VIRY.CZ

Prosim o pomoc s pomalym internetom - router je v poriadku, po kabli rychle pripojenie, ine notebooky cez wifi rychle pripojenie, moj notebook cez wifi - internet mi ide velmi pomaly napr. 1kBps DL, dlho nacitava stranky. Ked si dam volbu manualne sa prihlasit do domacej siete, po restarte je volba prepnuta na automaticke prihlasenie do domacej siete. Niekedy po kliknuti wireless network connection vypisuje, ze windows nemoze konfigurovat nastavenie wifi sieti. Vdaka za pomoc.

vypis z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator2 at 2011-01-08 17:18:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 52 GB (73%) free of 71 GB
Total RAM: 1526 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:55, on 8.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\PMSveH.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\mbam-setup.exe
C:\DOCUME~1\ADMINI~2\LOCALS~1\Temp\is-QEUVJ.tmp\mbam-setup.tmp
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Administrator2\My Documents\RSIT.exe
C:\Program Files\trend micro\Administrator2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\PROGRA~1\NetWorx\deskband.dll
O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [PMHandler] C:\WINDOWS\system32\PMHandler.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll
O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/us/en/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0115897359
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PMSveH - Lenovo - C:\WINDOWS\system32\PMSveH.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9728 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Foxit Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - &NetWorx Desk Band - C:\PROGRA~1\NetWorx\deskband.dll [2010-10-21 950784]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Foxit Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-04 118784]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-05-26 1043968]
"NetWorx"=C:\Program Files\NetWorx\networx.exe [2010-10-21 2984448]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-11-18 2216960]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2010-09-17 176128]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe [2005-12-21 94208]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2005-12-15 1236992]
"TPWAUDAP"=C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe [2005-12-10 24064]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-08 61952]
"PMHandler"=C:\WINDOWS\system32\PMHandler.exe [2006-05-20 24576]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2005-11-29 196696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Web Scanner"=3
"avast! Mail Scanner"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2010-09-17 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2005-12-21 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-01-08 17:18:31 ----D---- C:\Program Files\trend micro
2011-01-08 17:18:29 ----D---- C:\rsit
2011-01-08 17:11:12 ----D---- C:\Documents and Settings\Administrator2\Application Data\Malwarebytes
2011-01-08 17:11:02 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-01-08 17:10:59 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-01-08 17:10:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-08 17:10:57 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-01-08 17:07:58 ----SD---- C:\ComboFix
2011-01-08 16:57:30 ----D---- C:\WINDOWS\IBM
2011-01-01 19:49:38 ----D---- C:\Documents and Settings\Administrator2\Application Data\Avaya
2011-01-01 19:30:05 ----ASH---- C:\hiberfil.sys
2011-01-01 16:13:17 ----A---- C:\SVKSettings.txt
2010-12-31 20:03:10 ----D---- C:\Program Files\Microsoft Games
2010-12-26 21:16:52 ----D---- C:\Program Files\Electronic Arts
2010-12-26 21:16:45 ----A---- C:\WINDOWS\uninst.exe
2010-12-26 21:16:29 ----RASH---- C:\MSDOS.SYS
2010-12-26 15:12:57 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-12-26 15:12:57 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-12-26 15:12:56 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-12-26 15:12:55 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-12-26 15:12:54 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-12-26 15:12:54 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-12-26 15:12:53 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-12-26 15:12:52 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-12-26 15:12:51 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-12-26 15:12:51 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-12-26 15:12:50 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-12-26 15:12:50 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-12-26 15:12:49 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-12-26 15:12:48 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-12-26 15:12:47 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-12-26 15:12:41 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-12-26 15:12:40 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-12-26 15:12:39 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-12-26 15:12:39 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-12-26 15:12:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-12-26 15:12:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-12-26 15:12:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-12-26 15:12:35 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-12-26 15:12:35 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-12-26 15:12:34 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-12-26 15:12:34 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-12-26 15:12:32 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-12-26 15:12:32 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-12-26 15:12:31 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-12-26 15:12:30 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-12-26 15:12:30 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-12-26 15:12:29 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-12-26 15:12:26 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-12-26 15:12:25 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-12-26 15:12:25 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-12-26 15:12:23 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-12-26 15:12:22 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-12-26 15:12:22 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-12-26 15:12:21 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-12-26 15:12:19 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-12-26 15:12:19 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-12-26 15:12:18 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-12-26 15:12:17 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-12-26 15:12:16 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-12-26 15:12:16 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-12-26 15:12:15 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-12-26 15:12:13 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-12-26 15:12:12 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-12-26 15:12:11 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-12-26 15:12:10 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-12-26 15:12:10 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-12-26 15:12:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-12-26 15:12:08 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-12-26 15:12:04 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-12-26 15:12:04 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-12-26 15:12:02 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-12-26 15:12:01 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-12-26 15:11:59 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-12-26 15:11:59 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-12-26 15:11:58 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-12-26 15:11:57 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-12-26 15:11:57 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-12-26 15:11:56 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-12-26 15:11:56 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-12-26 15:11:53 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-12-26 15:11:52 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-12-26 15:11:50 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-12-26 15:11:44 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-12-26 15:11:44 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-12-26 15:11:40 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-12-26 15:11:39 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-12-26 15:11:39 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-12-26 15:11:38 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-12-26 15:11:38 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-12-26 15:11:38 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-12-26 15:11:37 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-12-26 15:11:37 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-12-26 15:11:36 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-12-26 15:11:35 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-12-26 15:11:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-12-26 15:11:34 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-12-26 15:11:28 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-12-26 15:11:27 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-12-26 15:11:27 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-12-26 15:11:26 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-12-26 15:11:26 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-12-26 15:11:25 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-12-26 15:11:25 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-12-26 15:11:24 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-12-26 15:11:24 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-12-26 15:11:22 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-12-26 15:08:50 ----HD---- C:\WINDOWS\msdownld.tmp
2010-12-26 15:08:40 ----D---- C:\WINDOWS\Logs
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\winrm
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-12-26 14:59:09 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-12-26 14:58:44 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2010-12-26 14:57:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-12-26 14:45:30 ----D---- C:\Program Files\ANU
2010-12-23 23:18:42 ----D---- C:\Discrete Acoustics Lab
2010-12-15 21:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-15 21:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-15 21:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-15 21:43:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-15 21:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-15 21:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-15 21:41:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2010-12-15 21:34:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$

======List of files/folders modified in the last 1 months======

2011-01-08 17:19:49 ----D---- C:\WINDOWS\Prefetch
2011-01-08 17:18:44 ----D---- C:\WINDOWS\Internet Logs
2011-01-08 17:18:31 ----RD---- C:\Program Files
2011-01-08 17:11:02 ----D---- C:\WINDOWS\system32\drivers
2011-01-08 17:08:15 ----D---- C:\Qoobox
2011-01-08 16:57:30 ----AD---- C:\WINDOWS
2011-01-08 16:56:05 ----D---- C:\WINDOWS\Temp
2011-01-08 16:40:58 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-07 22:12:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-07 20:20:18 ----A---- C:\WINDOWS\system32\sun_debug.txt
2011-01-07 20:20:17 ----A---- C:\WINDOWS\system32\sun_debug1.txt
2011-01-05 22:29:16 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-01-05 22:29:16 ----HD---- C:\WINDOWS\inf
2011-01-05 22:29:16 ----AD---- C:\WINDOWS\system32
2011-01-05 22:29:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-04 23:27:29 ----D---- C:\Documents and Settings\Administrator2\Application Data\Spyware Terminator
2011-01-03 19:26:36 ----A---- C:\WINDOWS\WDICT32.INI
2011-01-01 19:41:44 ----D---- C:\DRIVERS
2011-01-01 19:09:58 ----RSHD---- C:\RRbackups
2011-01-01 16:27:17 ----D---- C:\Program Files\McAfee Security Scan
2011-01-01 16:14:14 ----D---- C:\IBMSHARE
2011-01-01 16:10:10 ----SD---- C:\Documents and Settings\Administrator2\Application Data\Microsoft
2011-01-01 15:54:31 ----D---- C:\Documents and Settings
2010-12-31 20:03:21 ----RSD---- C:\WINDOWS\Fonts
2010-12-29 22:38:15 ----SHD---- C:\WINDOWS\Installer
2010-12-29 20:23:25 ----D---- C:\Documents and Settings\Administrator2\Application Data\ICQ
2010-12-28 14:06:07 ----D---- C:\Documents and Settings\Administrator2\Application Data\Skype
2010-12-28 13:58:23 ----D---- C:\Documents and Settings\Administrator2\Application Data\skypePM
2010-12-26 15:12:59 ----D---- C:\WINDOWS\system32\DirectX
2010-12-26 15:11:34 ----RSD---- C:\WINDOWS\assembly
2010-12-26 15:11:08 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-26 15:02:42 ----D---- C:\WINDOWS\system32\config
2010-12-26 15:01:58 ----D---- C:\WINDOWS\security
2010-12-26 14:59:25 ----D---- C:\WINDOWS\Help
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\wbem
2010-12-26 14:55:57 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-26 14:49:45 ----D---- C:\WINDOWS\Debug
2010-12-25 23:28:32 ----D---- C:\Program Files\Spyware Terminator
2010-12-23 23:11:53 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-12-19 14:21:35 ----SHD---- C:\RECYCLER
2010-12-17 17:20:12 ----RASH---- C:\BOOT.INI
2010-12-17 17:20:12 ----A---- C:\WINDOWS\win.ini
2010-12-17 17:20:12 ----A---- C:\WINDOWS\system.ini
2010-12-15 21:44:31 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-12-15 21:43:39 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-15 21:35:27 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-15 21:34:57 ----D---- C:\Program Files\Outlook Express
2010-12-14 19:34:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-10 18:52:05 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PCGenFAM;PCGenFAM; C:\WINDOWS\system32\DRIVERS\PCGenFAM.sys [2010-11-01 181704]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-10-26 20640]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-09-28 11520]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 PMHler;PMHler; C:\WINDOWS\system32\drivers\PMHler.sys [2005-12-21 10240]
R1 PSSDK42;PSSDK42; \??\C:\WINDOWS\system32\Drivers\pssdk42.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-12-08 18101]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006-01-11 7168]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS []
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R2 smi2;smi2; \??\C:\Program Files\SMI2\smi2.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-08-19 138752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\System32\Drivers\ATSwpDrv.sys [2005-03-30 116594]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-12-15 425216]
R3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-17 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-02 51584]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-02 308992]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-29 191936]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 ANCSQ;ANCSQ; C:\WINDOWS\System32\drivers\ANCSQ.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~2\LOCALS~1\Temp\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-08 145920]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2010-09-17 98304]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2010-09-17 237568]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 PMSveH;PMSveH; C:\WINDOWS\system32\PMSveH.exe [2006-05-19 57344]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2010-11-01 331296]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-18 496128]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-05-26 2437176]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-12-15 18944]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2005-12-14 622700]
S3 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-19 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe [2005-12-22 1384448]
S3 TVT Scheduler;TVT Scheduler; C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe [2005-12-22 77824]
S3 UCLauncherService;ThinkVantage System Update; C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe [2005-08-02 40960]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-11 28160]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

tu je log z combofixu:

ComboFix 11-02-12.02 - Administrator2 13.02.2011 19:04:10.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1526.1005 [GMT 1:00]
Running from: c:\documents and settings\Administrator2\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe

.
((((((((((((((((((((((((( Files Created from 2011-01-13 to 2011-02-13 )))))))))))))))))))))))))))))))
.

2011-02-12 14:07 . 2011-02-12 14:08 -------- d-----w- c:\program files\MagicISO
2011-02-11 16:26 . 2011-02-12 22:11 -------- d-----w- C:\Kosco
2011-01-27 21:48 . 2011-01-27 21:48 -------- d-----w- c:\documents and settings\Administrator2\Application Data\ChessBase
2011-01-27 19:40 . 2011-01-27 19:40 -------- d-----w- c:\program files\ChessBase
2011-01-27 19:37 . 2011-01-27 19:37 -------- d-----w- c:\documents and settings\Administrator2\Application Data\FarStone
2011-01-27 19:33 . 2011-01-27 19:33 -------- d-----w- c:\program files\FarStone
2011-01-27 19:32 . 2011-02-13 09:57 135168 ----a-w- c:\windows\system32\VDProductInfoEx.dll
2011-01-27 18:37 . 2011-01-27 18:37 -------- d-----w- c:\documents and settings\Administrator2\Application Data\Sonic
2011-01-27 18:37 . 2011-01-27 18:37 -------- d-----w- c:\documents and settings\Administrator2\Application Data\Leadertech
2011-01-21 14:44 . 2011-01-21 14:44 439296 ------w- c:\windows\system32\dllcache\shimgvw.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 1980-01-01 08:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-12 19:52 . 2011-01-12 19:52 217088 ----a-w- c:\windows\system32\BlueCiucc.dll
2011-01-07 14:09 . 1980-01-01 08:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-01 15:12 . 2010-11-19 03:50 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS
2010-12-31 13:10 . 1980-01-01 08:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 1980-01-01 08:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 22:15 . 1980-01-01 08:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 22:15 . 1980-01-01 08:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-12-20 22:15 . 1980-01-01 08:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 17:26 . 1980-01-01 08:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 15:30 . 1980-01-01 08:00 369664 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 1980-01-01 08:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 1980-01-01 08:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38 . 1980-01-01 08:00 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2004-08-04 06:59 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-19 03:49 . 2010-11-19 03:49 32256 ----a-w- c:\windows\system32\drivers\psasrv.exe
2010-11-19 03:49 . 2010-11-19 03:49 16256 ----a-w- c:\windows\system32\drivers\psadd.sys
2010-11-19 03:49 . 2010-11-19 03:49 109056 ----a-w- c:\windows\system32\pxinsi64.exe
2010-11-19 03:49 . 2010-11-19 03:49 108544 ----a-w- c:\windows\system32\pxcpyi64.exe
2010-11-18 21:55 . 2010-11-18 21:55 111616 ----a-w- c:\windows\system32\ActualEarth.scr
2010-11-18 21:38 . 2010-11-18 21:38 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-11-18 20:53 . 2010-11-18 20:53 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys
2010-11-18 18:12 . 2004-08-09 21:24 81920 ----a-w- c:\windows\system32\isign32.dll
.

((((((((((((((((((((((((((((( SnapShot_2011-01-09_10.25.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-19 03:20 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2010-11-19 03:20 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
+ 2010-04-16 15:20 . 2010-12-20 22:15 81920 c:\windows\system32\dllcache\ieencode.dll
- 2010-04-16 15:20 . 2010-11-05 05:05 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-01-12 19:52 . 2011-01-12 19:52 10134 c:\windows\Installer\{D75BB2DA-5078-4922-81CD-17736A2D888B}\SystemFolder_msiexec.exe
+ 2011-01-12 19:52 . 2011-01-12 19:52 26694 c:\windows\Installer\{D75BB2DA-5078-4922-81CD-17736A2D888B}\controlPanelIcon.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2006-09-16 04:55 . 2006-09-16 04:55 16384 c:\windows\FSRunCmd.exe
+ 2011-01-12 19:52 . 2011-01-12 19:52 32768 c:\windows\assembly\GAC_MSIL\BlueScan.resources\1.5.0.0_it_783042470e73a192\BlueScan.resources.dll
+ 2011-01-12 19:52 . 2011-01-12 19:52 64512 c:\windows\assembly\GAC_32\Medieval\1.0.0.0__ff2c127b48fdfac1\Medieval.dll
+ 2011-01-13 19:43 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
+ 2011-01-13 19:43 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
+ 1980-01-01 08:00 . 2010-12-20 22:15 629760 c:\windows\system32\urlmon.dll
- 1980-01-01 08:00 . 2010-11-05 05:05 629760 c:\windows\system32\urlmon.dll
+ 1980-01-01 08:00 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 1980-01-01 08:00 . 2008-04-14 00:12 249856 c:\windows\system32\odbc32.dll
- 1980-01-01 08:00 . 2010-11-05 05:05 532480 c:\windows\system32\mstime.dll
+ 1980-01-01 08:00 . 2010-12-20 22:15 532480 c:\windows\system32\mstime.dll
- 1980-01-01 08:00 . 2010-11-05 05:05 449024 c:\windows\system32\mshtmled.dll
+ 1980-01-01 08:00 . 2010-12-20 22:15 449024 c:\windows\system32\mshtmled.dll
+ 2011-02-10 20:42 . 2011-02-10 20:42 234656 c:\windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe
+ 1980-01-01 08:00 . 2010-12-20 22:15 251904 c:\windows\system32\iepeers.dll
- 1980-01-01 08:00 . 2010-11-05 05:05 251904 c:\windows\system32\iepeers.dll
+ 2004-08-09 21:17 . 2011-02-10 20:39 282128 c:\windows\system32\FNTCACHE.DAT
+ 2010-04-16 16:09 . 2010-12-20 22:15 667136 c:\windows\system32\dllcache\wininet.dll
- 2010-04-16 16:09 . 2010-11-05 05:05 667136 c:\windows\system32\dllcache\wininet.dll
+ 2010-04-16 16:09 . 2010-12-20 22:15 629760 c:\windows\system32\dllcache\urlmon.dll
- 2010-04-16 16:09 . 2010-11-05 05:05 629760 c:\windows\system32\dllcache\urlmon.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2010-11-18 21:42 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
- 2010-11-05 05:05 . 2010-11-05 05:05 532480 c:\windows\system32\dllcache\mstime.dll
+ 2010-11-05 05:05 . 2010-12-20 22:15 532480 c:\windows\system32\dllcache\mstime.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2010-09-09 14:16 . 2010-12-20 22:15 449024 c:\windows\system32\dllcache\mshtmled.dll
- 2010-09-09 14:16 . 2010-11-05 05:05 449024 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
- 2010-11-18 21:42 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-11-18 21:42 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
- 2010-04-16 16:09 . 2010-11-05 05:05 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-04-16 16:09 . 2010-12-20 22:15 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-04-20 05:51 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll
- 2010-04-20 05:51 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2011-01-12 19:52 . 2011-01-12 19:52 246272 c:\windows\Installer\66edc.msi
+ 2011-01-12 19:52 . 2011-01-12 19:52 246272 c:\windows\Installer\66ed9.msi
+ 2010-11-20 10:16 . 2011-02-09 20:23 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-12 19:52 . 2011-01-12 19:52 552960 c:\windows\assembly\GAC_32\BlueScan\1.5.0.0__783042470e73a192\BlueScan.dll
+ 2011-01-12 19:52 . 2011-01-12 19:52 258048 c:\windows\assembly\GAC_32\BlueCiuccGC\1.1.0.0__a2802f646c9d7183\BlueCiuccGC.dll
+ 2011-01-13 19:43 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2419632$\spuninst\updspapi.dll
+ 2011-01-13 19:43 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2419632$\spuninst\spuninst.exe
+ 2011-01-13 19:43 . 2008-04-14 00:12 249856 c:\windows\$NtUninstallKB2419632$\odbc32.dll
+ 2011-01-13 19:43 . 2008-04-14 00:12 102400 c:\windows\$NtUninstallKB2419632$\msjro.dll
+ 2011-01-13 19:43 . 2008-04-14 00:11 200704 c:\windows\$NtUninstallKB2419632$\msadox.dll
+ 2011-01-13 19:43 . 2008-04-14 00:11 180224 c:\windows\$NtUninstallKB2419632$\msadomd.dll
+ 2011-01-13 19:43 . 2008-04-14 00:11 536576 c:\windows\$NtUninstallKB2419632$\msado15.dll
+ 2011-01-13 19:43 . 2008-04-14 00:11 143360 c:\windows\$NtUninstallKB2419632$\msadco.dll
+ 2011-01-13 19:43 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-01-13 19:43 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-01-13 19:43 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
- 1980-01-01 08:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 1980-01-01 08:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
- 1980-01-01 08:00 . 2010-11-05 05:05 1510400 c:\windows\system32\shdocvw.dll
+ 1980-01-01 08:00 . 2010-12-20 22:15 1510400 c:\windows\system32\shdocvw.dll
+ 1980-01-01 08:00 . 2010-12-20 22:15 3078144 c:\windows\system32\mshtml.dll
+ 2010-11-19 15:45 . 2011-02-10 20:42 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-05-02 05:22 . 2010-12-31 13:10 1854976 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
- 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2010-04-16 16:09 . 2010-12-20 22:15 1510400 c:\windows\system32\dllcache\shdocvw.dll
- 2010-04-16 16:09 . 2010-11-05 05:05 1510400 c:\windows\system32\dllcache\shdocvw.dll
+ 2010-11-18 21:42 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-11-18 21:42 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 18:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-11-18 21:42 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2010-04-16 16:09 . 2010-12-20 22:15 3078144 c:\windows\system32\dllcache\mshtml.dll
- 2010-04-16 16:09 . 2010-11-05 05:05 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2010-04-16 16:09 . 2010-12-20 22:15 1025024 c:\windows\system32\dllcache\browseui.dll
+ 1980-01-01 08:00 . 2010-12-20 22:15 1025024 c:\windows\system32\browseui.dll
- 1980-01-01 08:00 . 2010-11-05 05:05 1025024 c:\windows\system32\browseui.dll
+ 2010-12-16 23:17 . 2010-12-16 23:17 3362304 c:\windows\Installer\349dea.msp
+ 2011-01-11 16:52 . 2011-01-11 16:52 3360768 c:\windows\Installer\10d901.msp
- 2010-11-20 10:16 . 2010-12-15 20:44 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-11-20 10:16 . 2011-02-09 20:23 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2010-11-20 10:16 . 2010-12-15 20:44 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-11-18 21:42 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-11-18 21:42 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 18:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-11-18 21:42 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-11-18 22:42 . 2011-02-09 20:25 37443528 c:\windows\system32\MRT.exe
+ 2010-12-21 12:06 . 2010-12-21 12:06 11570688 c:\windows\Installer\349dd4.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-05-26 1043968]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2010-10-21 2984448]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-18 2216960]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2010-09-17 176128]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPHKMGR.exe" [2005-12-21 94208]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-15 1236992]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2005-12-10 24064]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 61952]
"PMHandler"="c:\windows\system32\PMHandler.exe" [2006-05-20 24576]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-29 196696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
ACNotify.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-12-21 04:46 24576 ----a-w- c:\windows\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ThinkVantage\\SystemUpdate\\jre\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [18.11.2010 22:06 181704]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.11.2010 0:02 165584]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [21.12.2005 23:09 10240]
R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [18.11.2010 21:53 38976]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [18.11.2010 22:38 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.11.2010 0:02 17744]
R2 smi2;smi2;c:\program files\SMI2\smi2.sys [22.12.2005 1:45 3968]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [1.11.2010 20:59 331296]
S0 ANCSQ;ANCSQ;c:\windows\system32\drivers\ANCSQ.sys --> c:\windows\system32\drivers\ANCSQ.sys [?]
S3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.11.2010 17:37 136176]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [1.1.1980 9:00 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-19 16:37]

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-19 16:37]

2011-02-13 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator2\Application Data\Mozilla\Firefox\Profiles\xsphvxgd.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Foxit Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-VirtualDrive - c:\program files\FarStone\VirtualDrive\VDTask.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-13 19:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(952)
c:\windows\system32\BCMLogon.dll
c:\program files\THINKPAD\CONNECTUTILITIES\ACNotify.dll
c:\program files\THINKPAD\CONNECTUTILITIES\AcSvcStub.dll
c:\program files\THINKPAD\CONNECTUTILITIES\AcLocSettings.dll
c:\program files\THINKPAD\CONNECTUTILITIES\AcCryptHlpr.dll
c:\program files\THINKPAD\CONNECTUTILITIES\ACHelper.dll
c:\windows\SYSTEM32\tphklock.dll
.
Completion time: 2011-02-13 19:14:04
ComboFix-quarantined-files.txt 2011-02-13 18:14
ComboFix2.txt 2011-01-09 10:49
ComboFix3.txt 2010-11-18 23:13

Pre-Run: 52 534 915 072 bytes free
Post-Run: 52 562 509 824 bytes free

- - End Of File - - 78B31F89514208718C25494C9A52888D

Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 11-02-12.02 - Administrator2 13.02.2011 19:57:46.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1526.981 [GMT 1:00]
Running from: c:\documents and settings\Administrator2\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator2\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cb_287.ico
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_286.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((( Files Created from 2011-01-13 to 2011-02-13 )))))))))))))))))))))))))))))))
.

2011-02-13 18:14 . 2011-02-13 18:14 -------- d-s---w- c:\windows\Cookies
2011-01-27 19:37 . 2011-01-27 19:37 -------- d-----w- c:\documents and settings\Administrator2\Application Data\FarStone
2011-01-27 19:33 . 2011-01-27 19:33 -------- d-----w- c:\program files\FarStone
2011-01-27 19:32 . 2011-02-13 09:57 135168 ----a-w- c:\windows\system32\VDProductInfoEx.dll
2011-01-27 18:37 . 2011-01-27 18:37 -------- d-----w- c:\documents and settings\Administrator2\Application Data\Sonic
2011-01-27 18:37 . 2011-01-27 18:37 -------- d-----w- c:\documents and settings\Administrator2\Application Data\Leadertech
2011-01-21 14:44 . 2011-01-21 14:44 439296 ------w- c:\windows\system32\dllcache\shimgvw.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 1980-01-01 08:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-12 19:52 . 2011-01-12 19:52 217088 ----a-w- c:\windows\system32\BlueCiucc.dll
2011-01-07 14:09 . 1980-01-01 08:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-01 15:12 . 2010-11-19 03:50 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS
2010-12-31 13:10 . 1980-01-01 08:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 1980-01-01 08:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 22:15 . 1980-01-01 08:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 22:15 . 1980-01-01 08:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-12-20 22:15 . 1980-01-01 08:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 17:26 . 1980-01-01 08:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 15:30 . 1980-01-01 08:00 369664 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 1980-01-01 08:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 1980-01-01 08:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38 . 1980-01-01 08:00 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2004-08-04 06:59 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-19 03:49 . 2010-11-19 03:49 32256 ----a-w- c:\windows\system32\drivers\psasrv.exe
2010-11-19 03:49 . 2010-11-19 03:49 16256 ----a-w- c:\windows\system32\drivers\psadd.sys
2010-11-19 03:49 . 2010-11-19 03:49 109056 ----a-w- c:\windows\system32\pxinsi64.exe
2010-11-19 03:49 . 2010-11-19 03:49 108544 ----a-w- c:\windows\system32\pxcpyi64.exe
2010-11-18 21:55 . 2010-11-18 21:55 111616 ----a-w- c:\windows\system32\ActualEarth.scr
2010-11-18 21:38 . 2010-11-18 21:38 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-11-18 20:53 . 2010-11-18 20:53 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys
2010-11-18 18:12 . 2004-08-09 21:24 81920 ----a-w- c:\windows\system32\isign32.dll
.

((((((((((((((((((((((((((((( SnapShot_2011-02-13_18.11.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-13 18:14 . 2011-02-13 17:51 16384 c:\windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-05-26 1043968]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2010-10-21 2984448]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-18 2216960]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2010-09-17 176128]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPHKMGR.exe" [2005-12-21 94208]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-15 1236992]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2005-12-10 24064]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 61952]
"PMHandler"="c:\windows\system32\PMHandler.exe" [2006-05-20 24576]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-29 196696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
ACNotify.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-12-21 04:46 24576 ----a-w- c:\windows\system32\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ThinkVantage\\SystemUpdate\\jre\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [18.11.2010 22:06 181704]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.11.2010 0:02 165584]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [21.12.2005 23:09 10240]
R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [18.11.2010 21:53 38976]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [18.11.2010 22:38 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.11.2010 0:02 17744]
R2 smi2;smi2;c:\program files\SMI2\smi2.sys [22.12.2005 1:45 3968]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [1.11.2010 20:59 331296]
S0 ANCSQ;ANCSQ;c:\windows\system32\drivers\ANCSQ.sys --> c:\windows\system32\drivers\ANCSQ.sys [?]
S3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.11.2010 17:37 136176]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [1.1.1980 9:00 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-19 16:37]

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-19 16:37]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator2\Application Data\Mozilla\Firefox\Profiles\xsphvxgd.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Ghostery: firefox@ghostery.com - %profile%\extensions\firefox@ghostery.com
FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Foxit Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-13 20:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(948)
c:\windows\system32\BCMLogon.dll
c:\program files\THINKPAD\CONNECTUTILITIES\ACNotify.dll
c:\program files\THINKPAD\CONNECTUTILITIES\AcSvcStub.dll
c:\program files\THINKPAD\CONNECTUTILITIES\AcLocSettings.dll
c:\program files\THINKPAD\CONNECTUTILITIES\AcCryptHlpr.dll
c:\program files\THINKPAD\CONNECTUTILITIES\ACHelper.dll
c:\windows\system32\tphklock.dll
.
Completion time: 2011-02-13 20:08:49
ComboFix-quarantined-files.txt 2011-02-13 19:08
ComboFix2.txt 2011-02-13 18:14
ComboFix3.txt 2011-01-09 10:49
ComboFix4.txt 2010-11-18 23:13

Pre-Run: 52 569 411 584 bytes free
Post-Run: 52 556 533 760 bytes free

- - End Of File - - 26902FD4432C457F5DD75EC72214F2A6

Smazáno, log již vypadá čistý. Nastala nějaká změna?

vdaka, net je relativne v poriadku (co sa tyka rychlosti), ale celkovo ten pc je pomaly, niekedy po vybrati usb kluca z portu alebo zatvorenia len napr. wordu je pc spomaleny, akoby stale nieco robil, nemam trpezlivost cakat a vypinam ho natvrdo.
minule som robil log z rsit, mal ale 75 tis. znakov, tu sa da vlozit len 60 tis., co s tym?

Rozdělte ho do 2 postů.

prosim este raz o kontrolu RSIT, lebo stale je pc spomaleny, aj v porovnani s inym noteboom, napr. ked chcem pozerat nieco z TV archivu na internete.
je to snad posledne riesenie pred restore factory settings a formatovanim.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator2 at 2011-02-15 17:14:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 50 GB (70%) free of 71 GB
Total RAM: 1526 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:10, on 15.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\PMSveH.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\WINDOWS\system32\PMHandler.exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\lenovo\lenovo~2\lpmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator2\My Documents\RSIT.exe
C:\Program Files\trend micro\Administrator2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\PROGRA~1\NetWorx\deskband.dll
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [PMHandler] C:\WINDOWS\system32\PMHandler.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll
O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/us/en/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0115897359
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PMSveH - Lenovo - C:\WINDOWS\system32\PMSveH.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8981 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - &NetWorx Desk Band - C:\PROGRA~1\NetWorx\deskband.dll [2010-10-21 950784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-04 118784]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-05-26 1043968]
"NetWorx"=C:\Program Files\NetWorx\networx.exe [2010-10-21 2984448]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-11-18 2216960]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2010-09-17 176128]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe [2005-12-21 94208]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2005-12-15 1236992]
"TPWAUDAP"=C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe [2005-12-10 24064]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-08 61952]
"PMHandler"=C:\WINDOWS\system32\PMHandler.exe [2006-05-20 24576]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2005-11-29 196696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avast! Web Scanner"=3
"avast! Mail Scanner"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACNotify.dll [2010-09-17 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2005-12-21 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 3 months======

2011-02-13 20:17:24 ----SHD---- C:\RECYCLER
2011-02-13 20:08:51 ----A---- C:\ComboFix.txt
2011-02-13 19:14:54 ----SD---- C:\WINDOWS\Cookies
2011-02-13 19:01:52 ----A---- C:\WINDOWS\zip.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\SWSC.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\SWREG.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\sed.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\PEV.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\NIRCMD.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\MBR.exe
2011-02-13 19:01:52 ----A---- C:\WINDOWS\grep.exe
2011-02-13 10:57:23 ----D---- C:\Config.Msi
2011-02-12 15:07:56 ----D---- C:\Program Files\MagicISO
2011-02-11 17:26:28 ----D---- C:\Kosco
2011-02-09 21:33:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 21:33:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 21:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 21:31:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 21:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 21:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-02-09 21:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 21:21:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-01-27 22:48:52 ----A---- C:\WINDOWS\ChssBase.ini
2011-01-27 22:48:50 ----D---- C:\Documents and Settings\Administrator2\Application Data\ChessBase
2011-01-27 20:40:24 ----D---- C:\Program Files\ChessBase
2011-01-27 20:37:25 ----D---- C:\Documents and Settings\Administrator2\Application Data\FarStone
2011-01-27 20:33:26 ----D---- C:\Program Files\FarStone
2011-01-27 20:32:52 ----A---- C:\WINDOWS\system32\VDProductInfoEx.dll
2011-01-27 19:37:48 ----D---- C:\Documents and Settings\Administrator2\Application Data\Sonic
2011-01-27 19:37:11 ----D---- C:\Documents and Settings\Administrator2\Application Data\Leadertech
2011-01-13 20:43:17 ----A---- C:\WINDOWS\imsins.BAK
2011-01-13 20:43:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-12 20:52:44 ----D---- C:\Program Files\Medieval Software
2011-01-12 20:52:24 ----A---- C:\WINDOWS\system32\BlueCiucc.dll
2011-01-09 23:32:23 ----D---- C:\Program Files\einSTein
2011-01-08 17:38:21 ----A---- C:\mbam-error.txt
2011-01-08 17:18:31 ----D---- C:\Program Files\trend micro
2011-01-08 17:18:29 ----D---- C:\rsit
2011-01-08 17:11:12 ----D---- C:\Documents and Settings\Administrator2\Application Data\Malwarebytes
2011-01-08 17:11:02 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-01-08 17:10:59 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-01-08 17:10:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-08 17:10:57 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-01-08 16:57:30 ----D---- C:\WINDOWS\IBM
2011-01-01 19:49:38 ----D---- C:\Documents and Settings\Administrator2\Application Data\Avaya
2011-01-01 19:30:05 ----ASH---- C:\hiberfil.sys
2011-01-01 16:13:17 ----A---- C:\SVKSettings.txt
2010-12-31 20:03:10 ----D---- C:\Program Files\Microsoft Games
2010-12-26 21:16:52 ----D---- C:\Program Files\Electronic Arts
2010-12-26 21:16:45 ----A---- C:\WINDOWS\uninst.exe
2010-12-26 21:16:29 ----RASH---- C:\MSDOS.SYS
2010-12-26 15:12:57 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-12-26 15:12:57 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-12-26 15:12:56 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-12-26 15:12:55 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-12-26 15:12:54 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-12-26 15:12:54 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-12-26 15:12:53 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-12-26 15:12:52 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-12-26 15:12:51 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-12-26 15:12:51 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-12-26 15:12:50 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-12-26 15:12:50 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-12-26 15:12:49 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-12-26 15:12:48 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-12-26 15:12:47 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-12-26 15:12:41 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-12-26 15:12:40 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-12-26 15:12:39 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-12-26 15:12:39 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-12-26 15:12:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-12-26 15:12:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-12-26 15:12:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-12-26 15:12:35 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-12-26 15:12:35 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-12-26 15:12:34 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-12-26 15:12:34 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-12-26 15:12:32 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-12-26 15:12:32 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-12-26 15:12:31 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-12-26 15:12:30 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-12-26 15:12:30 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-12-26 15:12:29 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-12-26 15:12:26 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-12-26 15:12:25 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-12-26 15:12:25 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-12-26 15:12:23 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-12-26 15:12:22 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-12-26 15:12:22 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-12-26 15:12:21 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-12-26 15:12:19 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-12-26 15:12:19 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-12-26 15:12:18 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-12-26 15:12:17 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-12-26 15:12:16 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-12-26 15:12:16 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-12-26 15:12:15 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-12-26 15:12:13 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-12-26 15:12:12 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-12-26 15:12:11 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-12-26 15:12:10 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-12-26 15:12:10 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-12-26 15:12:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-12-26 15:12:08 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-12-26 15:12:04 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-12-26 15:12:04 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-12-26 15:12:02 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-12-26 15:12:01 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-12-26 15:11:59 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-12-26 15:11:59 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-12-26 15:11:58 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-12-26 15:11:57 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-12-26 15:11:57 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-12-26 15:11:56 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-12-26 15:11:56 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-12-26 15:11:53 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-12-26 15:11:52 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-12-26 15:11:50 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-12-26 15:11:44 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-12-26 15:11:44 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-12-26 15:11:40 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-12-26 15:11:39 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-12-26 15:11:39 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-12-26 15:11:38 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-12-26 15:11:38 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-12-26 15:11:38 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-12-26 15:11:37 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-12-26 15:11:37 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-12-26 15:11:36 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-12-26 15:11:35 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-12-26 15:11:34 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-12-26 15:11:34 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-12-26 15:11:28 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-12-26 15:11:27 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-12-26 15:11:27 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-12-26 15:11:26 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-12-26 15:11:26 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-12-26 15:11:25 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-12-26 15:11:25 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-12-26 15:11:24 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-12-26 15:11:24 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-12-26 15:11:22 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-12-26 15:08:50 ----HD---- C:\WINDOWS\msdownld.tmp
2010-12-26 15:08:40 ----D---- C:\WINDOWS\Logs
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\winrm
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-12-26 14:59:09 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-12-26 14:58:44 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2010-12-26 14:57:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-12-26 14:45:30 ----D---- C:\Program Files\ANU
2010-12-23 23:18:42 ----D---- C:\Discrete Acoustics Lab
2010-12-15 21:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-15 21:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-15 21:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-15 21:43:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-15 21:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-15 21:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-15 21:41:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2010-12-15 21:34:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-05 20:46:05 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-12-05 20:42:11 ----A---- C:\WINDOWS\system32\msonpmon.dll
2010-12-05 11:31:45 ----A---- C:\WINDOWS\system32\muweb.dll
2010-12-05 11:31:45 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-12-05 11:31:45 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-11-28 16:29:17 ----D---- C:\Documents and Settings\Administrator2\Application Data\DataPartner
2010-11-28 16:25:09 ----D---- C:\Documents and Settings\All Users\Application Data\DataPartner
2010-11-27 20:44:51 ----D---- C:\WINDOWS\system32\Soluto
2010-11-20 12:42:43 ----A---- C:\WINDOWS\WDICT32.INI
2010-11-20 11:40:36 ----D---- C:\Documents and Settings\Administrator2\Application Data\Foxit Software
2010-11-20 11:39:44 ----D---- C:\Program Files\Foxit Software
2010-11-20 11:35:13 ----D---- C:\Program Files\Adobe
2010-11-20 11:28:18 ----A---- C:\WINDOWS\ODBC.INI
2010-11-20 11:27:07 ----D---- C:\Program Files\Microsoft ActiveSync
2010-11-20 11:26:16 ----D---- C:\Program Files\Common Files\L&H
2010-11-20 11:15:12 ----D---- C:\Program Files\Microsoft Works
2010-11-20 11:14:06 ----D---- C:\Program Files\Microsoft Visual Studio
2010-11-20 11:14:06 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-20 11:13:06 ----D---- C:\Program Files\Microsoft.NET
2010-11-20 11:10:52 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-11-20 11:09:50 ----D---- C:\WINDOWS\SHELLNEW
2010-11-20 11:09:20 ----D---- C:\Program Files\Microsoft Office
2010-11-20 11:09:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-11-20 11:08:58 ----RD---- C:\MSOCache
2010-11-19 22:29:16 ----D---- C:\Documents and Settings\Administrator2\Application Data\skypePM
2010-11-19 22:28:02 ----D---- C:\Program Files\Common Files\Skype
2010-11-19 22:27:56 ----RD---- C:\Program Files\Skype
2010-11-19 22:27:55 ----D---- C:\Documents and Settings\Administrator2\Application Data\Skype
2010-11-19 22:13:21 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-11-19 22:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-11-19 22:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-11-19 22:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-11-19 22:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-11-19 22:07:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-11-19 22:06:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-11-19 22:05:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2360131$
2010-11-19 22:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-11-19 22:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-11-19 22:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-11-19 22:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-11-19 22:03:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-11-19 22:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-11-19 22:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-11-19 22:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-11-19 22:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-11-19 22:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-11-19 22:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-11-19 22:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-11-19 22:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-11-19 22:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-11-19 22:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-11-19 21:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-11-19 21:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-11-19 21:55:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-11-19 21:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-11-19 21:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-11-19 21:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-11-19 21:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-11-19 21:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-11-19 20:39:04 ----D---- C:\Documents and Settings\Administrator2\Application Data\ICQ
2010-11-19 20:37:11 ----D---- C:\Program Files\ICQ6.5
2010-11-19 20:09:16 ----A---- C:\WINDOWS\system32\sun_debug1.txt
2010-11-19 20:09:16 ----A---- C:\WINDOWS\system32\sun_debug.txt
2010-11-19 17:51:37 ----D---- C:\WINDOWS\Prefetch
2010-11-19 17:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-11-19 17:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-11-19 17:48:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-11-19 17:48:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-11-19 17:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-11-19 17:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-11-19 17:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-11-19 17:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-11-19 17:47:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-11-19 17:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-11-19 17:47:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-11-19 17:46:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-11-19 17:46:39 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-11-19 17:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-11-19 17:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-11-19 17:46:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-11-19 17:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-11-19 17:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-11-19 17:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-11-19 17:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-11-19 17:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-11-19 17:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-11-19 17:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-11-19 17:44:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-11-19 17:43:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-11-19 17:42:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-11-19 17:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-11-19 17:42:04 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-11-19 17:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-11-19 17:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-11-19 17:39:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-11-19 17:39:06 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-11-19 17:38:21 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-11-19 17:37:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-11-19 17:37:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-11-19 17:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-11-19 17:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-11-19 17:36:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-11-19 17:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-11-19 17:35:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-11-19 17:35:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-11-19 17:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-11-19 17:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-11-19 17:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-11-19 17:34:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-11-19 17:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-11-19 17:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-11-19 17:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-11-19 17:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-11-19 17:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-11-19 17:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-11-19 17:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-11-19 17:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-11-19 17:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-11-19 17:31:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-11-19 17:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-11-19 17:31:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-11-19 17:30:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-11-19 17:24:26 ----D---- C:\WINDOWS\system32\scripting
2010-11-19 17:24:26 ----D---- C:\WINDOWS\l2schemas
2010-11-19 17:24:25 ----D---- C:\WINDOWS\system32\en
2010-11-19 17:24:25 ----D---- C:\WINDOWS\system32\bits
2010-11-19 17:20:10 ----D---- C:\WINDOWS\network diagnostic
2010-11-19 17:14:56 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-11-19 17:14:01 ----D---- C:\WINDOWS\EHome
2010-11-19 16:58:56 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-11-19 16:58:56 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-11-19 16:58:55 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-11-19 16:58:55 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-11-19 16:58:55 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-11-19 16:58:55 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-11-19 16:58:50 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-11-19 16:58:50 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-11-19 16:58:50 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-11-19 16:58:50 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-11-19 16:58:48 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-11-19 16:58:48 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-11-19 16:58:46 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-11-19 16:58:45 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-11-19 16:58:44 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-11-19 16:58:44 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-11-19 16:58:40 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-11-19 16:58:32 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-11-19 16:58:32 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-11-19 16:58:32 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-11-19 16:54:30 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-11-19 16:54:30 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-11-19 16:54:30 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-11-19 16:54:29 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-11-19 16:54:28 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-11-19 16:54:27 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-11-19 16:34:47 ----A---- C:\WINDOWS\ModemLog_Nokia 6220 classic USB Modem.txt
2010-11-19 16:33:28 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-11-19 16:33:15 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-11-19 16:33:14 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-11-19 05:15:04 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2010-11-19 05:14:18 ----D---- C:\DRIVERS
2010-11-19 05:07:41 ----A---- C:\WINDOWS\system32\tphklock.dll
2010-11-19 05:07:41 ----A---- C:\WINDOWS\system32\drivers\TPHKDRV.sys
2010-11-19 05:06:32 ----D---- C:\IBMTOOLS
2010-11-19 05:03:10 ----D---- C:\Documents and Settings\All Users\Application Data\ThinkVantage
2010-11-19 04:54:22 ----AH---- C:\BOOTLOG.TXT
2010-11-19 04:53:56 ----A---- C:\WINDOWS\smscfg.ini
2010-11-19 04:53:17 ----D---- C:\Program Files\ThinkPad
2010-11-19 04:53:17 ----A---- C:\WINDOWS\system32\tvt_gina_api.dll
2010-11-19 04:53:17 ----A---- C:\WINDOWS\system32\tvt_gina.dll
2010-11-19 04:53:17 ----A---- C:\WINDOWS\system32\drivers\IBMBLDID.sys
2010-11-19 04:53:17 ----A---- C:\WINDOWS\system32\drivers\ANC.sys
2010-11-19 04:51:51 ----D---- C:\Program Files\Diskeeper Corporation
2010-11-19 04:50:40 ----D---- C:\Program Files\Google
2010-11-19 04:50:28 ----D---- C:\Program Files\Picasa2
2010-11-19 04:50:09 ----A---- C:\WINDOWS\system32\EGATHDRV.SYS
2010-11-19 04:50:02 ----RD---- C:\RRbackups
2010-11-19 04:49:54 ----A---- C:\WINDOWS\system32\pxinsi64.exe
2010-11-19 04:49:54 ----A---- C:\WINDOWS\system32\pxinsa64.exe
2010-11-19 04:49:54 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2010-11-19 04:49:54 ----A---- C:\WINDOWS\system32\pxcpyi64.exe
2010-11-19 04:49:54 ----A---- C:\WINDOWS\system32\pxcpya64.exe
2010-11-19 04:49:50 ----D---- C:\Program Files\SMI2
2010-11-19 04:49:48 ----D---- C:\Program Files\TVT SMBus
2010-11-19 04:49:44 ----D---- C:\Program Files\IBM ThinkVantage
2010-11-19 04:49:44 ----D---- C:\IBMSHARE
2010-11-19 04:49:30 ----A---- C:\WINDOWS\system32\drivers\psasrv.exe
2010-11-19 04:49:30 ----A---- C:\WINDOWS\system32\drivers\psadd.sys
2010-11-19 04:49:04 ----D---- C:\WINDOWS\Downloaded Installations
2010-11-19 04:48:24 ----D---- C:\Program Files\AuthenTec
2010-11-19 04:41:18 ----D---- C:\Program Files\Symantec
2010-11-19 04:41:16 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2010-11-19 04:41:14 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-11-19 04:40:12 ----D---- C:\Icons
2010-11-19 04:39:20 ----A---- C:\WINDOWS\system32\drivers\iviaspi.sys
2010-11-19 04:38:56 ----D---- C:\Program Files\Common Files\InterVideo
2010-11-19 04:38:55 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2010-11-19 04:38:55 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2010-11-19 04:38:55 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2010-11-19 04:38:55 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2010-11-19 04:38:55 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2010-11-19 04:38:55 ----A---- C:\WINDOWS\system32\IVIresize.dll
2010-11-19 04:38:52 ----D---- C:\Program Files\InterVideo
2010-11-19 04:38:39 ----A---- C:\WINDOWS\system32\msxml4r.dll
2010-11-19 04:38:39 ----A---- C:\WINDOWS\system32\msxml4a.dll
2010-11-19 04:38:38 ----D---- C:\Documents and Settings\All Users\Application Data\Lenovo
2010-11-19 04:38:37 ----A---- C:\WINDOWS\system32\ahlprun.exe
2010-11-19 04:38:27 ----A---- C:\WINDOWS\desktopset.exe
2010-11-19 04:38:14 ----A---- C:\WINDOWS\system32\drivers\USBkey.sys
2010-11-19 04:38:14 ----A---- C:\WINDOWS\system32\drivers\pcdrndisuio.sys
2010-11-19 04:38:10 ----D---- C:\Program Files\PCDR5
2010-11-19 04:37:51 ----A---- C:\WINDOWS\system32\msvcr71d.dll
2010-11-19 04:37:51 ----A---- C:\WINDOWS\system32\capicom.dll
2010-11-19 04:37:50 ----D---- C:\Program Files\Softex
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\msvcp71d.dll
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\mfc71ud.dll
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71u.dll
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71FRA.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2010-11-19 04:37:50 ----A---- C:\WINDOWS\system32\mfc71d.dll
2010-11-19 04:37:09 ----A---- C:\WINDOWS\system32\javaw.exe
2010-11-19 04:37:09 ----A---- C:\WINDOWS\system32\java.exe
2010-11-19 04:37:02 ----D---- C:\Program Files\IBM
2010-11-19 04:36:30 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2010-11-19 04:36:30 ----A---- C:\WINDOWS\WININIT.INI
2010-11-19 04:36:26 ----D---- C:\Program Files\Roxio
2010-11-19 04:36:26 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-11-19 04:36:04 ----D---- C:\Program Files\Common Files\Sonic Shared
2010-11-19 04:35:35 ----D---- C:\Program Files\ThinkVantage
2010-11-19 04:34:10 ----D---- C:\Program Files\Windows Media Connect
2010-11-19 04:33:46 ----HD---- C:\WINDOWS\$NtUninstallKB893066$
2010-11-19 04:33:08 ----A---- C:\WINDOWS\system32\igfxres.dll
2010-11-19 04:30:57 ----D---- C:\Program Files\Realtek
2010-11-19 04:30:33 ----D---- C:\Program Files\Broadcom
2010-11-19 04:30:33 ----A---- C:\WINDOWS\system32\BCMLogon.dll
2010-11-19 04:30:26 ----A---- C:\WINDOWS\system32\agrsmdel.exe
2010-11-19 04:30:22 ----D---- C:\WINDOWS\Options
2010-11-19 04:30:00 ----D---- C:\Program Files\Analog Devices
2010-11-19 04:30:00 ----A---- C:\WINDOWS\system32\DSndUp.exe
2010-11-19 04:30:00 ----A---- C:\WINDOWS\system32\CleanUp.exe
2010-11-19 04:29:45 ----A---- C:\WINDOWS\system32\drivers\TSMAPIP.SYS
2010-11-19 04:29:11 ----D---- C:\Program Files\Fingerprint Sensor
2010-11-19 04:28:32 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-19 04:28:30 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-19 04:28:20 ----D---- C:\Program Files\Lenovo
2010-11-19 04:24:53 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-11-19 04:22:57 ----RSD---- C:\WINDOWS\assembly
2010-11-19 04:22:57 ----D---- C:\WINDOWS\system32\URTTemp
2010-11-19 04:22:57 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-19 04:22:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-11-19 04:21:36 ----D---- C:\WINDOWS\RegisteredPackages
2010-11-19 04:21:17 ----D---- C:\Program Files\Intel
2010-11-19 04:20:08 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-11-19 04:20:06 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-11-19 04:18:43 ----D---- C:\Program Files\Synaptics
2010-11-19 04:18:41 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-19 04:18:11 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2010-11-19 04:18:07 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2010-11-19 04:17:49 ----A---- C:\WINDOWS\system32\hccoin.dll
2010-11-19 04:17:49 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2010-11-19 04:17:32 ----A---- C:\WINDOWS\system32\drivers\ohci1394.sys
2010-11-19 04:17:32 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2010-11-19 04:17:31 ----A---- C:\WINDOWS\system32\drivers\1394bus.sys
2010-11-19 04:17:03 ----A---- C:\WINDOWS\system32\drivers\compbatt.sys
2010-11-19 04:17:02 ----A---- C:\WINDOWS\system32\drivers\battc.sys
2010-11-19 04:17:01 ----A---- C:\WINDOWS\system32\drivers\cmbatt.sys
2010-11-19 04:15:35 ----ASH---- C:\pagefile.sys
2010-11-19 00:03:47 ----A---- C:\Boot.bak
2010-11-19 00:03:42 ----RASHD---- C:\cmdcons
2010-11-19 00:02:41 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-11-19 00:02:41 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-11-19 00:02:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-11-19 00:02:37 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-11-19 00:02:35 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-11-19 00:02:35 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-11-19 00:02:35 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-11-19 00:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-11-19 00:00:52 ----D---- C:\Program Files\Alwil Software
2010-11-19 00:00:52 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-11-18 23:59:42 ----D---- C:\WINDOWS\ERDNT
2010-11-18 23:59:05 ----D---- C:\Qoobox
2010-11-18 23:56:59 ----D---- C:\Documents and Settings\Administrator2\Application Data\WinRAR
2010-11-18 23:53:13 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-11-18 23:53:00 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-11-18 23:53:00 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-11-18 23:52:59 ----A---- C:\WINDOWS\system32\wshirda.dll
2010-11-18 23:52:59 ----A---- C:\WINDOWS\system32\irmon.dll
2010-11-18 23:52:59 ----A---- C:\WINDOWS\system32\irftp.exe
2010-11-18 23:51:36 ----D---- C:\Documents and Settings\Administrator2\Application Data\Soluto
2010-11-18 23:51:06 ----A---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-11-18 23:42:50 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-18 23:30:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2010-11-18 23:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB982381_0$
2010-11-18 23:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2010-11-18 23:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2010-11-18 23:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2010-11-18 23:23:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-11-18 23:23:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-11-18 23:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2010-11-18 23:23:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-11-18 23:23:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2010-11-18 23:17:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-11-18 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2010-11-18 23:17:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2010-11-18 23:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-11-18 23:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-11-18 23:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-11-18 23:16:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-11-18 23:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-11-18 23:16:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-11-18 23:16:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-11-18 23:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-11-18 23:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-11-18 23:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-11-18 23:16:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-11-18 23:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-11-18 23:15:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-11-18 23:15:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-11-18 23:15:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-11-18 23:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-11-18 23:14:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-11-18 23:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-11-18 23:13:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-11-18 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-11-18 23:13:16 ----D---- C:\Program Files\MSXML 4.0
2010-11-18 23:13:00 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-11-18 23:12:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-11-18 23:12:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-11-18 23:12:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-11-18 23:12:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-11-18 23:12:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-11-18 23:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-11-18 23:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-11-18 23:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-11-18 23:10:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-11-18 23:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-11-18 23:10:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-11-18 23:09:47 ----D---- C:\WINDOWS\ServicePackFiles
2010-11-18 23:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-11-18 23:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-11-18 23:09:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-11-18 23:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-11-18 23:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-11-18 23:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-11-18 23:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-11-18 23:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-11-18 23:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-11-18 23:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-11-18 23:01:28 ----D---- C:\Documents and Settings\Administrator2\Application Data\Mozilla
2010-11-18 23:01:03 ----D---- C:\Translat
2010-11-18 23:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-11-18 23:00:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-11-18 23:00:35 ----D---- C:\Program Files\Mozilla Firefox
2010-11-18 23:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$
2010-11-18 23:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-11-18 22:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-11-18 22:59:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2010-11-18 22:58:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-11-18 22:58:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-11-18 22:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-11-18 22:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-11-18 22:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-11-18 22:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-11-18 22:57:21 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-11-18 22:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-11-18 22:56:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-11-18 22:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-11-18 22:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-11-18 22:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-11-18 22:55:26 ----D---- C:\Program Files\Actual Earth 3D
2010-11-18 22:55:23 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2010-11-18 22:51:25 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-11-18 22:51:23 ----D---- C:\Documents and Settings\Administrator2\Application Data\Adobe
2010-11-18 22:50:51 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-11-18 22:46:32 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2010-11-18 22:46:32 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-11-18 22:46:24 ----D---- C:\Program Files\McAfee Security Scan
2010-11-18 22:42:07 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2010-11-18 22:41:38 ----D---- C:\Program Files\Secunia
2010-11-18 22:39:49 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2010-11-18 22:38:42 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-11-18 22:38:41 ----D---- C:\Documents and Settings\Administrator2\Application Data\Spyware Terminator
2010-11-18 22:38:37 ----D---- C:\Program Files\Spyware Terminator
2010-11-18 22:38:37 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-11-18 22:36:44 ----D---- C:\Documents and Settings\Administrator2\Application Data\Macromedia
2010-11-18 22:36:07 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-11-18 22:35:25 ----D---- C:\WINDOWS\system32\PreInstall
2010-11-18 22:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-11-18 22:33:46 ----D---- C:\Program Files\WinRAR
2010-11-18 22:31:58 ----A---- C:\WINDOWS\system32\wups2.dll
2010-11-18 22:31:58 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-11-18 22:31:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-11-18 22:31:57 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-11-18 22:31:57 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-11-18 22:29:34 ----D---- C:\Program Files\CCleaner
2010-11-18 22:19:56 ----D---- C:\WINDOWS\pss
2010-11-18 22:11:34 ----A---- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2010-11-18 22:11:19 ----D---- C:\Program Files\Webteh
2010-11-18 22:06:21 ----A---- C:\WINDOWS\system32\drivers\PCGenFAM.sys
2010-11-18 22:06:19 ----D---- C:\Program Files\Soluto
2010-11-18 22:04:20 ----D---- C:\WINDOWS\system32\XPSViewer
2010-11-18 22:04:16 ----D---- C:\Program Files\MSBuild
2010-11-18 22:04:14 ----D---- C:\WINDOWS\system32\en-US
2010-11-18 22:04:08 ----D---- C:\Program Files\Reference Assemblies
2010-11-18 21:58:30 ----D---- C:\Documents and Settings\Administrator2\Application Data\Nokia
2010-11-18 21:58:28 ----D---- C:\Documents and Settings\Administrator2\Application Data\PC Suite
2010-11-18 21:58:26 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-11-18 21:58:02 ----D---- C:\Program Files\Common Files\PCSuite
2010-11-18 21:58:00 ----D---- C:\Program Files\Common Files\Nokia
2010-11-18 21:57:43 ----D---- C:\Program Files\DIFX
2010-11-18 21:57:42 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-11-18 21:57:33 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-18 21:57:22 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-11-18 21:57:22 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-11-18 21:57:21 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-11-18 21:57:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-18 21:57:20 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-11-18 21:57:20 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-11-18 21:57:20 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-11-18 21:57:16 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-11-18 21:57:15 ----D---- C:\Program Files\Nokia
2010-11-18 21:56:20 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-11-18 21:56:20 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-11-18 21:56:18 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-11-18 21:54:35 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2010-11-18 21:53:41 ----A---- C:\WINDOWS\system32\drivers\pssdk42.sys
2010-11-18 21:53:35 ----D---- C:\Program Files\NetWorx
2010-11-18 21:53:35 ----D---- C:\Documents and Settings\All Users\Application Data\SoftPerfect
2010-11-18 21:53:19 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-11-18 21:53:11 ----D---- C:\Program Files\MSXML 6.0
2010-11-18 21:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2010-11-18 21:39:47 ----D---- C:\Documents and Settings\Administrator2\Application Data\CheckPoint
2010-11-18 21:39:34 ----D---- C:\Program Files\CheckPoint
2010-11-18 21:39:26 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-11-18 21:39:24 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-11-18 21:39:24 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-11-18 21:39:20 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-11-18 21:39:19 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-11-18 21:39:19 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-11-18 21:39:19 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-11-18 21:39:19 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-11-18 21:39:19 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-11-18 21:39:18 ----A---- C:\WINDOWS\system32\vsdatant.sys
2010-11-18 21:37:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-11-18 21:37:40 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-11-18 21:37:40 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-11-18 21:36:05 ----HDC---- C:\WINDOWS\$NtUninstallKB943232$
2010-11-18 21:33:43 ----D---- C:\Program Files\Zone Labs
2010-11-18 21:33:35 ----D---- C:\WINDOWS\Internet Logs
2010-11-18 21:31:56 ----D---- C:\Documents and Settings\All Users\Application Data\Soluto
2010-11-18 21:16:31 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys
2010-11-18 21:10:37 ----D---- C:\Documents and Settings\Administrator2\Application Data\ThinkVantage
2010-11-18 21:10:14 ----ASH---- C:\Documents and Settings\Administrator2\Application Data\desktop.ini
2010-11-18 21:10:13 ----D---- C:\Documents and Settings\Administrator2\Application Data\Identities
2010-11-18 21:10:13 ----D---- C:\Documents and Settings\Administrator2\Application Data\IBM
2010-11-18 21:10:13 ----D---- C:\Documents and Settings\Administrator2\Application Data\Google
2010-11-18 21:10:12 ----SD---- C:\Documents and Settings\Administrator2\Application Data\Microsoft
2010-11-18 21:10:12 ----D---- C:\Documents and Settings\Administrator2\Application Data\Symantec

======List of files/folders modified in the last 3 months======

2011-02-15 16:44:36 ----D---- C:\WINDOWS\Temp
2011-02-15 16:30:07 ----AD---- C:\WINDOWS
2011-02-15 16:29:28 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-14 21:19:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-14 18:30:10 ----AD---- C:\WINDOWS\system32
2011-02-13 20:07:38 ----SD---- C:\WINDOWS\Tasks
2011-02-13 20:05:55 ----A---- C:\WINDOWS\system.ini
2011-02-13 20:05:33 ----D---- C:\WINDOWS\system32\drivers\etc
2011-02-13 20:04:59 ----RD---- C:\Program Files
2011-02-13 20:02:19 ----D---- C:\WINDOWS\system32\drivers
2011-02-13 20:02:19 ----D---- C:\WINDOWS\AppPatch
2011-02-13 20:02:17 ----D---- C:\Program Files\Common Files
2011-02-13 19:56:34 ----SHD---- C:\System Volume Information
2011-02-13 19:56:34 ----D---- C:\WINDOWS\system32\Restore
2011-02-13 10:57:56 ----SHD---- C:\WINDOWS\Installer
2011-02-13 10:57:39 ----HD---- C:\WINDOWS\inf
2011-02-09 21:34:02 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-01-29 17:29:07 ----RASH---- C:\BOOT.INI
2011-01-29 17:29:07 ----A---- C:\WINDOWS\win.ini
2011-01-27 20:40:42 ----RSD---- C:\WINDOWS\Fonts
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-13 20:45:48 ----D---- C:\WINDOWS\Debug
2011-01-09 11:19:46 ----D---- C:\WINDOWS\system32\config
2011-01-07 15:09:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2011-01-05 22:29:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-01 15:54:31 ----D---- C:\Documents and Settings
2010-12-26 15:12:59 ----D---- C:\WINDOWS\system32\DirectX
2010-12-26 15:01:58 ----D---- C:\WINDOWS\security
2010-12-26 14:59:25 ----D---- C:\WINDOWS\Help
2010-12-26 14:59:16 ----D---- C:\WINDOWS\system32\wbem
2010-12-22 13:34:28 ----A---- C:\WINDOWS\system32\kerberos.dll
2010-12-20 23:15:52 ----A---- C:\WINDOWS\system32\wininet.dll
2010-12-20 23:15:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-12-20 23:15:52 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-12-20 23:15:52 ----A---- C:\WINDOWS\system32\mstime.dll
2010-12-20 23:15:52 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-12-20 23:15:51 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-12-20 23:15:51 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-12-20 23:15:51 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-12-20 23:15:51 ----A---- C:\WINDOWS\system32\browseui.dll
2010-12-20 18:26:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2010-12-15 21:34:57 ----D---- C:\Program Files\Outlook Express
2010-12-14 19:34:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-09 16:15:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2010-12-09 15:30:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2010-12-09 14:38:47 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-12-09 14:07:05 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2010-12-06 19:47:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-05 20:38:04 ----D---- C:\WINDOWS\WinSxS
2010-12-05 20:33:47 ----D---- C:\Program Files\Common Files\System
2010-11-20 11:38:58 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-20 11:23:27 ----D---- C:\WINDOWS\system
2010-11-20 11:13:07 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-11-19 22:01:20 ----D---- C:\Program Files\Movie Maker
2010-11-19 17:50:49 ----D---- C:\WINDOWS\system32\Setup
2010-11-19 17:50:49 ----D---- C:\Program Files\Internet Explorer
2010-11-19 17:31:39 ----D---- C:\Program Files\Messenger
2010-11-19 17:24:35 ----D---- C:\WINDOWS\ime
2010-11-19 17:24:27 ----D---- C:\WINDOWS\system32\usmt
2010-11-19 17:24:25 ----D---- C:\WINDOWS\PeerNet
2010-11-19 17:22:10 ----D---- C:\WINDOWS\system32\npp
2010-11-19 17:22:09 ----D---- C:\WINDOWS\msagent
2010-11-19 17:22:08 ----D---- C:\WINDOWS\srchasst
2010-11-19 17:22:08 ----D---- C:\Program Files\NetMeeting
2010-11-19 17:22:06 ----D---- C:\WINDOWS\system32\Com
2010-11-19 17:22:04 ----D---- C:\Program Files\Windows NT
2010-11-19 17:22:04 ----D---- C:\Program Files\Windows Media Player
2010-11-19 17:21:39 ----AD---- C:\WINDOWS\system32\oobe
2010-11-19 05:04:06 ----D---- C:\I386
2010-11-19 05:02:40 ----AH---- C:\AUTOEXEC.BAT
2010-11-19 05:01:39 ----D---- C:\WINDOWS\Registration
2010-11-18 23:18:50 ----D---- C:\WINDOWS\SoftwareDistribution
2010-11-18 21:56:53 ----D---- C:\WINDOWS\system32\spool
2010-11-18 21:54:42 ----D---- C:\WINDOWS\pchealth
2010-11-18 21:44:55 ----D---- C:\WINDOWS\system32\mui
2010-11-18 19:12:44 ----A---- C:\WINDOWS\system32\isign32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PCGenFAM;PCGenFAM; C:\WINDOWS\system32\DRIVERS\PCGenFAM.sys [2010-11-01 181704]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-10-26 20640]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-09-28 11520]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 PMHler;PMHler; C:\WINDOWS\system32\drivers\PMHler.sys [2005-12-21 10240]
R1 PSSDK42;PSSDK42; \??\C:\WINDOWS\system32\Drivers\pssdk42.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-12-08 18101]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006-01-11 7168]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS []
R2 ibmfilter;ibmfilter; \??\C:\WINDOWS\system32\drivers\ibmfilter.sys []
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R2 smi2;smi2; \??\C:\Program Files\SMI2\smi2.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-08-19 138752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\System32\Drivers\ATSwpDrv.sys [2005-03-30 116594]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-12-15 425216]
R3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-17 28928]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-11-02 51584]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-02 308992]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-29 191936]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 ANCSQ;ANCSQ; C:\WINDOWS\System32\drivers\ANCSQ.sys []
S0 fcdabus;fcdabus; C:\WINDOWS\system32\DRIVERS\fcdabus.sys []
S0 FVXSCSI;FVXSCSI; C:\WINDOWS\system32\DRIVERS\fvxscsi.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~2\LOCALS~1\Temp\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-08 145920]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 psadd;IBM PSA Access Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2010-09-17 98304]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2010-09-17 237568]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 PMSveH;PMSveH; C:\WINDOWS\system32\PMSveH.exe [2006-05-19 57344]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2010-11-01 331296]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-18 496128]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-05-26 2437176]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-12-15 18944]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2005-12-14 622700]
S3 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-19 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe [2005-12-22 1384448]
S3 TVT Scheduler;TVT Scheduler; C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe [2005-12-22 77824]
S3 UCLauncherService;ThinkVantage System Update; C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe [2005-08-02 40960]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-11 28160]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

kontroloval som pocitac aktualizovanym spyware terminatorom (spyware) a aktualizovanym avastom (antivir), ale nic nenaslo. Nechapem teda, preco je taky spomaleny.

Předpokládáím, že máte na mysli rychlost internetu. Nejste pod FUPem?

nie, nie som pod FUP
speedmeter mi ukazuje mam 3 - 8 Mbps (niekedy 1 Mbps ked je spomaleny), stahujem minimum veci (iba ak by dakto pouzival moj pc na dialku), nie je to uz - napriek nazvu mojej temy - len net, ale celkovo idu veci dost pomaly.
skusim este defragmentovat.

co sa da este pouzit?

spyware terminator
avast
pouzivam zonealarm ako firewall a este som aj za routrom
mam mozillu ff 3.6.13 aktualizovanu, pouzivam noscript,
ma vyznam skusit avenger (bez vlozenia skriptu)?

mbam, rsit, combofix.

Avenger bez vložení skriptu je k ničemu. Nesmaže nic, je na mazání konkrétních položek. Můžete zkusit CCleaner: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .

aj ccleaner mam a pouzivam.
dik za ochotu, urcite to stalo za pokus, ale zrejme niekedy je efektivnejsie obetovat 3 hodiny na restore factory settings - hned to vsetko ide rychlejsie