34 . 2010-04-26 19:51 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((( SnapShot_2010-05-03_17.23.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-09 08:55 . 2010-05-09 08:55 16384 c:\windows\Temp\Perflib_Perfdata_538.dat
+ 2000-01-01 00:59 . 2010-05-09 09:00 68292 c:\windows\system32\perfc009.dat
- 2000-01-01 00:59 . 2010-05-03 16:57 68292 c:\windows\system32\perfc009.dat
- 2010-04-25 19:03 . 2010-04-25 19:03 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2000-01-01 00:59 . 2010-05-09 09:00 435396 c:\windows\system32\perfh009.dat
- 2000-01-01 00:59 . 2010-05-03 16:57 435396 c:\windows\system32\perfh009.dat
- 2010-04-25 19:03 . 2010-04-25 19:03 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:02 . 2010-04-25 19:02 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:02 . 2010-04-25 19:02 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:02 . 2010-04-25 19:02 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:02 . 2010-04-25 19:02 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:03 . 2010-04-25 19:03 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:02 . 2010-04-25 19:02 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-07 21:09 . 2010-05-07 21:09 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-25 19:02 . 2010-04-25 19:02 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-05-06 21:02 151648 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"QIP Internet Guardian"="c:\documents and settings\PC\Application Data\QipGuard\QipGuard.exe" [2010-03-12 184272]
"Steam"="c:\program files\steam\steam.exe" [2010-05-07 1238352]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-04 2334856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"Flashget"="c:\program files\FlashGet\flashget.exe" [2007-06-29 1990704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\SEGA\\Vancouver 2010\\Vancouver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"c:\\Program Files\\Miranda pack by sssugi 2.4\\miranda32.exe"=
"c:\\Program Files\\Steam\\SteamApps\\duso4\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Splinter Cell Conviction\\src\\system\\conviction_game.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Splinter Cell Conviction\\src\\system\\gu.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\SteamApps\\duso4\\counter-strike\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [3.5.2010 18:30 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [3.5.2010 18:30 190416]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [3.5.2010 18:30 99280]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3.5.2010 18:19 307280]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.5.2010 18:19 164048]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [28.3.2007 12:25 13696]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/17 17:47];c:\program files\CyberLink\PowerDVD9\000.fcl [1.9.2009 17:59 87536]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 7:51 277736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.5.2010 18:19 19024]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [3.5.2010 18:30 119200]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.12.2009 18:58 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-05-09 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-12-17 14:35]
.
.
------- Supplementary Scan -------
.
uSearchAssistant = hxxp://search.qip.ru/ie
IE: &Stáhnout &vše FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\vhbyml6w.default\
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - plugin: c:\program files\Magic Video Converter\codec\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Magic Video Converter\codec\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1979792683-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:03,3e,ec,ba,24,8b,c3,f5,c1,32,e8,d1,bc,c9,89,ee,f3,7e,76,77,23,
e7,91,f0,39,3d,55,d1,df,ab,92,5b,84,16,6f,f7,04,80,17,c9,da,5a,75,77,08,77,\
"rkeysecu"=hex:10,44,f4,ee,11,e0,7a,87,05,11,0b,b2,2c,df,17,6c
.
Completion time: 2010-05-09 11:20:00
ComboFix-quarantined-files.txt 2010-05-09 09:19
ComboFix2.txt 2010-05-04 17:31
ComboFix3.txt 2010-05-04 13:55
ComboFix4.txt 2010-01-03 16:43

Pre-Run: 82 388 385 792 bytes free
Post-Run: 15 adresárov, 82 508 754 944 voľných bajtov

- - End Of File - - 4EC274B013611E977589685847541C19

[motji]

Ještě si pro jistotu něco ověřím

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[motji]

Jak to tu vypadá?