Ahoj,
prosím o kontrolu logu. NB startuje hodně dlouho a po hodině nebo dvou vytuhne nebo se vypne.
Děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Agnes at 2011-05-10 17:45:59
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 83 GB (37%) free of 226 GB
Total RAM: 4093 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:46:13, on 10/05/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\Agnes.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Agnes\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-GB\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13075 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
Ati2evxx.exe -Client
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k netsvcs
"C:\Windows\system32\Dwm.exe"
taskeng.exe {7CC7E36C-60BB-4DD8-85E7-50F4169E7F41}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\diMaster.dll" /prefetch:1
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" autorun=AUTORUN
"C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\SMINST\BLService.exe"
"C:\Windows\ehome\ehtray.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\ehome\ehmsas.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe" /c /a /s UserSession
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
spellchecker_gg.exe
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {6C6C430F-0C1F-482E-8846-67F86A913948}
taskeng.exe {E582EFEB-EAB6-46BC-9C9E-59F60B1A9850}
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6e20dc68-9bd8-42bb-ab0d-f2263fdb0695 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c1f92418-a235-4351-b128-14b4895acfbb -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ca5ff1bb-c20a-4753-a6f2-8d21bd845fac -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ddf383c9-01fd-449b-93a6-d5650ae1f701
"F:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForAgnes.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-10-17 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll [2009-08-22 378736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL [2009-08-22 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2010-06-07 321312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-07 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class - C:\Users\Agnes\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-08-31 42088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll [2009-08-22 378736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-12-04 1661736]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2008-11-19 914224]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-06-03 442368]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"HPAdvisor"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2008-11-14 972080]
"Nowe Gadu-Gadu"=C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe [2009-08-31 11391592]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-30 61440]
"DVDAgent"=C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-11-29 1148200]
"TSMAgent"=C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-12-25 1316136]
"CLMLServer for HP TouchSmart"=C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-12-25 189736]
"TVAgent"=C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [2009-01-21 210216]
"UCam_Menu"=C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-11-15 218408]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"UpdatePSTShortCut"=C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-11-26 210216]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-10-10 206128]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-10-30 210216]
"UpdatePDIRShortCut"=C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208]
""= []
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-10-17 202256]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Agnes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files (x86)\LimeWire\LimeWire.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-05-10 17:46:01 ----D---- C:\Program Files\trend micro
2011-05-10 17:45:59 ----D---- C:\rsit
2011-05-10 00:23:33 ----D---- C:\Program Files (x86)\Trend Micro
2011-05-10 00:15:39 ----D---- C:\Program Files (x86)\SpeedFan
2011-05-10 00:08:30 ----D---- C:\Users\Agnes\AppData\Roaming\STV Software
2011-05-09 23:42:34 ----SHD---- C:\Config.Msi
2011-05-09 23:27:45 ----A---- C:\Windows\SYSWOW64\webservices.dll
2011-05-09 23:27:45 ----A---- C:\Windows\system32\webservices.dll
2011-05-09 22:58:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-05-09 22:58:11 ----A---- C:\Windows\SYSWOW64\msls31.dll
2011-05-09 22:58:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-05-09 22:58:10 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-05-09 22:58:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-05-09 22:58:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2011-05-09 22:58:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2011-05-09 22:58:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2011-05-09 22:58:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2011-05-09 22:58:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-05-09 22:58:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-05-09 22:58:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-05-09 22:58:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2011-05-09 22:58:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2011-05-09 22:58:06 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2011-05-09 22:58:05 ----A---- C:\Windows\SYSWOW64\icardie.dll
2011-05-09 22:58:04 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2011-05-09 22:58:04 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-05-09 22:58:03 ----A---- C:\Windows\SYSWOW64\url.dll
2011-05-09 22:58:03 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-05-09 22:58:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2011-05-09 22:58:03 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-05-09 22:58:02 ----A---- C:\Windows\SYSWOW64\wextract.exe
2011-05-09 22:58:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-05-09 22:58:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2011-05-09 22:58:02 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2011-05-09 22:58:01 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2011-05-09 22:58:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-05-09 22:58:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-05-09 22:58:00 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2011-05-09 22:58:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-05-09 22:58:00 ----A---- C:\Windows\SYSWOW64\mshta.exe
2011-05-09 22:58:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-05-09 22:57:59 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-05-09 22:57:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-05-09 22:57:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-05-09 22:57:59 ----A---- C:\Windows\SYSWOW64\admparse.dll
2011-05-09 22:57:58 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2011-05-09 22:57:58 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-05-09 22:57:58 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2011-05-09 22:57:58 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2011-05-09 22:57:58 ----A---- C:\Windows\SYSWOW64\advpack.dll
2011-05-09 22:57:57 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-05-09 22:57:57 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-05-09 22:57:57 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2011-05-09 22:57:57 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2011-05-09 22:57:49 ----A---- C:\Windows\system32\urlmon.dll
2011-05-09 22:57:49 ----A---- C:\Windows\system32\msls31.dll
2011-05-09 22:57:48 ----A---- C:\Windows\system32\wininet.dll
2011-05-09 22:57:48 ----A---- C:\Windows\system32\msrating.dll
2011-05-09 22:57:48 ----A---- C:\Windows\system32\jsproxy.dll
2011-05-09 22:57:48 ----A---- C:\Windows\system32\iertutil.dll
2011-05-09 22:57:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-05-09 22:57:47 ----A---- C:\Windows\system32\mshta.exe
2011-05-09 22:57:47 ----A---- C:\Windows\system32\ieaksie.dll
2011-05-09 22:57:47 ----A---- C:\Windows\system32\admparse.dll
2011-05-09 22:57:46 ----A---- C:\Windows\system32\jscript9.dll
2011-05-09 22:57:46 ----A---- C:\Windows\system32\jscript.dll
2011-05-09 22:57:46 ----A---- C:\Windows\system32\imgutil.dll
2011-05-09 22:57:46 ----A---- C:\Windows\system32\ieakui.dll
2011-05-09 22:57:46 ----A---- C:\Windows\system32\advpack.dll
2011-05-09 22:57:45 ----A---- C:\Windows\system32\msfeedssync.exe
2011-05-09 22:57:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-05-09 22:57:45 ----A---- C:\Windows\system32\iepeers.dll
2011-05-09 22:57:45 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-05-09 22:57:43 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-05-09 22:57:43 ----A---- C:\Windows\system32\mshtmler.dll
2011-05-09 22:57:43 ----A---- C:\Windows\system32\ieui.dll
2011-05-09 22:57:43 ----A---- C:\Windows\system32\iesysprep.dll
2011-05-09 22:57:43 ----A---- C:\Windows\system32\ieakeng.dll
2011-05-09 22:57:42 ----A---- C:\Windows\system32\ieframe.dll
2011-05-09 22:57:41 ----A---- C:\Windows\system32\dxtrans.dll
2011-05-09 22:57:41 ----A---- C:\Windows\system32\dxtmsft.dll
2011-05-09 22:57:40 ----A---- C:\Windows\system32\ieapfltr.dll
2011-05-09 22:57:40 ----A---- C:\Windows\system32\ie4uinit.exe
2011-05-09 22:57:40 ----A---- C:\Windows\system32\icardie.dll
2011-05-09 22:57:39 ----A---- C:\Windows\system32\url.dll
2011-05-09 22:57:39 ----A---- C:\Windows\system32\iesetup.dll
2011-05-09 22:57:39 ----A---- C:\Windows\system32\iernonce.dll
2011-05-09 22:57:39 ----A---- C:\Windows\system32\iedkcs32.dll
2011-05-09 22:57:38 ----A---- C:\Windows\system32\webcheck.dll
2011-05-09 22:57:38 ----A---- C:\Windows\system32\licmgr10.dll
2011-05-09 22:57:38 ----A---- C:\Windows\system32\inseng.dll
2011-05-09 22:57:37 ----A---- C:\Windows\system32\wextract.exe
2011-05-09 22:57:37 ----A---- C:\Windows\system32\mshtmled.dll
2011-05-09 22:57:37 ----A---- C:\Windows\system32\msfeeds.dll
2011-05-09 22:57:37 ----A---- C:\Windows\system32\iexpress.exe
2011-05-09 22:57:36 ----A---- C:\Windows\system32\vbscript.dll
2011-05-09 22:57:36 ----A---- C:\Windows\system32\mshtml.dll
2011-05-09 22:57:35 ----A---- C:\Windows\system32\pngfilt.dll
2011-05-09 22:57:35 ----A---- C:\Windows\system32\occache.dll
2011-05-09 22:57:35 ----A---- C:\Windows\system32\ieUnatt.exe
2011-05-09 22:25:31 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-05-09 22:25:31 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-09 22:06:02 ----D---- C:\Program Files\CCleaner
2011-05-03 21:37:23 ----D---- C:\Users\Agnes\AppData\Roaming\Media Player Classic
2011-05-03 21:36:28 ----A---- C:\Windows\SYSWOW64\unrar.dll
2011-05-03 21:36:26 ----A---- C:\Windows\avisplitter.ini
2011-05-03 21:36:21 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2011-05-03 21:36:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2011-05-03 21:36:20 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2011-05-03 21:36:19 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2011-05-03 21:36:18 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2011-05-03 21:36:13 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2011-04-26 21:46:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-04-26 21:46:50 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-26 21:46:22 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2011-04-26 21:46:22 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-04-26 21:46:21 ----A---- C:\Windows\SYSWOW64\GameUXLegacyGDFs.dll
2011-04-26 21:46:21 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-04-20 19:02:28 ----A---- C:\Windows\system32\HPMDPCoInst12.dll
2011-04-20 19:02:00 ----A---- C:\Windows\system32\drivers\Accelerometer.sys
2011-04-18 22:49:07 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2011-04-18 22:49:02 ----D---- C:\Windows\system32\WindowsPowerShell
2011-04-18 22:45:22 ----A---- C:\Windows\SYSWOW64\winrsmgr.dll
2011-04-18 22:45:22 ----A---- C:\Windows\system32\winrsmgr.dll
2011-04-18 22:45:19 ----A---- C:\Windows\system32\wsmplpxy.dll
2011-04-18 22:45:19 ----A---- C:\Windows\system32\winrssrv.dll
2011-04-18 22:45:12 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2011-04-18 22:45:10 ----A---- C:\Windows\SYSWOW64\winrssrv.dll
2011-04-18 22:44:57 ----A---- C:\Windows\system32\pwrshplugin.dll
2011-04-18 22:44:56 ----A---- C:\Windows\SYSWOW64\pwrshplugin.dll
2011-04-18 22:44:54 ----A---- C:\Windows\system32\wsmprovhost.exe
2011-04-18 22:44:54 ----A---- C:\Windows\system32\winrshost.exe
2011-04-18 22:44:54 ----A---- C:\Windows\system32\winrs.exe
2011-04-18 22:44:44 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2011-04-18 22:44:44 ----A---- C:\Windows\system32\WsmRes.dll
2011-04-18 22:44:44 ----A---- C:\Windows\system32\wevtfwd.dll
2011-04-18 22:44:44 ----A---- C:\Windows\system32\wecutil.exe
2011-04-18 22:44:44 ----A---- C:\Windows\system32\wecsvc.dll
2011-04-18 22:44:44 ----A---- C:\Windows\system32\wecapi.dll
2011-04-18 22:44:43 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2011-04-18 22:44:43 ----A---- C:\Windows\SYSWOW64\winrshost.exe
2011-04-18 22:44:43 ----A---- C:\Windows\SYSWOW64\winrs.exe
2011-04-18 22:44:43 ----A---- C:\Windows\SYSWOW64\wevtfwd.dll
2011-04-18 22:44:43 ----A---- C:\Windows\SYSWOW64\wecutil.exe
2011-04-18 22:44:43 ----A---- C:\Windows\SYSWOW64\wecapi.dll
2011-04-18 22:44:18 ----A---- C:\Windows\SYSWOW64\winrm.vbs
2011-04-18 22:44:18 ----A---- C:\Windows\system32\winrm.vbs
2011-04-18 22:43:54 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2011-04-18 22:43:54 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2011-04-18 22:43:54 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2011-04-18 22:43:54 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2011-04-18 22:43:54 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2011-04-18 22:43:54 ----A---- C:\Windows\SYSWOW64\winrscmd.dll
2011-04-18 22:43:54 ----A---- C:\Windows\system32\WsmWmiPl.dll
2011-04-18 22:43:54 ----A---- C:\Windows\system32\WsmAuto.dll
2011-04-18 22:43:54 ----A---- C:\Windows\system32\winrscmd.dll
2011-04-18 22:43:53 ----A---- C:\Windows\system32\WsmSvc.dll
2011-04-18 22:43:53 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2011-04-18 22:43:53 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2011-04-14 22:12:35 ----A---- C:\Windows\system32\FntCache.dll
2011-04-14 22:12:35 ----A---- C:\Windows\system32\DWrite.dll
2011-04-14 22:12:34 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-04-14 22:12:30 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-14 22:12:29 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-14 22:10:57 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-14 22:10:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-14 22:10:55 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-14 22:08:51 ----A---- C:\Windows\SYSWOW64\MFH264Dec.dll
2011-04-14 22:08:51 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-04-14 22:08:51 ----A---- C:\Windows\system32\MFH264Dec.dll
2011-04-14 22:08:51 ----A---- C:\Windows\system32\d3d10warp.dll
2011-04-14 22:08:49 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-04-14 22:08:49 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-04-14 22:08:49 ----A---- C:\Windows\system32\d2d1.dll
2011-04-14 22:08:48 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2011-04-14 22:08:48 ----A---- C:\Windows\system32\xpsservices.dll
2011-04-14 22:08:48 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-04-14 22:08:47 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2011-04-14 22:08:47 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-04-14 22:08:47 ----A---- C:\Windows\SYSWOW64\mfmp4src.dll
2011-04-14 22:08:47 ----A---- C:\Windows\SYSWOW64\MFHEAACdec.dll
2011-04-14 22:08:47 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2011-04-14 22:08:47 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-04-14 22:08:47 ----A---- C:\Windows\system32\mfmp4src.dll
2011-04-14 22:08:47 ----A---- C:\Windows\system32\MFHEAACdec.dll
2011-04-14 22:08:46 ----A---- C:\Windows\system32\OpcServices.dll
2011-04-14 22:08:46 ----A---- C:\Windows\system32\mf.dll
2011-04-14 22:08:46 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-04-14 22:08:45 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-04-14 22:08:45 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-04-14 22:08:45 ----A---- C:\Windows\system32\d3d10_1.dll
2011-04-14 22:08:44 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-04-14 22:08:44 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2011-04-14 22:08:44 ----A---- C:\Windows\system32\dxgi.dll
2011-04-14 22:08:43 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2011-04-14 22:08:43 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2011-04-14 22:08:43 ----A---- C:\Windows\system32\shdocvw.dll
2011-04-14 22:08:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-04-14 22:08:43 ----A---- C:\Windows\system32\d3d10level9.dll
2011-04-14 22:08:42 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2011-04-14 22:08:42 ----A---- C:\Windows\system32\mfplat.dll
2011-04-14 22:08:42 ----A---- C:\Windows\system32\d3d10core.dll
2011-04-14 22:08:41 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2011-04-14 22:08:41 ----A---- C:\Windows\system32\stobject.dll
2011-04-14 22:08:41 ----A---- C:\Windows\system32\d3d10.dll
2011-04-14 22:08:40 ----A---- C:\Windows\SYSWOW64\stobject.dll
2011-04-14 22:08:36 ----A---- C:\Windows\system32\mfps.dll
2011-04-14 22:08:33 ----A---- C:\Windows\system32\cdd.dll
2011-04-14 22:08:32 ----A---- C:\Windows\SYSWOW64\mfps.dll
2011-04-14 22:08:32 ----A---- C:\Windows\system32\mfpmp.exe
2011-04-14 22:08:29 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-04-14 22:08:29 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-04-14 22:06:55 ----A---- C:\Windows\system32\shell32.dll
2011-04-14 22:06:49 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-04-14 22:06:48 ----A---- C:\Windows\system32\shlwapi.dll
2011-04-14 22:06:47 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2011-04-14 22:05:59 ----A---- C:\Windows\system32\winresume.exe
2011-04-14 22:05:56 ----A---- C:\Windows\system32\winload.exe
2011-04-14 22:05:55 ----A---- C:\Windows\system32\kdusb.dll
2011-04-14 22:05:55 ----A---- C:\Windows\system32\kd1394.dll
2011-04-14 22:05:54 ----A---- C:\Windows\system32\kdcom.dll
2011-04-14 22:05:35 ----A---- C:\Windows\system32\mstscax.dll
2011-04-14 22:05:33 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-04-14 22:05:32 ----A---- C:\Windows\system32\mstsc.exe
2011-04-14 22:05:31 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-04-14 22:04:27 ----A---- C:\Windows\system32\shsvcs.dll
2011-04-14 22:04:26 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2011-04-14 22:01:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-14 22:01:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-14 22:01:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-14 22:01:05 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-14 22:00:53 ----A---- C:\Windows\system32\EncDec.dll
2011-04-14 22:00:52 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-04-14 22:00:52 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-04-14 22:00:52 ----A---- C:\Windows\system32\sbe.dll
2011-04-14 22:00:51 ----A---- C:\Windows\SYSWOW64\sbeio.dll
2011-04-14 22:00:50 ----A---- C:\Windows\system32\sbeio.dll
2011-04-14 22:00:44 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-14 22:00:43 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-14 22:00:18 ----A---- C:\Windows\system32\win32k.sys
2011-04-14 21:59:52 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-14 21:59:52 ----A---- C:\Windows\system32\atmfd.dll
2011-04-14 21:59:51 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-14 21:59:48 ----A---- C:\Windows\system32\atmlib.dll
2011-04-14 21:59:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-04-14 21:59:27 ----A---- C:\Windows\system32\ntdll.dll
2011-04-14 21:58:06 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-04-14 21:55:59 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-14 21:55:59 ----A---- C:\Windows\system32\mfc42.dll
2011-04-14 21:55:58 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-14 21:55:56 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-14 21:55:34 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-14 21:55:32 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-14 21:55:31 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-14 21:55:31 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-14 21:55:30 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
======List of files/folders modified in the last 1 months======
2011-05-10 17:46:01 ----RD---- C:\Program Files
2011-05-10 17:46:01 ----D---- C:\Windows\Temp
2011-05-10 17:45:41 ----A---- C:\ProgramData\HPWALog.txt
2011-05-10 17:40:53 ----D---- C:\Users\Agnes\AppData\Roaming\Skype
2011-05-10 17:35:37 ----D---- C:\Windows\system32\Tasks
2011-05-10 17:35:18 ----D---- C:\Users\Agnes\AppData\Roaming\skypePM
2011-05-10 17:35:13 ----D---- C:\Users\Agnes\AppData\Roaming\LimeWire
2011-05-10 17:34:33 ----HD---- C:\ProgramData
2011-05-10 17:29:52 ----D---- C:\Windows\system32\drivers
2011-05-10 17:29:52 ----D---- C:\Windows\System32
2011-05-10 00:23:39 ----SHD---- C:\Windows\Installer
2011-05-10 00:23:38 ----SD---- C:\Users\Agnes\AppData\Roaming\Microsoft
2011-05-10 00:23:33 ----RD---- C:\Program Files (x86)
2011-05-10 00:23:08 ----SHD---- C:\System Volume Information
2011-05-10 00:15:38 ----D---- C:\Windows\SysWOW64
2011-05-09 23:48:28 ----D---- C:\Windows
2011-05-09 23:46:54 ----D---- C:\Windows\rescache
2011-05-09 23:46:14 ----D---- C:\ProgramData\Microsoft Help
2011-05-09 23:46:12 ----RSD---- C:\Windows\assembly
2011-05-09 23:45:28 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-05-09 23:45:28 ----D---- C:\Program Files (x86)\Microsoft Office
2011-05-09 23:45:22 ----D---- C:\Program Files (x86)\Common Files
2011-05-09 23:45:10 ----RSD---- C:\Windows\Fonts
2011-05-09 23:42:59 ----D---- C:\Windows\ShellNew
2011-05-09 23:40:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-05-09 23:38:15 ----RD---- C:\Program Files (x86)\Skype
2011-05-09 23:28:27 ----SD---- C:\ProgramData\Microsoft
2011-05-09 23:28:11 ----D---- C:\Windows\winsxs
2011-05-09 23:28:09 ----D---- C:\Windows\SYSWOW64\en-US
2011-05-09 23:28:09 ----D---- C:\Windows\system32\en-US
2011-05-09 23:28:03 ----D---- C:\Windows\system32\catroot
2011-05-09 23:24:53 ----D---- C:\Windows\inf
2011-05-09 23:09:51 ----D---- C:\Program Files\Google
2011-05-09 23:09:51 ----D---- C:\Program Files (x86)\Google
2011-05-09 23:07:48 ----D---- C:\Program Files\Internet Explorer
2011-05-09 23:07:47 ----RD---- C:\Windows\Offline Web Pages
2011-05-09 23:07:47 ----D---- C:\Windows\SYSWOW64\wbem
2011-05-09 23:07:47 ----D---- C:\Windows\SYSWOW64\migration
2011-05-09 23:07:47 ----D---- C:\Program Files (x86)\Internet Explorer
2011-05-09 23:07:45 ----D---- C:\Windows\system32\wbem
2011-05-09 23:07:45 ----D---- C:\Windows\system32\migration
2011-05-09 23:07:45 ----D---- C:\Windows\PolicyDefinitions
2011-05-09 23:07:43 ----SD---- C:\Windows\Downloaded Program Files
2011-05-09 22:57:09 ----D---- C:\Windows\system32\catroot2
2011-05-09 22:29:07 ----D---- C:\Windows\Tasks
2011-05-09 22:09:41 ----D---- C:\Windows\Debug
2011-05-09 21:55:57 ----D---- C:\ProgramData\Google
2011-05-03 21:35:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-27 13:24:29 ----D---- C:\Windows\AppPatch
2011-04-21 23:07:21 ----D---- C:\Windows\Microsoft.NET
2011-04-21 19:35:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-04-20 19:02:16 ----A---- C:\Windows\system32\hpservice.exe
2011-04-20 19:02:08 ----A---- C:\Windows\system32\accelerometerdll.DLL
2011-04-18 16:22:44 ----A---- C:\Windows\system32\mrt.exe
2011-04-16 00:42:54 ----D---- C:\Windows\system32\Boot
2011-04-16 00:42:53 ----D---- C:\Program Files\Windows Mail
2011-04-16 00:42:53 ----D---- C:\Program Files (x86)\Windows Mail
2011-04-15 00:42:42 ----D---- C:\Windows\Prefetch
2011-04-14 21:24:23 ----D---- C:\Users\Agnes\AppData\Roaming\HpUpdate
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 16400]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-04-20 30008]
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2010-12-18 25280]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0308000.029\SYMEFA64.SYS [2009-08-22 402992]
R1 BHDrvx64;Symantec Heuristics Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\BHDrvx64.sys [2009-08-22 334384]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\N360x64\0308000.029\ccHPx64.sys [2009-08-22 583296]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-05-30 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110506.001\IDSvia64.sys [2011-03-14 476792]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0308000.029\SRTSP64.SYS [2009-08-22 476720]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0308000.029\SRTSPX64.SYS [2009-08-22 32304]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-08-22 31280]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMTDI.SYS [2009-08-22 278576]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/07/01 03:55:20]; \??\C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-29 146928]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-04-20 43320]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2008-12-20 1344000]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-01-22 5105664]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-06-23 91176]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-06-23 99368]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-06-23 19752]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 64000]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-04-14 132656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-09-09 34152]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 18432]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110510.003\ENG64.SYS [2011-04-14 117880]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110510.003\EX64.SYS [2011-04-14 1828984]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2009-03-06 197120]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-06-03 486400]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2009-09-09 172592]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMFW.SYS [2009-08-22 120880]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS [2009-08-22 56880]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-12-04 261680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-05-29 26168]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 168704]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
S1 sensorsview;sensorsview; \??\C:\Program Files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-12-05 131424]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw3v64.sys [2008-01-21 3154432]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 111104]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys [2006-10-04 273408]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [2009-03-02 89600]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-01-22 943104]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-04-20 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [2008-12-18 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2008-09-15 241734]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [2009-06-03 239104]
R2 TVCapSvc;TV Background Capture Service (TVBCS); C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-27 296320]
R2 TVSched;TV Task Scheduler (TVTS); C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-27 116096]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6548
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
10/05/2011 22:17:56
mbam-log-2011-05-10 (22-17-19).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 335420
Time elapsed: 1 hour(s), 36 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
www.malwarebytes.org
Database version: 6548
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
10/05/2011 22:17:56
mbam-log-2011-05-10 (22-17-19).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 335420
Time elapsed: 1 hour(s), 36 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nalezenou položku smažte. Potom přes startmenu>přík. řádek (napsat) msconfig>OK zakažte start všech automaticky spouštěných preocesů, u nichž je to možné. Tj. takových, které v případě potřebu lze ručně spustit. Proces startu by se měl tím urychlit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Vše odstraněno a start se uz viditelně zrychlil... jeste udelam defragmentaci disku a myslim ze to bude OK. Děkuji za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?