Vyskakovanie okien/NOD32+vír

Zpráva

SSemteXX · #1 Příspěvek od **SSemteXX** » 16 črc 2010 20:11

Dobrý deň.

Obraciam sa sem znova, mám zase problém. Pred pár dňami som tu riešil problém ktorý som si myslel, že už je opravený. Ale dnes to začalo znova. Takže dnes som si nahodil ESET4-ku, že odskúšam tú 30dňovú verziu nakoľko s Avirou som nebol spokojný. Tak fajne som si odinštaloval Aviru a nahodil NOD, databáza sa updatla, všetko bolo ok.
Dal som počítač preskenovať nič mi nenašlo, spustil som SAS full scan nič mi nenašlo, v pohode som si zapol Mozillu a proste vyskakujú mi okná ale také čudné, viz prílohu.

Proste otvorím hociaké okno/kartu vždy mi hodí, že mi bloklo nejakú stránku. Keď to vypnem ako tú mozillu čo mi nahodilo a otvorím inú stránku tak zase znova to isté, už som v koncoch neviem fakt čím to je. Doložím sem log h RSIT a dúfam, že mi nejako pomôžete. Za každú pomocnú odpoveď Ďakujem.

btw. tu som ešte našiel malé info o tom, možno pomôže : http://www.techspot.com/vb/topic149593.html

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marian at 2010-07-16 21:11:14
Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 2047 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:20, on 16. 7. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\TRUETR~1\TrueTransparency.exe
C:\PROGRA~1\ViGlance\ViGlance.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Documents and Settings\Marian\Desktop\RSIT.exe
C:\Program Files\trend micro\Marian.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live bejelentkezési segítség - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TrueTransparency] "C:\PROGRA~1\TRUETR~1\TrueTransparency.exe"
O4 - HKCU\..\Run: [ViStart] C:\PROGRA~1\ViStart\ViStart.exe
O4 - HKCU\..\Run: [ViGlance] C:\PROGRA~1\ViGlance\ViGlance.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [JDK5SWFMZY] C:\WINDOWS\TEMP\Smr.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [JDK5SWFMZY] C:\WINDOWS\TEMP\Smr.exe (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 8516750203
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8516739375
O17 - HKLM\System\CCS\Services\Tcpip\..\{16E39F2B-0996-4D5E-A3D6-5F83CA2E0C43}: NameServer = 195.168.69.136 195.168.69.139
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

--
End of file - 7077 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live bejelentkezési segítség - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-04 102400]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-06-08 19552872]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-07-02 2202704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TrueTransparency"=C:\PROGRA~1\TRUETR~1\TrueTransparency.exe [2010-07-15 356352]
"ViStart"=C:\PROGRA~1\ViStart\ViStart.exe [2010-07-15 798720]
"ViGlance"=C:\PROGRA~1\ViGlance\ViGlance.exe [2010-07-15 438272]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-06-29 2403568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvIcon]
C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
C:\Documents and Settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayBar]
C:\Program Files\Playbar\playbar.exe rejtett []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmcService]
C:\PROGRA~1\Sygate\SPF\smc.exe -startgui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

C:\Documents and Settings\Marian\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-05-05 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Valve\Steam\Steam.exe"="C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\VirtualDJ\virtualdj_trial.exe"="C:\Program Files\VirtualDJ\virtualdj_trial.exe:*:Enabled:VirtualDJ"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe"="C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:conviction_game"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Documents and Settings\Marian\Desktop\RatioMaster.NET.exe"="C:\Documents and Settings\Marian\Desktop\RatioMaster.NET.exe:*:Enabled:RatioMaster.NET"
"C:\Documents and Settings\Marian\My Documents\Prgr\RatioMaster.NET.exe"="C:\Documents and Settings\Marian\My Documents\Prgr\RatioMaster.NET.exe:*:Enabled:RatioMaster.NET"
"C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:BmGame"
"C:\Documents and Settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\PESEdit\2010 FIFA World Cup Patch\pes2010.exe"="C:\Program Files\PESEdit\2010 FIFA World Cup Patch\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Valve\Steam\SteamApps\ssementexx\ricochet\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\ssementexx\ricochet\hl.exe:*:Enabled:Ricochet"
"C:\Program Files\Codemasters\Colin McRae DiRT 2\dirt2_game.exe"="C:\Program Files\Codemasters\Colin McRae DiRT 2\dirt2_game.exe:*:Enabled:DiRT2 Executable"
"C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForever.exe"="C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Valve\Steam\SteamApps\ssementexx\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\ssementexx\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-07-16 21:11:14 ----D---- C:\rsit
2010-07-16 19:17:23 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-16 19:10:38 ----D---- C:\Documents and Settings\Marian\Application Data\ESET
2010-07-16 19:07:11 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-07-16 16:42:09 ----D---- C:\Documents and Settings\Marian\Application Data\Mozilla
2010-07-15 20:50:01 ----D---- C:\Documents and Settings\Marian\Application Data\SUPERAntiSpyware.com
2010-07-15 20:50:01 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-07-15 20:49:43 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-15 13:29:38 ----D---- C:\Program Files\PES 2010 Editor
2010-07-15 11:42:33 ----A---- C:\WINDOWS\system32\drivers\PAC7302.SYS
2010-07-15 10:45:51 ----D---- C:\Program Files\Enigma Software Group
2010-07-15 00:26:46 ----D---- C:\Program Files\Anti Trojan Elite
2010-07-14 19:17:16 ----D---- C:\Documents and Settings\Marian\Application Data\Malwarebytes
2010-07-14 19:17:09 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-14 19:17:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-14 19:17:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-14 19:17:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-12 20:39:59 ----D---- C:\Program Files\Valve
2010-07-12 16:21:36 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2010-07-11 19:27:08 ----D---- C:\Program Files\KONAMI
2010-07-11 19:27:07 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2010-07-11 17:55:58 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-11 17:55:08 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-07-11 17:08:54 ----D---- C:\Documents and Settings\Marian\Application Data\vlc
2010-07-08 19:27:57 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-08 19:27:57 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-08 19:27:57 ----A---- C:\WINDOWS\system32\java.exe
2010-07-08 19:27:57 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-08 16:05:42 ----D---- C:\Documents and Settings\Marian\Application Data\ViSplore
2010-07-08 16:05:41 ----D---- C:\Documents and Settings\Marian\Application Data\ViStart
2010-07-08 16:05:41 ----D---- C:\Documents and Settings\Marian\Application Data\ViGlance
2010-07-08 16:05:35 ----D---- C:\WINDOWS\system32\VIRepair
2010-07-08 16:02:59 ----D---- C:\Program Files\ViSplore
2010-07-08 16:02:59 ----D---- C:\Program Files\TrueTransparency
2010-07-08 16:02:59 ----A---- C:\WINDOWS\system32\viwc.exe
2010-07-08 16:02:56 ----D---- C:\Program Files\WinFlip
2010-07-08 16:02:56 ----D---- C:\Program Files\ViStart
2010-07-08 16:02:56 ----D---- C:\Program Files\ViGlance
2010-07-08 16:02:55 ----D---- C:\Program Files\Vista Drive Icon
2010-07-08 16:00:25 ----D---- C:\WINDOWS\system32\VITrans
2010-07-08 16:00:25 ----D---- C:\VTPFiles
2010-07-08 16:00:25 ----A---- C:\WINDOWS\system32\Uharc.exe
2010-07-08 16:00:25 ----A---- C:\WINDOWS\system32\reico.exe
2010-07-08 16:00:25 ----A---- C:\WINDOWS\system32\modifype.exe
2010-07-08 16:00:24 ----A---- C:\WINDOWS\system32\pskill.exe
2010-07-08 15:59:49 ----A---- C:\WINDOWS\system32\scrnrdr.exe
2010-07-07 20:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-07 20:31:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-07 20:27:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-07 20:27:50 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-07 20:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-07 20:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-07 20:23:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-07 20:23:30 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-07 20:19:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-07 20:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-07 20:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-07 20:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-07 20:19:20 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-07 20:19:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-07 20:18:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-07 20:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-07 20:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-07 20:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-07 20:18:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-07 20:18:22 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-07 20:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-07 20:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-07 20:18:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-07 20:17:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-07-07 20:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-07 20:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-07-07 20:17:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-07-07 20:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-07-07 20:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-07 20:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-07 20:17:20 ----D---- C:\Program Files\MSXML 4.0
2010-07-07 20:17:10 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-07-07 20:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-07 20:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-07-07 20:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-07-07 20:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-07-07 20:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-07-07 20:16:46 ----D---- C:\WINDOWS\ie8updates
2010-07-07 20:16:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-07-07 20:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-07-07 20:16:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-07 20:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-07-07 20:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-07-07 20:16:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-07-07 20:15:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-07-07 20:15:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-07-07 20:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-07 20:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-07-07 20:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-07-07 20:14:58 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-07-07 20:14:46 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-07 20:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-07-07 20:13:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-07-07 20:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-07-07 20:11:39 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-07-07 20:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-07-07 20:11:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-07-07 20:11:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-07-07 20:11:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-07-07 20:10:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-07-07 20:10:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-07 20:10:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-07 20:10:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-07-07 20:10:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-07-07 20:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-07-07 20:10:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-07-07 20:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-07 20:10:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-07 20:10:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-07-07 20:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-07-07 20:09:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-07-07 20:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-07-07 20:06:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-07 19:39:43 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-07-07 19:03:36 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-07-07 17:33:17 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-07-07 17:33:17 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-07-07 17:33:17 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-07-07 17:33:17 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-07-05 13:42:02 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-07-05 13:40:51 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-07-05 13:40:33 ----D---- C:\6c15930dff31220c866b2810ba
2010-07-05 13:40:28 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-05 13:40:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-05 13:40:23 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-07-05 13:40:11 ----D---- C:\1132aea08f7be422c351
2010-07-05 13:35:27 ----A---- C:\WINDOWS\system32\antiwpa.dll107EC54
2010-07-05 13:31:22 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2010-07-05 13:26:51 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-07-05 13:21:19 ----A---- C:\WINDOWS\system32\lcid.exe
2010-07-03 16:04:46 ----D---- C:\Program Files\AnvSoft
2010-07-02 12:43:48 ----A---- C:\WINDOWS\system32\drivers\epfwtdi.sys
2010-07-02 12:43:04 ----A---- C:\WINDOWS\system32\drivers\eamon.sys
2010-06-30 20:33:32 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-06-30 20:30:52 ----D---- C:\WINDOWS\Prefetch
2010-06-30 20:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB938759$
2010-06-30 20:22:48 ----A---- C:\WINDOWS\system32\msxml6r.dll
2010-06-30 20:22:38 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-06-30 20:22:38 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-06-30 20:22:37 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-06-30 20:22:37 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-06-30 20:22:33 ----N---- C:\WINDOWS\system32\credssp.dll
2010-06-30 20:22:33 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-06-30 20:22:33 ----N---- C:\WINDOWS\system32\azroles.dll
2010-06-30 20:22:33 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-06-30 20:22:33 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-06-30 20:22:33 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-06-30 20:22:32 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-06-30 20:22:31 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-06-30 20:22:31 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-06-30 20:22:30 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-06-30 20:22:30 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-06-30 20:22:30 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\onex.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\napstat.exe
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-06-30 20:22:29 ----N---- C:\WINDOWS\system32\mssha.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\slserv.exe
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\slgen.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\setupn.exe
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\qutil.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-06-30 20:22:28 ----N---- C:\WINDOWS\system32\qagent.dll
2010-06-30 20:22:27 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-06-30 20:22:27 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-06-30 20:22:24 ----N---- C:\WINDOWS\slrundll.exe
2010-06-30 20:22:23 ----D---- C:\WINDOWS\system32\scripting
2010-06-30 20:22:22 ----D---- C:\WINDOWS\system32\bits
2010-06-30 20:19:19 ----D---- C:\WINDOWS\ServicePackFiles
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-06-30 20:15:46 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-06-30 20:15:45 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-06-30 20:15:44 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-06-30 20:15:43 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-06-30 20:15:43 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-06-30 20:15:42 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-06-30 20:15:42 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-06-30 20:15:42 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-06-30 20:15:42 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-06-30 20:15:42 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-06-30 20:15:41 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-06-30 20:15:40 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-06-30 20:15:39 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-06-30 20:15:39 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-06-30 20:15:39 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-06-30 20:15:39 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-06-30 20:15:38 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-06-30 20:10:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-06-30 18:23:08 ----D---- C:\WINDOWS\WBEM
2010-06-30 18:20:37 ----HDC---- C:\WINDOWS\ie8
2010-06-30 18:18:40 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-06-30 17:38:05 ----D---- C:\Program Files\trend micro
2010-06-30 12:57:46 ----D---- C:\Program Files\Desktop Activity Recorder
2010-06-27 15:12:42 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2010-06-26 14:55:44 ----D---- C:\Program Files\City Interactive
2010-06-24 17:31:44 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
2010-06-24 14:45:27 ----D---- C:\Program Files\NVIDIA Corporation
2010-06-23 18:40:14 ----D---- C:\Program Files\ESET
2010-06-23 13:59:45 ----D---- C:\Documents and Settings\Marian\Application Data\FUEL
2010-06-23 12:25:28 ----A---- C:\WINDOWS\ModemLog_Communications cable between two computers.txt
2010-06-22 21:19:02 ----D---- C:\Documents and Settings\All Users\Application Data\Codemasters
2010-06-22 19:59:04 ----D---- C:\Program Files\Codemasters
2010-06-22 19:49:28 ----A---- C:\WINDOWS\vncutil.exe
2010-06-22 19:49:23 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2010-06-22 19:49:23 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-06-22 19:49:20 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2010-06-22 19:49:15 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2010-06-22 17:29:01 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-06-22 17:29:01 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-06-22 17:05:43 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-06-22 17:05:43 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-06-22 17:05:42 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-06-22 17:05:42 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-06-22 17:05:41 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-06-22 17:05:41 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-06-22 17:05:38 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-06-22 17:05:34 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-06-19 14:25:50 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 months======

2010-07-16 21:01:28 ----D---- C:\WINDOWS\Temp
2010-07-16 19:23:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-16 19:18:14 ----D---- C:\Documents and Settings
2010-07-16 19:17:23 ----D---- C:\WINDOWS
2010-07-16 19:15:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-16 19:09:07 ----RD---- C:\Program Files
2010-07-16 19:09:07 ----D---- C:\WINDOWS\system32
2010-07-16 19:08:00 ----SHD---- C:\WINDOWS\Installer
2010-07-16 19:07:54 ----HD---- C:\WINDOWS\inf
2010-07-16 19:07:54 ----D---- C:\WINDOWS\system32\drivers
2010-07-16 16:46:42 ----D---- C:\Documents and Settings\Marian\Application Data\uTorrent
2010-07-16 16:42:06 ----D---- C:\Program Files\Mozilla Firefox
2010-07-16 00:12:02 ----D---- C:\Documents and Settings\Marian\Application Data\mIRC
2010-07-15 23:00:51 ----D---- C:\WINDOWS\system32\config
2010-07-15 22:52:50 ----D---- C:\Program Files\mIRC
2010-07-15 21:51:06 ----SD---- C:\WINDOWS\Tasks
2010-07-15 20:43:12 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-15 20:38:54 ----D---- C:\Documents and Settings\Marian\Application Data\Adobe
2010-07-15 20:15:59 ----A---- C:\WINDOWS\win.ini
2010-07-15 20:15:12 ----RSD---- C:\WINDOWS\Fonts
2010-07-15 18:53:10 ----D---- C:\Documents and Settings\Marian\Application Data\Skype
2010-07-15 18:34:51 ----D---- C:\Documents and Settings\Marian\Application Data\skypePM
2010-07-15 13:12:19 ----D---- C:\Documents and Settings\Marian\Application Data\HLSW
2010-07-15 10:45:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-07-15 10:34:31 ----D---- C:\Program Files\TeamViewer
2010-07-15 00:59:55 ----D---- C:\WINDOWS\WinSxS
2010-07-14 18:45:42 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-14 18:45:11 ----SHD---- C:\System Volume Information
2010-07-14 18:44:47 ----D---- C:\WINDOWS\Registration
2010-07-14 18:44:42 ----D---- C:\Program Files\Playbar
2010-07-14 18:25:06 ----D---- C:\WINDOWS\twain_32
2010-07-12 15:46:08 ----D---- C:\WINDOWS\Minidump
2010-07-12 15:38:39 ----D---- C:\WINDOWS\system32\DirectX
2010-07-11 17:56:06 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-11 17:55:23 ----D---- C:\Program Files\Windows Media Connect 2
2010-07-11 17:55:21 ----D---- C:\Program Files\Windows Media Player
2010-07-11 17:55:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-11 17:55:18 ----D---- C:\WINDOWS\Help
2010-07-08 22:06:20 ----D---- C:\Program Files\CCleaner
2010-07-08 19:27:55 ----D---- C:\Program Files\Java
2010-07-08 18:35:31 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-08 18:35:24 ----RSD---- C:\WINDOWS\assembly
2010-07-08 16:05:13 ----D---- C:\WINDOWS\system32\Restore
2010-07-08 16:05:12 ----D---- C:\Program Files\Outlook Express
2010-07-08 16:05:12 ----D---- C:\Program Files\Internet Explorer
2010-07-08 16:02:55 ----D---- C:\WINDOWS\Cursors
2010-07-08 16:02:53 ----D---- C:\WINDOWS\Media
2010-07-08 15:54:14 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-08 15:53:18 ----D---- C:\Program Files\Styler
2010-07-08 15:49:58 ----D---- C:\Documents and Settings\Marian\Application Data\IconTweaker
2010-07-08 15:49:58 ----D---- C:\Documents and Settings\All Users\Application Data\IconTweaker
2010-07-08 13:38:38 ----D---- C:\WINDOWS\Debug
2010-07-07 20:43:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-07 20:39:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-07 20:39:23 ----D---- C:\WINDOWS\system32\wbem
2010-07-07 20:39:23 ----D---- C:\WINDOWS\AppPatch
2010-07-07 20:34:23 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-07 20:18:54 ----D---- C:\Program Files\Movie Maker
2010-07-07 20:10:32 ----D---- C:\Program Files\Messenger
2010-07-07 20:08:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-07 19:46:57 ----SD---- C:\Documents and Settings\Marian\Application Data\Microsoft
2010-07-07 19:46:56 ----D---- C:\Documents and Settings\Marian\Application Data\Ventrilo
2010-07-07 17:33:34 ----D---- C:\WINDOWS\SoftwareDistribution
2010-07-07 17:32:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-04 20:44:03 ----D---- C:\Documents and Settings\Marian\Application Data\dvdcss
2010-06-30 22:46:07 ----D---- C:\Program Files\Online Services
2010-06-30 22:25:34 ----D---- C:\WINDOWS\system32\Side 9 Screensaver dir
2010-06-30 22:23:29 ----D---- C:\WINDOWS\Network Diagnostic
2010-06-30 20:30:03 ----D---- C:\WINDOWS\system32\Setup
2010-06-30 20:26:50 ----D---- C:\WINDOWS\security
2010-06-30 20:22:37 ----D---- C:\WINDOWS\system32\inetsrv
2010-06-30 20:22:36 ----D---- C:\WINDOWS\ime
2010-06-30 20:22:24 ----D---- C:\WINDOWS\system32\usmt
2010-06-30 20:22:24 ----D---- C:\WINDOWS\system32\en-us
2010-06-30 20:22:23 ----D---- C:\WINDOWS\l2schemas
2010-06-30 20:22:22 ----D---- C:\WINDOWS\PeerNet
2010-06-30 20:19:03 ----D---- C:\WINDOWS\system32\npp
2010-06-30 20:19:03 ----D---- C:\WINDOWS\mui
2010-06-30 20:19:00 ----D---- C:\WINDOWS\msagent
2010-06-30 20:18:56 ----D---- C:\WINDOWS\srchasst
2010-06-30 20:18:54 ----D---- C:\Program Files\NetMeeting
2010-06-30 20:18:50 ----D---- C:\WINDOWS\system32\Com
2010-06-30 20:18:43 ----D---- C:\Program Files\Windows NT
2010-06-30 20:18:34 ----D---- C:\Program Files\Common Files\System
2010-06-30 20:17:45 ----D---- C:\WINDOWS\system32\oobe
2010-06-30 20:17:43 ----D---- C:\WINDOWS\system
2010-06-30 20:13:01 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-30 20:10:07 ----D---- C:\WINDOWS\ehome
2010-06-30 18:11:56 ----D---- C:\WINDOWS\pss
2010-06-30 13:26:33 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-24 14:45:52 ----D---- C:\Program Files\AGEIA Technologies
2010-06-24 12:29:16 ----D---- C:\WINDOWS\system32\drivers\etc
2010-06-23 20:52:00 ----ASH---- C:\boot.ini
2010-06-23 18:42:03 ----D---- C:\Documents and Settings\Marian\Application Data\HPAppData
2010-06-23 12:25:36 ----D---- C:\WINDOWS\system32\ias
2010-06-22 19:49:59 ----D---- C:\WINDOWS\system32\RTCOM
2010-06-18 16:27:30 ----D---- C:\Program Files\Messenger Plus! Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-26 691696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-07-02 55256]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-07-02 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-28 134488]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-02-18 62336]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-05 4807680]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-04-28 32584]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-02-18 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-06-08 6056040]
R3 PAC7302;CANYON USB PC CAMERA; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2010-07-15 458752]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-05-27 19072]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys []
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 acyvzi2b;acyvzi2b; C:\WINDOWS\system32\drivers\acyvzi2b.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Marian\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-05 602112]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-07-02 810144]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-04 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 16 črc 2010 21:07

Zdravím

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

SSemteXX · #3 Příspěvek od **SSemteXX** » 16 črc 2010 21:21

Nech sa páči, viz príloha.

#4 Příspěvek od **Caroprd111** » 16 črc 2010 21:24

Log, prosím, vložte normálně do příspěvku.

SSemteXX · #5 Příspěvek od **SSemteXX** » 16 črc 2010 21:29

OTL logfile created on: 16. 7. 2010 22:11:43 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Marian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 9,29 Gb Free Space | 12,46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARIAN-2C7B64C4
Current User Name: Marian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.16 22:10:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marian\Desktop\OTL.exe
PRC - [2010.07.15 11:42:35 | 000,438,272 | ---- | M] (Lee-Soft.com, Lee Matthew Chantrey) -- C:\Program Files\ViGlance\ViGlance.exe
PRC - [2010.07.15 11:42:34 | 000,356,352 | ---- | M] () -- C:\Program Files\TrueTransparency\TrueTransparency.exe
PRC - [2010.07.12 20:42:01 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Valve\Steam\Steam.exe
PRC - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010.07.02 12:43:36 | 002,202,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010.06.29 19:48:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010.06.26 10:50:45 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.06.15 15:31:02 | 006,555,904 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008.04.14 05:42:20 | 001,431,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.30 19:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC7302\Monitor.exe

========== Modules (SafeList) ==========

MOD - [2010.07.16 22:10:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marian\Desktop\OTL.exe
MOD - [2009.10.15 21:58:14 | 000,009,728 | ---- | M] () -- C:\Program Files\TrueTransparency\TrueTransparencyHook.dll
MOD - [2008.04.14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.04.30 19:18:50 | 000,112,400 | ---- | M] () -- C:\Program Files\Stardock\ObjectDock\DockShellHook.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.07.02 12:44:10 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010.05.04 16:14:11 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009.01.07 18:21:00 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Marian\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMon.sys -- (ATE_PROCMON)
DRV - [2010.07.15 11:42:33 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2010.07.02 12:43:48 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010.07.02 12:43:04 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.06.08 17:16:26 | 006,056,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.05.27 18:18:26 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2010.05.10 20:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.05.05 04:45:04 | 004,807,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.04.28 08:17:46 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010.04.28 08:17:46 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.04.28 08:17:46 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.04.26 17:06:27 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 20:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008.01.09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2008.01.03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.06.25 11:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)
DRV - [2007.06.25 11:43:36 | 000,108,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdm.sys -- (s117mdm)
DRV - [2007.06.25 11:43:36 | 000,100,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mgmt.sys -- (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.25 11:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)
DRV - [2007.06.25 11:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)
DRV - [2007.06.25 11:43:26 | 000,014,888 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117mdfl.sys -- (s117mdfl)
DRV - [2007.06.25 11:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)
DRV - [2007.02.18 23:37:52 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.16 16:42:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.16 16:42:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.07.16 19:07:12 | 000,000,000 | ---D | M]

[2010.07.16 16:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Mozilla\Extensions
[2010.07.16 18:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Mozilla\Firefox\Profiles\vlu8o74e.default\extensions
[2010.07.16 16:47:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marian\Application Data\Mozilla\Firefox\Profiles\vlu8o74e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.16 16:48:46 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Marian\Application Data\Mozilla\Firefox\Profiles\vlu8o74e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.16 18:43:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.07.08 19:27:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.12 22:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010.06.26 10:18:14 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.06.26 10:18:14 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.06.26 10:18:14 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.06.26 10:18:14 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.06.26 10:18:14 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.06.26 10:18:14 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010.07.15 11:41:45 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [JDK5SWFMZY] C:\WINDOWS\TEMP\Smr.exe File not found
O4 - HKU\S-1-5-18..\Run: [JDK5SWFMZY] C:\WINDOWS\TEMP\Smr.exe File not found
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [TrueTransparency] C:\Program Files\TrueTransparency\TrueTransparency.exe ()
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [ViGlance] C:\Program Files\ViGlance\ViGlance.exe (Lee-Soft.com, Lee Matthew Chantrey)
O4 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe (Lee-Soft.com)
O4 - Startup: C:\Documents and Settings\Marian\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftup ... 8516750203 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 8516739375 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Marian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.02 14:03:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 30 Days ==========

[2010.07.16 22:10:23 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marian\Desktop\OTL.exe
[2010.07.16 21:36:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.07.16 21:34:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.07.16 21:11:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.16 19:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Local Settings\Application Data\ESET
[2010.07.16 19:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\ESET
[2010.07.16 19:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010.07.16 19:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.07.16 18:55:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marian\Recent
[2010.07.16 16:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\Mozilla
[2010.07.15 20:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\SUPERAntiSpyware.com
[2010.07.15 20:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.07.15 20:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010.07.15 20:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\NUGEN.FM
[2010.07.15 13:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\PES 2010 Editor
[2010.07.15 11:42:33 | 000,458,752 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\drivers\PAC7302.SYS
[2010.07.15 10:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010.07.15 00:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2010.07.14 19:17:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\Malwarebytes
[2010.07.14 19:17:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.14 19:17:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.14 19:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.07.14 19:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.07.13 09:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\PES
[2010.07.12 22:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010.07.12 22:01:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010.07.12 20:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Valve
[2010.07.12 16:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010.07.12 15:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\KONAMI
[2010.07.11 19:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\KONAMI
[2010.07.11 19:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010.07.11 17:55:58 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.07.11 17:08:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\vlc
[2010.07.11 01:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\UFO
[2010.07.10 15:58:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\pcsx2
[2010.07.10 15:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Local Settings\Application Data\pcsx2
[2010.07.08 19:27:57 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.07.08 19:27:57 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.07.08 19:27:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.07.08 19:27:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.07.08 16:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\ViSplore
[2010.07.08 16:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\ViStart
[2010.07.08 16:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\ViGlance
[2010.07.08 16:05:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\VIRepair
[2010.07.08 16:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\ViSplore
[2010.07.08 16:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\TrueTransparency
[2010.07.08 16:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinFlip
[2010.07.08 16:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\ViStart
[2010.07.08 16:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\ViGlance
[2010.07.08 16:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Vista Drive Icon
[2010.07.08 16:00:25 | 000,019,968 | ---- | C] (Dead Knight) -- C:\WINDOWS\System32\reico.exe
[2010.07.08 16:00:25 | 000,000,000 | ---D | C] -- C:\VTPFiles
[2010.07.08 16:00:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\VITrans
[2010.07.08 16:00:24 | 000,094,208 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pskill.exe
[2010.07.08 15:59:49 | 000,020,480 | ---- | C] (Windows X) -- C:\WINDOWS\System32\scrnrdr.exe
[2010.07.08 13:23:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Local Settings\Application Data\HP
[2010.07.07 20:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.07.07 20:16:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010.07.07 20:03:45 | 001,851,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010.07.07 19:57:46 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010.07.07 19:48:53 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010.07.07 19:47:48 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010.07.07 19:39:43 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.07.07 19:36:50 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010.07.07 19:36:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010.07.07 19:34:24 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010.07.07 19:31:48 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.07.07 19:30:29 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010.07.07 19:29:53 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010.07.07 19:29:21 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2010.07.07 19:29:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2010.07.07 19:29:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2010.07.07 19:28:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2010.07.07 19:27:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2010.07.07 19:27:14 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2010.07.07 19:26:35 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010.07.07 19:26:35 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010.07.07 19:22:23 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.07.07 19:21:49 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2010.07.07 19:21:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2010.07.07 19:21:14 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2010.07.07 19:15:55 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2010.07.07 19:15:55 | 000,092,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2010.07.07 19:15:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2010.07.07 19:15:54 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2010.07.07 19:13:29 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2010.07.07 19:12:29 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2010.07.07 19:11:02 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2010.07.07 19:10:45 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2010.07.07 19:10:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2010.07.07 19:10:22 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2010.07.07 19:10:05 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2010.07.07 19:06:41 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010.07.07 19:06:19 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2010.07.07 19:05:55 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfime.ime
[2010.07.07 19:05:35 | 000,989,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2010.07.07 19:05:35 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2010.07.07 19:05:12 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2010.07.07 19:04:55 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010.07.07 19:04:55 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010.07.07 19:04:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010.07.07 19:04:55 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2010.07.07 19:04:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010.07.07 19:04:31 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.07.07 19:04:31 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010.07.07 19:04:30 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010.07.07 19:04:29 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.07.07 19:03:03 | 008,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.07 19:02:26 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2010.07.07 19:01:48 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2010.07.07 19:01:08 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2010.07.07 19:00:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010.07.07 19:00:47 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010.07.07 19:00:34 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2010.07.07 19:00:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2010.07.07 18:59:43 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2010.07.07 18:59:42 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2010.07.07 18:59:42 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010.07.07 18:59:42 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010.07.07 18:59:42 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010.07.07 18:59:18 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2010.07.07 18:59:18 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll
[2010.07.07 18:59:18 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll
[2010.07.07 18:59:17 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2010.07.07 18:59:17 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2010.07.07 18:58:55 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010.07.07 18:58:46 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010.07.07 17:33:17 | 000,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2010.07.07 17:33:17 | 000,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2010.07.07 17:33:17 | 000,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2010.07.07 17:33:17 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010.07.07 17:33:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010.07.05 13:46:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\pr
[2010.07.05 13:40:33 | 000,000,000 | ---D | C] -- C:\6c15930dff31220c866b2810ba
[2010.07.05 13:40:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010.07.05 13:40:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010.07.05 13:40:11 | 000,000,000 | ---D | C] -- C:\1132aea08f7be422c351
[2010.07.05 13:26:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.07.05 13:21:19 | 000,016,384 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\lcid.exe
[2010.07.04 16:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\Preberanie
[2010.07.04 15:24:46 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Documents and Settings\Marian\My Documents\lame_enc.dll
[2010.07.03 16:04:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\Anvsoft
[2010.07.03 16:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2010.07.02 12:43:48 | 000,055,256 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys
[2010.07.02 12:43:04 | 000,140,752 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.06.30 22:22:09 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Marian\PrivacIE
[2010.06.30 20:34:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Marian\IETldCache
[2010.06.30 20:30:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.06.30 20:22:49 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2010.06.30 20:22:48 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2010.06.30 20:22:48 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2010.06.30 20:22:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010.06.30 20:22:38 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2010.06.30 20:22:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2010.06.30 20:22:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2010.06.30 20:22:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2010.06.30 20:22:33 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2010.06.30 20:22:33 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2010.06.30 20:22:33 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2010.06.30 20:22:33 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2010.06.30 20:22:33 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2010.06.30 20:22:33 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2010.06.30 20:22:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010.06.30 20:22:32 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2010.06.30 20:22:32 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2010.06.30 20:22:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2010.06.30 20:22:32 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2010.06.30 20:22:32 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2010.06.30 20:22:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2010.06.30 20:22:32 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2010.06.30 20:22:32 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2010.06.30 20:22:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2010.06.30 20:22:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2010.06.30 20:22:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2010.06.30 20:22:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2010.06.30 20:22:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2010.06.30 20:22:32 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2010.06.30 20:22:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2010.06.30 20:22:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010.06.30 20:22:31 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2010.06.30 20:22:30 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2010.06.30 20:22:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2010.06.30 20:22:29 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010.06.30 20:22:29 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2010.06.30 20:22:29 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2010.06.30 20:22:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2010.06.30 20:22:29 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2010.06.30 20:22:29 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2010.06.30 20:22:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2010.06.30 20:22:29 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2010.06.30 20:22:28 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2010.06.30 20:22:28 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2010.06.30 20:22:28 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2010.06.30 20:22:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2010.06.30 20:22:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2010.06.30 20:22:28 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2010.06.30 20:22:28 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2010.06.30 20:22:28 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2010.06.30 20:22:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2010.06.30 20:22:28 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2010.06.30 20:22:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2010.06.30 20:22:24 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2010.06.30 20:22:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010.06.30 20:22:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010.06.30 20:19:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.06.30 20:15:46 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010.06.30 20:15:46 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010.06.30 20:15:46 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010.06.30 20:15:46 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010.06.30 20:15:46 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010.06.30 20:15:46 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010.06.30 20:15:46 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010.06.30 20:15:46 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010.06.30 20:15:46 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010.06.30 20:15:46 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2010.06.30 20:15:46 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2010.06.30 20:15:46 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2010.06.30 20:15:46 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2010.06.30 20:15:46 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2010.06.30 20:15:46 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2010.06.30 20:15:46 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2010.06.30 20:15:45 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010.06.30 20:15:45 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010.06.30 20:15:45 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010.06.30 20:15:45 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010.06.30 20:15:45 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010.06.30 20:15:45 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010.06.30 20:15:45 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010.06.30 20:15:45 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010.06.30 20:15:45 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010.06.30 20:15:45 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010.06.30 20:15:45 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010.06.30 20:15:45 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2010.06.30 20:15:45 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010.06.30 20:15:45 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010.06.30 20:15:45 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010.06.30 20:15:45 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2010.06.30 20:15:44 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010.06.30 20:15:44 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010.06.30 20:15:44 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010.06.30 20:15:44 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010.06.30 20:15:41 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010.06.30 20:15:41 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010.06.30 20:15:41 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010.06.30 20:15:41 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010.06.30 20:15:41 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010.06.30 20:15:41 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010.06.30 20:15:41 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010.06.30 20:15:40 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010.06.30 20:15:40 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010.06.30 20:15:40 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010.06.30 20:15:40 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010.06.30 20:15:40 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010.06.30 20:15:40 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010.06.30 20:15:40 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2010.06.30 20:15:39 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010.06.30 20:15:39 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2010.06.30 20:15:38 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010.06.30 20:15:38 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010.06.30 20:15:38 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010.06.30 20:15:38 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010.06.30 20:15:38 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010.06.30 20:15:38 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010.06.30 20:15:38 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010.06.30 20:10:09 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010.06.30 18:23:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010.06.30 18:20:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.06.30 17:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.30 12:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\Desktop Activity Recorder
[2010.06.27 15:32:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\HPAppData
[2010.06.26 14:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive
[2010.06.24 17:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2010.06.24 14:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\Singularity
[2010.06.24 14:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.06.23 18:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.06.23 13:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\Application Data\FUEL
[2010.06.22 21:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.06.22 20:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\My Games
[2010.06.22 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010.06.22 19:49:28 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2010.06.22 19:49:23 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2010.06.22 19:49:23 | 000,052,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstXP.dll
[2010.06.22 19:49:20 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2010.06.22 19:49:15 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2010.06.22 17:29:01 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.06.22 17:29:01 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.06.22 17:05:43 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.06.22 17:05:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.06.22 17:05:42 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.06.22 17:05:42 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.06.22 17:05:41 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.06.22 17:05:41 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.06.22 17:05:38 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.06.22 17:05:34 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.06.21 23:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\Beérkezett fájlok
[2010.06.19 14:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marian\My Documents\PESEdit
[2010.06.19 14:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010.06.18 15:21:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Marian\My Documents\asd

========== Files - Modified Within 30 Days ==========

[2010.07.16 22:10:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marian\Desktop\OTL.exe
[2010.07.16 21:38:08 | 000,488,244 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.07.16 21:38:08 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.07.16 21:38:08 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.07.16 21:10:52 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\RSIT.exe
[2010.07.16 21:07:20 | 000,165,176 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\aaa.JPG
[2010.07.16 19:34:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.16 19:32:53 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.16 19:32:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.16 19:31:44 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\Marian\NTUSER.DAT
[2010.07.16 19:31:44 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Marian\ntuser.ini
[2010.07.16 19:06:30 | 048,233,984 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\ess_nt32_sky.msi
[2010.07.16 18:51:37 | 000,717,821 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\LYL.mp3
[2010.07.16 18:32:07 | 017,919,079 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\Roger Sanchez - 2gether (EDX Remix).mp3

SSemteXX · #6 Příspěvek od **SSemteXX** » 16 črc 2010 21:30

[2010.07.16 17:39:13 | 056,809,192 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\No!end On Nugen.FM (Radio Show vol. 15) (2010.07.15).mp3
[2010.07.16 16:31:06 | 000,028,762 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\grand3.mmp
[2010.07.16 16:02:03 | 000,035,328 | ---- | M] () -- C:\Documents and Settings\Marian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.16 15:17:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.07.16 13:59:26 | 001,575,086 | -H-- | M] () -- C:\Documents and Settings\Marian\Local Settings\Application Data\IconCache.db
[2010.07.15 22:14:55 | 000,031,424 | ---- | M] () -- C:\Documents and Settings\Marian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010.07.15 22:14:50 | 001,444,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.15 20:38:52 | 000,791,031 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\GOOFYFINAL.png
[2010.07.15 20:15:59 | 000,000,942 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.07.15 11:42:33 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\drivers\PAC7302.SYS
[2010.07.15 11:41:45 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.07.14 17:58:21 | 055,653,019 | ---- | M] () -- C:\Documents and Settings\Marian\Desktop\Live Your Life - Erick Morillo _amp; Eddie Thoneick feat Sha.mp4
[2010.07.12 10:49:26 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.07.12 10:49:26 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.07.08 18:13:51 | 011,335,136 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance-Horus Közeli Távolság[+Dalszöveg] (2010.mp3
[2010.07.08 18:13:26 | 010,131,296 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance-Horus Csak egy völgy (2010 Upload).mp3
[2010.07.08 18:11:38 | 010,522,016 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\Children Of Distance - Kedves Naplóm (Teljes változat).mp3
[2010.07.08 18:10:58 | 009,907,456 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance - A pokol pora.mp3
[2010.07.08 18:07:16 | 008,655,275 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance Horus és Őzi Pofonok földje (2010 Uploa.flv
[2010.07.08 17:00:52 | 000,343,925 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\image.jpg
[2010.07.08 16:57:59 | 000,257,931 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\reefs-of-bora-bora.jpg
[2010.07.08 16:00:43 | 000,078,942 | ---- | M] () -- C:\WINDOWS\Icon_1.ico
[2010.07.07 16:39:08 | 000,419,520 | ---- | M] () -- C:\Documents and Settings\Marian\My Documents\matira-point-bora-bora-french-polynesia.jpg
[2010.07.05 13:41:08 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.07.05 13:40:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.07.02 12:43:48 | 000,055,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdi.sys
[2010.07.02 12:43:04 | 000,140,752 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.06.30 20:15:05 | 000,250,048 | ---- | M] () -- C:\ntldr
[2010.06.30 18:19:46 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010.06.30 13:26:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.24 12:37:42 | 000,000,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2010.06.23 20:52:00 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2010.06.22 18:40:38 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.06.22 18:40:38 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.06.22 17:38:52 | 000,381,181 | ---- | M] () -- C:\AnalysisLog.sr0

========== Files Created - No Company Name ==========

[2010.07.16 21:10:48 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\RSIT.exe
[2010.07.16 21:07:20 | 000,165,176 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\aaa.JPG
[2010.07.16 18:59:32 | 048,233,984 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\ess_nt32_sky.msi
[2010.07.16 18:51:32 | 000,717,821 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\LYL.mp3
[2010.07.16 18:29:24 | 017,919,079 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\Roger Sanchez - 2gether (EDX Remix).mp3
[2010.07.15 20:38:50 | 000,791,031 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\GOOFYFINAL.png
[2010.07.15 20:13:13 | 056,809,192 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\No!end On Nugen.FM (Radio Show vol. 15) (2010.07.15).mp3
[2010.07.14 19:00:46 | 000,028,762 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\grand3.mmp
[2010.07.14 17:50:31 | 055,653,019 | ---- | C] () -- C:\Documents and Settings\Marian\Desktop\Live Your Life - Erick Morillo _amp; Eddie Thoneick feat Sha.mp4
[2010.07.08 18:10:01 | 009,907,456 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance - A pokol pora.mp3
[2010.07.08 18:09:59 | 010,522,016 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\Children Of Distance - Kedves Naplóm (Teljes változat).mp3
[2010.07.08 18:09:57 | 010,131,296 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance-Horus Csak egy völgy (2010 Upload).mp3
[2010.07.08 18:09:54 | 011,335,136 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance-Horus Közeli Távolság[+Dalszöveg] (2010.mp3
[2010.07.08 18:04:47 | 008,655,275 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\Children of Distance Horus és Őzi Pofonok földje (2010 Uploa.flv
[2010.07.08 17:00:49 | 000,343,925 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\image.jpg
[2010.07.08 16:57:58 | 000,257,931 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\reefs-of-bora-bora.jpg
[2010.07.08 16:03:12 | 000,023,434 | ---- | C] () -- C:\WINDOWS\System32\vilang.sif
[2010.07.08 16:02:59 | 000,360,499 | ---- | C] () -- C:\WINDOWS\System32\viwc.exe
[2010.07.08 16:02:55 | 000,110,646 | ---- | C] () -- C:\WINDOWS\System32\vistartup.bmp
[2010.07.08 16:00:43 | 000,078,942 | ---- | C] () -- C:\WINDOWS\Icon_1.ico
[2010.07.08 16:00:25 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2010.07.08 16:00:25 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2010.07.07 19:28:43 | 001,291,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010.07.07 16:39:08 | 000,419,520 | ---- | C] () -- C:\Documents and Settings\Marian\My Documents\matira-point-bora-bora-french-polynesia.jpg
[2010.07.05 13:40:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.07.05 13:35:27 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll107EC54
[2010.06.30 20:15:45 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010.06.30 20:15:43 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010.06.30 20:15:41 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010.06.30 18:19:46 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2010.06.30 18:19:46 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2010.06.22 17:38:37 | 000,381,181 | ---- | C] () -- C:\AnalysisLog.sr0
[2010.05.28 09:19:07 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010.04.26 17:06:26 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.04.10 14:31:15 | 000,000,323 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2010.04.10 14:31:11 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI
[2010.04.05 14:37:18 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010.04.02 15:11:16 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010.04.02 15:11:04 | 000,006,211 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2010.04.02 14:43:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

========== LOP Check ==========

[2010.05.27 10:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010.05.15 23:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010.06.22 21:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.04.26 17:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.07.16 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.07.08 15:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker
[2010.04.14 00:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.07.11 19:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010.04.08 11:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2010.05.13 19:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010.05.27 17:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010.07.11 15:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2010.05.31 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010.05.27 10:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010.05.21 19:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Autodesk
[2010.06.16 15:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\bizarre creations
[2010.04.26 17:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\DAEMON Tools Lite
[2010.07.16 19:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ESET
[2010.04.15 00:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\esmska
[2010.06.23 13:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\FUEL
[2010.07.15 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\HLSW
[2010.07.08 15:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\IconTweaker
[2010.06.15 20:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Octoshape
[2010.04.07 01:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Styler
[2010.05.28 12:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\SystemRequirementsLab
[2010.05.31 16:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\TeamViewer
[2010.04.02 16:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\TS3Client
[2010.05.31 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Ubisoft
[2010.05.27 18:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Uniblue
[2010.07.16 16:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\uTorrent
[2010.07.08 16:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ViGlance
[2010.07.13 13:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ViSplore
[2010.07.08 16:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ViStart
[2010.04.07 19:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Windows SideBar
[2010.04.02 15:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Xilisoft Corporation

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:42:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"TrueTransparency" = "C:\PROGRA~1\TRUETR~1\TrueTransparency.exe" -- [2010.07.15 11:42:34 | 000,356,352 | ---- | M] ()
"ViStart" = C:\PROGRA~1\ViStart\ViStart.exe -- [2010.07.15 11:42:34 | 000,798,720 | ---- | M] (Lee-Soft.com)
"ViGlance" = C:\PROGRA~1\ViGlance\ViGlance.exe -- [2010.07.15 11:42:35 | 000,438,272 | ---- | M] (Lee-Soft.com, Lee Matthew Chantrey)
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2010.06.29 19:48:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.07.15 20:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.05.29 10:54:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2010.05.27 10:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010.04.19 18:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2010.05.15 23:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010.06.22 21:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.04.26 17:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.06.12 13:10:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.07.16 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.05.04 16:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2010.04.10 16:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2010.04.10 16:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
[2010.04.10 16:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
[2010.07.08 15:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker
[2010.04.14 00:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.07.11 19:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KONAMI
[2010.04.08 11:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2010.07.14 19:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.13 19:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010.05.28 10:46:50 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.04.02 15:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.05.27 17:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010.05.10 23:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.04.04 17:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2010.04.02 14:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.07.15 20:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010.07.11 15:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2010.07.12 16:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010.05.31 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010.04.10 16:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2010.07.05 13:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.05.27 10:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.05.15 17:20:55 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.05.15 17:21:07 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.06.12 13:06:23 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010.06.12 13:09:51 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010.05.15 17:21:09 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.06.12 13:10:20 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.05.15 17:21:08 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.05.15 17:21:10 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.05.15 17:21:11 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.05.15 17:21:11 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.06.12 13:06:12 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010.05.15 17:21:06 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.06.12 13:10:20 | 000,057,715 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010.05.15 17:21:00 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.06.12 13:03:06 | 000,895,256 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.06.12 13:06:22 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010.06.12 13:09:54 | 000,084,062 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010.06.12 13:06:25 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.06.12 13:06:30 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2006.02.27 09:43:58 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\MAGIX\Webradio_Recorder_4_Download_version\Default\Validation.exe

< %APPDATA%\*. >
[2010.07.15 20:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Adobe
[2010.05.28 09:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ATI
[2010.05.21 19:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Autodesk
[2010.06.16 15:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\bizarre creations
[2010.04.26 17:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\DAEMON Tools Lite
[2010.06.12 13:13:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\DivX
[2010.07.04 20:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\dvdcss
[2010.07.16 19:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ESET
[2010.04.15 00:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\esmska
[2010.06.23 13:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\FUEL
[2010.04.05 13:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Google
[2010.07.15 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\HLSW
[2010.04.10 16:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\HP
[2010.06.23 18:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\HPAppData
[2010.07.08 15:49:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\IconTweaker
[2010.04.02 14:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Identities
[2010.04.04 17:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\InstallShield
[2010.04.02 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Macromedia
[2010.07.14 19:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Malwarebytes
[2010.07.07 19:46:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Marian\Application Data\Microsoft
[2010.07.16 00:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\mIRC
[2010.04.06 16:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\MixMeister Technology
[2010.07.16 16:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Mozilla
[2010.04.02 15:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Nero
[2010.06.15 20:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Octoshape
[2010.07.15 18:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Skype
[2010.07.15 18:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\skypePM
[2010.04.07 01:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Styler
[2010.04.02 14:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Sun
[2010.07.15 20:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\SUPERAntiSpyware.com
[2010.05.28 12:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\SystemRequirementsLab
[2010.05.31 16:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\TeamViewer
[2010.04.02 16:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\TS3Client
[2010.05.31 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Ubisoft
[2010.05.27 18:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Uniblue
[2010.07.16 16:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\uTorrent
[2010.07.07 19:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Ventrilo
[2010.07.08 16:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ViGlance
[2010.07.13 13:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ViSplore
[2010.07.08 16:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\ViStart
[2010.07.16 16:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\vlc
[2010.04.11 14:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Winamp
[2010.04.07 19:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Windows SideBar
[2010.04.02 15:09:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\WinRAR
[2010.04.02 15:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marian\Application Data\Xilisoft Corporation

< %APPDATA%\*.exe /s >
[2010.07.12 20:40:00 | 000,015,872 | R--- | M] () -- C:\Documents and Settings\Marian\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
[2010.05.28 10:05:27 | 000,003,584 | R--- | M] () -- C:\Documents and Settings\Marian\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2010.07.15 13:29:39 | 000,082,726 | R--- | M] () -- C:\Documents and Settings\Marian\Application Data\Microsoft\Installer\{E871FF1A-D7A0-420D-9A47-B78AFD8B16AA}\_43EA64258A532C2A1F57BD.exe
[2010.07.15 13:29:39 | 000,082,726 | R--- | M] () -- C:\Documents and Settings\Marian\Application Data\Microsoft\Installer\{E871FF1A-D7A0-420D-9A47-B78AFD8B16AA}\_853F67D554F05449430E7E.exe
[2010.04.02 15:02:04 | 000,000,766 | R--- | M] () -- C:\Documents and Settings\Marian\Application Data\Microsoft\Installer\{E89B484C-B913-49A0-959B-89E836001658}\ARPPRODUCTICON.exe
[2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

< MD5 for: AGP440.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2007.02.18 23:37:42 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=87F3E2D2A3231F820F9248DB90090F42 -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 01:56:44 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\VITrans\explorer.exe
[2008.04.14 05:42:20 | 001,431,552 | ---- | M] (Microsoft Corporation) MD5=381C9453EA0DB0CE82D6C67C63223D33 -- C:\WINDOWS\explorer.exe
[2007.02.18 23:37:47 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=42D32722B805D7DF42D30487A0BCBD78 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2007.02.18 23:37:51 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=E8C837F0AA77FF8B74F5C5167CD06B89 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 05:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 00:06:42 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.23 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.04 01:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\SP2QFE\netlogon.dll
[2004.08.04 01:56:46 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.04 01:56:46 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:42:38 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004.08.04 01:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004.08.04 01:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\SP2GDR\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2007.02.18 23:39:16 | 000,360,704 | ---- | M] (Microsoft Corporation) MD5=9941382A1C2289F5FB4C87D0DAACC21C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.04 01:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 01:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:42:12 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2004.08.04 01:56:48 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 03:39:32 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2008.04.14 05:42:02 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.26 17:06:27 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.04.02 15:50:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.04.02 15:50:02 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.04.02 15:50:02 | 000,917,504 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 03:39:32 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2008.04.14 05:42:02 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.07.15 11:42:33 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) -- C:\WINDOWS\system32\drivers\PAC7302.SYS

< %systemroot%\system32\*.* /3 >
[2010.07.16 15:17:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2010.07.15 22:14:50 | 001,444,168 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.07.16 21:38:08 | 000,067,312 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.07.16 21:38:08 | 000,432,356 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.07.16 21:38:08 | 000,488,244 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.07.16 19:34:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< End of report >

SSemteXX · #7 Příspěvek od **SSemteXX** » 16 črc 2010 21:31

Extra.txt

OTL Extras logfile created on: 16. 7. 2010 22:11:43 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Marian\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,55 Gb Total Space | 9,29 Gb Free Space | 12,46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARIAN-2C7B64C4
Current User Name: Marian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- File not found
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- File not found
"C:\Program Files\Valve\Steam\Steam.exe" = C:\Program Files\Valve\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\VirtualDJ\virtualdj_trial.exe" = C:\Program Files\VirtualDJ\virtualdj_trial.exe:*:Enabled:VirtualDJ -- (Atomix Productions)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe" = C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:conviction_game -- File not found
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- File not found
"C:\Documents and Settings\Marian\Desktop\RatioMaster.NET.exe" = C:\Documents and Settings\Marian\Desktop\RatioMaster.NET.exe:*:Enabled:RatioMaster.NET -- File not found
"C:\Documents and Settings\Marian\My Documents\Prgr\RatioMaster.NET.exe" = C:\Documents and Settings\Marian\My Documents\Prgr\RatioMaster.NET.exe:*:Enabled:RatioMaster.NET -- File not found
"C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe" = C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:BmGame -- File not found
"C:\Documents and Settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS)
"C:\Program Files\PESEdit\2010 FIFA World Cup Patch\pes2010.exe" = C:\Program Files\PESEdit\2010 FIFA World Cup Patch\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- File not found
"C:\Program Files\Valve\Steam\SteamApps\ssementexx\ricochet\hl.exe" = C:\Program Files\Valve\Steam\SteamApps\ssementexx\ricochet\hl.exe:*:Enabled:Ricochet -- File not found
"C:\Program Files\Codemasters\Colin McRae DiRT 2\dirt2_game.exe" = C:\Program Files\Codemasters\Colin McRae DiRT 2\dirt2_game.exe:*:Enabled:DiRT2 Executable -- (Codemasters)
"C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForever.exe" = C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever -- File not found
"C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe" = C:\Program Files\Valve\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever -- File not found
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- File not found
"C:\Program Files\Valve\Steam\SteamApps\ssementexx\counter-strike\hl.exe" = C:\Program Files\Valve\Steam\SteamApps\ssementexx\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06C353F1-F003-815A-846B-11A49573F510}" = CCC Help Japanese
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{146381FF-4E2E-37C6-142B-96487BFFF68C}" = CCC Help Finnish
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1C028B3C-72BB-6AF8-5023-17CADA0C68CA}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live feltöltőeszköz
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{266C3874-7805-4519-4887-7C2CC5AF7723}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{29D18D4E-4A48-A2FE-D40F-BF8E9BBEF364}" = CCC Help Hungarian
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3E7FB03D-1F9D-C2BF-2E3D-E1754697C1FA}" = CCC Help French
"{45B2F267-98D6-2100-34C9-68E0EE215DF2}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4DDF19-F79C-3C68-CAF2-BD67843E4D19}" = Catalyst Control Center InstallProxy
"{4B6AD13A-E60C-5DEB-0A1C-BE914FB9E6BE}" = CCC Help Turkish
"{4E58F5DE-D0E0-A363-3984-AF355ACE196F}" = CCC Help Swedish
"{4EB03D52-BB1C-98F5-7FA4-0EE0A131103B}" = Catalyst Control Center Graphics Full New
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{571138E3-595A-8B69-D89A-1D5ED30DB400}" = CCC Help Portuguese
"{5833E1EC-2D52-A08E-8316-9CF117795360}" = Catalyst Control Center HydraVision Full
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5D63D27F-09D7-4420-9479-DD247CC31496}" = Windows Live Essentials
"{5DAE8059-7157-63F4-5AC3-BBA571E93848}" = CCC Help Danish
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{61D4B21F-EC4D-56F5-9460-2C44D7EF46EA}" = CCC Help Dutch
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6D431157-ED9D-4AB1-A2C9-1FAA0A04419F}" = Windows Live Messenger
"{6F55031B-A4E9-B9C1-079C-4D3C229A8644}" = CCC Help Spanish
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733EB793-0840-4D69-97AA-6934FC79DB16}" = Windows Live bejelentkezési segéd
"{75722E6F-FCCA-7C44-E4BB-7BC0390F65E3}" = CCC Help Chinese Standard
"{7635BF2D-18B7-3D85-D84E-4393743A13D8}" = CCC Help Italian
"{78090C44-154F-E296-3AC3-A2FC16D08DF2}" = CCC Help Greek
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{81C6BFED-691E-402A-95DA-F6DE1A351033}" = Nero 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{87F12DCD-4288-29D4-C327-FE47B42D5B80}" = CCC Help Norwegian
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96677085-CCD8-EE14-B9E0-407A7EF5F8B4}" = ccc-core-preinstall
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D7C03B7-59C9-9BE7-CE28-4CD3FEAC85CE}" = Catalyst Control Center Graphics Light
"{9DE879FB-2FE2-3D61-D4F5-F9BD33A33B0C}" = CCC Help Russian
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A30637EC-B31B-24DA-92EF-5D7C15589D52}" = ccc-core-static
"{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}" = CANYON USB PC CAMERA
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{B055306F-39F6-C306-D71A-0D8FA334EDFD}" = CCC Help Chinese Traditional
"{B1BC4391-9F83-575D-9D5E-B2429DE7FBB2}" = CCC Help Thai
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7B280B6-E4C7-CF6A-A144-40709AFFFFAB}" = CCC Help Czech
"{B8D3BF6A-EB43-E27B-3A5C-E1563A1B92BB}" = CCC Help German
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D75BB658-662F-4082-B262-8228047F7D67}" = ESET Smart Security
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D853AC86-E781-D62E-4327-E94FDF050FF4}" = ccc-utility
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{DF849B8D-325A-0B01-7DE9-5EC3EF48B054}" = CCC Help Polish
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E10EF44B-BB6E-6633-5207-8A2D22A9950D}" = Catalyst Control Center Graphics Full Existing
"{E871FF1A-D7A0-420D-9A47-B78AFD8B16AA}" = PES 2010 Editor
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2C757C9-C40E-07A0-9397-56A7C66F84F3}" = ATI Catalyst Install Manager
"{F34307E0-E6BA-BEB7-3CF0-9EF56DF9D18F}" = Catalyst Control Center Core Implementation
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F64B592A-C33F-4D15-5FEA-C5C0CBF358EA}" = CCC Help English
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"AnvSoft Photo Flash Maker Free" = AnvSoft Photo Flash Maker Free 5.19
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner
"Colin McRae DiRT 2_is1" = Colin McRae DiRT 2
"ESET Online Scanner" = ESET Online Scanner v3
"HLSW_is1" = HLSW v1.3.2.1
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"MAGIX Screenshare UK" = MAGIX Screenshare 4.3.6.1987 (UK)
"MAGIX Webradio Recorder 4 Download version UK" = MAGIX Webradio Recorder 4 Download version 4.0.0.520 (UK)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"mmfsetup_is1" = MixMeister Fusion 7.3.5
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ObjectDock" = ObjectDock
"Seven Transformation Pack" = Seven Transformation Pack 4.0
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"ViStart" = ViStart
"VLC media player" = VLC media player 1.1.0
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape Streaming Services" = Octoshape Streaming Services
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22. 6. 2010 14:29:14 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application dirt2_game.exe, version 1.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 22. 6. 2010 14:31:11 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application dirt2_game.exe, version 1.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 22. 6. 2010 14:36:59 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application dirt2_game.exe, version 1.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 22. 6. 2010 14:37:42 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application dirt2_game.exe, version 1.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 22. 6. 2010 14:38:18 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application dirt2_game.exe, version 1.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 22. 6. 2010 14:39:00 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application dirt2_game.exe, version 1.0.0.0, faulting module
ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.

Error - 23. 6. 2010 7:53:14 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application seculauncher.exe, version 0.1.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 23. 6. 2010 7:53:38 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application seculauncher.exe, version 0.1.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 23. 6. 2010 7:56:21 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application seculauncher.exe, version 0.1.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x00000000.

Error - 23. 6. 2010 9:23:03 | Computer Name = MARIAN-2C7B64C4 | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

[ System Events ]
Error - 9. 7. 2010 6:22:26 | Computer Name = MARIAN-2C7B64C4 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 9. 7. 2010 6:23:12 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9. 7. 2010 6:23:12 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 9. 7. 2010 8:16:14 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9. 7. 2010 8:16:14 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 9. 7. 2010 8:17:43 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9. 7. 2010 8:17:43 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 9. 7. 2010 8:17:43 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 9. 7. 2010 8:17:43 | Computer Name = MARIAN-2C7B64C4 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 9. 7. 2010 8:19:19 | Computer Name = MARIAN-2C7B64C4 | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

< End of report >

#8 Příspěvek od **Caroprd111** » 16 črc 2010 22:01

Doporučuji odinstalovat µTorrent.

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

Obrázek

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\install4\MSICPL.sys -- (MSICPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Marian\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Anti Trojan Elite\ATEPMon.sys -- (ATE_PROCMON)
IE - HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\..\URLSearchHook: - Reg Error: Key error. File not found
O4 - HKU\.DEFAULT..\Run: [JDK5SWFMZY] C:\WINDOWS\TEMP\Smr.exe File not found
O4 - HKU\S-1-5-18..\Run: [JDK5SWFMZY] C:\WINDOWS\TEMP\Smr.exe File not found
NetSvcs: SSHNAS - File not found

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Klikněte na Opravit, PC se restartuje, log vložte sem.

SSemteXX · #9 Příspěvek od **SSemteXX** » 16 črc 2010 22:27

Nech sa páči log, ale robí mi stále to isté...

All processes killed
========== OTL ==========
Service SetupNTGLM7X stopped successfully!
Service SetupNTGLM7X deleted successfully!
File D:\NTGLM7X.sys not found.
Service SABKUTIL stopped successfully!
Service SABKUTIL deleted successfully!
File C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys not found.
Service NTACCESS stopped successfully!
Service NTACCESS deleted successfully!
File D:\NTACCESS.sys not found.
Service MSICPL stopped successfully!
Service MSICPL deleted successfully!
File D:\install4\MSICPL.sys not found.
Service GMSIPCI stopped successfully!
Service GMSIPCI deleted successfully!
File D:\INSTALL\GMSIPCI.SYS not found.
Service cpuz132 stopped successfully!
Service cpuz132 deleted successfully!
File C:\DOCUME~1\Marian\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys not found.
Service AtiHdmiService stopped successfully!
Service AtiHdmiService deleted successfully!
File C:\WINDOWS\System32\drivers\AtiHdmi.sys not found.
Service ATE_PROCMON stopped successfully!
Service ATE_PROCMON deleted successfully!
File C:\Program Files\Anti Trojan Elite\ATEPMon.sys not found.
Registry value HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\JDK5SWFMZY deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\JDK5SWFMZY not found.
SSHNAS removed from NetSvcs value successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Marian
->Temp folder emptied: 133897965 bytes
->Temporary Internet Files folder emptied: 753555 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 131931774 bytes
->Flash cache emptied: 1040 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 327974 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 213269 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 60953253 bytes

Total Files Cleaned = 313,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: Marian
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.9.0 log created on 07162010_231937

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#10 Příspěvek od **Caroprd111** » 16 črc 2010 22:47

Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek

Start > Spustit (Win + R)

Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

Klikněte na OK

Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

SSemteXX · #11 Příspěvek od **SSemteXX** » 16 črc 2010 23:23

Musel som napísať ""%userprofile%\desktop\mbr" -t"

Odinštaloval som uTorrent, všetko som urobil podľa Vás, čakám ďalšie inštrukcie. Dúfam, že mi viete pomôcť

A ešte chcem dodať, že pri IE8 tento problém nerobí, ako je to možné? Môže byť problém v prehliadači? Reinštal som skúšal, nepomohol.

Log z MBR :

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x897C9EC5]<<
kernel: MBR read successfully
user & kernel MBR OK

Log z Gmer:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-17 00:22:29
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Marian\LOCALS~1\Temp\axxyyaow.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)

Device -> \Driver\atapi \Device\Harddisk0\DR0 897C9EC5

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification

---- EOF - GMER 1.0.15 ----

SSemteXX · #12 Příspěvek od **SSemteXX** » 17 črc 2010 10:21

Pomôžte mi niekto pls, vkuse mi ten NOD vyhaduje tie okná, už ma to sere :// Asi sa táto téma posunula nižšie a help-eri zabudli na mňa

#13 Příspěvek od **Caroprd111** » 17 črc 2010 11:02

Já tu taky nemůžu být pořád.

Máte infikovaný atapi.sys

Obrázek

Stáhněte a uložte http://download.bleepingcomputer.com/sUBs/ComboFix.exe na plochu.

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
Vložte do PC všechny flash disky, které používáte.
Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano".
Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
Během skenování může být počítač restartován.

SSemteXX · #14 Příspěvek od **SSemteXX** » 17 črc 2010 11:33

Haháááá, čožéééééé, tak toto je pokrok. Mne už nevyskakujú tie okná. Čo ďalej pane?

Ešte chcem dodať, že PC sa mi reštartol a ComboFix preskenoval PC, no potom som PC znova reštartol lebo viaceré programy som mal zakázané. Jak sa mi PC spustil tak mi NOD hneď vyhodil hlášky, že PC neni aktualizovaný. Ten ComboFix mi zmazal updaty? Lebo teraz mi tu hodilo tabuľku dostupných updatov a boli tam niektoré updaty "dôležité" atď. Lenže práve ja sa bojím nainštalovať teraz tie updaty z microsoft-u, čo keď to zase začne blbnúť. To okno ktoré mi hodil NOD32 roztiahnúť nejde, tak Vám upnem 2 screeny z neho, že aké veci mi dal na stiahnutie. Lebo keď obrázok pridám do prílohy tak to roztiahne stránku

Sú tieto aktualizácie bezpečné? Lebo zatiaľ som nemal žiadny problém s nimi, ale teraz tám mám nejakú ochranu na stiahnutie proti Malware atď. Tu sú screeny : http://img31.imageshack.us/g/91667777.jpg/

ComboFix 10-07-15.05 - Marian . 07. 2010 12:22:13.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1548 [GMT 2:00]
Running from: c:\documents and settings\Marian\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\hpe1D7.dll
C:\Install.exe

Infected copy of c:\windows\system32\drivers\tcpip.sys was found and disinfected
Restored copy from - Kitty had a snack :p
.
((((((((((((((((((((((((( Files Created from 2010-06-17 to 2010-07-17 )))))))))))))))))))))))))))))))
.

2010-07-16 21:19 . 2010-07-16 21:19 -------- d-----w- C:\_OTL
2010-07-16 19:11 . 2010-07-16 19:11 -------- d-----w- C:\rsit
2010-07-16 17:19 . 2010-07-16 17:19 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-07-16 17:10 . 2010-07-16 17:10 -------- d-----w- c:\documents and settings\Marian\Local Settings\Application Data\ESET
2010-07-16 17:10 . 2010-07-16 17:10 -------- d-----w- c:\documents and settings\Marian\Application Data\ESET
2010-07-16 17:07 . 2010-07-16 17:07 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-07-16 17:07 . 2010-07-16 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-07-16 11:21 . 2010-07-16 11:21 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-07-15 18:51 . 2010-07-16 11:15 63488 ----a-w- c:\documents and settings\Marian\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-15 18:51 . 2010-07-15 18:51 52224 ----a-w- c:\documents and settings\Marian\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-15 18:51 . 2010-07-16 11:15 117760 ----a-w- c:\documents and settings\Marian\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-15 18:50 . 2010-07-15 18:50 -------- d-----w- c:\documents and settings\Marian\Application Data\SUPERAntiSpyware.com
2010-07-15 18:50 . 2010-07-15 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-07-15 18:49 . 2010-07-16 17:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-15 11:29 . 2010-07-15 11:29 82726 ----a-r- c:\documents and settings\Marian\Application Data\Microsoft\Installer\{E871FF1A-D7A0-420D-9A47-B78AFD8B16AA}\_853F67D554F05449430E7E.exe
2010-07-15 11:29 . 2010-07-15 11:29 82726 ----a-r- c:\documents and settings\Marian\Application Data\Microsoft\Installer\{E871FF1A-D7A0-420D-9A47-B78AFD8B16AA}\_43EA64258A532C2A1F57BD.exe
2010-07-15 11:29 . 2010-07-15 11:31 -------- d-----w- c:\program files\PES 2010 Editor
2010-07-15 09:42 . 2010-07-15 09:42 458752 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2010-07-15 08:45 . 2010-07-15 08:45 -------- d-----w- c:\program files\Enigma Software Group
2010-07-14 22:26 . 2010-07-15 08:48 -------- d-----w- c:\program files\Anti Trojan Elite
2010-07-14 17:17 . 2010-07-14 17:17 -------- d-----w- c:\documents and settings\Marian\Application Data\Malwarebytes
2010-07-14 17:17 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-14 17:17 . 2010-07-14 17:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-14 17:17 . 2010-07-14 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-14 17:17 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-12 20:01 . 2010-07-12 20:01 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-07-12 18:40 . 2010-07-12 18:40 15872 ----a-r- c:\documents and settings\Marian\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2010-07-12 18:39 . 2010-07-12 18:39 -------- d-----w- c:\program files\Valve
2010-07-12 14:21 . 2010-07-12 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2010-07-11 17:27 . 2010-07-11 17:27 -------- d-----w- c:\program files\KONAMI
2010-07-11 17:27 . 2010-07-11 17:27 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI
2010-07-11 15:08 . 2010-07-16 14:08 -------- d-----w- c:\documents and settings\Marian\Application Data\vlc
2010-07-10 13:58 . 2010-07-10 14:05 -------- d-----w- c:\documents and settings\Marian\Local Settings\Application Data\pcsx2
2010-07-08 17:28 . 2010-07-08 17:28 503808 ----a-w- c:\documents and settings\Marian\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-37ea7806-n\msvcp71.dll
2010-07-08 17:28 . 2010-07-08 17:28 499712 ----a-w- c:\documents and settings\Marian\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-37ea7806-n\jmc.dll
2010-07-08 17:28 . 2010-07-08 17:28 348160 ----a-w- c:\documents and settings\Marian\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-37ea7806-n\msvcr71.dll
2010-07-08 17:28 . 2010-07-08 17:28 61440 ----a-w- c:\documents and settings\Marian\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2312e98e-n\decora-sse.dll
2010-07-08 17:28 . 2010-07-08 17:28 12800 ----a-w- c:\documents and settings\Marian\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-2312e98e-n\decora-d3d.dll
2010-07-08 17:27 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-08 14:05 . 2010-07-13 11:43 -------- d-----w- c:\documents and settings\Marian\Application Data\ViSplore
2010-07-08 14:05 . 2010-07-08 14:09 -------- d-----w- c:\documents and settings\Marian\Application Data\ViGlance
2010-07-08 14:05 . 2010-07-08 14:06 -------- d-----w- c:\documents and settings\Marian\Application Data\ViStart
2010-07-08 14:05 . 2010-07-08 15:53 -------- d-----w- c:\windows\system32\VIRepair
2010-07-08 14:02 . 2010-07-15 09:42 -------- d-----w- c:\program files\TrueTransparency
2010-07-08 14:02 . 2010-07-08 14:02 -------- d-----w- c:\program files\ViSplore
2010-07-08 14:02 . 2009-11-30 01:03 360499 ----a-w- c:\windows\system32\viwc.exe
2010-07-08 14:02 . 2010-07-15 09:42 -------- d-----w- c:\program files\ViGlance
2010-07-08 14:02 . 2010-07-15 09:42 -------- d-----w- c:\program files\ViStart
2010-07-08 14:02 . 2010-07-08 14:06 -------- d-----w- c:\program files\WinFlip
2010-07-08 14:02 . 2010-07-08 14:02 -------- d-----w- c:\program files\Vista Drive Icon
2010-07-08 14:00 . 2010-07-14 22:56 -------- d-----w- c:\windows\system32\VITrans
2010-07-08 14:00 . 2010-07-08 14:03 -------- d-----w- C:\VTPFiles
2010-07-08 14:00 . 2006-12-03 15:15 111104 ----a-w- c:\windows\system32\Uharc.exe
2010-07-08 14:00 . 2006-12-03 15:15 19968 ----a-w- c:\windows\system32\reico.exe
2010-07-08 14:00 . 2006-12-03 15:14 8636 ----a-w- c:\windows\system32\modifype.exe
2010-07-08 14:00 . 2004-11-27 17:00 94208 ----a-w- c:\windows\system32\pskill.exe
2010-07-08 13:59 . 2009-03-23 15:39 20480 ----a-w- c:\windows\system32\scrnrdr.exe
2010-07-08 11:23 . 2010-07-08 11:23 -------- d-----w- c:\documents and settings\Marian\Local Settings\Application Data\HP
2010-07-07 18:17 . 2010-07-07 18:17 -------- d-----w- c:\program files\MSXML 4.0
2010-07-07 18:16 . 2010-07-07 18:19 -------- d-----w- c:\windows\ie8updates
2010-07-07 18:03 . 2010-05-02 05:22 1851264 -c----w- c:\windows\system32\dllcache\win32k.sys
2010-07-07 17:57 . 2010-03-05 14:37 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
2010-07-07 17:48 . 2010-04-20 05:30 285696 -c----w- c:\windows\system32\dllcache\atmfd.dll
2010-07-07 17:47 . 2010-01-29 15:01 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-07-07 17:39 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-07-07 17:36 . 2010-02-12 04:33 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2010-07-07 17:36 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2010-07-07 17:34 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-07-07 17:31 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-07-07 17:30 . 2009-12-16 18:43 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-07-07 17:29 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-07-07 17:29 . 2009-11-27 16:07 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-07-07 17:29 . 2009-11-27 16:07 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-07-07 17:29 . 2009-11-27 16:07 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-07-07 17:28 . 2009-11-27 17:11 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-07-07 17:28 . 2010-02-05 18:27 1291776 -c----w- c:\windows\system32\dllcache\quartz.dll
2010-07-07 17:27 . 2009-12-14 07:08 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2010-07-07 17:27 . 2009-12-08 09:23 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2010-07-07 17:26 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-07-07 17:26 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-07-07 17:22 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-07-07 17:21 . 2009-10-13 10:30 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2010-07-07 17:21 . 2009-10-12 13:38 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
2010-07-07 17:21 . 2009-10-12 13:38 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
2010-07-07 17:15 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2010-07-07 17:15 . 2009-06-25 08:25 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2010-07-07 17:15 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2010-07-07 17:15 . 2009-06-25 08:25 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2010-07-07 17:13 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2010-07-07 17:12 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2010-07-07 17:11 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-07-07 17:11 . 2009-06-10 06:14 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
2010-07-07 17:10 . 2009-08-05 09:01 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2010-07-07 17:10 . 2009-06-12 12:31 80896 -c----w- c:\windows\system32\dllcache\tlntsess.exe
2010-07-07 17:10 . 2009-06-12 12:31 76288 -c----w- c:\windows\system32\dllcache\telnet.exe
2010-07-07 17:10 . 2009-07-17 19:01 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2010-07-07 17:06 . 2009-04-15 14:51 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2010-07-07 17:06 . 2009-05-07 15:32 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
2010-07-07 17:05 . 2009-06-25 08:25 56832 -c----w- c:\windows\system32\dllcache\secur32.dll
2010-07-07 17:05 . 2009-03-21 14:06 989696 -c----w- c:\windows\system32\dllcache\kernel32.dll
2010-07-07 17:05 . 2008-12-16 12:30 354304 -c----w- c:\windows\system32\dllcache\winhttp.dll
2010-07-07 17:03 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-07-07 17:03 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-07-07 17:03 . 2008-06-17 19:02 8461312 -c----w- c:\windows\system32\dllcache\shell32.dll
2010-07-07 17:02 . 2009-06-25 08:25 147456 -c----w- c:\windows\system32\dllcache\schannel.dll
2010-07-07 17:01 . 2008-10-23 12:36 286720 -c----w- c:\windows\system32\dllcache\gdi32.dll
2010-07-07 17:01 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-07-07 17:00 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-07-07 17:00 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-07-07 17:00 . 2008-07-07 20:26 253952 -c----w- c:\windows\system32\dllcache\es.dll
2010-07-07 17:00 . 2008-06-24 16:43 74240 -c----w- c:\windows\system32\dllcache\mscms.dll
2010-07-07 16:59 . 2008-08-14 10:04 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2010-07-07 16:59 . 2010-02-11 12:02 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys
2010-07-07 16:59 . 2008-06-20 17:46 245248 -c----w- c:\windows\system32\dllcache\mswsock.dll
2010-07-07 16:59 . 2008-06-20 17:46 147968 -c----w- c:\windows\system32\dllcache\dnsapi.dll
2010-07-07 16:59 . 2008-06-20 11:51 361600 -c----w- c:\windows\system32\dllcache\tcpip.sys
2010-07-07 16:59 . 2008-05-09 10:53 90112 -c----w- c:\windows\system32\dllcache\wshext.dll
2010-07-07 16:59 . 2008-05-09 10:53 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll
2010-07-07 16:59 . 2008-05-09 10:53 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll
2010-07-07 16:59 . 2008-05-09 08:45 135168 -c----w- c:\windows\system32\dllcache\cscript.exe
2010-07-07 16:59 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe
2010-07-07 16:58 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-07-07 16:58 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-07-05 11:40 . 2010-07-05 11:41 -------- d-----w- C:\6c15930dff31220c866b2810ba
2010-07-05 11:40 . 2010-07-11 15:54 -------- d-----w- c:\windows\system32\drivers\UMDF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-16 22:12 . 2010-04-02 13:09 -------- d-----w- c:\documents and settings\Marian\Application Data\uTorrent
2010-07-16 21:19 . 2010-04-02 13:02 -------- d-----w- c:\documents and settings\Marian\Application Data\mIRC
2010-07-16 20:54 . 2010-04-02 13:02 -------- d-----w- c:\program files\mIRC
2010-07-16 13:17 . 2010-05-28 07:05 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-15 20:14 . 2010-04-02 12:09 31424 ----a-w- c:\documents and settings\Marian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-15 16:53 . 2010-05-10 21:42 -------- d-----w- c:\documents and settings\Marian\Application Data\Skype
2010-07-15 16:34 . 2010-05-10 21:43 -------- d-----w- c:\documents and settings\Marian\Application Data\skypePM
2010-07-15 11:12 . 2010-04-02 13:07 -------- d-----w- c:\documents and settings\Marian\Application Data\HLSW
2010-07-15 08:45 . 2010-04-02 13:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-15 08:34 . 2010-05-31 14:42 -------- d-----w- c:\program files\TeamViewer
2010-07-14 16:44 . 2010-04-02 12:51 -------- d-----w- c:\program files\Playbar
2010-07-11 15:55 . 2010-04-02 11:59 -------- d-----w- c:\program files\Windows Media Connect 2
2010-07-08 20:06 . 2010-04-02 12:53 -------- d-----w- c:\program files\CCleaner
2010-07-08 17:27 . 2010-04-02 13:33 -------- d-----w- c:\program files\Java
2010-07-08 13:54 . 2010-04-02 12:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-08 13:53 . 2010-04-06 23:32 -------- d-----w- c:\program files\Styler
2010-07-08 13:49 . 2010-04-06 23:35 -------- d-----w- c:\documents and settings\Marian\Application Data\IconTweaker
2010-07-08 13:49 . 2010-04-06 23:35 -------- d-----w- c:\documents and settings\All Users\Application Data\IconTweaker
2010-07-07 18:39 . 2010-04-02 12:56 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-07 17:46 . 2010-04-14 21:06 -------- d-----w- c:\documents and settings\Marian\Application Data\Ventrilo
2010-07-04 18:44 . 2010-04-25 15:18 -------- d-----w- c:\documents and settings\Marian\Application Data\dvdcss
2010-06-30 18:25 . 2010-04-02 12:02 3460 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-06-30 18:25 . 2010-04-02 12:02 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-06-24 12:45 . 2010-06-01 10:07 -------- d-----w- c:\program files\AGEIA Technologies
2010-06-23 16:42 . 2010-04-13 22:29 -------- d-----w- c:\documents and settings\Marian\Application Data\HPAppData
2010-06-18 14:27 . 2010-04-02 12:58 -------- d-----w- c:\program files\Messenger Plus! Live
2010-06-16 13:35 . 2010-06-16 13:35 -------- d-----w- c:\documents and settings\Marian\Application Data\bizarre creations
2010-06-15 18:41 . 2010-06-15 18:41 -------- d-----w- c:\documents and settings\Marian\Application Data\Octoshape
2010-06-15 13:31 . 2010-04-02 13:08 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-06-12 11:20 . 2010-06-12 11:20 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-12 11:13 . 2010-05-18 17:13 -------- d-----w- c:\documents and settings\Marian\Application Data\DivX
2010-06-12 11:10 . 2010-05-15 15:21 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-12 11:10 . 2010-05-15 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-06-12 11:10 . 2010-06-12 11:10 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-06-12 11:10 . 2010-06-12 11:10 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-06-12 11:09 . 2010-06-12 11:09 84062 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-06-12 11:09 . 2010-06-12 11:09 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-06-12 11:08 . 2010-05-15 15:21 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-06-12 11:06 . 2010-06-12 11:06 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-06-12 11:06 . 2010-06-12 11:06 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-06-12 11:06 . 2010-06-12 11:06 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-06-12 11:06 . 2010-06-12 11:06 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-06-12 11:06 . 2010-06-12 11:06 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-12 11:03 . 2010-05-15 15:21 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-06-11 07:22 . 2010-06-10 14:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-10 13:54 . 2010-06-10 13:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-06-09 18:39 . 2010-06-15 18:42 830464 ----a-w- c:\documents and settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\pmv307a-1006091-0-libOctoshapeClient.dll
2010-06-08 15:16 . 2010-04-02 12:12 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-06-08 15:16 . 2010-04-02 12:12 1833576 ----a-w- c:\windows\SkyTel.exe
2010-06-08 15:16 . 2010-04-02 12:12 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-06-08 15:16 . 2010-04-02 12:12 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-06-08 15:16 . 2010-04-02 12:12 6056040 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-06-08 15:16 . 2010-04-02 12:12 19552872 ----a-w- c:\windows\RTHDCPL.EXE
2010-06-08 15:16 . 2010-04-02 12:12 2180712 ----a-w- c:\windows\MicCal.exe
2010-06-08 15:16 . 2010-04-02 12:12 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-06-08 15:16 . 2010-04-02 12:12 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-05-31 16:11 . 2010-05-31 16:11 -------- d-----w- c:\documents and settings\Marian\Application Data\Ubisoft
2010-05-31 16:11 . 2010-05-28 10:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft
2010-05-31 14:48 . 2010-05-31 14:44 -------- d-----w- c:\documents and settings\Marian\Application Data\TeamViewer
2010-05-29 08:54 . 2010-05-29 08:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2010-05-29 08:51 . 2010-05-29 08:42 -------- d-----w- c:\program files\ATI Technologies
2010-05-29 08:42 . 2010-05-29 08:42 -------- d-----w- c:\program files\ATI
2010-05-29 08:24 . 2010-05-10 21:41 -------- d-----r- c:\program files\Skype
2010-05-29 08:10 . 2010-05-29 08:10 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-05-28 10:57 . 2010-05-28 10:57 -------- d-----w- c:\program files\SystemRequirementsLab
2010-05-28 10:56 . 2010-05-28 10:56 85504 ----a-w- c:\documents and settings\Marian\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
2010-05-28 10:56 . 2010-05-28 10:56 -------- d-----w- c:\documents and settings\Marian\Application Data\SystemRequirementsLab
2010-05-28 08:05 . 2010-05-28 08:05 3584 ----a-r- c:\documents and settings\Marian\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2010-05-28 08:05 . 2010-05-28 08:05 -------- d-----w- c:\program files\Windows Installer Clean Up
2010-05-28 08:05 . 2010-05-28 08:05 -------- d-----w- c:\program files\MSECACHE
2010-05-28 07:54 . 2010-04-02 12:25 -------- d-----w- c:\documents and settings\Marian\Application Data\ATI
2010-05-28 07:52 . 2010-05-28 07:52 0 ----a-w- c:\windows\ativpsrm.bin
2010-05-27 16:18 . 2010-05-27 16:18 19072 ----a-w- c:\windows\system32\drivers\PS2.sys
2010-05-27 16:07 . 2010-05-27 16:06 -------- d-----w- c:\documents and settings\Marian\Application Data\Uniblue
2010-05-27 15:45 . 2010-05-27 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-05-27 12:06 . 2010-04-19 17:05 737280 ----a-w- c:\windows\iun6002.exe
2010-05-27 08:49 . 2010-05-04 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-05-27 08:44 . 2010-04-07 11:45 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2010-05-21 17:21 . 2010-05-04 14:11 -------- d-----w- c:\documents and settings\Marian\Application Data\Autodesk
2010-05-15 15:21 . 2010-05-15 15:21 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:21 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:21 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:21 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:21 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:21 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:21 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-15 15:21 . 2010-05-15 15:20 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-05-15 15:20 . 2010-05-15 15:20 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-05-10 21:43 . 2010-05-10 21:43 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-05-05 02:45 . 2008-08-01 06:38 4807680 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-05-05 01:55 . 2010-05-28 08:33 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-05-05 01:55 . 2010-05-28 08:33 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-05-05 01:53 . 2010-05-28 08:33 3997696 ----a-w- c:\windows\system32\aticaldd.dll
2010-05-05 01:48 . 2010-05-28 08:33 15056896 ----a-w- c:\windows\system32\atioglxx.dll
2010-05-05 01:43 . 2010-05-29 08:43 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-05-05 01:39 . 2010-05-29 08:43 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-05-05 01:38 . 2008-08-01 04:32 301568 ----a-w- c:\windows\system32\ati2dvag.dll
2010-05-05 01:37 . 2008-08-01 04:10 3693696 ----a-w- c:\windows\system32\ati3duag.dll
2010-05-05 01:27 . 2010-05-28 08:33 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-05-05 01:26 . 2010-05-28 08:33 155648 ----a-w- c:\windows\system32\Oemdspif.dll
.

------- Sigcheck -------

[-] 2009-03-08 . 5EA6A568D1090DEBCC84BC5B64EB7A30 . 6146048 . . [8.00.6001.18702] . . c:\windows\system32\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\VITrans\mshtml.dll
[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2007-02-18 . 1C45525574EF206346FBAFCAAC7CC4A5 . 3062272 . . [6.00.2900.3059] . . c:\windows\ie8\mshtml.dll

[7] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP3GDR\ntoskrnl.exe
[7] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . 831E16D585070732707F7C9A26D42E64 . 2144256 . . [5.1.2600.5938] . . c:\windows\system32\ntoskrnl.exe
[7] 2010-02-16 . 048DB3459FAB4CA741DCC84E1F374D65 . 2146304 . . [5.1.2600.5938] . . c:\windows\system32\VITrans\ntoskrnl.exe
[7] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP2GDR\ntoskrnl.exe
[7] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP3QFE\ntoskrnl.exe
[7] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\ntoskrnl.exe
[7] 2009-02-06 . FACEBB0CA3154F77009CDFEE78A00BBB . 2180480 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\ntoskrnl.exe
[7] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\ntoskrnl.exe
[7] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\ntoskrnl.exe
[7] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2008-04-13 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2007-02-18 . 0C58CB9E8C2163F290FCDDCC75D9BEFA . 2137600 . . [5.1.2600.3023] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe

[-] 2008-04-14 . 381C9453EA0DB0CE82D6C67C63223D33 . 1431552 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\VITrans\explorer.exe
[-] 2007-02-18 . 42D32722B805D7DF42D30487A0BCBD78 . 1033216 . . [6.00.2900.2894] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[7] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . CEAF8AF4947DE6A900A6B849A1998910 . 2022400 . . [5.1.2600.5938] . . c:\windows\system32\ntkrnlpa.exe
[7] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-02-16 . E8B8801DE921912EBDEEFC76662F7EAD . 2024448 . . [5.1.2600.5938] . . c:\windows\system32\VITrans\ntkrnlpa.exe
[7] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP2GDR\ntkrnlpa.exe
[7] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\SP3QFE\ntkrnlpa.exe
[7] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\ntkrnlpa.exe
[7] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\ntkrnlpa.exe
[7] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\ntkrnlpa.exe
[7] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\ntkrnlpa.exe
[7] 2008-04-13 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2007-02-18 . 1F9DD693DF8F6A1841E57EC62D22CC1C . 2017280 . . [5.1.2600.3023] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrueTransparency"="c:\progra~1\TRUETR~1\TrueTransparency.exe" [2010-07-15 356352]
"ViStart"="c:\progra~1\ViStart\ViStart.exe" [2010-07-15 798720]
"ViGlance"="c:\progra~1\ViGlance\ViGlance.exe" [2010-07-15 438272]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-06-29 2403568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-04 102400]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-08 19552872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-07-02 2202704]

c:\documents and settings\Marian\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-4-7 3450608]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-09-20 13:35 202024 ----a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvIcon]
2008-04-13 17:39 49152 ----a-w- c:\program files\Vista Drive Icon\DrvIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 19:17 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-09-20 07:51 1836328 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\documents and settings\Marian\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 12:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Valve\\Steam\\Steam.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Documents and Settings\\Marian\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\Program Files\\Codemasters\\Colin McRae DiRT 2\\dirt2_game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\ssementexx\\counter-strike\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [28. 4. 2010 8:17 114984]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2. 7. 2010 12:43 810144]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [4. 4. 2010 17:24 27632]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [4. 4. 2010 17:24 90112]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22. 6. 2010 19:49 1691480]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Marian\Application Data\Mozilla\Firefox\Profiles\vlu8o74e.default\
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-PlayBar - c:\program files\Playbar\playbar.exe
MSConfigStartUp-SmcService - c:\progra~1\Sygate\SPF\smc.exe
AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - c:\program files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-17 12:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1136)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\cscui.dll
.
Completion time: 2010-07-17 12:32:11
ComboFix-quarantined-files.txt 2010-07-17 10:31

Pre-Run: 12 349 755 392 bytes free
Post-Run: 12 337 553 408 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /NoExecute=AlwaysOff /fastdetect

- - End Of File - - B51173D0D67BBC8F8CEDC0450D13CB4C

#15 Příspěvek od **Caroprd111** » 17 črc 2010 12:11

Pokud nemáte, přesuňte Combofix na plochu

Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

File::
c:\windows\system32\ezsidmv.dat

FCopy::
c:\windows\system32\dllcache\mshtml.dll | c:\windows\system32\mshtml.dll
c:\windows\system32\dllcache\ntoskrnl.exe | c:\windows\system32\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\explorer.exe | c:\windows\explorer.exe
c:\windows\system32\dllcache\ntkrnlpa.exe | c:\windows\system32\ntkrnlpa.exe

Restore::
C:\WINDOWS\system32\drivers\atapi.sys

Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
Po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

VIRY.CZ

Vyskakovanie okien/NOD32+vír

Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír

Re: Vyskakovanie okien/NOD32+vír