Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

AVG Internet security

To, co se nehodí jinam..

Moderátor: Moderátoři

Odpovědět
Zpráva
Autor
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

AVG Internet security

#1 Příspěvek od Monte »

Dobrý den.

Předem chci poděkovat všem, kteří si najdou trochu toho volného času a dělí se o své rady a nápady a pomáhají ostatním.

K mému problému:

Poslední dobu mi na pc zlobi pripojeni k interneru.
Surfuju, posloucham int. radio, stahuji nějaky drobný soubor a ejhle..Internet se zasekne. Sitovka hlasí odpojení od internetu. V práci jsem připojen za routrem, na ten router jsou připojeny ještě 3pc.

Vždy se to zasekně jenom mě. Net na ostatních pc jede.

Zkoušel jsem odstranit potíže přes win. utilitu a pak opravit a nic.

Pomáhá pouze restart PC. Tento problém trva cca týden a stane se mi to tak 1x denně.

Stejný problém mám i doma. Doma jsem taky připojený přes routr a je za ním více PC a ostatní jednou.
Doma mi to začalo zlobit taky cca před týdnem. OS mám přeinstalovany cca před 2 týdnama.

Můj dotaz zní:

Mám AVG Int. sec. odinstalovat a pořídit si něco lepšího?
Nesetkal jste se někdo s tímto problémem?



Jinak PC doma i v praci: OS WIn 7 64bit
ještě přikládám pohled na stav toku dat sít. karty a základní nastavei FW v AVG. Doma jsou ty výsledky a nastavení podobné.


Mockrát děkuji za jakoukoli radu
Přílohy
FW.jpg
(196.4 KiB) Staženo 224 x
Stav.jpg
Stav.jpg (45.94 KiB) Zobrazeno 3239 x
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: AVG Internet security

#2 Příspěvek od Roli »

Zdravím, AVG jako antivir nejen podle mě nepatří do PC.

Jinak v práci i doma používáš stejné PC (notebook) ?

Může to být hloupá shoda náhod ale je možné že máš v PC šmejda.

Použij Rsit z mého podpisu a dej mi sem z něj log.txt, podívám se na to.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Uživatelský avatar
Pavuk29
VIP in memoriam
VIP in memoriam
Příspěvky: 6953
Registrován: 31 říj 2003 08:26
Bydliště: Banská Bystrica
Kontaktovat uživatele:
Kontaktovat uživatele Pavuk29

Re: AVG Internet security

#3 Příspěvek od Pavuk29 »

Roli píše:Zdravím, AVG jako antivir nejen podle mě nepatří do PC.
To je policia Ceskej republiky? :D
------------------------------------------------------------------------------------------------------------------------------
:!: PLS NEPISTE MI SZ, NA ICQ A MAILY S OTAZKAMI, PISTE DO FORA :!: :spam:
------------------------------------------------------------------------------------------------------------------------------
V pripadne akutnych problemov s chodom fora, :207: pripadne s inymi uzivatelmi, :whip: kontaktujte ma na ICQ alebo mailom :31: na pavuk29 zavinac forum.viry.cz. Byvam pri pocitaci casto aj ked nie som online na fore.
http://www.icq.com/people/267560078/
:183: hotline: http://forum.viry.cz/viewtopic.php?f=12&t=116821
:!: pravidla fora: http://forum.viry.cz/viewtopic.php?f=12&t=5601
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#4 Příspěvek od Monte »

Doma i v práci mám stolní pc, Párkrát jsem data přenášel fleškou.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Elektro at 2011-02-15 06:57:13
Microsoft Windows 7 Ultimate
System drive C: has 63 GB (58%) free of 107 GB
Total RAM: 4060 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:57:18, on 15.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Citrix\ICA Client\pnagent.exe
C:\Program Files (x86)\zFTPServer Administration\zFTPServerAdmin.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Citrix\ICA Client\Wfcrun32.exe
C:\PROGRA~2\Citrix\ICACLI~1\WFICA32.EXE
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Users\Elektro\AppData\Local\Screamer Radio\screamer.exe
C:\Program Files\trend micro\Elektro.exe
C:\Windows\SysWOW64\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: zFTPServer Administration.lnk = C:\Program Files (x86)\zFTPServer Administration\zFTPServerAdmin.exe
O4 - Global Startup: Program Neighborhood Agent.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: zFTPServer (zFTPSvc) - Unknown owner - C:\Program Files (x86)\zFTPServer\zFTPServer.exe

--
End of file - 9825 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
/pipeName=e1525e8f-b022-4cd0-9e05-4d31010ab2db /coreSdkOptions=30 /logConfFile="C:\ProgramData\avg9\temp\127cb125-3a9a-409f-8ab2-acdca6282df0-20c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG9\" /tempPath="C:\ProgramData\avg9\temp\"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files (x86)\Citrix\ICA Client\pnagent.exe"
"C:\Program Files (x86)\zFTPServer Administration\zFTPServerAdmin.exe"
"C:\Program Files (x86)\AVG\AVG9\avgtray.exe"
"C:\Program Files (x86)\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe"
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG9\avgfws9.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\zFTPServer\zFTPServer.exe" /service
"C:\Program Files (x86)\AVG\AVG9\avgemc.exe"
"C:\Program Files (x86)\AVG\AVG9\avgam.exe"
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
/pipeName=9c027b40-d327-455c-a679-576c949227ef /coreSdkOptions=0 /binaryPath="C:\Program Files (x86)\AVG\AVG9\"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3128856f-6df8-4a55-a4a2-e2bf3a0da8d8 -SystemEventPortName:HostProcess-ecc1398e-d730-492a-aa17-2c78d0ddbba1 -IoCancelEventPortName:HostProcess-4209b785-1f2e-47c0-9de2-6bc614b90af1 -NonStateChangingEventPortName:HostProcess-a3d9c88e-e200-4ac7-847e-ccfb855ad937 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6eaa6c93-f8d4-441d-8666-20269ae78ce1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
/pipeName=863490b8-38bc-4492-b5e8-6cbce40ce5d9 /coreSdkOptions=18 /logConfFile="C:\ProgramData\avg9\temp\dbfae9aa-6eff-44dc-adfd-eee9424e0f8d-c1c-oopp.tmp" /loggerName=AVG.NS.Core /tempPath="C:\ProgramData\avg9\temp\"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files (x86)\Citrix\ICA Client\Wfcrun32.exe" /wficaStartSCD 1297749159011 /wficaEndIFDCD 1297749158714 C:\Users\Elektro\AppData\Roaming\Citrix\PNAgent\ResourceCache\102757.ICA
"C:\PROGRA~2\Citrix\ICACLI~1\WFICA32.EXE" MFService0009018E998
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
C:\Windows\system32\sppsvc.exe
"C:\Users\Elektro\AppData\Local\Screamer Radio\screamer.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"D:\Data\anti\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [2010-12-06 2334560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll [2010-12-06 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-08 9642528]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2988784]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2010-12-06 2069344]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Program Neighborhood Agent.lnk - C:\Windows\Installer\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe

C:\Users\Elektro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
zFTPServer Administration.lnk - C:\Program Files (x86)\zFTPServer Administration\zFTPServerAdmin.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-14 14:58:13 ----D---- C:\Users\Elektro\AppData\Roaming\SUPERAntiSpyware.com
2011-02-14 14:58:13 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-02-14 14:58:07 ----D---- C:\ProgramData\!SASCORE
2011-02-14 14:58:05 ----D---- C:\Program Files\SUPERAntiSpyware
2011-02-14 14:56:35 ----D---- C:\Program Files (x86)\CCleaner
2011-02-14 14:53:06 ----D---- C:\rsit
2011-02-14 14:53:06 ----D---- C:\Program Files\trend micro
2011-02-14 11:22:48 ----SHD---- C:\Config.Msi
2011-02-10 14:11:16 ----D---- C:\Users\Elektro\AppData\Roaming\progeSOFT
2011-02-10 14:08:28 ----D---- C:\ProgramData\progeSOFT
2011-02-10 14:07:45 ----A---- C:\Windows\RPToolkit.dll
2011-02-10 14:07:45 ----A---- C:\Windows\MeshLib.dll
2011-02-10 14:07:44 ----D---- C:\Program Files (x86)\Print3D Corporation
2011-02-10 14:07:44 ----A---- C:\Windows\ZipLib.dll
2011-02-10 14:07:44 ----A---- C:\Windows\VTKLib.dll
2011-02-10 14:07:44 ----A---- C:\Windows\SYCIO.dll
2011-02-10 14:07:44 ----A---- C:\Windows\SYCGUI.dll
2011-02-10 14:07:44 ----A---- C:\Windows\SYCGeo.dll
2011-02-10 14:07:44 ----A---- C:\Windows\Print3DLib.dll
2011-02-10 14:07:44 ----A---- C:\Windows\NetLib.dll
2011-02-10 14:07:44 ----A---- C:\Windows\CADViewerLib.dll
2011-02-10 14:07:44 ----A---- C:\Windows\3DSLib.dll
2011-02-10 14:07:12 ----A---- C:\Windows\SYSWOW64\cdintf400.dll
2011-02-10 14:06:23 ----A---- C:\Windows\system32\drivers\eusk3usb-amd64.sys
2011-02-10 14:06:20 ----D---- C:\Program Files (x86)\progeSOFT
2011-02-10 09:13:37 ----D---- C:\Users\Elektro\AppData\Roaming\zFTPServer Suite
2011-02-10 09:13:32 ----D---- C:\Program Files (x86)\zFTPServer Administration
2011-02-10 09:13:26 ----D---- C:\Program Files (x86)\zFTPServer
2011-02-10 07:27:26 ----D---- C:\Program Files (x86)\Conduit
2011-02-10 07:27:24 ----D---- C:\Program Files (x86)\ConduitEngine
2011-02-10 07:27:18 ----D---- C:\extensions
2011-02-10 07:27:11 ----D---- C:\Program Files (x86)\uTorrent
2011-02-10 02:22:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-02-10 02:22:48 ----A---- C:\Windows\system32\mshtml.dll
2011-02-10 02:22:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-02-10 02:22:43 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-02-10 02:22:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-02-10 02:22:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-02-10 02:22:43 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-02-10 02:22:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\mstime.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\iertutil.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\iepeers.dll
2011-02-10 02:22:43 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-10 02:22:42 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-02-10 02:22:42 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-02-10 02:22:42 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-02-10 02:22:42 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-10 02:22:42 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-10 02:22:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-02-10 02:22:36 ----A---- C:\Windows\system32\kerberos.dll
2011-02-10 02:22:35 ----A---- C:\Windows\system32\win32k.sys
2011-02-10 02:22:32 ----A---- C:\Windows\system32\upnp.dll
2011-02-10 02:22:32 ----A---- C:\Windows\system32\msxml6.dll
2011-02-10 02:22:32 ----A---- C:\Windows\system32\msxml3.dll
2011-02-10 02:22:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-02-10 02:22:31 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-02-10 02:22:31 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-02-10 02:22:31 ----A---- C:\Windows\system32\wininet.dll
2011-02-10 02:22:31 ----A---- C:\Windows\system32\winhttp.dll
2011-02-10 02:22:31 ----A---- C:\Windows\system32\urlmon.dll
2011-02-10 02:22:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-02-10 02:22:30 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-02-10 02:22:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-02-10 02:22:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-02-10 02:22:30 ----A---- C:\Windows\system32\wscapi.dll
2011-02-10 02:22:30 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-10 02:22:30 ----A---- C:\Windows\system32\ieframe.dll
2011-02-10 02:22:30 ----A---- C:\Windows\system32\davclnt.dll
2011-02-10 02:22:29 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-02-10 02:22:29 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-02-10 02:22:29 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-02-10 02:22:29 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-02-10 02:22:29 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-10 02:22:29 ----A---- C:\Windows\system32\slwga.dll
2011-02-10 02:22:27 ----A---- C:\Windows\system32\winsrv.dll
2011-02-10 02:22:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-10 02:22:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-02-10 02:22:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-02-10 02:22:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-02-10 02:22:25 ----A---- C:\Windows\system32\ntdll.dll
2011-02-10 02:22:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-02-10 02:22:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-02-10 02:22:24 ----A---- C:\Windows\system32\vbscript.dll
2011-02-10 02:22:24 ----A---- C:\Windows\system32\jscript.dll
2011-02-10 02:22:23 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-10 02:22:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-10 02:22:22 ----A---- C:\Windows\system32\cdd.dll
2011-02-10 02:22:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-02-10 02:22:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-02-10 02:22:21 ----A---- C:\Windows\system32\atmlib.dll
2011-02-10 02:22:21 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 15:24:35 ----A---- C:\Windows\SYSWOW64\acXMLParser.dll
2011-02-09 15:24:34 ----A---- C:\Windows\SYSWOW64\cdintf300.dll
2011-02-09 15:24:18 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2011-02-09 15:24:18 ----A---- C:\Windows\SYSWOW64\atl71.dll
2011-02-09 15:24:14 ----D---- C:\Program Files (x86)\eZ
2011-02-09 15:10:39 ----D---- C:\Autodesk
2011-02-05 03:01:03 ----D---- C:\Program Files (x86)\Intel
2011-02-05 03:01:02 ----D---- C:\Intel
2011-01-25 10:21:53 ----D---- C:\Users\Elektro\AppData\Roaming\Winamp
2011-01-25 10:21:53 ----D---- C:\Program Files (x86)\Winamp
2011-01-21 11:10:35 ----D---- C:\Users\Elektro\AppData\Roaming\Miranda
2011-01-21 11:09:54 ----D---- C:\Program Files (x86)\Miranda IM

======List of files/folders modified in the last 1 months======

2011-02-15 06:57:14 ----D---- C:\Windows\Temp
2011-02-15 06:56:17 ----D---- C:\Windows\System32
2011-02-15 06:56:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-15 06:56:16 ----D---- C:\Windows\inf
2011-02-15 06:55:45 ----D---- C:\Windows\system32\drivers\Avg
2011-02-15 06:54:41 ----D---- C:\Windows\system32\config
2011-02-15 06:54:21 ----D---- C:\Windows\Prefetch
2011-02-15 06:51:44 ----D---- C:\Windows\SysWOW64
2011-02-15 06:51:26 ----D---- C:\Windows
2011-02-14 14:58:13 ----HD---- C:\ProgramData
2011-02-14 14:58:05 ----RD---- C:\Program Files
2011-02-14 14:57:50 ----D---- C:\Windows\debug
2011-02-14 14:56:35 ----RD---- C:\Program Files (x86)
2011-02-14 11:58:03 ----D---- C:\Windows\system32\FxsTmp
2011-02-14 11:23:07 ----SHD---- C:\Windows\Installer
2011-02-14 11:22:58 ----D---- C:\Users\Elektro\AppData\Roaming\uTorrent
2011-02-14 08:55:54 ----SHD---- C:\System Volume Information
2011-02-10 14:06:53 ----D---- C:\Windows\system32\DriverStore
2011-02-10 14:06:53 ----D---- C:\Windows\system32\catroot
2011-02-10 14:06:23 ----D---- C:\Windows\system32\drivers
2011-02-10 07:27:21 ----D---- C:\Program Files (x86)\uTorrentBar
2011-02-10 03:20:28 ----D---- C:\Windows\winsxs
2011-02-10 03:18:15 ----D---- C:\Program Files\Internet Explorer
2011-02-10 03:18:15 ----D---- C:\Program Files (x86)\Internet Explorer
2011-02-10 03:02:35 ----D---- C:\ProgramData\Microsoft Help
2011-02-10 03:01:28 ----A---- C:\Windows\system32\MRT.exe
2011-02-10 02:22:13 ----D---- C:\Windows\system32\catroot2
2011-02-09 07:19:32 ----D---- C:\Program Files (x86)\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSErHrw7a;AVG9IDSErHr; C:\Windows\System32\Drivers\AVGIDSwa.sys [2010-11-04 27216]
R0 AvgRkx64;avgrkx64.sys; C:\Windows\System32\Drivers\avgrkx64.sys [2010-11-04 56008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-27 834544]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2010-11-01 29976]
R1 AvgLdx64;AVG AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2010-12-06 269904]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2010-11-04 35536]
R1 AvgTdiA;AVG Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2010-11-04 317520]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
R3 AVGIDSDriverw7a;AVG9IDSDriver; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys [2010-11-04 132688]
R3 AVGIDSFilterw7a;AVG9IDSFilter; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys [2010-11-04 35920]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-02-15 25640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-08 2223392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-11-27 295424]
S3 a3shj336;a3shj336; C:\Windows\system32\drivers\a3shj336.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-11-04 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-12-06 308136]
R2 avgfws9;AVG Firewall; C:\Program Files (x86)\AVG\AVG9\avgfws9.exe [2010-12-06 2331544]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-04 5897808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 zFTPSvc;zFTPServer; C:\Program Files (x86)\zFTPServer\zFTPServer.exe [2010-12-15 3471360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-11-24 79360]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF--------------


Test jsem zpustil během normálního provozu při zaplem AVG. Log je z PC, které mám v práci.
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: AVG Internet security

#5 Příspěvek od Roli »

Pavuk29 píše:To je policia Ceskej republiky? :D

Kdepak, truhlář (stoliar ?), ale už jen pro zábavu od Plzně :wink:
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: AVG Internet security

#6 Příspěvek od Roli »

Monte píše:Doma i v práci mám stolní pc, Párkrát jsem data přenášel fleškou.

Test jsem zpustil během normálního provozu při zaplem AVG. Log je z PC, které mám v práci.

Do toho pracovního bych se nerad cpal, raději požádej svého správce ať se na to podívá.

Ten co máš doma to je jiná na ten se klidně mrknu.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#7 Příspěvek od Monte »

OK. jinak ten co mam v praci jsem intaloval sam a je to muj pc, takze se v nem klidne muzem vrtat jak je libo:D az budu doma poslu log z meho osobniho co mam doma.
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: AVG Internet security

#8 Příspěvek od Roli »

Dobře tak tedy nejdříve ten pracovní ať v tom není hokej.

Tak že tohle fixni v HJT :

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HJT najdeš zde :

C:\Program Files\trend micro\Elektro.exe

Fix znamená že spustíš HJT Obrázek jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Dále se zbav toho AVG, pokud se mu nebude chtít nebo i pro jistotu použij AVG Remover


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Nainstaluj třeba Avast 5


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#9 Příspěvek od Monte »

Tak jsem to udělal dle vašeho návodu,
¨
Nakonec jsem nainstaloval Avast 5 a pustitl pod adminem ten mbam. Zde je log,

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5782

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17.2.2011 8:18:39
mbam-log-2011-02-17 (08-18-39).txt

Typ kontroly: Rychlý test
Testované objekty: 157767
Uplynulý čas: 2 minut, 3 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: AVG Internet security

#10 Příspěvek od Roli »

Nyní použijeme větší kalibr tak že pozorně číst, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#11 Příspěvek od Monte »

ComboFix 11-02-17.01 - Elektro 18.02.2011 7:37.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4060.2824 [GMT 1:00]
Spuštěný z: c:\users\Elektro\Desktop\ComboFix.exe2.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Desktop

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-18 do 2011-02-18 )))))))))))))))))))))))))))))))
.

2011-02-18 06:42 . 2011-02-18 06:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-17 23:30 . 2011-02-02 16:10 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A537A0FF-9A7E-43D2-A165-AE2482287628}\mpengine.dll
2011-02-17 07:33 . 2011-02-17 07:33 -------- d-----w- c:\users\Elektro\AppData\Local\Secunia PSI
2011-02-17 07:33 . 2011-02-17 07:33 -------- d-----w- c:\program files (x86)\Secunia
2011-02-17 07:15 . 2011-02-17 07:15 -------- d-----w- c:\users\Elektro\AppData\Roaming\Malwarebytes
2011-02-17 07:15 . 2011-02-17 07:15 -------- d-----w- c:\programdata\Malwarebytes
2011-02-17 07:15 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-17 07:15 . 2011-02-17 07:15 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-17 07:15 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-17 07:09 . 2011-01-13 08:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-17 07:09 . 2011-01-13 08:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-17 07:08 . 2011-01-13 08:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-17 07:08 . 2011-01-13 08:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-17 07:08 . 2011-01-13 08:47 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-17 07:08 . 2011-01-13 08:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-17 07:08 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-02-17 07:08 . 2011-01-13 08:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-02-17 07:08 . 2011-02-17 07:08 -------- d-----w- c:\programdata\Alwil Software
2011-02-17 07:08 . 2011-02-17 07:08 -------- d-----w- c:\program files\Alwil Software
2011-02-17 07:04 . 2011-02-17 07:04 -------- d-----w- C:\zaloha registru
2011-02-14 13:58 . 2011-02-14 13:58 -------- d-----w- c:\users\Elektro\AppData\Roaming\SUPERAntiSpyware.com
2011-02-14 13:58 . 2011-02-14 13:58 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-02-14 13:58 . 2011-02-14 13:58 -------- d-----w- c:\programdata\!SASCORE
2011-02-14 13:58 . 2011-02-17 07:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-14 13:56 . 2011-02-14 13:56 -------- d-----w- c:\program files (x86)\CCleaner
2011-02-14 13:53 . 2011-02-17 06:54 -------- d-----w- c:\program files\trend micro
2011-02-14 13:53 . 2011-02-14 13:53 -------- d-----w- C:\rsit
2011-02-10 13:11 . 2011-02-10 13:11 -------- d-----w- c:\users\Elektro\AppData\Roaming\progeSOFT
2011-02-10 13:08 . 2011-02-10 13:09 -------- d-----w- c:\programdata\progeSOFT
2011-02-10 13:06 . 2011-01-03 17:07 76480 ----a-w- c:\windows\system32\drivers\eusk3usb-amd64.sys
2011-02-10 13:06 . 2011-02-10 13:06 1115704 ----a-w- c:\windows\SysWow64\O2CPlayer.OCX
2011-02-10 13:06 . 2011-02-10 13:06 -------- d-----w- c:\program files (x86)\progeSOFT
2011-02-10 08:13 . 2011-02-10 08:13 -------- d-----w- c:\users\Elektro\AppData\Roaming\zFTPServer Suite
2011-02-10 08:13 . 2011-02-10 08:13 -------- d-----w- c:\program files (x86)\zFTPServer Administration
2011-02-10 08:13 . 2011-02-10 08:13 -------- d-----w- c:\program files (x86)\zFTPServer
2011-02-10 06:27 . 2011-02-10 06:27 -------- d-----w- c:\program files (x86)\Conduit
2011-02-10 06:27 . 2011-02-10 06:27 -------- d-----w- C:\extensions
2011-02-09 14:24 . 2007-03-27 17:27 3186688 ----a-w- c:\windows\SysWow64\acXMLParser.dll
2011-02-09 14:24 . 2007-03-27 17:27 3186688 ----a-w- c:\windows\SysWow64\cdintf300.dll
2011-02-09 14:24 . 2004-09-01 19:50 89088 ----a-w- c:\windows\SysWow64\atl71.dll
2011-02-09 14:24 . 2004-09-01 19:50 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2011-02-09 14:24 . 2011-02-09 14:24 -------- d-----w- c:\program files (x86)\eZ
2011-02-09 14:10 . 2011-02-09 14:10 -------- d-----w- C:\Autodesk
2011-02-05 02:01 . 2011-02-05 02:01 -------- d-----w- c:\program files (x86)\Intel
2011-02-05 02:01 . 2011-02-05 02:01 -------- d-----w- C:\Intel
2011-01-25 09:21 . 2011-02-14 13:57 -------- d-----w- c:\users\Elektro\AppData\Roaming\Winamp
2011-01-25 09:21 . 2011-01-25 09:24 -------- d-----w- c:\program files (x86)\Winamp
2011-01-21 10:10 . 2011-01-21 10:10 -------- d-----w- c:\users\Elektro\AppData\Roaming\Miranda

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-18 06:43 . 2010-11-01 14:53 25640 ----a-w- c:\windows\gdrv.sys
2011-02-02 16:11 . 2010-10-26 13:48 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-03 17:12 . 2011-01-03 17:12 61440 ----a-w- c:\windows\SysWow64\wintab32.dll
2011-01-03 17:12 . 2011-01-03 17:12 274432 ----a-w- c:\windows\SysWow64\dwgthumbnail.ocx
2011-01-03 17:12 . 2011-01-03 17:12 89360 ----a-w- c:\windows\SysWow64\vb5db.dll
2011-01-03 17:12 . 2011-01-03 17:12 339968 ----a-w- c:\windows\SysWow64\slide.ocx
2011-01-03 17:07 . 2011-01-03 17:07 73728 ----a-w- c:\windows\SysWow64\skeydrv.dll
2011-01-03 17:07 . 2011-01-03 17:07 129632 ----a-w- c:\windows\SysWow64\skeyinst.dll
2011-01-03 17:07 . 2011-01-03 17:07 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2011-01-03 17:04 . 2011-01-03 17:04 647872 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2988784]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Program Neighborhood Agent.lnk - c:\windows\Installer\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2010-10-27 12390]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-1-10 291896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-28 1255736]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-27 834544]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 62032]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-01-10 399416]
S2 zFTPSvc;zFTPServer;c:\program files (x86)\zFTPServer\zFTPServer.exe [2010-12-15 3471360]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-11-27 295424]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-08 9642528]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Citrix\ICA Client\pnagent.exe
.
**************************************************************************
.
Celkový čas: 2011-02-18 07:47:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-18 06:47

Před spuštěním: Volných bajtů: 65 868 570 624
Po spuštění: Volných bajtů: 65 530 019 840

- - End Of File - - 14745F0A9DE28E42DE8A1FEA7A56B0A4
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#12 Příspěvek od Monte »

Pro upřesnění:
Před zapnutím combofixu jsem vypnul veškerou ochranu v avastu. I přesto combofix hlásil, že jsou ochrany zapnuty. Stejná hláška byla po restartu při obětovné deaktivaci ochrany v avastu a znovuzapnuti combofixu

To asi neni v pořádku co :(
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: AVG Internet security

#13 Příspěvek od Roli »

Nic se neděje, vše je v pořádku :

AV: avast! Antivirus *Disabled
SP: avast! Antivirus *Disabled

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Pak dej vědět jaký je stav PC.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#14 Příspěvek od Monte »

V praci uz to slape jako hodinky, ale doma to zlobi. Zrovna pred chvili se mi zase odpojil net, proste se to zaseklo.
Pomohlo vytahnuti datoveho kabelu a znovuzapojeni.pc co mam vedle ktery mam na testovani tak nez na nem stale bezi. Kabel jsem zkousel, ten je ok, zkousel jsem i hybat z koncovakam, tim to neni.

Na svem pc co mam doma mam nainstalovany soft WMware workstation, na nem mam pustene winxp 32b, premyslel jsem zda to neni tim, ale stejna chyba se projevovala i v praci.

Zkusim postupovat uplne stejne jak jste mi radil u pc ktere mam v praci. Poslu tedy log. Kazdopadne smekam klobouk, jak se v tech logach vyznate, jak vite co hledat:)
Hold profik je profik :)
Nahoru
Monte
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 14 úno 2011 15:09

Re: AVG Internet security

#15 Příspěvek od Monte »

Zde log z meho pc co mam doma. Jinak ten AVG jsem hodil do pryc. Nainstaloval Avast, jeste k tomu Seciniu PSI a SuperAntispyware. Vcera nasel jeden Trojak, tak jsem ho smaznul.


Zde log. Je moc dlouhy, tak musim na 2x
Logfile of random's system information tool 1.08 (written by random/random)
Run by Nimrod Sherdon at 2011-02-18 22:12:52
Microsoft Windows 7 Ultimate
System drive C: has 39 GB (55%) free of 71 GB
Total RAM: 6142 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:56, on 18.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\QIP\qip.exe
C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe
C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Nimrod Sherdon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [NetFxUpdate_v1.1.4322] "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 0 v1.1.4322 GAC + NI NID
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: posledni.ahk
O4 - Global Startup: QIP 2005.lnk = C:\Program Files (x86)\QIP\qip.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2ED5347-0AF2-40EA-A261-BCD23D94395C}: NameServer = 192.168.1.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10699 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files (x86)\QIP\qip.exe"
"C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe" "C:\Users\Nimrod Sherdon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\posledni.ahk"
"C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
WLIDSvcM.exe 2936
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe"
C:\Windows\System32\msdtc.exe
C:\Windows\system32\DllHost.exe /Processid:{48DA6741-1BF0-4A44-8325-293086C79077}
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:2572 CREDAT:79873
"C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe"
"taskhost.exe"
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe" -s "vmx.stdio.keep=TRUE" -# "product=1;name=VMware Workstation;version=7.0.0;buildnumber=203739;licensename=VMware Workstation;licenseversion=7.0;" -@ "pipe=\\.\pipe\vmx8c45a80b238a3127;" "D:\WMWare\Windows XP Professional.vmx"
"D:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2011-02-07 396152]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2988784]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"Razer Naga Driver"=C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe [2010-12-30 957840]
"vmware-tray"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2009-10-22 129584]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"NetFxUpdate_v1.1.4322"=C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QIP 2005.lnk - C:\Program Files (x86)\QIP\qip.exe
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Users\Nimrod Sherdon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
posledni.ahk

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-18 22:12:52 ----D---- C:\rsit
2011-02-18 22:12:52 ----D---- C:\Program Files\trend micro
2011-02-18 20:39:18 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Mozilla
2011-02-18 20:02:45 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Turbine
2011-02-18 19:58:07 ----D---- C:\Windows\SYSWOW64\URTTEMP
2011-02-18 18:24:14 ----D---- C:\ProgramData\PMB Files
2011-02-18 18:24:09 ----D---- C:\Program Files (x86)\Pando Networks
2011-02-18 08:31:15 ----D---- C:\Windows\cs
2011-02-18 08:25:39 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-02-18 08:20:02 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-18 08:20:02 ----D---- C:\Program Files (x86)\Windows Live
2011-02-18 08:20:02 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2011-02-18 08:19:04 ----D---- C:\Windows\PCHEALTH
2011-02-18 08:19:00 ----D---- C:\Program Files\Windows Live
2011-02-18 08:18:35 ----D---- C:\Program Files (x86)\MSN Toolbar
2011-02-18 08:18:30 ----D---- C:\Program Files (x86)\Bing Bar Installer
2011-02-18 06:24:18 ----D---- C:\Program Files (x86)\Secunia
2011-02-17 23:00:59 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\SUPERAntiSpyware.com
2011-02-17 23:00:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-02-17 23:00:55 ----D---- C:\ProgramData\!SASCORE
2011-02-17 23:00:53 ----D---- C:\Program Files\SUPERAntiSpyware
2011-02-17 17:38:28 ----D---- C:\Program Files (x86)\CCleaner
2011-02-17 17:35:41 ----D---- C:\Program Files (x86)\Google
2011-02-17 17:35:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-02-17 17:35:39 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-02-17 17:35:38 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-02-17 17:35:37 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-02-17 17:35:34 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-02-17 17:35:34 ----A---- C:\Windows\system32\aswBoot.exe
2011-02-17 17:34:51 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2011-02-17 17:34:47 ----D---- C:\ProgramData\Alwil Software
2011-02-17 17:34:47 ----D---- C:\Program Files\Alwil Software
2011-02-12 07:21:14 ----D---- C:\Program Files\Bethesda Softworks
2011-02-11 19:02:50 ----D---- C:\Program Files (x86)\AC Tool
2011-02-10 15:51:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-02-10 15:51:32 ----A---- C:\Windows\system32\mshtml.dll
2011-02-10 15:51:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-02-10 15:51:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\mstime.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-10 15:51:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\iertutil.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\iepeers.dll
2011-02-10 15:51:29 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-10 15:51:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-02-10 15:51:27 ----A---- C:\Windows\system32\kerberos.dll
2011-02-10 15:51:26 ----A---- C:\Windows\system32\win32k.sys
2011-02-10 15:51:23 ----A---- C:\Windows\system32\urlmon.dll
2011-02-10 15:51:23 ----A---- C:\Windows\system32\upnp.dll
2011-02-10 15:51:23 ----A---- C:\Windows\system32\msxml6.dll
2011-02-10 15:51:23 ----A---- C:\Windows\system32\msxml3.dll
2011-02-10 15:51:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-02-10 15:51:22 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-02-10 15:51:22 ----A---- C:\Windows\system32\wininet.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-02-10 15:51:21 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\wscapi.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\winhttp.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\slwga.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\ieframe.dll
2011-02-10 15:51:21 ----A---- C:\Windows\system32\davclnt.dll
2011-02-10 15:51:17 ----A---- C:\Windows\system32\winsrv.dll
2011-02-10 15:51:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-02-10 15:51:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-02-10 15:51:16 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-02-10 15:51:16 ----A---- C:\Windows\system32\DWrite.dll
2011-02-10 15:51:16 ----A---- C:\Windows\system32\d3d10warp.dll
2011-02-10 15:51:16 ----A---- C:\Windows\system32\d2d1.dll
2011-02-10 15:51:15 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-02-10 15:51:15 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-02-10 15:51:15 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-10 15:51:15 ----A---- C:\Windows\system32\mf.dll
2011-02-10 15:51:15 ----A---- C:\Windows\system32\FntCache.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-02-10 15:51:14 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\mfps.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-10 15:51:14 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-10 15:51:14 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\d3d10_1.dll
2011-02-10 15:51:14 ----A---- C:\Windows\system32\cdd.dll
2011-02-10 15:51:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-02-10 15:51:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-02-10 15:51:11 ----A---- C:\Windows\system32\vbscript.dll
2011-02-10 15:51:11 ----A---- C:\Windows\system32\jscript.dll
2011-02-10 15:51:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-02-10 15:51:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-02-10 15:51:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-10 15:51:10 ----A---- C:\Windows\system32\ntdll.dll
2011-02-10 15:51:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-02-10 15:51:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-02-10 15:51:09 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-02-10 15:51:09 ----A---- C:\Windows\system32\atmlib.dll
2011-02-10 15:51:09 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 12:24:00 ----D---- C:\Windows\SYSWOW64\drivers\avg
2011-02-08 17:20:13 ----D---- C:\Games
2011-02-08 16:28:37 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Rift
2011-02-08 12:43:28 ----D---- C:\Program Files (x86)\AVG
2011-02-08 12:43:27 ----D---- C:\ProgramData\avg9
2011-02-07 21:25:25 ----D---- C:\Program Files (x86)\Microsoft XNA
2011-02-07 21:24:10 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2011-02-07 21:24:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2011-02-07 21:24:10 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-02-07 21:24:10 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-02-07 21:24:09 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2011-02-07 20:50:17 ----A---- C:\Windows\system32\drivers\vmci.sys
2011-02-07 20:50:14 ----A---- C:\Windows\system32\drivers\vmx86.sys
2011-02-07 20:49:55 ----A---- C:\Windows\system32\vnetinst.dll
2011-02-07 20:49:55 ----A---- C:\Windows\system32\drivers\vmnetadapter.sys
2011-02-07 20:49:50 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2011-02-07 20:49:46 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2011-02-07 20:49:46 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2011-02-07 20:49:45 ----RA---- C:\Windows\system32\vmnetbridge.dll
2011-02-07 20:49:45 ----RA---- C:\Windows\system32\drivers\vmnetbridge.sys
2011-02-07 20:49:45 ----RA---- C:\Windows\system32\drivers\vmnet.sys
2011-02-07 20:49:42 ----A---- C:\Windows\system32\vnetlib64.dll
2011-02-07 20:49:36 ----A---- C:\Windows\system32\drivers\VMkbd.sys
2011-02-07 20:49:34 ----A---- C:\Windows\system32\drivers\hcmon.sys
2011-02-07 20:49:33 ----A---- C:\Windows\system32\drivers\vmusb.sys
2011-02-07 20:49:11 ----D---- C:\ProgramData\VMware
2011-02-07 20:49:08 ----D---- C:\Program Files (x86)\VMware
2011-02-07 20:43:42 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\WinRAR
2011-02-07 20:43:36 ----D---- C:\Program Files\WinRAR
2011-02-07 20:29:47 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-02-07 20:29:33 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2011-02-07 20:29:26 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-02-07 20:26:55 ----A---- C:\Windows\system32\drivers\sptd.sys
2011-02-07 20:26:48 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\DAEMON Tools Lite
2011-02-07 20:16:30 ----D---- C:\Program Files (x86)\Conduit
2011-02-07 20:16:28 ----D---- C:\Program Files (x86)\ConduitEngine
2011-02-07 20:16:27 ----D---- C:\Program Files (x86)\uTorrentBar
2011-02-07 20:16:25 ----D---- C:\extensions
2011-02-07 20:16:24 ----D---- C:\Program Files (x86)\uTorrent
2011-02-07 20:16:01 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\uTorrent
2011-02-07 19:17:10 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\VMware
2011-02-07 19:17:02 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\TS3Client
2011-02-07 19:16:35 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Aventurine
2011-02-07 19:09:51 ----A---- C:\loot.txt
2011-02-07 18:57:46 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2011-02-07 18:57:46 ----A---- C:\Windows\system32\msv1_0.dll
2011-02-07 18:54:18 ----D---- C:\Program Files (x86)\MacroGamer
2011-02-07 18:40:10 ----D---- C:\Program Files (x86)\AutoHotkey
2011-02-07 18:39:00 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-02-07 18:33:17 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Media Player Classic
2011-02-07 18:32:38 ----D---- C:\Program Files (x86)\Combined Community Codec Pack
2011-02-07 18:32:17 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\teamspeak2
2011-02-07 18:32:10 ----D---- C:\Program Files (x86)\Teamspeak2_RC2
2011-02-07 18:31:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-02-07 18:28:29 ----D---- C:\Program Files (x86)\Razer
2011-02-07 18:23:49 ----D---- C:\Windows\SYSWOW64\Wat
2011-02-07 18:23:49 ----D---- C:\Windows\system32\Wat
2011-02-07 18:19:30 ----A---- C:\Windows\system32\MRT.exe
2011-02-07 18:11:48 ----A---- C:\Windows\system32\browserchoice.exe
2011-02-07 18:06:10 ----A---- C:\Windows\system32\drivers\ks.sys
2011-02-07 18:03:10 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Darkfall
2011-02-07 18:02:59 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\ATI
2011-02-07 18:02:59 ----D---- C:\ProgramData\ATI
2011-02-07 18:01:12 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-02-07 18:01:09 ----D---- C:\Program Files (x86)\ATI Stream
2011-02-07 18:01:08 ----D---- C:\Program Files (x86)\ATI
2011-02-07 18:00:32 ----D---- C:\Program Files (x86)\ATI Technologies
2011-02-07 18:00:24 ----D---- C:\Program Files\ATI Technologies
2011-02-07 18:00:21 ----D---- C:\Program Files\ATI
2011-02-07 17:56:11 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Winamp
2011-02-07 17:56:11 ----D---- C:\Program Files (x86)\Winamp
2011-02-07 17:55:31 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2011-02-07 17:55:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2011-02-07 17:55:31 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2011-02-07 17:55:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2011-02-07 17:55:31 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-02-07 17:55:31 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-02-07 17:55:31 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-02-07 17:55:31 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-02-07 17:55:30 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-02-07 17:55:29 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2011-02-07 17:55:29 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2011-02-07 17:55:29 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2011-02-07 17:55:29 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2011-02-07 17:55:29 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-02-07 17:55:29 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-02-07 17:55:29 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-02-07 17:55:29 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-02-07 17:55:28 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-02-07 17:55:28 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-02-07 17:55:27 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2011-02-07 17:55:27 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2011-02-07 17:55:27 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2011-02-07 17:55:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2011-02-07 17:55:27 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-02-07 17:55:27 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-02-07 17:55:27 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-02-07 17:55:27 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2011-02-07 17:55:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-02-07 17:55:26 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2011-02-07 17:55:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-02-07 17:55:25 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2011-02-07 17:55:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-02-07 17:55:24 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-02-07 17:55:23 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2011-02-07 17:55:23 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2011-02-07 17:55:23 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2011-02-07 17:55:23 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2011-02-07 17:55:23 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-02-07 17:55:23 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-02-07 17:55:23 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-02-07 17:55:23 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-02-07 17:55:22 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2011-02-07 17:55:22 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2011-02-07 17:55:22 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2011-02-07 17:55:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2011-02-07 17:55:22 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-02-07 17:55:22 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-02-07 17:55:22 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-02-07 17:55:22 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-02-07 17:55:21 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2011-02-07 17:55:21 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2011-02-07 17:55:21 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2011-02-07 17:55:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2011-02-07 17:55:21 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-02-07 17:55:21 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-02-07 17:55:21 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-02-07 17:55:21 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2011-02-07 17:55:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-02-07 17:55:20 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-02-07 17:55:19 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2011-02-07 17:55:19 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2011-02-07 17:55:19 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2011-02-07 17:55:19 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2011-02-07 17:55:19 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2011-02-07 17:55:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2011-02-07 17:55:19 ----A---- C:\Windows\system32\xinput1_3.dll
2011-02-07 17:55:19 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-02-07 17:55:19 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-02-07 17:55:19 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-02-07 17:55:19 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-02-07 17:55:19 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-02-07 17:55:18 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2011-02-07 17:55:18 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2011-02-07 17:55:18 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2011-02-07 17:55:18 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2011-02-07 17:55:18 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2011-02-07 17:55:18 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2011-02-07 17:55:18 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-02-07 17:55:18 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-02-07 17:55:18 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-02-07 17:55:18 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-02-07 17:55:18 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-02-07 17:55:18 ----A---- C:\Windows\system32\d3dx10.dll
2011-02-07 17:55:17 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2011-02-07 17:55:17 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2011-02-07 17:55:17 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2011-02-07 17:55:17 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2011-02-07 17:55:17 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2011-02-07 17:55:17 ----A---- C:\Windows\system32\xinput1_2.dll
2011-02-07 17:55:17 ----A---- C:\Windows\system32\xinput1_1.dll
2011-02-07 17:55:17 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-02-07 17:55:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-02-07 17:55:17 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-02-07 17:55:16 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2011-02-07 17:55:16 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2011-02-07 17:55:16 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-02-07 17:55:16 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-02-07 17:55:15 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2011-02-07 17:55:15 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2011-02-07 17:55:15 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2011-02-07 17:55:15 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2011-02-07 17:55:15 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-02-07 17:55:15 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-02-07 17:55:15 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-02-07 17:55:15 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-02-07 17:55:14 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2011-02-07 17:55:14 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2011-02-07 17:55:14 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2011-02-07 17:55:14 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2011-02-07 17:55:14 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-02-07 17:55:14 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-02-07 17:55:14 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-02-07 17:55:14 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-02-07 17:54:29 ----D---- C:\Windows\SYSWOW64\directx
2011-02-07 17:52:32 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\GHISLER
2011-02-07 17:52:32 ----D---- C:\Program Files (x86)\totalcmd
2011-02-07 17:52:32 ----A---- C:\Windows\UC.PIF
2011-02-07 17:52:32 ----A---- C:\Windows\RAR.PIF
2011-02-07 17:52:32 ----A---- C:\Windows\PKZIP.PIF
2011-02-07 17:52:32 ----A---- C:\Windows\PKUNZIP.PIF
2011-02-07 17:52:32 ----A---- C:\Windows\NOCLOSE.PIF
2011-02-07 17:52:32 ----A---- C:\Windows\LHA.PIF
2011-02-07 17:52:32 ----A---- C:\Windows\ARJ.PIF
2011-02-07 17:50:14 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-02-07 17:49:55 ----D---- C:\Program Files (x86)\QIP
2011-02-07 17:49:07 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2011-02-07 17:49:07 ----A---- C:\Windows\system32\asycfilt.dll
2011-02-07 17:49:04 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-02-07 17:49:04 ----A---- C:\Windows\system32\tzres.dll
2011-02-07 17:48:53 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-02-07 17:48:53 ----A---- C:\Windows\system32\t2embed.dll
2011-02-07 17:48:48 ----D---- C:\Program Files (x86)\Screamer Radio
2011-02-07 17:48:45 ----A---- C:\Windows\system32\ole32.dll
2011-02-07 17:48:44 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-02-07 17:48:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-02-07 17:48:39 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-02-07 17:48:39 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-02-07 17:48:39 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-02-07 17:48:39 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-02-07 17:48:39 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-02-07 17:48:39 ----A---- C:\Windows\system32\taskschd.dll
2011-02-07 17:48:39 ----A---- C:\Windows\system32\taskeng.exe
2011-02-07 17:48:39 ----A---- C:\Windows\system32\taskcomp.dll
2011-02-07 17:48:39 ----A---- C:\Windows\system32\schtasks.exe
2011-02-07 17:48:39 ----A---- C:\Windows\system32\schedsvc.dll
2011-02-07 17:48:32 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-02-07 17:48:32 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-02-07 17:48:28 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2011-02-07 17:48:28 ----A---- C:\Windows\system32\CertEnroll.dll
2011-02-07 17:48:17 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-02-07 17:48:17 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-02-07 17:48:17 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-02-07 17:48:17 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-02-07 17:48:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-02-07 17:48:17 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-02-07 17:48:17 ----A---- C:\Windows\system32\PresentationHost.exe
2011-02-07 17:48:17 ----A---- C:\Windows\system32\netfxperf.dll
2011-02-07 17:48:17 ----A---- C:\Windows\system32\mscoree.dll
2011-02-07 17:48:17 ----A---- C:\Windows\system32\dfshim.dll
2011-02-07 17:48:15 ----A---- C:\Windows\system32\secproc_isv.dll
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\secproc.dll
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2011-02-07 17:48:14 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2011-02-07 17:48:14 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-02-07 17:48:14 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-02-07 17:48:14 ----A---- C:\Windows\system32\secproc.dll
2011-02-07 17:48:14 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-02-07 17:48:14 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-02-07 17:48:14 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-02-07 17:48:14 ----A---- C:\Windows\system32\RMActivate.exe
2011-02-07 17:47:56 ----A---- C:\Windows\system32\shell32.dll
2011-02-07 17:47:55 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-02-07 17:47:52 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-02-07 17:47:52 ----A---- C:\Windows\system32\inetcomm.dll
2011-02-07 17:47:52 ----A---- C:\Windows\system32\CPFilters.dll
2011-02-07 17:47:51 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-02-07 17:47:51 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-02-07 17:47:51 ----A---- C:\Windows\system32\psisdecd.dll
2011-02-07 17:47:51 ----A---- C:\Windows\system32\msdri.dll
2011-02-07 17:47:35 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2011-02-07 17:47:35 ----A---- C:\Windows\system32\fontsub.dll
2011-02-07 17:47:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-02-07 17:47:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-02-07 17:47:21 ----A---- C:\Windows\system32\schannel.dll
2011-02-07 17:47:18 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-02-07 17:47:18 ----A---- C:\Windows\system32\comctl32.dll
2011-02-07 17:47:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-02-07 17:47:16 ----A---- C:\Windows\system32\oleaut32.dll
2011-02-07 17:47:15 ----A---- C:\Windows\explorer.exe
2011-02-07 17:47:14 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-02-07 17:47:14 ----A---- C:\Windows\system32\winlogon.exe
2011-02-07 17:47:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-02-07 17:47:10 ----A---- C:\Windows\SYSWOW64\user.exe
2011-02-07 17:47:10 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-02-07 17:47:10 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2011-02-07 17:47:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-02-07 17:47:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-02-07 17:47:10 ----A---- C:\Windows\system32\wow64.dll
2011-02-07 17:47:10 ----A---- C:\Windows\system32\rtutils.dll
2011-02-07 17:47:02 ----A---- C:\Windows\system32\spoolsv.exe
2011-02-07 17:47:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-02-07 17:47:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-02-07 17:47:00 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-02-07 17:46:59 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-02-07 17:46:59 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2011-02-07 17:46:59 ----A---- C:\Windows\system32\webio.dll
2011-02-07 17:46:58 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-02-07 17:46:48 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-02-07 17:46:48 ----A---- C:\Windows\system32\wmpmde.dll
2011-02-07 17:46:47 ----A---- C:\Windows\SYSWOW64\quartz.dll
2011-02-07 17:46:47 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2011-02-07 17:46:47 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2011-02-07 17:46:47 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2011-02-07 17:46:47 ----A---- C:\Windows\system32\tsbyuv.dll
2011-02-07 17:46:47 ----A---- C:\Windows\system32\quartz.dll
2011-02-07 17:46:47 ----A---- C:\Windows\system32\msyuv.dll
2011-02-07 17:46:47 ----A---- C:\Windows\system32\msvidc32.dll
2011-02-07 17:46:47 ----A---- C:\Windows\system32\msrle32.dll
2011-02-07 17:46:47 ----A---- C:\Windows\system32\iyuv_32.dll
2011-02-07 17:46:46 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2011-02-07 17:46:46 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2011-02-07 17:46:46 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2011-02-07 17:46:46 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2011-02-07 17:46:36 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-02-07 17:46:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2011-02-07 17:46:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2011-02-07 17:46:34 ----A---- C:\Windows\system32\lsasrv.dll
2011-02-07 17:46:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2011-02-07 17:46:29 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2011-02-07 17:46:29 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-02-07 17:46:29 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-02-07 17:46:29 ----A---- C:\Windows\system32\msasn1.dll
2011-02-07 17:46:28 ----A---- C:\Windows\system32\wmp.dll
2011-02-07 17:46:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-02-07 17:46:27 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-02-07 17:46:27 ----A---- C:\Windows\system32\wmploc.DLL
2011-02-07 17:46:22 ----A---- C:\Windows\system32\consent.exe
2011-02-07 17:46:21 ----A---- C:\Windows\system32\odbc32.dll
2011-02-07 17:46:20 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-02-07 17:46:09 ----A---- C:\Windows\system32\drivers\srv.sys
2011-02-07 17:46:08 ----A---- C:\Windows\SYSWOW64\sscore.dll
2011-02-07 17:46:08 ----A---- C:\Windows\system32\srvsvc.dll
2011-02-07 17:46:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-02-07 17:46:08 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-02-07 17:46:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-02-07 17:46:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-02-07 17:46:02 ----A---- C:\Windows\system32\jsproxy.dll
2011-02-07 17:46:02 ----A---- C:\Windows\system32\ieui.dll
2011-02-07 17:45:01 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Opera
2011-02-07 17:45:00 ----D---- C:\Program Files (x86)\Opera
2011-02-07 17:43:50 ----D---- C:\Program Files (x86)\WinRAR
2011-02-07 17:37:30 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Macromedia
2011-02-07 17:37:30 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Adobe
2011-02-07 17:37:29 ----D---- C:\Windows\SYSWOW64\Macromed
2011-02-07 17:36:20 ----SHD---- C:\Windows\Installer
2011-02-07 17:35:26 ----D---- C:\ATI
2011-02-07 17:35:13 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\ASUS
2011-02-07 17:35:12 ----D---- C:\Program Files (x86)\OpenAL
2011-02-07 17:35:12 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2011-02-07 17:35:12 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2011-02-07 17:35:12 ----A---- C:\Windows\system32\wrap_oal.dll
2011-02-07 17:35:12 ----A---- C:\Windows\system32\OpenAL32.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\VmixP8.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\HsSrv2.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\HsSrv.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\HsMgr.exe
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\Cmpaoxy.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\CmiCnfgp.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\cmasiop.ini
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\cmasiop.dll
2011-02-07 17:35:05 ----N---- C:\Windows\SYSWOW64\Cm_Oal.dll
2011-02-07 17:35:05 ----N---- C:\Windows\system32\cmasiopx.ini
2011-02-07 17:35:05 ----N---- C:\Windows\system32\cmasiopx.dll
2011-02-07 17:35:05 ----N---- C:\Windows\system32\Cm_Oal.dll
2011-02-07 17:35:01 ----N---- C:\Windows\system32\Cmeauoxy.exe
2011-02-07 17:35:01 ----D---- C:\Program Files\ASUS Xonar D2X Audio
2011-02-07 17:35:01 ----A---- C:\Windows\Cmicnfgp.ini.cfl
2011-02-07 17:34:48 ----A---- C:\Windows\Cmicnfgp.ini.imi
2011-02-07 17:34:46 ----N---- C:\Windows\system32\CmiInstallResAll64.dll
2011-02-07 17:34:46 ----N---- C:\Windows\cmudaxp.ini
2011-02-07 17:34:46 ----N---- C:\Windows\Cmicnfgp.ini.cfg
2011-02-07 17:34:46 ----A---- C:\Windows\difxapi.dll
2011-02-07 17:33:44 ----A---- C:\Windows\system32\RTNUninst64.dll
2011-02-07 17:33:44 ----A---- C:\Windows\system32\RtNicProp64.dll
2011-02-07 17:33:44 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2011-02-07 17:33:41 ----D---- C:\Program Files (x86)\Realtek
2011-02-07 17:32:56 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-02-07 17:32:56 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\InstallShield
2011-02-07 17:32:00 ----D---- C:\Program Files (x86)\Intel
2011-02-07 17:32:00 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2011-02-07 17:31:52 ----D---- C:\Intel
2011-02-07 17:05:55 ----N---- C:\Windows\system32\MpSigStub.exe
2011-02-07 16:52:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2011-02-07 16:52:23 ----A---- C:\Windows\SYSWOW64\cabview.dll
2011-02-07 16:52:23 ----A---- C:\Windows\system32\wintrust.dll
2011-02-07 16:52:23 ----A---- C:\Windows\system32\cabview.dll
2011-02-07 16:48:47 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Identities
2011-02-07 16:48:35 ----SD---- C:\Users\Nimrod Sherdon\AppData\Roaming\Microsoft
2011-02-07 16:48:35 ----D---- C:\Users\Nimrod Sherdon\AppData\Roaming\Media Center Programs
2011-02-07 16:47:15 ----SHD---- C:\Recovery
2011-02-07 16:47:15 ----SHD---- C:\ProgramData\Šablony
2011-02-07 16:47:15 ----SHD---- C:\ProgramData\Plocha
2011-02-07 16:47:15 ----SHD---- C:\ProgramData\Oblíbené položky
2011-02-07 16:47:15 ----SHD---- C:\ProgramData\Nabídka Start
2011-02-07 16:47:15 ----SHD---- C:\ProgramData\Dokumenty
2011-02-07 16:47:15 ----SHD---- C:\ProgramData\Data aplikací
2011-02-07 16:36:38 ----D---- C:\Windows\SoftwareDistribution
2011-02-07 16:34:31 ----D---- C:\Windows\Prefetch
2011-02-07 16:33:55 ----ASH---- C:\pagefile.sys
2011-02-07 16:33:54 ----SHD---- C:\System Volume Information
2011-02-07 16:33:54 ----ASH---- C:\hiberfil.sys
2011-02-07 16:33:00 ----D---- C:\Windows\Panther
2011-02-06 18:28:45 ----A---- C:\Windows\SYSWOW64\CmiFltr.dll
2011-02-06 18:28:45 ----A---- C:\Windows\system32\drivers\cmudaxp.sys
2011-02-06 18:28:45 ----A---- C:\Windows\system32\cmudaxp.dll
Nahoru
Odpovědět

Zpět na „Všehochuť“