VIRY.CZ

pro Motji:
Dobrý den,
prosím o pomoc s tímto problémem, který jste tu již řešila. Miniaplikace jsem již vyřešil dle nějakého návodu a jedou, ale centrum zabezpečení se vždy po chvilce vypne.

Moc děkuji za pomoc!

Standa

Log:


Logfile of random's system information tool 1.08 (written by random/random)
Run by Standa at 2011-03-20 14:07:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 72 GB (71%) free of 102 GB
Total RAM: 767 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:07:55, on 20.3.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ASUS\LivCam\LivCam.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\windows\system32\taskhost.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\rundll32.exe
C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Standa\Desktop\RSIT.exe
C:\Program Files\trend micro\Standa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [LivCam] "C:\Program Files\ASUS\LivCam\LivCam.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://192.168.0.93/RtspVaPgDec.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.0.91/activex/AMC.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: B5 USB-Port (B5USBPort) - Unknown owner - C:\Seconet\Integral\USB\B5USBPort.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: IRCPAcousticDriver - Unknown owner - C:\windows\system32\IRCPAcousticDriver.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6235 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1480514668-2142851411-2378682275-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1480514668-2142851411-2378682275-1000UA.job
C:\windows\tasks\XRJRJKLQJ.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1545512]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2009-11-03 3058304]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-07-20 83240]
"LivCam"=C:\Program Files\ASUS\LivCam\LivCam.exe [2009-10-17 284160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-29 7744032]
"OOBESetup"=C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [2009-09-30 338096]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-09-25 402608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-03-20 13:56:42 ----D---- C:\Program Files\trend micro
2011-03-20 13:56:39 ----D---- C:\rsit
2011-03-20 10:17:58 ----D---- C:\Users\Standa\AppData\Roaming\Malwarebytes
2011-03-20 10:17:32 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 10:17:31 ----D---- C:\ProgramData\Malwarebytes
2011-03-20 10:17:27 ----A---- C:\windows\system32\drivers\mbam.sys
2011-03-20 10:17:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-03-20 08:17:03 ----RASH---- C:\windows\system32\winrshosts.dll
2011-03-20 07:57:35 ----D---- C:\Users\Standa\AppData\Roaming\Darq Software
2011-03-10 22:41:03 ----D---- C:\windows\system32\SPReview
2011-03-10 22:39:23 ----D---- C:\windows\system32\EventProviders
2011-03-10 22:30:48 ----A---- C:\windows\system32\WSDApi.dll
2011-03-10 22:30:48 ----A---- C:\windows\system32\PresentationHostProxy.dll
2011-03-10 22:30:48 ----A---- C:\windows\system32\PresentationHost.exe
2011-03-10 22:30:47 ----A---- C:\windows\system32\tquery.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\StructuredQuery.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\mssvp.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\mssrch.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\mssphtb.dll
2011-03-10 22:30:43 ----A---- C:\windows\system32\drivers\volsnap.sys
2011-03-10 22:30:42 ----A---- C:\windows\system32\drivers\vhdmp.sys
2011-03-10 22:30:42 ----A---- C:\windows\system32\drivers\usbvideo.sys
2011-03-10 22:30:42 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2011-03-10 22:30:41 ----A---- C:\windows\system32\umb.dll
2011-03-10 22:30:41 ----A---- C:\windows\system32\drivers\usbhub.sys
2011-03-10 22:30:41 ----A---- C:\windows\system32\drivers\usbccgp.sys
2011-03-10 22:30:41 ----A---- C:\windows\system32\drivers\umbus.sys
2011-03-10 22:30:40 ----A---- C:\windows\system32\drivers\winusb.sys
2011-03-10 22:30:35 ----A---- C:\windows\system32\drivers\sffp_sd.sys
2011-03-10 22:30:29 ----A---- C:\windows\system32\drivers\sbp2port.sys
2011-03-10 22:30:24 ----A---- C:\windows\system32\drivers\nvstor.sys
2011-03-10 22:30:24 ----A---- C:\windows\system32\drivers\nvraid.sys
2011-03-10 22:30:23 ----A---- C:\windows\system32\MPSSVC.dll
2011-03-10 22:30:23 ----A---- C:\windows\system32\FirewallControlPanel.dll
2011-03-10 22:30:22 ----A---- C:\windows\system32\AuthFWSnapin.dll
2011-03-10 22:30:18 ----A---- C:\windows\system32\mscories.dll
2011-03-10 22:30:18 ----A---- C:\windows\system32\mscorier.dll
2011-03-10 22:30:17 ----A---- C:\windows\system32\netfxperf.dll
2011-03-10 22:30:17 ----A---- C:\windows\system32\mscoree.dll
2011-03-10 22:30:17 ----A---- C:\windows\system32\dfshim.dll
2011-03-10 22:30:16 ----A---- C:\windows\system32\Narrator.exe
2011-03-10 22:30:16 ----A---- C:\windows\system32\NAPHLPR.DLL
2011-03-10 22:30:16 ----A---- C:\windows\system32\NAPCRYPT.DLL
2011-03-10 22:30:16 ----A---- C:\windows\system32\drivers\msdsm.sys
2011-03-10 22:30:16 ----A---- C:\windows\system32\drivers\msahci.sys
2011-03-10 22:30:16 ----A---- C:\windows\system32\drivers\ataport.sys
2011-03-10 22:30:15 ----A---- C:\windows\system32\wpd_ci.dll
2011-03-10 22:30:15 ----A---- C:\windows\system32\winhttp.dll
2011-03-10 22:30:15 ----A---- C:\windows\system32\drivers\scsiport.sys
2011-03-10 22:30:15 ----A---- C:\windows\system32\drivers\mpio.sys
2011-03-10 22:30:12 ----A---- C:\windows\system32\zipfldr.dll
2011-03-10 22:30:12 ----A---- C:\windows\system32\wwanprotdim.dll
2011-03-10 22:30:12 ----A---- C:\windows\system32\wwanconn.dll
2011-03-10 22:30:12 ----A---- C:\windows\system32\wusa.exe
2011-03-10 22:30:12 ----A---- C:\windows\system32\CertEnroll.dll
2011-03-10 22:30:11 ----A---- C:\windows\system32\wsdchngr.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\WPDShServiceObj.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\wpdshext.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\wpdbusenum.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\WMVSDECD.DLL
2011-03-10 22:30:10 ----A---- C:\windows\system32\wkssvc.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\PortableDeviceStatus.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\PortableDeviceApi.dll
2011-03-10 22:30:09 ----A---- C:\windows\system32\WMVDECOD.DLL
2011-03-10 22:30:09 ----A---- C:\windows\system32\WMSPDMOD.DLL
2011-03-10 22:30:08 ----A---- C:\windows\system32\wbemcomn.dll
2011-03-10 22:30:08 ----A---- C:\windows\system32\framedynos.dll
2011-03-10 22:30:08 ----A---- C:\windows\system32\framedyn.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wmicmiplugin.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\WMADMOD.DLL
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlanui.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlanpref.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlanmsm.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlangpui.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wintrust.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\winsrv.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\wucltux.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\winlogon.exe
2011-03-10 22:30:06 ----A---- C:\windows\system32\WindowsCodecs.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\ReAgentc.exe
2011-03-10 22:30:06 ----A---- C:\windows\system32\ReAgent.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\drivers\afd.sys
2011-03-10 22:30:05 ----A---- C:\windows\system32\wimserv.exe
2011-03-10 22:30:05 ----A---- C:\windows\system32\wimgapi.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\webservices.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\webio.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\WebClnt.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\fphc.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\drivers\mrxdav.sys
2011-03-10 22:30:05 ----A---- C:\windows\system32\davclnt.dll
2011-03-10 22:30:04 ----A---- C:\windows\system32\wcncsvc.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\wups2.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\wuaueng.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\wuauclt.exe
2011-03-10 22:30:03 ----A---- C:\windows\system32\WinSAT.exe
2011-03-10 22:30:03 ----A---- C:\windows\system32\wiadefui.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\audiodev.dll
2011-03-10 22:30:02 ----A---- C:\windows\system32\wuwebv.dll
2011-03-10 22:30:02 ----A---- C:\windows\system32\wuapp.exe
2011-03-10 22:30:02 ----A---- C:\windows\system32\wiaservc.dll
2011-03-10 22:30:02 ----A---- C:\windows\system32\wiarpc.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wups.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wudriver.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wuapi.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\ws2_32.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wpdwcn.dll
2011-03-10 22:30:00 ----A---- C:\windows\twain_32.dll
2011-03-10 22:30:00 ----A---- C:\windows\system32\wmpmde.dll
2011-03-10 22:29:58 ----A---- C:\windows\system32\WsmSvc.dll
2011-03-10 22:29:58 ----A---- C:\windows\system32\wiavideo.dll
2011-03-10 22:29:57 ----A---- C:\windows\system32\WinSATAPI.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\WPDSp.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\wkscli.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\VSSVC.exe
2011-03-10 22:29:56 ----A---- C:\windows\system32\vssapi.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\mswsock.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\drivers\usbrpm.sys
2011-03-10 22:29:55 ----A---- C:\windows\system32\vdsutil.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\vds.exe
2011-03-10 22:29:55 ----A---- C:\windows\system32\VAN.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\MSVidCtl.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\msvidc32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\msvfw32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\msrle32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\mciavi32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\iccvid.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\avifil32.dll
2011-03-10 22:29:54 ----A---- C:\windows\system32\vdsbas.dll
2011-03-10 22:29:54 ----A---- C:\windows\system32\cca.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\usp10.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\userinit.exe
2011-03-10 22:29:51 ----A---- C:\windows\system32\userenv.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\usercpl.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\user32.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\umpo.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\UserAccountControlSettings.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\upnp.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\unimdmat.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\UIRibbonRes.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\UIRibbon.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\drivers\USBCAMD2.sys
2011-03-10 22:29:50 ----A---- C:\windows\system32\drivers\USBCAMD.sys
2011-03-10 22:29:50 ----A---- C:\windows\system32\drivers\udfs.sys
2011-03-10 22:29:50 ----A---- C:\windows\system32\djoin.exe
2011-03-10 22:29:49 ----A---- C:\windows\system32\w32tm.exe
2011-03-10 22:29:49 ----A---- C:\windows\system32\tzutil.exe
2011-03-10 22:29:49 ----A---- C:\windows\system32\twext.dll
2011-03-10 22:29:49 ----A---- C:\windows\system32\TRAPI.dll
2011-03-10 22:29:49 ----A---- C:\windows\system32\drivers\tunnel.sys
2011-03-10 22:29:48 ----A---- C:\windows\system32\thumbcache.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\themeui.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\themecpl.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\termmgr.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\tcpipcfg.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\netiougc.exe
2011-03-10 22:29:48 ----A---- C:\windows\system32\netiohlp.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\drivers\tdx.sys
2011-03-10 22:29:48 ----A---- C:\windows\system32\drivers\tdi.sys
2011-03-10 22:29:48 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-03-10 22:29:47 ----A---- C:\windows\system32\wavemsp.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskschd.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskmgr.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskhost.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskeng.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskbarcpl.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\tapisrv.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\takeown.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\schedsvc.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\schedcli.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2011-03-10 22:29:46 ----A---- C:\windows\system32\tabcal.exe
2011-03-10 22:29:46 ----A---- C:\windows\system32\MultiDigiMon.exe
2011-03-10 22:29:46 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2011-03-10 22:29:44 ----A---- C:\windows\system32\termsrv.dll
2011-03-10 22:29:44 ----A---- C:\windows\system32\remotepg.dll
2011-03-10 22:29:44 ----A---- C:\windows\system32\input.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\wtsapi32.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\wisptis.exe
2011-03-10 22:29:43 ----A---- C:\windows\system32\tsgqec.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\SessEnv.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\regapi.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\rdpencom.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\rdpdd.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\rdpd3d.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\perfts.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\mstscax.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\aaclient.dll
2011-03-10 22:29:42 ----A---- C:\windows\system32\TabSvc.dll
2011-03-10 22:29:41 ----A---- C:\windows\system32\utildll.dll
2011-03-10 22:29:41 ----A---- C:\windows\system32\mstask.dll
2011-03-10 22:29:41 ----A---- C:\windows\system32\drivers\RDPCDD.sys
2011-03-10 22:29:40 ----A---- C:\windows\system32\winsta.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\TSWorkspace.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\RDPENCDD.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\mstsc.exe
2011-03-10 22:29:40 ----A---- C:\windows\system32\lsm.exe
2011-03-10 22:29:40 ----A---- C:\windows\system32\icaapi.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2011-03-10 22:29:39 ----A---- C:\windows\system32\rdpwsx.dll
2011-03-10 22:29:39 ----A---- C:\windows\system32\rdprefdrvapi.dll
2011-03-10 22:29:39 ----A---- C:\windows\system32\RDPREFDD.dll
2011-03-10 22:29:39 ----A---- C:\windows\system32\rdpcorekmts.dll
2011-03-10 22:29:38 ----A---- C:\windows\system32\wksprt.exe
2011-03-10 22:29:38 ----A---- C:\windows\system32\msutb.dll
2011-03-10 22:29:38 ----A---- C:\windows\system32\drivers\tdtcp.sys
2011-03-10 22:29:38 ----A---- C:\windows\system32\drivers\tdpipe.sys
2011-03-10 22:29:37 ----A---- C:\windows\system32\tsmf.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\taskcomp.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\rdpcfgex.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\DShowRdpFilter.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\drivers\rdpwd.sys
2011-03-10 22:29:36 ----A---- C:\windows\system32\tlscsp.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\systemcpl.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\syssetup.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\srcore.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\rstrui.exe
2011-03-10 22:29:36 ----A---- C:\windows\system32\rdpcore.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\lsmproxy.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\IPHLPAPI.DLL
2011-03-10 22:29:35 ----A---- C:\windows\system32\sysclass.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\syncui.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\sxs.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\sud.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\spopk.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\spbcd.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\PortableDeviceSyncProvider.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\drivers\storport.sys
2011-03-10 22:29:34 ----A---- C:\windows\system32\wsqmcons.exe
2011-03-10 22:29:34 ----A---- C:\windows\system32\stobject.dll
2011-03-10 22:29:34 ----A---- C:\windows\system32\sqmapi.dll
2011-03-10 22:29:34 ----A---- C:\windows\system32\sqlcese30.dll
2011-03-10 22:29:34 ----A---- C:\windows\system32\spp.dll
2011-03-10 22:29:33 ----A---- C:\windows\system32\WavDest.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\wsnmp32.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\sscore.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\srvsvc.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\srvcli.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\SmiEngine.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\inetmib1.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\srv2.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\srv.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\scfilter.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\certprop.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\basecsp.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\sisbkup.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shwebsvc.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shunimpl.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shsvcs.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shlwapi.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shimgvw.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shgina.dll
2011-03-10 22:29:30 ----A---- C:\windows\system32\shsetup.dll
2011-03-10 22:29:30 ----A---- C:\windows\system32\shell32.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\unattend.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\shdocvw.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\shacct.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\setupcl.exe
2011-03-10 22:29:29 ----A---- C:\windows\system32\setupapi.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\prevhost.exe
2011-03-10 22:29:29 ----A---- C:\windows\system32\comctl32.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\wscapi.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\spwizui.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\spreview.exe
2011-03-10 22:29:28 ----A---- C:\windows\system32\spinstall.exe
2011-03-10 22:29:28 ----A---- C:\windows\system32\setupcln.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\sethc.exe
2011-03-10 22:29:28 ----A---- C:\windows\system32\ActionQueue.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\vaultsvc.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\Vault.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppuinotify.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppsvc.exe
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppinst.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppcomapi.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppc.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\slwga.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\slui.exe
2011-03-10 22:29:27 ----A---- C:\windows\system32\schannel.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\nltest.exe
2011-03-10 22:29:26 ----A---- C:\windows\system32\TSpkg.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\schtasks.exe
2011-03-10 22:29:26 ----A---- C:\windows\system32\SearchFolder.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\scavengeui.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\scansetting.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\netlogon.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\msv1_0.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\manage-bde.exe
2011-03-10 22:29:26 ----A---- C:\windows\system32\fveapi.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\credssp.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sppobjs.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sdrsvc.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sdengin2.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sdclt.exe
2011-03-10 22:29:25 ----A---- C:\windows\system32\scecli.dll
2011-03-10 22:29:24 ----A---- C:\windows\system32\secproc.dll
2011-03-10 22:29:24 ----A---- C:\windows\system32\RMActivate.exe
2011-03-10 22:29:24 ----A---- C:\windows\system32\repair-bde.exe
2011-03-10 22:29:24 ----A---- C:\windows\system32\drivers\fvevol.sys
2011-03-10 22:29:20 ----A---- C:\windows\system32\uxlib.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\spwizres.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\spwizeng.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\secproc_ssp.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\RMActivate_ssp.exe
2011-03-10 22:29:19 ----A---- C:\windows\system32\sysmain.dll
2011-03-10 22:29:19 ----A---- C:\windows\system32\secproc_isv.dll
2011-03-10 22:29:19 ----A---- C:\windows\system32\RMActivate_isv.exe
2011-03-10 22:29:18 ----A---- C:\windows\system32\srrstr.dll
2011-03-10 22:29:18 ----A---- C:\windows\system32\logoncli.dll
2011-03-10 22:29:18 ----A---- C:\windows\system32\CertPolEng.dll
2011-03-10 22:29:17 ----A---- C:\windows\system32\sharemediacpl.dll
2011-03-10 22:29:17 ----A---- C:\windows\system32\scesrv.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\WinSCard.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\sppwinob.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\runonce.exe
2011-03-10 22:29:16 ----A---- C:\windows\system32\rpchttp.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\RpcRtRemote.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\rpcrt4.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\Robocopy.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\riched32.dll
2011-03-10 22:29:15 ----A---- C:\windows\system32\riched20.dll
2011-03-10 22:29:15 ----A---- C:\windows\system32\RelPost.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\recovery.dll
2011-03-10 22:29:15 ----A---- C:\windows\system32\recdisc.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\drivers\rmcast.sys
2011-03-10 22:29:15 ----A---- C:\windows\system32\drivers\rdyboost.sys
2011-03-10 22:29:15 ----A---- C:\windows\system32\drivers\rdbss.sys
2011-03-10 22:29:14 ----A---- C:\windows\system32\rtutils.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rastls.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rastapi.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rasppp.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rasmans.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\mprddm.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\iprtrmgr.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\cmstp.exe
2011-03-10 22:29:13 ----A---- C:\windows\system32\raschap.dll
2011-03-10 22:29:13 ----A---- C:\windows\system32\drivers\wanarp.sys
2011-03-10 22:29:12 ----A---- C:\windows\system32\vpnikeapi.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\vpnike.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-03-10 22:29:12 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\drivers\ndproxy.sys
2011-03-10 22:29:12 ----A---- C:\windows\system32\drivers\ndiswan.sys
2011-03-10 22:29:10 ----A---- C:\windows\system32\RacEngn.dll
2011-03-10 22:29:10 ----A---- C:\windows\system32\msdrm.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\qedit.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\proquota.exe
2011-03-10 22:29:09 ----A---- C:\windows\system32\propsys.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\profsvc.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\profprov.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\sppnp.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\spoolsv.exe
2011-03-10 22:29:08 ----A---- C:\windows\system32\prncache.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\powercpl.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\pifmgr.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\hgprint.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\wvc.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\WMPhoto.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\wdc.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\photowiz.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\perfmon.exe
2011-03-10 22:29:07 ----A---- C:\windows\system32\pdhui.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\wpccpl.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\wdscore.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\unlodctr.exe
2011-03-10 22:29:06 ----A---- C:\windows\system32\PnPUnattend.exe
2011-03-10 22:29:06 ----A---- C:\windows\system32\PkgMgr.exe
2011-03-10 22:29:06 ----A---- C:\windows\system32\PerfCenterCPL.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\drivers\partmgr.sys
2011-03-10 22:29:05 ----A---- C:\windows\system32\prnfldr.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\printui.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\pla.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\pdh.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\ntprint.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\inetpp.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\win32spl.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\relog.exe
2011-03-10 22:29:04 ----A---- C:\windows\system32\puiobj.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\PrintIsolationProxy.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\logman.exe
2011-03-10 22:29:04 ----A---- C:\windows\system32\localspl.dll
2011-03-10 22:29:02 ----A---- C:\windows\system32\prntvpt.dll
2011-03-10 22:29:02 ----A---- C:\windows\system32\ntoskrnl.exe
2011-03-10 22:29:01 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-03-10 22:29:00 ----A---- C:\windows\system32\OnLineIDCpl.dll
2011-03-10 22:29:00 ----A---- C:\windows\system32\onexui.dll
2011-03-10 22:29:00 ----A---- C:\windows\system32\onex.dll
2011-03-10 22:28:59 ----A---- C:\windows\system32\olepro32.dll
2011-03-10 22:28:59 ----A---- C:\windows\system32\oleaut32.dll
2011-03-10 22:28:59 ----A---- C:\windows\system32\ocsetup.exe
2011-03-10 22:28:59 ----A---- C:\windows\system32\ocsetapi.dll
2011-03-10 22:28:58 ----A---- C:\windows\system32\cscdll.dll
2011-03-10 22:28:58 ----A---- C:\windows\system32\cscapi.dll
2011-03-10 22:28:58 ----A---- C:\windows\system32\asycfilt.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\ntshrui.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\ntlanman.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\ntdll.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\nslookup.exe
2011-03-10 22:28:57 ----A---- C:\windows\system32\drivers\ntfs.sys
2011-03-10 22:28:57 ----A---- C:\windows\system32\dosx.exe
2011-03-10 22:28:56 ----A---- C:\windows\system32\nshwfp.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\nlasvc.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\nlaapi.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\networkmap.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\networkexplorer.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\netcenter.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\ncsi.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\IKEEXT.DLL
2011-03-10 22:28:55 ----A---- C:\windows\system32\pnidui.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netutils.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netshell.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netplwiz.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netjoin.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\FWPUCLNT.DLL
2011-03-10 22:28:55 ----A---- C:\windows\system32\drivers\netio.sys
2011-03-10 22:28:55 ----A---- C:\windows\system32\BFE.DLL
2011-03-10 22:28:54 ----A---- C:\windows\system32\netcfgx.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\netcfg.exe
2011-03-10 22:28:54 ----A---- C:\windows\system32\netbtugc.exe
2011-03-10 22:28:54 ----A---- C:\windows\system32\netapi32.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\net1.exe
2011-03-10 22:28:54 ----A---- C:\windows\system32\ncryptui.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\nci.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\drivers\netbt.sys
2011-03-10 22:28:54 ----A---- C:\windows\system32\drivers\ndisuio.sys
2011-03-10 22:28:54 ----A---- C:\windows\system32\drivers\ndis.sys
2011-03-10 22:28:53 ----A---- C:\windows\system32\NaturalLanguage6.dll
2011-03-10 22:28:50 ----A---- C:\windows\system32\QUTIL.DLL
2011-03-10 22:28:50 ----A---- C:\windows\system32\KMSVC.DLL
2011-03-10 22:28:49 ----A---- C:\windows\system32\QSVRMGMT.DLL
2011-03-10 22:28:49 ----A---- C:\windows\system32\QSHVHOST.DLL
2011-03-10 22:28:49 ----A---- C:\windows\system32\ipsmsnap.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\QCLIPROV.DLL
2011-03-10 22:28:48 ----A---- C:\windows\system32\QAGENTRT.DLL
2011-03-10 22:28:48 ----A---- C:\windows\system32\QAGENT.DLL
2011-03-10 22:28:48 ----A---- C:\windows\system32\nshipsec.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\netdiagfx.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\napdsnap.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\iasrecst.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\iasrad.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\iasacct.dll
2011-03-10 22:28:46 ----A---- C:\windows\system32\mydocs.dll
2011-03-10 22:28:46 ----A---- C:\windows\system32\msxml6.dll
2011-03-10 22:28:46 ----A---- C:\windows\system32\mcbuilder.exe
2011-03-10 22:28:46 ----A---- C:\windows\system32\IPSECSVC.DLL
2011-03-10 22:28:45 ----A---- C:\windows\system32\msxml3.dll
2011-03-10 22:28:45 ----A---- C:\windows\system32\MSMPEG2ENC.DLL
2011-03-10 22:28:44 ----A---- C:\windows\system32\msinfo32.exe
2011-03-10 22:28:44 ----A---- C:\windows\system32\msieftp.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\msftedit.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\msconfig.exe
2011-03-10 22:28:44 ----A---- C:\windows\system32\msasn1.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\MSAC3ENC.DLL
2011-03-10 22:28:44 ----A---- C:\windows\system32\mprapi.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\drivers\mountmgr.sys
2011-03-10 22:28:43 ----A---- C:\windows\system32\SyncCenter.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\SensorsCpl.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\mobsync.exe
2011-03-10 22:28:43 ----A---- C:\windows\system32\MMDevAPI.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\mfreadwrite.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\MFPlay.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\mfds.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\WMVCORE.DLL
2011-03-10 22:28:42 ----A---- C:\windows\system32\wmdrmnet.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\wmdrmdev.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\mfc42u.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\mfc40u.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\mfc40.dll
2011-03-10 22:28:41 ----A---- C:\windows\system32\wmpsrcwp.dll
2011-03-10 22:28:41 ----A---- C:\windows\system32\wmpshell.dll
2011-03-10 22:28:41 ----A---- C:\windows\system32\wmpps.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\WMPEncEn.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\wmpeffects.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\wmpdxm.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\WMNetMgr.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\wmdrmsdk.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\msscp.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\msnetobj.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\logagent.exe
2011-03-10 22:28:39 ----A---- C:\windows\system32\drmmgrtn.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\blackbox.dll
2011-03-10 22:28:38 ----A---- C:\windows\system32\wmploc.DLL
2011-03-10 22:28:37 ----A---- C:\windows\system32\wmp.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\spwmp.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\mf.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\MediaMetadataHandler.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\mapistub.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\mapi32.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\dxmasf.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\migisol.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\inetcomm.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\AuxiliaryDisplayCpl.dll
2011-03-10 22:28:35 ----A---- C:\windows\system32\sqlsrv32.dll
2011-03-10 22:28:35 ----A---- C:\windows\system32\odbcconf.dll
2011-03-10 22:28:35 ----A---- C:\windows\system32\AuxiliaryDisplayServices.dll
2011-03-10 22:28:34 ----A---- C:\windows\system32\mcmde.dll
2011-03-10 22:28:33 ----A---- C:\windows\system32\mblctr.exe
2011-03-10 22:28:32 ----A---- C:\windows\system32\odbctrac.dll
2011-03-10 22:28:32 ----A---- C:\windows\system32\mmcndmgr.dll
2011-03-10 22:28:32 ----A---- C:\windows\system32\MdSched.exe
2011-03-10 22:28:31 ----A---- C:\windows\system32\odbccp32.dll
2011-03-10 22:28:31 ----A---- C:\windows\system32\odbc32.dll
2011-03-10 22:28:31 ----A---- C:\windows\system32\msorcl32.dll
2011-03-10 22:28:31 ----A---- C:\windows\system32\defaultlocationcpl.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\sspisrv.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\sspicli.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\secur32.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\odbcjt32.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\luainstall.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\consent.exe
2011-03-10 22:28:30 ----A---- C:\windows\system32\appinfo.dll
2011-03-10 22:28:29 ----A---- C:\windows\system32\nrpsrv.dll
2011-03-10 22:28:29 ----A---- C:\windows\system32\lsasrv.dll
2011-03-10 22:28:29 ----A---- C:\windows\system32\lpremove.exe
2011-03-10 22:28:29 ----A---- C:\windows\system32\lpksetup.exe
2011-03-10 22:28:29 ----A---- C:\windows\system32\drivers\ksecdd.sys
2011-03-10 22:28:28 ----A---- C:\windows\system32\Wldap32.dll
2011-03-10 22:28:23 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2011-03-10 22:28:16 ----A---- C:\windows\system32\KernelBase.dll
2011-03-10 22:28:16 ----A---- C:\windows\system32\kernel32.dll
2011-03-10 22:28:16 ----A---- C:\windows\system32\iTVData.dll
2011-03-10 22:28:16 ----A---- C:\windows\system32\isoburn.exe
2011-03-10 22:28:16 ----A---- C:\windows\system32\drivers\ks.sys
2011-03-10 22:28:15 ----A---- C:\windows\system32\wshirda.dll
2011-03-10 22:28:15 ----A---- C:\windows\system32\nlsbres.dll
2011-03-10 22:28:15 ----A---- C:\windows\system32\MuiUnattend.exe
2011-03-10 22:28:15 ----A---- C:\windows\system32\msihnd.dll
2011-03-10 22:28:15 ----A---- C:\windows\system32\msiexec.exe
2011-03-10 22:28:15 ----A---- C:\windows\system32\msi.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\imm32.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\imapi2.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\dbghelp.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\dbgeng.dll
2011-03-10 22:28:12 ----A---- C:\windows\system32\ieframe.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\webcheck.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\occache.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\msrating.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\inseng.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\iesysprep.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\iertutil.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\ie4uinit.exe
2011-03-10 22:28:10 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2011-03-10 22:28:10 ----A---- C:\windows\system32\mshtmled.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\msfeedssync.exe
2011-03-10 22:28:10 ----A---- C:\windows\system32\msfeedsbs.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\msfeeds.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\imgutil.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\ieUnatt.exe
2011-03-10 22:28:09 ----A---- C:\windows\system32\mscms.dll
2011-03-10 22:28:09 ----A---- C:\windows\system32\licmgr10.dll
2011-03-10 22:28:09 ----A---- C:\windows\system32\iepeers.dll
2011-03-10 22:28:09 ----A---- C:\windows\system32\iedkcs32.dll
2011-03-10 22:28:08 ----A---- C:\windows\system32\wininet.dll
2011-03-10 22:28:07 ----A---- C:\windows\system32\tzres.dll
2011-03-10 22:28:07 ----A---- C:\windows\system32\kbdlk41a.dll
2011-03-10 22:28:04 ----A---- C:\windows\system32\KBDUS.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\mstime.dll
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDUGHR1.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDSF.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDGKL.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDBULG.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\iphlpsvc.dll
2011-03-10 22:28:03 ----A---- C:\windows\system32\C_ISCII.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDTURME.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDTUF.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDTAJIK.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDSG.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDPO.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDNEPR.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDMON.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDMAORI.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDLT1.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINTEL.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINTAM.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINORI.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINMAR.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINKAN.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINHIN.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINBEN.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDGR1.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDGEO.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDCZ1.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDBASH.DLL
2011-03-10 22:28:01 ----A---- C:\windows\system32\KBDTUQ.DLL
2011-03-10 22:28:01 ----A---- C:\windows\system32\KBDBLR.DLL
2011-03-10 22:28:01 ----A---- C:\windows\system32\iscsium.dll
2011-03-10 22:28:01 ----A---- C:\windows\system32\iscsicli.exe
2011-03-10 22:28:01 ----A---- C:\windows\system32\elsTrans.dll
2011-03-10 22:27:59 ----A---- C:\windows\system32\urlmon.dll
2011-03-10 22:27:59 ----A---- C:\windows\system32\imapi2fs.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\provsvc.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\ListSvc.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\itircl.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\httpapi.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\HotStartUserAgent.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\hgcpl.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\drivers\http.sys
2011-03-10 22:27:57 ----A---- C:\windows\system32\hbaapi.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\halmacpi.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\halacpi.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\hal.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\drivers\hwpolicy.sys
2011-03-10 22:27:57 ----A---- C:\windows\system32\ActionCenterCPL.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\ActionCenter.dll
2011-03-10 22:27:46 ----A---- C:\windows\system32\gpsvc.dll
2011-03-10 22:27:46 ----A---- C:\windows\system32\gdi32.dll
2011-03-10 22:27:45 ----A---- C:\windows\system32\gameux.dll
2011-03-10 22:27:43 ----A---- C:\windows\system32\ftp.exe
2011-03-10 22:27:42 ----A---- C:\windows\system32\t2embed.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\muifontsetup.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\fontext.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\fms.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\findstr.exe
2011-03-10 22:27:41 ----A---- C:\windows\system32\resutils.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\ifsutil.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\FXSTIFF.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\FXSSVC.exe
2011-03-10 22:27:41 ----A---- C:\windows\system32\FXSMON.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\fdeploy.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\fde.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\clusapi.dll
2011-03-10 22:27:40 ----A---- C:\windows\system32\untfs.dll
2011-03-10 22:27:39 ----A---- C:\windows\system32\WFS.exe
2011-03-10 22:27:39 ----A---- C:\windows\system32\FXSCOVER.exe
2011-03-10 22:27:38 ----A---- C:\windows\system32\wevtsvc.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\WerFaultSecure.exe
2011-03-10 22:27:38 ----A---- C:\windows\system32\wer.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\Faultrep.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\ExplorerFrame.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\eudcedit.exe
2011-03-10 22:27:38 ----A---- C:\windows\explorer.exe
2011-03-10 22:27:37 ----A---- C:\windows\system32\werconcpl.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\mspbda.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\msdri.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\evr.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\EhStorAPI.dll
2011-03-10 22:27:36 ----A---- C:\windows\system32\Mcx2Svc.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\MCEWMDRMNDBootstrap.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\esent.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\efscore.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\eapphost.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\eappgnui.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\eapp3hst.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\DxpTaskSync.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\DXPTaskRingtone.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\DXP.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dskquoui.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\drvstore.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dot3ui.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dot3svc.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dot3msm.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dot3cfg.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dot3api.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnsrslvr.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnscmmc.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnscacheugc.exe
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnsapi.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\Display.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\diskraid.exe
2011-03-10 22:27:32 ----A---- C:\windows\system32\dxgi.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\drivers\Diskdump.sys
2011-03-10 22:27:32 ----A---- C:\windows\system32\dpnaddr.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\diskpart.exe
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d9.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d11.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d10warp.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d10level9.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d10_1core.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\vfwwdm32.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\samsrv.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\quartz.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qdvd.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qdv.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qcap.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qasf.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\msdmo.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\mciqtz32.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\amstream.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\setupugc.exe
2011-03-10 22:27:30 ----A---- C:\windows\system32\dxdiagn.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\dsauth.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\drivers\dfsc.sys
2011-03-10 22:27:30 ----A---- C:\windows\system32\dpx.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\DiagCpl.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\dhcpcore.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\dfrgui.exe
2011-03-10 22:27:30 ----A---- C:\windows\system32\DevicePairingFolder.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\DeviceCenter.dll
2011-03-10 22:27:29 ----A---- C:\windows\system32\samcli.dll
2011-03-10 22:27:29 ----A---- C:\windows\system32\dwmredir.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\tsbyuv.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\msyuv.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\iyuv_32.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\dwmcore.dll
2011-03-10 22:27:23 ----A---- C:\windows\system32\WUDFx.dll
2011-03-10 22:27:23 ----A---- C:\windows\system32\WUDFSvc.dll
2011-03-10 22:27:23 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2011-03-10 22:27:23 ----A---- C:\windows\system32\dps.dll
2011-03-10 22:27:22 ----A---- C:\windows\system32\WUDFPlatform.dll
2011-03-10 22:27:22 ----A---- C:\windows\system32\WUDFHost.exe
2011-03-10 22:27:22 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2011-03-10 22:27:22 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2011-03-10 22:27:15 ----A---- C:\windows\system32\localsec.dll
2011-03-10 22:27:11 ----A---- C:\windows\system32\cryptui.dll
2011-03-10 22:27:09 ----A---- C:\windows\system32\cryptsvc.dll
2011-03-10 22:27:09 ----A---- C:\windows\system32\crypt32.dll
2011-03-10 22:27:09 ----A---- C:\windows\system32\credui.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\umpnpmgr.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\OpcServices.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\olethk32.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\netid.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\msdtctm.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\mimefilt.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\imagehlp.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\conhost.exe
2011-03-10 22:27:08 ----A---- C:\windows\system32\comdlg32.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\cmd.exe
2011-03-10 22:27:08 ----A---- C:\windows\system32\cfgmgr32.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\autoconv.exe
2011-03-10 22:27:07 ----A---- C:\windows\system32\rpcss.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\ole32.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\ci.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\cdosys.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\calc.exe
2011-03-10 22:27:06 ----A---- C:\windows\system32\xpsservices.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\diagperf.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\certcli.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\cabview.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\cabinet.dll
2011-03-10 22:27:05 ----A---- C:\windows\system32\XpsRasterService.dll
2011-03-10 22:27:05 ----A---- C:\windows\system32\Query.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\wshbth.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\mtxclu.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\certmgr.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\browseui.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\browser.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\wbengine.exe
2011-03-10 22:27:03 ----A---- C:\windows\system32\qmgr.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\browcli.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bootres.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\BlbEvents.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bitsperf.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bitsadmin.exe
2011-03-10 22:27:03 ----A---- C:\windows\system32\biocpl.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bcdboot.exe
2011-03-10 22:27:03 ----A---- C:\windows\system32\batmeter.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\basesrv.dll
2011-03-10 22:27:02 ----A---- C:\windows\system32\winresume.exe
2011-03-10 22:27:02 ----A---- C:\windows\system32\winload.exe
2011-03-10 22:27:02 ----A---- C:\windows\system32\sdcpl.dll
2011-03-10 22:27:02 ----A---- C:\windows\system32\bcdsrv.dll
2011-03-10 22:27:02 ----A---- C:\windows\bfsvc.exe
2011-03-10 22:27:00 ----A---- C:\windows\system32\setbcdlocale.dll
2011-03-10 22:27:00 ----A---- C:\windows\system32\bcdedit.exe
2011-03-10 22:26:59 ----A---- C:\windows\system32\LogonUI.exe
2011-03-10 22:26:59 ----A---- C:\windows\system32\AzSqlExt.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\azroleui.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\azroles.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\AxInstSv.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\autoplay.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\autochk.exe
2011-03-10 22:26:59 ----A---- C:\windows\system32\autofmt.exe
2011-03-10 22:26:58 ----A---- C:\windows\system32\winmm.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\WindowsAnytimeUpgrade.exe
2011-03-10 22:26:58 ----A---- C:\windows\system32\SndVolSSO.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\SndVol.exe
2011-03-10 22:26:58 ----A---- C:\windows\system32\drivers\appid.sys
2011-03-10 22:26:58 ----A---- C:\windows\system32\authui.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\audiosrv.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\AudioSes.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\audiodg.exe
2011-03-10 22:26:57 ----A---- C:\windows\system32\wdiasqmmodule.dll
2011-03-10 22:26:57 ----A---- C:\windows\system32\advapi32.dll
2011-03-10 22:26:57 ----A---- C:\windows\system32\actxprxy.dll
2011-03-10 22:26:57 ----A---- C:\windows\system32\accessibilitycpl.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\aepdu.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\aeinv.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\adsldp.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\acppage.dll
2011-03-10 22:26:55 ----A---- C:\windows\system32\WindowsAnytimeUpgradeResults.exe
2011-03-10 22:26:55 ----A---- C:\windows\system32\aitagent.exe
2011-03-10 22:26:55 ----A---- C:\windows\system32\activeds.dll
2011-03-10 22:26:54 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2011-03-10 22:26:54 ----A---- C:\windows\system32\apphelp.dll
2011-03-10 22:26:53 ----A---- C:\windows\system32\drivers\usbser.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\volmgr.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\termdd.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\pci.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\kbdhid.sys
2011-03-10 22:26:51 ----A---- C:\windows\system32\drivers\msiscsi.sys
2011-03-10 22:26:51 ----A---- C:\windows\system32\drivers\IPMIDrv.sys
2011-03-10 22:26:50 ----A---- C:\windows\system32\dsuiext.dll
2011-03-10 22:26:50 ----A---- C:\windows\system32\drivers\iaStorV.sys
2011-03-10 22:26:50 ----A---- C:\windows\system32\drivers\HdAudio.sys
2011-03-10 22:26:50 ----A---- C:\windows\system32\drivers\hdaudbus.sys
2011-03-10 22:26:49 ----A---- C:\windows\system32\srchadmin.dll
2011-03-10 22:26:49 ----A---- C:\windows\system32\OobeFldr.dll
2011-03-10 22:26:49 ----A---- C:\windows\system32\drivers\CompositeBus.sys
2011-03-10 22:26:48 ----A---- C:\windows\system32\fsquirt.exe
2011-03-10 22:26:48 ----A---- C:\windows\system32\drivers\cdrom.sys
2011-03-10 22:26:48 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2011-03-10 22:26:48 ----A---- C:\windows\system32\drivers\bthport.sys
2011-03-10 22:26:47 ----A---- C:\windows\system32\drivers\amdxata.sys
2011-03-10 22:26:47 ----A---- C:\windows\system32\drivers\amdsata.sys
2011-03-10 22:26:47 ----A---- C:\windows\system32\drivers\acpipmi.sys
2011-03-10 22:26:46 ----A---- C:\windows\system32\drivers\acpi.sys
2011-03-10 22:26:46 ----A---- C:\windows\system32\drivers\1394ohci.sys
2011-03-09 07:53:47 ----A---- C:\windows\system32\DWrite.dll
2011-03-09 07:53:46 ----A---- C:\windows\system32\FntCache.dll
2011-03-09 07:53:44 ----A---- C:\windows\system32\d2d1.dll
2011-03-09 07:53:37 ----A---- C:\windows\system32\CPFilters.dll
2011-03-09 07:53:36 ----A---- C:\windows\system32\EncDec.dll
2011-03-09 07:53:34 ----A---- C:\windows\system32\sbe.dll
2011-03-02 09:48:25 ----D---- C:\Program Files\Axis Communications
2011-03-01 19:27:43 ----D---- C:\Program Files\VAG908
2011-02-28 17:16:23 ----A---- C:\windows\system32\drivers\RT-USB.SYS
2011-02-28 17:16:22 ----A---- C:\windows\system32\RT-USB.DLL
2011-02-23 12:28:05 ----A---- C:\windows\SonySNCCS1011.ini
2011-02-23 08:03:29 ----A---- C:\windows\system32\XpsPrint.dll
2011-02-23 08:03:29 ----A---- C:\windows\system32\XpsGdiConverter.dll

======List of files/folders modified in the last 1 months======

2011-03-20 13:56:42 ----RD---- C:\Program Files
2011-03-20 13:53:13 ----D---- C:\windows\Temp
2011-03-20 13:32:18 ----D---- C:\windows\system32\config
2011-03-20 13:20:43 ----D---- C:\windows\system32\drivers
2011-03-20 13:20:43 ----D---- C:\windows\schemas
2011-03-20 13:18:42 ----D---- C:\windows\system32\Tasks
2011-03-20 13:18:40 ----D---- C:\windows\Tasks
2011-03-20 10:17:31 ----HD---- C:\ProgramData
2011-03-20 09:54:29 ----SHD---- C:\System Volume Information
2011-03-20 09:53:16 ----D---- C:\windows\System32
2011-03-20 09:53:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-03-20 09:53:15 ----D---- C:\windows\inf
2011-03-20 09:12:42 ----AD---- C:\Windows
2011-03-20 09:03:01 ----D---- C:\windows\Prefetch
2011-03-20 08:32:29 ----SHD---- C:\windows\Installer
2011-03-18 15:54:09 ----A---- C:\windows\FPConfig.INI
2011-03-17 19:08:34 ----D---- C:\windows\system32\DriverStore
2011-03-17 19:08:34 ----D---- C:\windows\system32\catroot
2011-03-17 19:03:55 ----D---- C:\windows\system32\NDF
2011-03-17 10:19:08 ----A---- C:\windows\wcx_ftp.ini
2011-03-16 11:11:58 ----A---- C:\windows\glxy_gld32.ini
2011-03-14 15:35:50 ----D---- C:\Users\Standa\AppData\Roaming\FileZilla
2011-03-13 10:09:54 ----D---- C:\Users\Standa\AppData\Roaming\PC Suite
2011-03-12 20:32:52 ----D---- C:\windows\Microsoft.NET
2011-03-12 20:30:46 ----RSD---- C:\windows\assembly
2011-03-12 08:58:21 ----D---- C:\windows\winsxs
2011-03-12 08:55:52 ----SHD---- C:\Boot
2011-03-10 23:48:44 ----D---- C:\Program Files\Windows Mail
2011-03-10 23:48:43 ----D---- C:\Program Files\Windows Sidebar
2011-03-10 23:48:43 ----D---- C:\Program Files\Windows Portable Devices
2011-03-10 23:48:43 ----D---- C:\Program Files\Windows Media Player
2011-03-10 23:48:43 ----D---- C:\Program Files\Internet Explorer
2011-03-10 23:48:43 ----D---- C:\Program Files\DVD Maker
2011-03-10 23:48:42 ----D---- C:\Program Files\Windows Photo Viewer
2011-03-10 23:48:42 ----D---- C:\Program Files\Windows Journal
2011-03-10 23:48:39 ----D---- C:\Program Files\Windows Defender
2011-03-10 23:48:38 ----D---- C:\windows\servicing
2011-03-10 23:48:38 ----D---- C:\windows\ehome
2011-03-10 23:48:29 ----D---- C:\windows\system32\oobe
2011-03-10 23:48:29 ----D---- C:\windows\system32\en-US
2011-03-10 23:48:29 ----D---- C:\windows\system32\da-DK
2011-03-10 23:48:29 ----D---- C:\windows\PolicyDefinitions
2011-03-10 23:48:28 ----D---- C:\windows\system32\sysprep
2011-03-10 23:48:28 ----D---- C:\windows\system32\migration
2011-03-10 23:48:27 ----D---- C:\windows\system32\Setup
2011-03-10 23:48:27 ----D---- C:\windows\system32\cs
2011-03-10 23:48:27 ----D---- C:\windows\system32\AdvancedInstallers
2011-03-10 23:48:25 ----D---- C:\windows\system32\cs-CZ
2011-03-10 23:48:23 ----D---- C:\windows\system32\sppui
2011-03-10 23:48:23 ----D---- C:\windows\system32\manifeststore
2011-03-10 23:48:23 ----D---- C:\windows\system32\es-ES
2011-03-10 23:48:21 ----D---- C:\windows\system32\drivers\cs-CZ
2011-03-10 23:48:20 ----D---- C:\windows\system32\wbem
2011-03-10 23:48:19 ----D---- C:\windows\system32\migwiz
2011-03-10 23:48:19 ----D---- C:\windows\system32\Dism
2011-03-10 23:47:47 ----RSD---- C:\windows\Fonts
2011-03-10 23:47:45 ----D---- C:\windows\AppPatch
2011-03-10 23:47:30 ----D---- C:\windows\system32\Boot
2011-03-10 23:04:50 ----D---- C:\windows\debug
2011-03-10 23:04:44 ----A---- C:\windows\system32\MRT.exe
2011-03-10 23:03:06 ----D---- C:\ProgramData\Microsoft Help
2011-03-10 22:55:36 ----A---- C:\windows\system32\msclmd.dll
2011-03-10 21:57:40 ----D---- C:\windows\system32\catroot2
2011-03-09 09:35:31 ----D---- C:\WinloadPrivateDir
2011-03-02 09:49:35 ----D---- C:\windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2010-06-24 64288]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-06-24 691696]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R2 CBN;CBN; \??\C:\windows\System32\Drivers\CBN.SYS [2010-11-08 17408]
R3 gwiopm;gwiopm; \??\C:\windows\system32\gwiopm.sys [2010-11-08 3904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-09-29 2776672]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2009-08-11 66592]
R3 nvsmu;nvsmu; C:\windows\system32\DRIVERS\nvsmu.sys [2009-06-28 17920]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 862208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-20 213552]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Hardlock;Hardlock; C:\windows\system32\drivers\hardlock.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\windows\system32\Drivers\NSHE.SYS [2010-07-28 97792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 ail7s9qn;ail7s9qn; C:\windows\system32\drivers\ail7s9qn.sys []
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 BULKUSB;BMZ Integral; C:\windows\System32\Drivers\SecoBlkUSB.sys [2006-09-08 17664]
S3 CBUSB;MARX CryptoTech LP; C:\windows\System32\drivers\CBUSB.sys [2007-02-14 45136]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2009-10-22 57800]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2009-10-22 72520]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RT-USB;Ross-Tech USB driver; C:\windows\system32\drivers\RT-USB.SYS [2009-05-22 58880]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 USBEFI;USB Efi Driver (usbefi.sys); C:\windows\System32\Drivers\usbefi.sys [2001-05-07 19805]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 B5USBPort;B5 USB-Port; C:\Seconet\Integral\USB\B5USBPort.exe [2008-07-21 1140224]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-03 582944]
R2 IRCPAcousticDriver;IRCPAcousticDriver; C:\windows\system32\IRCPAcousticDriver.exe [2010-06-24 514560]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-07 211488]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-11 1352832]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1343400]

-----------------EOF-----------------

Dobrý večer
V logu jde vidět, že je tam havět, hrr na ni

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Tak zde je log z ComboFix


ComboFix 11-03-19.04 - Standa 20.03.2011 19:17:39.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.767.228 [GMT 1:00]
Spuštěný z: c:\users\Standa\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\system32\oledb32.dll
c:\windows\system32\Temp
c:\windows\system32\Thumbs.db
c:\windows\system32\UNWISE.EXE
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Schedule
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-20 do 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 18:39 . 2011-03-20 18:42 -------- d-----w- c:\users\Standa\AppData\Local\temp
2011-03-20 18:39 . 2011-03-20 18:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-20 13:46 . 2011-03-20 13:46 -------- d-----w- c:\program files\CCleaner
2011-03-20 13:27 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-20 12:56 . 2011-03-20 13:07 -------- d-----w- c:\program files\trend micro
2011-03-20 12:56 . 2011-03-20 12:57 -------- d-----w- C:\rsit
2011-03-20 09:17 . 2011-03-20 09:17 -------- d-----w- c:\users\Standa\AppData\Roaming\Malwarebytes
2011-03-20 09:17 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 09:17 . 2011-03-20 09:17 -------- d-----w- c:\programdata\Malwarebytes
2011-03-20 09:17 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 09:17 . 2011-03-20 09:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-20 07:17 . 2011-03-20 07:17 118784 --sha-r- c:\windows\system32\winrshosts.dll
2011-03-20 06:57 . 2011-03-20 06:57 -------- d-----w- c:\users\Standa\AppData\Roaming\Darq Software
2011-03-20 05:48 . 2011-03-20 05:49 -------- d-----w- c:\users\Standa\AppData\Local\Google
2011-03-20 05:45 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4603C4D2-BAEC-4A99-BE0A-B007BD36154E}\mpengine.dll
2011-03-10 21:41 . 2011-03-10 21:41 -------- d-----w- c:\windows\system32\SPReview
2011-03-10 21:39 . 2011-03-10 21:39 -------- d-----w- c:\windows\system32\EventProviders
2011-03-10 21:29 . 2010-11-20 12:21 1175040 ----a-w- c:\windows\system32\WsmSvc.dll
2011-03-10 21:28 . 2010-11-20 12:20 90112 ----a-w- c:\windows\system32\olepro32.dll
2011-03-10 21:26 . 2010-11-20 12:18 88064 ----a-w- c:\windows\system32\AxInstSv.dll
2011-03-09 06:53 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 06:53 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 06:53 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 06:53 . 2010-12-23 05:54 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 06:53 . 2010-12-23 05:54 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 06:53 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 06:53 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-02 08:48 . 2011-03-02 08:48 -------- d-----w- c:\program files\Axis Communications
2011-03-01 18:27 . 2011-03-13 14:22 -------- d-----w- c:\program files\VAG908
2011-02-28 16:16 . 2009-05-22 04:04 58880 ----a-w- c:\windows\system32\drivers\RT-USB.SYS
2011-02-28 16:16 . 2009-05-22 04:04 207360 ----a-w- c:\windows\system32\RT-USB.DLL
2011-02-24 08:45 . 2011-02-24 08:45 -------- d-----w- c:\users\Standa\AppData\Local\Paradox Security Systems
2011-02-23 07:03 . 2011-01-07 07:46 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 07:03 . 2011-01-07 07:46 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 21:55 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-23 15:04 . 2010-07-01 06:21 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-06-24 16:53 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2010-06-24 16:54 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2010-06-24 16:54 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-06-24 16:54 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2010-06-24 16:54 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2010-06-24 16:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-10 22:54 . 2011-02-10 22:54 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-03 05:54 . 2011-02-10 22:36 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 17:11 . 2010-06-24 15:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-07 07:45 . 2011-02-10 22:36 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 06:01 . 2011-02-10 22:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-01-07 05:43 . 2011-02-10 22:36 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-05 05:55 . 2011-02-10 22:36 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 03:51 . 2011-02-10 22:36 2330624 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"="AsusSender.exe" [2009-09-11 33768]
"HotkeyService"="AsusSender.exe" [2009-09-11 33768]
"SuperHybridEngine"="AsusSender.exe" [2009-09-11 33768]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-11-03 3058304]
"LivCam"="c:\program files\ASUS\LivCam\LivCam.exe" [2009-10-17 284160]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]
"OOBESetup"="c:\program files\asus\OOBERegBackup\OOBERegBackup.exe" [2009-09-30 338096]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
2009-09-25 22:02 402608 ----a-w- c:\program files\ASUS\Eee Docking\Eee Docking.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 23:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
2009-09-11 21:25 33768 ----a-w- c:\windows\System32\AsusSender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2009-05-20 06:16 222504 ----a-w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [2010-07-28 97792]
R3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 80256]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-20 50176]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 BULKUSB;BMZ Integral;c:\windows\system32\Drivers\SecoBlkUSB.sys [2006-09-08 17664]
R3 CBUSB;MARX CryptoTech LP;c:\windows\system32\drivers\CBUSB.sys [2007-02-14 45136]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-13 37888]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 28160]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 46160]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 332160]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 65536]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 233344]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-11 1352832]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [2010-11-20 130432]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 28032]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [2010-11-20 116096]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 143744]
R3 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [2009-05-22 58880]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 26624]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-13 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-13 71168]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 31232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 57424]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-13 86016]
R3 USBEFI;USB Efi Driver (usbefi.sys);c:\windows\system32\Drivers\usbefi.sys [2001-05-07 19805]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-13 21632]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1343400]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-20 1203200]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 20992]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 22400]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 249408]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-07-14 369568]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 58448]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 194800]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14208]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-07-14 133200]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-06-24 64288]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 13888]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 43088]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-24 691696]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 32832]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-20 53120]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2009-07-14 297040]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 35328]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 32256]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 74752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 B5USBPort;B5 USB-Port;c:\seconet\Integral\USB\B5USBPort.exe [2008-07-21 1140224]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 IRCPAcousticDriver;IRCPAcousticDriver;c:\windows\system32\IRCPAcousticDriver.exe [2010-06-24 514560]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-13 48128]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 86528]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 586752]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-20 3179520]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 35328]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 69632]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 728448]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 gwiopm;gwiopm;c:\windows\system32\gwiopm.sys [2010-11-08 3904]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 22528]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 23552]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-13 60416]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 223232]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 96768]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-13 267264]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-08-11 66592]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 862208]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 309248]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 114176]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 108544]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [2010-11-20 39936]
S3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\system32\DRIVERS\vwifibus.sys [2009-07-13 19968]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 20992]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS REG_MULTI_SZ RpcEptMapper RpcSs
defragsvc REG_MULTI_SZ defragsvc
WerSvcGroup REG_MULTI_SZ wersvc
LocalServiceNoNetwork REG_MULTI_SZ DPS PLA BFE mpssvc WwanSvc
swprv REG_MULTI_SZ swprv
LocalServicePeerNet REG_MULTI_SZ PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation REG_MULTI_SZ KtmRm
regsvc REG_MULTI_SZ RemoteRegistry
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
sdrsvc REG_MULTI_SZ sdrsvc
WbioSvcGroup REG_MULTI_SZ WbioSrvc
wcssvc REG_MULTI_SZ WcsPlugInService
AxInstSVGroup REG_MULTI_SZ AxInstSV
secsvcs REG_MULTI_SZ WinDefend
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480514668-2142851411-2378682275-1000Core.job
- c:\users\Standa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 05:48]
.
2011-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480514668-2142851411-2378682275-1000UA.job
- c:\users\Standa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 05:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://192.168.0.93/RtspVaPgDec.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://192.168.0.91/activex/AMC.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 19:43
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5796)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\conhost.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Synaptics\SynTP\SynAsusAcpi.exe
c:\program files\EeePC\HotkeyService\HotKeyMon.exe
c:\program files\EeePC\HotkeyService\HotkeyService.exe
c:\program files\EeePC\SHE\SuperHybridEngine.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-03-20 19:51:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-20 18:51
.
Před spuštěním: Volných bajtů: 75 553 869 824
Po spuštění: Volných bajtů: 75 118 239 744
.
- - End Of File - - B1F690996D05DE080C27DFA8FBD1397A

Je to už lepší? Ale stejně ještě pc prověříme na rootkity

odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC


Stahněte http://www.jpshortstuff.247fixes.com/Defogger.exe
- spustte,
- potvrdte disabled
-log vložte zde



Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu


start-spustit
do okénka zkopírujte
ok

vytvoří se log s názvem mbr.log, vložte ho zde

Je to určitě lepší, po té co jsem Centrum zabezpečení zapnul se už nevypíná.

Defogger log:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:18 on 20/03/2011 (Standa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled


-=E.O.F=-

Gmer 1:


GMER 1.0.15.15570 - http://www.gmer.net
Rootkit quick scan 2011-03-20 20:25:22
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545025B9A300 rev.PB2OC60N
Running: gmer.exe; Driver: C:\Users\Standa\AppData\Local\Temp\pwdcypog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8BEBA8DE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


Gmer 2:


GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-03-20 21:24:21
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545025B9A300 rev.PB2OC60N
Running: gmer.exe; Driver: C:\Users\Standa\AppData\Local\Temp\pwdcypog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x8C0449CA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x8BEA5A68]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x8C046EAC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x8C046F04]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x8C04701A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x8C046E02]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0x8C046F54]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x8C046E56]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x8C046FC8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x8C0449EE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x8BEA5B18]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x8C0447B8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x8C044A12]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x8C047412]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x8C0454AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x8C046EDC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x8C046F2C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x8C047044]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x8C046E2E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x8C046F94]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x8C046E84]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x8C046FF2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x8BEA5BB0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x8C045370]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x8C044A36]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x8C044A5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x8C044812]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x8C04494E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x8C04492A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x8C044972]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x8C044A7E]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8BEBA8DE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 82E50339 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E89D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82E90DC0 4 Bytes [CA, 49, 04, 8C]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82E90DE8 4 Bytes [68, 5A, EA, 8B]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82E90E9C 8 Bytes [AC, 6E, 04, 8C, 04, 6F, 04, ...] {LODSB ; OUTSB ; ADD AL, 0x8c; ADD AL, 0x6f; ADD AL, 0x8c}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82E90EA8 4 Bytes [1A, 70, 04, 8C]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11CF 82E90EC4 4 Bytes [02, 6E, 04, 8C]
.text ...
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8301EB6C 5 Bytes JMP 8BEB629E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject + 27 8303716E 5 Bytes JMP 8BEB7D50 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 8304C26D 4 Bytes CALL 8C045E3B \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 8306602C 4 Bytes CALL 8C045E51 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 830EFE44 7 Bytes JMP 8BEBA8E2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtCreateFile + 6 774155CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtCreateFile + B 774155D3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtMapViewOfSection + 6 77415C2E 1 Byte [28]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtMapViewOfSection + 6 77415C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtMapViewOfSection + B 77415C33 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenFile + 6 77415CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenFile + B 77415CE3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenProcess + 6 77415D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenProcess + B 77415D93 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenProcessToken + 6 77415D9E 4 Bytes CALL 764164A4 C:\windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenProcessToken + B 77415DA3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenProcessTokenEx + 6 77415DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenProcessTokenEx + B 77415DB3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenThread + 6 77415E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenThread + B 77415E13 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenThreadToken + 6 77415E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenThreadToken + B 77415E23 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenThreadTokenEx + 6 77415E2E 4 Bytes CALL 76416535 C:\windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtOpenThreadTokenEx + B 77415E33 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtQueryAttributesFile + 6 77415F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtQueryAttributesFile + B 77415F43 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtQueryFullAttributesFile + 6 77415FEE 4 Bytes CALL 764166F3 C:\windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtQueryFullAttributesFile + B 77415FF3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtSetInformationFile + 6 7741663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtSetInformationFile + B 77416643 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtSetInformationThread + 6 7741669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtSetInformationThread + B 774166A3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtUnmapViewOfSection + 6 774169BE 1 Byte [68]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtUnmapViewOfSection + 6 774169BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!NtUnmapViewOfSection + B 774169C3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0008006C
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00080030
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 000B0120
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 000B006C
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000B00E4
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 000B0030
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[220] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000B00A8
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtCreateFile + 6 774155CE 4 Bytes [28, 00, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtCreateFile + B 774155D3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtMapViewOfSection + 6 77415C2E 1 Byte [28]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtMapViewOfSection + 6 77415C2E 4 Bytes [28, 03, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtMapViewOfSection + B 77415C33 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenFile + 6 77415CDE 4 Bytes [68, 00, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenFile + B 77415CE3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenProcess + 6 77415D8E 4 Bytes [A8, 01, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenProcess + B 77415D93 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenProcessToken + 6 77415D9E 4 Bytes CALL 764164A4 C:\windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenProcessToken + B 77415DA3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenProcessTokenEx + 6 77415DAE 4 Bytes [A8, 02, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenProcessTokenEx + B 77415DB3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenThread + 6 77415E0E 4 Bytes [68, 01, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenThread + B 77415E13 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenThreadToken + 6 77415E1E 4 Bytes [68, 02, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenThreadToken + B 77415E23 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenThreadTokenEx + 6 77415E2E 4 Bytes CALL 76416535 C:\windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtOpenThreadTokenEx + B 77415E33 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtQueryAttributesFile + 6 77415F3E 4 Bytes [A8, 00, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtQueryAttributesFile + B 77415F43 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtQueryFullAttributesFile + 6 77415FEE 4 Bytes CALL 764166F3 C:\windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation)
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtQueryFullAttributesFile + B 77415FF3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtSetInformationFile + 6 7741663E 4 Bytes [28, 01, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtSetInformationFile + B 77416643 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtSetInformationThread + 6 7741669E 4 Bytes [28, 02, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtSetInformationThread + B 774166A3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtUnmapViewOfSection + 6 774169BE 1 Byte [68]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtUnmapViewOfSection + 6 774169BE 4 Bytes [68, 03, 07, 00]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!NtUnmapViewOfSection + B 774169C3 1 Byte [E2]
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0008006C
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00080030
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001B0120
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001B006C
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001B00E4
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001B0030
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[456] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001B00A8
.text C:\windows\system32\svchost.exe[504] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[504] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[504] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 003E0120
.text C:\windows\system32\svchost.exe[504] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 003E006C
.text C:\windows\system32\svchost.exe[504] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 003E00E4
.text C:\windows\system32\svchost.exe[504] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 003E0030
.text C:\windows\system32\svchost.exe[504] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 003E00A8
.text C:\windows\system32\wininit.exe[508] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0003006C
.text C:\windows\system32\wininit.exe[508] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00030030
.text C:\windows\system32\wininit.exe[508] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 000C0120
.text C:\windows\system32\wininit.exe[508] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 000C006C
.text C:\windows\system32\wininit.exe[508] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000C00E4
.text C:\windows\system32\wininit.exe[508] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 000C0030
.text C:\windows\system32\wininit.exe[508] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000C00A8
.text C:\windows\system32\services.exe[564] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 000A006C
.text C:\windows\system32\services.exe[564] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 000A0030
.text C:\windows\system32\lsass.exe[572] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\lsass.exe[572] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\lsass.exe[572] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001D0120
.text C:\windows\system32\lsass.exe[572] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001D006C
.text C:\windows\system32\lsass.exe[572] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001D00E4
.text C:\windows\system32\lsass.exe[572] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001D0030
.text C:\windows\system32\lsass.exe[572] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001D00A8
.text C:\windows\system32\lsm.exe[584] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\lsm.exe[584] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[688] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[688] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\Windows\system32\nvvsvc.exe[760] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Windows\system32\nvvsvc.exe[760] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Windows\system32\nvvsvc.exe[760] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00180120
.text C:\Windows\system32\nvvsvc.exe[760] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0018006C
.text C:\Windows\system32\nvvsvc.exe[760] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001800E4
.text C:\Windows\system32\nvvsvc.exe[760] USER32.dll!SetWinEventHook 758C24DC 3 Bytes JMP 00180030
.text C:\Windows\system32\nvvsvc.exe[760] USER32.dll!SetWinEventHook + 4 758C24E0 1 Byte [8A]
.text C:\Windows\system32\nvvsvc.exe[760] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001800A8
.text C:\windows\system32\svchost.exe[800] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[800] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\winlogon.exe[856] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0003006C
.text C:\windows\system32\winlogon.exe[856] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00030030
.text C:\windows\system32\winlogon.exe[856] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 000C0120
.text C:\windows\system32\winlogon.exe[856] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 000C006C
.text C:\windows\system32\winlogon.exe[856] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000C00E4
.text C:\windows\system32\winlogon.exe[856] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 000C0030
.text C:\windows\system32\winlogon.exe[856] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000C00A8
.text C:\windows\System32\svchost.exe[908] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\System32\svchost.exe[908] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\System32\svchost.exe[908] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001C0120
.text C:\windows\System32\svchost.exe[908] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001C006C
.text C:\windows\System32\svchost.exe[908] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001C00E4
.text C:\windows\System32\svchost.exe[908] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001C0030
.text C:\windows\System32\svchost.exe[908] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001C00A8
.text C:\windows\System32\svchost.exe[956] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\System32\svchost.exe[956] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\System32\svchost.exe[956] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 005E0120
.text C:\windows\System32\svchost.exe[956] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 005E006C
.text C:\windows\System32\svchost.exe[956] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 005E00E4
.text C:\windows\System32\svchost.exe[956] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 005E0030
.text C:\windows\System32\svchost.exe[956] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 005E00A8
.text C:\windows\system32\svchost.exe[1008] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[1008] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[1008] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00800120
.text C:\windows\system32\svchost.exe[1008] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0080006C
.text C:\windows\system32\svchost.exe[1008] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 008000E4
.text C:\windows\system32\svchost.exe[1008] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00800030
.text C:\windows\system32\svchost.exe[1008] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 008000A8
.text C:\windows\system32\svchost.exe[1144] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[1144] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[1144] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00340120
.text C:\windows\system32\svchost.exe[1144] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0034006C
.text C:\windows\system32\svchost.exe[1144] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 003400E4
.text C:\windows\system32\svchost.exe[1144] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00340030
.text C:\windows\system32\svchost.exe[1144] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 003400A8
.text C:\windows\system32\nvvsvc.exe[1240] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\windows\system32\nvvsvc.exe[1240] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\windows\system32\nvvsvc.exe[1240] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\windows\system32\nvvsvc.exe[1240] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\windows\system32\nvvsvc.exe[1240] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\windows\system32\nvvsvc.exe[1240] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\windows\system32\nvvsvc.exe[1240] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\windows\system32\svchost.exe[1276] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[1276] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[1276] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00790120
.text C:\windows\system32\svchost.exe[1276] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0079006C
.text C:\windows\system32\svchost.exe[1276] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 007900E4
.text C:\windows\system32\svchost.exe[1276] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00790030
.text C:\windows\system32\svchost.exe[1276] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 007900A8
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1384] kernel32.dll!SetUnhandledExceptionFilter 76E23D01 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\windows\System32\spoolsv.exe[1412] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\System32\spoolsv.exe[1412] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\System32\spoolsv.exe[1412] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00100120
.text C:\windows\System32\spoolsv.exe[1412] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0010006C
.text C:\windows\System32\spoolsv.exe[1412] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001000E4
.text C:\windows\System32\spoolsv.exe[1412] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00100030
.text C:\windows\System32\spoolsv.exe[1412] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001000A8
.text C:\windows\System32\svchost.exe[1552] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\System32\svchost.exe[1552] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\System32\svchost.exe[1552] user32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\windows\System32\svchost.exe[1552] user32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\windows\System32\svchost.exe[1552] user32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\windows\System32\svchost.exe[1552] user32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\windows\System32\svchost.exe[1552] user32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\windows\system32\Dwm.exe[1556] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\Dwm.exe[1556] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\Dwm.exe[1556] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00080120
.text C:\windows\system32\Dwm.exe[1556] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0008006C
.text C:\windows\system32\Dwm.exe[1556] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000800E4
.text C:\windows\system32\Dwm.exe[1556] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00080030
.text C:\windows\system32\Dwm.exe[1556] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000800A8
.text C:\windows\Explorer.EXE[1580] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\Explorer.EXE[1580] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\Explorer.EXE[1580] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00150120
.text C:\windows\Explorer.EXE[1580] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0015006C
.text C:\windows\Explorer.EXE[1580] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001500E4
.text C:\windows\Explorer.EXE[1580] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00150030
.text C:\windows\Explorer.EXE[1580] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001500A8
.text C:\Windows\AsScrPro.exe[1716] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0015006C
.text C:\Windows\AsScrPro.exe[1716] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00150030
.text C:\Windows\AsScrPro.exe[1716] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00300120
.text C:\Windows\AsScrPro.exe[1716] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0030006C
.text C:\Windows\AsScrPro.exe[1716] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 003000E4
.text C:\Windows\AsScrPro.exe[1716] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00300030
.text C:\Windows\AsScrPro.exe[1716] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 003000A8
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00210120
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0021006C
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 002100E4
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00210030
.text C:\Program Files\ASUS\LivCam\LivCam.exe[1732] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 002100A8
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00200120
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0020006C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 002000E4
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00200030
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[1744] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 002000A8
.text C:\windows\servicing\TrustedInstaller.exe[1796] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0005006C
.text C:\windows\servicing\TrustedInstaller.exe[1796] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00050030
.text C:\windows\servicing\TrustedInstaller.exe[1796] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00130120
.text C:\windows\servicing\TrustedInstaller.exe[1796] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0013006C
.text C:\windows\servicing\TrustedInstaller.exe[1796] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001300E4
.text C:\windows\servicing\TrustedInstaller.exe[1796] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00130030
.text C:\windows\servicing\TrustedInstaller.exe[1796] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001300A8
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00110120
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0011006C
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001100E4
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00110030
.text C:\Program Files\Windows Sidebar\sidebar.exe[1916] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001100A8
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00580120
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0058006C
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 005800E4
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00580030
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2008] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 005800A8
.text C:\Windows\System32\AsusService.exe[2184] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0005006C
.text C:\Windows\System32\AsusService.exe[2184] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00050030
.text C:\Windows\System32\AsusService.exe[2184] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 000E0120
.text C:\Windows\System32\AsusService.exe[2184] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 000E006C
.text C:\Windows\System32\AsusService.exe[2184] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000E00E4
.text C:\Windows\System32\AsusService.exe[2184] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 000E0030
.text C:\Windows\System32\AsusService.exe[2184] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000E00A8
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0015006C
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00150030
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\Seconet\Integral\USB\B5USBPort.exe[2224] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe[2236] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\Program Files\EeePC\SHE\SuperHybridEngine.exe[2248] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00180120
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0018006C
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001800E4
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] USER32.dll!SetWinEventHook 758C24DC 3 Bytes JMP 00180030
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] USER32.dll!SetWinEventHook + 4 758C24E0 1 Byte [8A]
.text C:\Program Files\EeePC\HotkeyService\HotkeyService.exe[2260] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001800A8
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00200120
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0020006C
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 002000E4
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00200030
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2300] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 002000A8
.text C:\Users\Standa\Desktop\gmer.exe[2312] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0016006C
.text C:\Users\Standa\Desktop\gmer.exe[2312] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00160030
.text C:\Users\Standa\Desktop\gmer.exe[2312] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 003F0120
.text C:\Users\Standa\Desktop\gmer.exe[2312] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 003F006C
.text C:\Users\Standa\Desktop\gmer.exe[2312] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 003F00E4
.text C:\Users\Standa\Desktop\gmer.exe[2312] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 003F0030
.text C:\Users\Standa\Desktop\gmer.exe[2312] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 003F00A8
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0015006C
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00150030
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\windows\system32\IRCPAcousticDriver.exe[2396] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0015006C
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00150030
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 001F0120
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 001F006C
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001F00E4
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 001F0030
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe[2444] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001F00A8
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00090120
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0009006C
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000900E4
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00090030
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[2524] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000900A8
.text C:\windows\system32\svchost.exe[2592] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[2592] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[2896] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[2896] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[2896] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00730120
.text C:\windows\system32\svchost.exe[2896] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0073006C
.text C:\windows\system32\svchost.exe[2896] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 007300E4
.text C:\windows\system32\svchost.exe[2896] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00730030
.text C:\windows\system32\svchost.exe[2896] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 007300A8
.text C:\windows\system32\rundll32.exe[3024] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 000B006C
.text C:\windows\system32\rundll32.exe[3024] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 000B0030
.text C:\windows\system32\rundll32.exe[3024] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00140120
.text C:\windows\system32\rundll32.exe[3024] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0014006C
.text C:\windows\system32\rundll32.exe[3024] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001400E4
.text C:\windows\system32\rundll32.exe[3024] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00140030
.text C:\windows\system32\rundll32.exe[3024] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001400A8
.text C:\windows\system32\wbem\wmiprvse.exe[3056] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\wbem\wmiprvse.exe[3056] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\wbem\wmiprvse.exe[3056] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00100120
.text C:\windows\system32\wbem\wmiprvse.exe[3056] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0010006C
.text C:\windows\system32\wbem\wmiprvse.exe[3056] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001000E4
.text C:\windows\system32\wbem\wmiprvse.exe[3056] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00100030
.text C:\windows\system32\wbem\wmiprvse.exe[3056] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001000A8
.text C:\windows\system32\SearchIndexer.exe[3284] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\SearchIndexer.exe[3284] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\SearchIndexer.exe[3284] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00100120
.text C:\windows\system32\SearchIndexer.exe[3284] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0010006C
.text C:\windows\system32\SearchIndexer.exe[3284] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001000E4
.text C:\windows\system32\SearchIndexer.exe[3284] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00100030
.text C:\windows\system32\SearchIndexer.exe[3284] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001000A8
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 000F0120
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 000F006C
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 000F00E4
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 000F0030
.text C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe[3368] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 000F00A8
.text C:\windows\system32\svchost.exe[3528] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\svchost.exe[3528] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\svchost.exe[3528] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00320120
.text C:\windows\system32\svchost.exe[3528] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0032006C
.text C:\windows\system32\svchost.exe[3528] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 003200E4
.text C:\windows\system32\svchost.exe[3528] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00320030
.text C:\windows\system32\svchost.exe[3528] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 003200A8
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 000A006C
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 000A0030
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00240120
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0024006C
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 002400E4
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00240030
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3780] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 002400A8
.text C:\windows\system32\wbem\wmiprvse.exe[3900] ntdll.dll!LdrUnloadDll 7742C8DE 5 Bytes JMP 0006006C
.text C:\windows\system32\wbem\wmiprvse.exe[3900] ntdll.dll!LdrLoadDll 774322B8 5 Bytes JMP 00060030
.text C:\windows\system32\wbem\wmiprvse.exe[3900] USER32.dll!UnhookWindowsHookEx 758BADF9 5 Bytes JMP 00140120
.text C:\windows\system32\wbem\wmiprvse.exe[3900] USER32.dll!UnhookWinEvent 758BB750 5 Bytes JMP 0014006C
.text C:\windows\system32\wbem\wmiprvse.exe[3900] USER32.dll!SetWindowsHookExW 758BE30C 5 Bytes JMP 001400E4
.text C:\windows\system32\wbem\wmiprvse.exe[3900] USER32.dll!SetWinEventHook 758C24DC 5 Bytes JMP 00140030
.text C:\windows\system32\wbem\wmiprvse.exe[3900] USER32.dll!SetWindowsHookExA 758E6D0C 5 Bytes JMP 001400A8

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [740B2437] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74095600] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [740956BE] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipFree] [740B24B2] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [740A8514] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [740A4CC8] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [740A506F] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [740A5144] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [740A6671] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [740A826B] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [740A87BA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [740A901B] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [740AE1BE] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\Explorer.EXE[1580] @ C:\windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [740A4BFA] C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\windows\system32\rundll32.exe[3024] @ C:\windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\windows\system32\rundll32.exe[3024] @ C:\windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\windows\system32\rundll32.exe[3024] @ C:\windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\windows\system32\rundll32.exe[3024] @ C:\windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\windows\system32\rundll32.exe[3024] @ C:\windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\windows\system32\rundll32.exe[3024] @ C:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243d42a61
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243d42b1b
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd6072d61
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\1c4bd6072d61@a04e043c4d98 0x07 0x0C 0x32 0xF8 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF4 0xC8 0xF3 0xFE ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243d42a61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243d42b1b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd6072d61 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\1c4bd6072d61@a04e043c4d98 0x07 0x0C 0x32 0xF8 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF4 0xC8 0xF3 0xFE ...

---- EOF - GMER 1.0.15 ----

MBR:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: Hitachi_HTS545025B9A300 rev.PB2OC60N -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

Logy z gmeru jsou ok, poslední test

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

MBAM jsem aplikoval než jsem Vás oslovil a něco našel, dnes nenašel nic. Přiložím dnešní log i ten starší.


MBAM LOG dnes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6116

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

21.3.2011 10:43:06
mbam-log-2011-03-21 (10-43-06).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 304611
Uplynulý čas: 1 hodin, 20 minut, 52 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


MBAM LOG včera:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6110

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

20.3.2011 13:18:40
mbam-log-2011-03-20 (13-18-40).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 428471
Uplynulý čas: 2 hodin, 23 minut, 21 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\A9YA3MI1CF (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VXEG3ZNNE5 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Standa\AppData\Local\Google\Chrome\user data\Default\Cache\f_000139 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Standa\AppData\Local\Google\Chrome\user data\Default\Cache\f_000136 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Vypadá to dobře, jak se chová počítač?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Omylem jsem nahrál log 2x.

Velice Vám děkuji za pomoc, počítač se chová standardně již od aplikace ComboFixu.

Pravidelně používám místo Ccleaner Vitsoft, doporučujete spíše Cc...? Dále Ad-aware a test Avastem.

Zde log RSIT:



Logfile of random's system information tool 1.08 (written by random/random)
Run by Standa at 2011-03-21 13:19:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 76 GB (74%) free of 102 GB
Total RAM: 767 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:20:07, on 21.3.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\AsScrPro.exe
C:\Program Files\ASUS\LivCam\LivCam.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Standa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Standa\Desktop\RSIT.exe
C:\Program Files\trend micro\Standa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [LivCam] "C:\Program Files\ASUS\LivCam\LivCam.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://192.168.0.93/RtspVaPgDec.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.0.91/activex/AMC.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: B5 USB-Port (B5USBPort) - Unknown owner - C:\Seconet\Integral\USB\B5USBPort.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: IRCPAcousticDriver - Unknown owner - C:\windows\system32\IRCPAcousticDriver.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5253 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1480514668-2142851411-2378682275-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1480514668-2142851411-2378682275-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2009-11-03 3058304]
"LivCam"=C:\Program Files\ASUS\LivCam\LivCam.exe [2009-10-17 284160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-29 7744032]
"OOBESetup"=C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [2009-09-30 338096]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-02-23 3451496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-09-25 402608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-03-21 13:19:51 ----D---- C:\rsit
2011-03-20 19:51:51 ----D---- C:\windows\temp
2011-03-20 19:49:02 ----SHD---- C:\$RECYCLE.BIN
2011-03-20 14:46:31 ----D---- C:\Program Files\CCleaner
2011-03-20 14:27:27 ----A---- C:\windows\system32\drivers\aswSnx.sys
2011-03-20 13:56:42 ----D---- C:\Program Files\trend micro
2011-03-20 10:17:58 ----D---- C:\Users\Standa\AppData\Roaming\Malwarebytes
2011-03-20 10:17:32 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 10:17:31 ----D---- C:\ProgramData\Malwarebytes
2011-03-20 10:17:27 ----A---- C:\windows\system32\drivers\mbam.sys
2011-03-20 10:17:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-03-20 08:17:03 ----RASH---- C:\windows\system32\winrshosts.dll
2011-03-20 07:57:35 ----D---- C:\Users\Standa\AppData\Roaming\Darq Software
2011-03-10 22:41:03 ----D---- C:\windows\system32\SPReview
2011-03-10 22:39:23 ----D---- C:\windows\system32\EventProviders
2011-03-10 22:30:48 ----A---- C:\windows\system32\WSDApi.dll
2011-03-10 22:30:48 ----A---- C:\windows\system32\PresentationHostProxy.dll
2011-03-10 22:30:48 ----A---- C:\windows\system32\PresentationHost.exe
2011-03-10 22:30:47 ----A---- C:\windows\system32\tquery.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\StructuredQuery.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\mssvp.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\mssrch.dll
2011-03-10 22:30:46 ----A---- C:\windows\system32\mssphtb.dll
2011-03-10 22:30:43 ----A---- C:\windows\system32\drivers\volsnap.sys
2011-03-10 22:30:42 ----A---- C:\windows\system32\drivers\vhdmp.sys
2011-03-10 22:30:42 ----A---- C:\windows\system32\drivers\usbvideo.sys
2011-03-10 22:30:42 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2011-03-10 22:30:41 ----A---- C:\windows\system32\umb.dll
2011-03-10 22:30:41 ----A---- C:\windows\system32\drivers\usbhub.sys
2011-03-10 22:30:41 ----A---- C:\windows\system32\drivers\usbccgp.sys
2011-03-10 22:30:41 ----A---- C:\windows\system32\drivers\umbus.sys
2011-03-10 22:30:40 ----A---- C:\windows\system32\drivers\winusb.sys
2011-03-10 22:30:35 ----A---- C:\windows\system32\drivers\sffp_sd.sys
2011-03-10 22:30:29 ----A---- C:\windows\system32\drivers\sbp2port.sys
2011-03-10 22:30:24 ----A---- C:\windows\system32\drivers\nvstor.sys
2011-03-10 22:30:24 ----A---- C:\windows\system32\drivers\nvraid.sys
2011-03-10 22:30:23 ----A---- C:\windows\system32\MPSSVC.dll
2011-03-10 22:30:23 ----A---- C:\windows\system32\FirewallControlPanel.dll
2011-03-10 22:30:22 ----A---- C:\windows\system32\AuthFWSnapin.dll
2011-03-10 22:30:18 ----A---- C:\windows\system32\mscories.dll
2011-03-10 22:30:18 ----A---- C:\windows\system32\mscorier.dll
2011-03-10 22:30:17 ----A---- C:\windows\system32\netfxperf.dll
2011-03-10 22:30:17 ----A---- C:\windows\system32\mscoree.dll
2011-03-10 22:30:17 ----A---- C:\windows\system32\dfshim.dll
2011-03-10 22:30:16 ----A---- C:\windows\system32\Narrator.exe
2011-03-10 22:30:16 ----A---- C:\windows\system32\NAPHLPR.DLL
2011-03-10 22:30:16 ----A---- C:\windows\system32\NAPCRYPT.DLL
2011-03-10 22:30:16 ----A---- C:\windows\system32\drivers\msdsm.sys
2011-03-10 22:30:16 ----A---- C:\windows\system32\drivers\msahci.sys
2011-03-10 22:30:16 ----A---- C:\windows\system32\drivers\ataport.sys
2011-03-10 22:30:15 ----A---- C:\windows\system32\wpd_ci.dll
2011-03-10 22:30:15 ----A---- C:\windows\system32\winhttp.dll
2011-03-10 22:30:15 ----A---- C:\windows\system32\drivers\scsiport.sys
2011-03-10 22:30:15 ----A---- C:\windows\system32\drivers\mpio.sys
2011-03-10 22:30:12 ----A---- C:\windows\system32\zipfldr.dll
2011-03-10 22:30:12 ----A---- C:\windows\system32\wwanprotdim.dll
2011-03-10 22:30:12 ----A---- C:\windows\system32\wwanconn.dll
2011-03-10 22:30:12 ----A---- C:\windows\system32\wusa.exe
2011-03-10 22:30:12 ----A---- C:\windows\system32\CertEnroll.dll
2011-03-10 22:30:11 ----A---- C:\windows\system32\wsdchngr.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\WPDShServiceObj.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\wpdshext.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\wpdbusenum.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\WMVSDECD.DLL
2011-03-10 22:30:10 ----A---- C:\windows\system32\wkssvc.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\PortableDeviceStatus.dll
2011-03-10 22:30:10 ----A---- C:\windows\system32\PortableDeviceApi.dll
2011-03-10 22:30:09 ----A---- C:\windows\system32\WMVDECOD.DLL
2011-03-10 22:30:09 ----A---- C:\windows\system32\WMSPDMOD.DLL
2011-03-10 22:30:08 ----A---- C:\windows\system32\wbemcomn.dll
2011-03-10 22:30:08 ----A---- C:\windows\system32\framedynos.dll
2011-03-10 22:30:08 ----A---- C:\windows\system32\framedyn.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wmicmiplugin.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\WMADMOD.DLL
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlanui.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlanpref.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlanmsm.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wlangpui.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\wintrust.dll
2011-03-10 22:30:07 ----A---- C:\windows\system32\winsrv.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\wucltux.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\winlogon.exe
2011-03-10 22:30:06 ----A---- C:\windows\system32\WindowsCodecs.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\ReAgentc.exe
2011-03-10 22:30:06 ----A---- C:\windows\system32\ReAgent.dll
2011-03-10 22:30:06 ----A---- C:\windows\system32\drivers\afd.sys
2011-03-10 22:30:05 ----A---- C:\windows\system32\wimserv.exe
2011-03-10 22:30:05 ----A---- C:\windows\system32\wimgapi.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\webservices.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\webio.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\WebClnt.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\fphc.dll
2011-03-10 22:30:05 ----A---- C:\windows\system32\drivers\mrxdav.sys
2011-03-10 22:30:05 ----A---- C:\windows\system32\davclnt.dll
2011-03-10 22:30:04 ----A---- C:\windows\system32\wcncsvc.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\wups2.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\wuaueng.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\wuauclt.exe
2011-03-10 22:30:03 ----A---- C:\windows\system32\WinSAT.exe
2011-03-10 22:30:03 ----A---- C:\windows\system32\wiadefui.dll
2011-03-10 22:30:03 ----A---- C:\windows\system32\audiodev.dll
2011-03-10 22:30:02 ----A---- C:\windows\system32\wuwebv.dll
2011-03-10 22:30:02 ----A---- C:\windows\system32\wuapp.exe
2011-03-10 22:30:02 ----A---- C:\windows\system32\wiaservc.dll
2011-03-10 22:30:02 ----A---- C:\windows\system32\wiarpc.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wups.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wudriver.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wuapi.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\ws2_32.dll
2011-03-10 22:30:01 ----A---- C:\windows\system32\wpdwcn.dll
2011-03-10 22:30:00 ----A---- C:\windows\twain_32.dll
2011-03-10 22:30:00 ----A---- C:\windows\system32\wmpmde.dll
2011-03-10 22:29:58 ----A---- C:\windows\system32\WsmSvc.dll
2011-03-10 22:29:58 ----A---- C:\windows\system32\wiavideo.dll
2011-03-10 22:29:57 ----A---- C:\windows\system32\WinSATAPI.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\WPDSp.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\wkscli.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\VSSVC.exe
2011-03-10 22:29:56 ----A---- C:\windows\system32\vssapi.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\mswsock.dll
2011-03-10 22:29:56 ----A---- C:\windows\system32\drivers\usbrpm.sys
2011-03-10 22:29:55 ----A---- C:\windows\system32\vdsutil.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\vds.exe
2011-03-10 22:29:55 ----A---- C:\windows\system32\VAN.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\MSVidCtl.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\msvidc32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\msvfw32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\msrle32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\mciavi32.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\iccvid.dll
2011-03-10 22:29:55 ----A---- C:\windows\system32\avifil32.dll
2011-03-10 22:29:54 ----A---- C:\windows\system32\vdsbas.dll
2011-03-10 22:29:54 ----A---- C:\windows\system32\cca.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\usp10.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\userinit.exe
2011-03-10 22:29:51 ----A---- C:\windows\system32\userenv.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\usercpl.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\user32.dll
2011-03-10 22:29:51 ----A---- C:\windows\system32\umpo.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\UserAccountControlSettings.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\upnp.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\unimdmat.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\UIRibbonRes.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\UIRibbon.dll
2011-03-10 22:29:50 ----A---- C:\windows\system32\drivers\USBCAMD2.sys
2011-03-10 22:29:50 ----A---- C:\windows\system32\drivers\USBCAMD.sys
2011-03-10 22:29:50 ----A---- C:\windows\system32\drivers\udfs.sys
2011-03-10 22:29:50 ----A---- C:\windows\system32\djoin.exe
2011-03-10 22:29:49 ----A---- C:\windows\system32\w32tm.exe
2011-03-10 22:29:49 ----A---- C:\windows\system32\tzutil.exe
2011-03-10 22:29:49 ----A---- C:\windows\system32\twext.dll
2011-03-10 22:29:49 ----A---- C:\windows\system32\TRAPI.dll
2011-03-10 22:29:49 ----A---- C:\windows\system32\drivers\tunnel.sys
2011-03-10 22:29:48 ----A---- C:\windows\system32\thumbcache.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\themeui.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\themecpl.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\termmgr.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\tcpipcfg.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\netiougc.exe
2011-03-10 22:29:48 ----A---- C:\windows\system32\netiohlp.dll
2011-03-10 22:29:48 ----A---- C:\windows\system32\drivers\tdx.sys
2011-03-10 22:29:48 ----A---- C:\windows\system32\drivers\tdi.sys
2011-03-10 22:29:48 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-03-10 22:29:47 ----A---- C:\windows\system32\wavemsp.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskschd.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskmgr.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskhost.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskeng.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\taskbarcpl.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\tapisrv.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\takeown.exe
2011-03-10 22:29:47 ----A---- C:\windows\system32\schedsvc.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\schedcli.dll
2011-03-10 22:29:47 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2011-03-10 22:29:46 ----A---- C:\windows\system32\tabcal.exe
2011-03-10 22:29:46 ----A---- C:\windows\system32\MultiDigiMon.exe
2011-03-10 22:29:46 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2011-03-10 22:29:44 ----A---- C:\windows\system32\termsrv.dll
2011-03-10 22:29:44 ----A---- C:\windows\system32\remotepg.dll
2011-03-10 22:29:44 ----A---- C:\windows\system32\input.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\wtsapi32.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\wisptis.exe
2011-03-10 22:29:43 ----A---- C:\windows\system32\tsgqec.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\SessEnv.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\regapi.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\rdpencom.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\rdpdd.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\rdpd3d.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\perfts.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\mstscax.dll
2011-03-10 22:29:43 ----A---- C:\windows\system32\aaclient.dll
2011-03-10 22:29:42 ----A---- C:\windows\system32\TabSvc.dll
2011-03-10 22:29:41 ----A---- C:\windows\system32\utildll.dll
2011-03-10 22:29:41 ----A---- C:\windows\system32\mstask.dll
2011-03-10 22:29:41 ----A---- C:\windows\system32\drivers\RDPCDD.sys
2011-03-10 22:29:40 ----A---- C:\windows\system32\winsta.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\TSWorkspace.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\RDPENCDD.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\mstsc.exe
2011-03-10 22:29:40 ----A---- C:\windows\system32\lsm.exe
2011-03-10 22:29:40 ----A---- C:\windows\system32\icaapi.dll
2011-03-10 22:29:40 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2011-03-10 22:29:39 ----A---- C:\windows\system32\rdpwsx.dll
2011-03-10 22:29:39 ----A---- C:\windows\system32\rdprefdrvapi.dll
2011-03-10 22:29:39 ----A---- C:\windows\system32\RDPREFDD.dll
2011-03-10 22:29:39 ----A---- C:\windows\system32\rdpcorekmts.dll
2011-03-10 22:29:38 ----A---- C:\windows\system32\wksprt.exe
2011-03-10 22:29:38 ----A---- C:\windows\system32\msutb.dll
2011-03-10 22:29:38 ----A---- C:\windows\system32\drivers\tdtcp.sys
2011-03-10 22:29:38 ----A---- C:\windows\system32\drivers\tdpipe.sys
2011-03-10 22:29:37 ----A---- C:\windows\system32\tsmf.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\taskcomp.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\rdpcfgex.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\DShowRdpFilter.dll
2011-03-10 22:29:37 ----A---- C:\windows\system32\drivers\rdpwd.sys
2011-03-10 22:29:36 ----A---- C:\windows\system32\tlscsp.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\systemcpl.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\syssetup.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\srcore.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\rstrui.exe
2011-03-10 22:29:36 ----A---- C:\windows\system32\rdpcore.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\lsmproxy.dll
2011-03-10 22:29:36 ----A---- C:\windows\system32\IPHLPAPI.DLL
2011-03-10 22:29:35 ----A---- C:\windows\system32\sysclass.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\syncui.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\sxs.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\sud.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\spopk.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\spbcd.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\PortableDeviceSyncProvider.dll
2011-03-10 22:29:35 ----A---- C:\windows\system32\drivers\storport.sys
2011-03-10 22:29:34 ----A---- C:\windows\system32\wsqmcons.exe
2011-03-10 22:29:34 ----A---- C:\windows\system32\stobject.dll
2011-03-10 22:29:34 ----A---- C:\windows\system32\sqmapi.dll
2011-03-10 22:29:34 ----A---- C:\windows\system32\sqlcese30.dll
2011-03-10 22:29:34 ----A---- C:\windows\system32\spp.dll
2011-03-10 22:29:33 ----A---- C:\windows\system32\WavDest.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\wsnmp32.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\sscore.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\srvsvc.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\srvcli.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\SmiEngine.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\inetmib1.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\srvnet.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\srv2.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\srv.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\scfilter.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2011-03-10 22:29:32 ----A---- C:\windows\system32\certprop.dll
2011-03-10 22:29:32 ----A---- C:\windows\system32\basecsp.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\sisbkup.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shwebsvc.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shunimpl.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shsvcs.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shlwapi.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shimgvw.dll
2011-03-10 22:29:31 ----A---- C:\windows\system32\shgina.dll
2011-03-10 22:29:30 ----A---- C:\windows\system32\shsetup.dll
2011-03-10 22:29:30 ----A---- C:\windows\system32\shell32.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\unattend.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\shdocvw.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\shacct.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\setupcl.exe
2011-03-10 22:29:29 ----A---- C:\windows\system32\setupapi.dll
2011-03-10 22:29:29 ----A---- C:\windows\system32\prevhost.exe
2011-03-10 22:29:29 ----A---- C:\windows\system32\comctl32.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\wscapi.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\spwizui.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\spreview.exe
2011-03-10 22:29:28 ----A---- C:\windows\system32\spinstall.exe
2011-03-10 22:29:28 ----A---- C:\windows\system32\setupcln.dll
2011-03-10 22:29:28 ----A---- C:\windows\system32\sethc.exe
2011-03-10 22:29:28 ----A---- C:\windows\system32\ActionQueue.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\vaultsvc.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\Vault.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppuinotify.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppsvc.exe
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppinst.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppcomapi.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\sppc.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\slwga.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\slui.exe
2011-03-10 22:29:27 ----A---- C:\windows\system32\schannel.dll
2011-03-10 22:29:27 ----A---- C:\windows\system32\nltest.exe
2011-03-10 22:29:26 ----A---- C:\windows\system32\TSpkg.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\schtasks.exe
2011-03-10 22:29:26 ----A---- C:\windows\system32\SearchFolder.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\scavengeui.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\scansetting.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\netlogon.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\msv1_0.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\manage-bde.exe
2011-03-10 22:29:26 ----A---- C:\windows\system32\fveapi.dll
2011-03-10 22:29:26 ----A---- C:\windows\system32\credssp.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sppobjs.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sdrsvc.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sdengin2.dll
2011-03-10 22:29:25 ----A---- C:\windows\system32\sdclt.exe
2011-03-10 22:29:25 ----A---- C:\windows\system32\scecli.dll
2011-03-10 22:29:24 ----A---- C:\windows\system32\secproc.dll
2011-03-10 22:29:24 ----A---- C:\windows\system32\RMActivate.exe
2011-03-10 22:29:24 ----A---- C:\windows\system32\repair-bde.exe
2011-03-10 22:29:24 ----A---- C:\windows\system32\drivers\fvevol.sys
2011-03-10 22:29:20 ----A---- C:\windows\system32\uxlib.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\spwizres.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\spwizeng.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\secproc_ssp.dll
2011-03-10 22:29:20 ----A---- C:\windows\system32\RMActivate_ssp.exe
2011-03-10 22:29:19 ----A---- C:\windows\system32\sysmain.dll
2011-03-10 22:29:19 ----A---- C:\windows\system32\secproc_isv.dll
2011-03-10 22:29:19 ----A---- C:\windows\system32\RMActivate_isv.exe
2011-03-10 22:29:18 ----A---- C:\windows\system32\srrstr.dll
2011-03-10 22:29:18 ----A---- C:\windows\system32\logoncli.dll
2011-03-10 22:29:18 ----A---- C:\windows\system32\CertPolEng.dll
2011-03-10 22:29:17 ----A---- C:\windows\system32\sharemediacpl.dll
2011-03-10 22:29:17 ----A---- C:\windows\system32\scesrv.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\WinSCard.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\sppwinob.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\runonce.exe
2011-03-10 22:29:16 ----A---- C:\windows\system32\rpchttp.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\RpcRtRemote.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\rpcrt4.dll
2011-03-10 22:29:16 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\Robocopy.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\riched32.dll
2011-03-10 22:29:15 ----A---- C:\windows\system32\riched20.dll
2011-03-10 22:29:15 ----A---- C:\windows\system32\RelPost.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\recovery.dll
2011-03-10 22:29:15 ----A---- C:\windows\system32\recdisc.exe
2011-03-10 22:29:15 ----A---- C:\windows\system32\drivers\rmcast.sys
2011-03-10 22:29:15 ----A---- C:\windows\system32\drivers\rdyboost.sys
2011-03-10 22:29:15 ----A---- C:\windows\system32\drivers\rdbss.sys
2011-03-10 22:29:14 ----A---- C:\windows\system32\rtutils.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rastls.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rastapi.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rasppp.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\rasmans.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\mprddm.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\iprtrmgr.dll
2011-03-10 22:29:14 ----A---- C:\windows\system32\cmstp.exe
2011-03-10 22:29:13 ----A---- C:\windows\system32\raschap.dll
2011-03-10 22:29:13 ----A---- C:\windows\system32\drivers\wanarp.sys
2011-03-10 22:29:12 ----A---- C:\windows\system32\vpnikeapi.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\vpnike.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-03-10 22:29:12 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2011-03-10 22:29:12 ----A---- C:\windows\system32\drivers\ndproxy.sys
2011-03-10 22:29:12 ----A---- C:\windows\system32\drivers\ndiswan.sys
2011-03-10 22:29:10 ----A---- C:\windows\system32\RacEngn.dll
2011-03-10 22:29:10 ----A---- C:\windows\system32\msdrm.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\qedit.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\proquota.exe
2011-03-10 22:29:09 ----A---- C:\windows\system32\propsys.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\profsvc.dll
2011-03-10 22:29:09 ----A---- C:\windows\system32\profprov.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\sppnp.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\spoolsv.exe
2011-03-10 22:29:08 ----A---- C:\windows\system32\prncache.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\powercpl.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\pifmgr.dll
2011-03-10 22:29:08 ----A---- C:\windows\system32\hgprint.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\wvc.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\WMPhoto.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\wdc.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\photowiz.dll
2011-03-10 22:29:07 ----A---- C:\windows\system32\perfmon.exe
2011-03-10 22:29:07 ----A---- C:\windows\system32\pdhui.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\wpccpl.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\wdscore.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\unlodctr.exe
2011-03-10 22:29:06 ----A---- C:\windows\system32\PnPUnattend.exe
2011-03-10 22:29:06 ----A---- C:\windows\system32\PkgMgr.exe
2011-03-10 22:29:06 ----A---- C:\windows\system32\PerfCenterCPL.dll
2011-03-10 22:29:06 ----A---- C:\windows\system32\drivers\partmgr.sys
2011-03-10 22:29:05 ----A---- C:\windows\system32\prnfldr.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\printui.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\pla.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\pdh.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\ntprint.dll
2011-03-10 22:29:05 ----A---- C:\windows\system32\inetpp.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\win32spl.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\relog.exe
2011-03-10 22:29:04 ----A---- C:\windows\system32\puiobj.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\PrintIsolationProxy.dll
2011-03-10 22:29:04 ----A---- C:\windows\system32\logman.exe
2011-03-10 22:29:04 ----A---- C:\windows\system32\localspl.dll
2011-03-10 22:29:02 ----A---- C:\windows\system32\prntvpt.dll
2011-03-10 22:29:02 ----A---- C:\windows\system32\ntoskrnl.exe
2011-03-10 22:29:01 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-03-10 22:29:00 ----A---- C:\windows\system32\OnLineIDCpl.dll
2011-03-10 22:29:00 ----A---- C:\windows\system32\onexui.dll
2011-03-10 22:29:00 ----A---- C:\windows\system32\onex.dll
2011-03-10 22:28:59 ----A---- C:\windows\system32\olepro32.dll
2011-03-10 22:28:59 ----A---- C:\windows\system32\oleaut32.dll
2011-03-10 22:28:59 ----A---- C:\windows\system32\ocsetup.exe
2011-03-10 22:28:59 ----A---- C:\windows\system32\ocsetapi.dll
2011-03-10 22:28:58 ----A---- C:\windows\system32\cscdll.dll
2011-03-10 22:28:58 ----A---- C:\windows\system32\cscapi.dll
2011-03-10 22:28:58 ----A---- C:\windows\system32\asycfilt.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\ntshrui.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\ntlanman.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\ntdll.dll
2011-03-10 22:28:57 ----A---- C:\windows\system32\nslookup.exe
2011-03-10 22:28:57 ----A---- C:\windows\system32\drivers\ntfs.sys
2011-03-10 22:28:57 ----A---- C:\windows\system32\dosx.exe
2011-03-10 22:28:56 ----A---- C:\windows\system32\nshwfp.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\nlasvc.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\nlaapi.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\networkmap.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\networkexplorer.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\netcenter.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\ncsi.dll
2011-03-10 22:28:56 ----A---- C:\windows\system32\IKEEXT.DLL
2011-03-10 22:28:55 ----A---- C:\windows\system32\pnidui.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netutils.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netshell.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netplwiz.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\netjoin.dll
2011-03-10 22:28:55 ----A---- C:\windows\system32\FWPUCLNT.DLL
2011-03-10 22:28:55 ----A---- C:\windows\system32\drivers\netio.sys
2011-03-10 22:28:55 ----A---- C:\windows\system32\BFE.DLL
2011-03-10 22:28:54 ----A---- C:\windows\system32\netcfgx.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\netcfg.exe
2011-03-10 22:28:54 ----A---- C:\windows\system32\netbtugc.exe
2011-03-10 22:28:54 ----A---- C:\windows\system32\netapi32.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\net1.exe
2011-03-10 22:28:54 ----A---- C:\windows\system32\ncryptui.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\nci.dll
2011-03-10 22:28:54 ----A---- C:\windows\system32\drivers\netbt.sys
2011-03-10 22:28:54 ----A---- C:\windows\system32\drivers\ndisuio.sys
2011-03-10 22:28:54 ----A---- C:\windows\system32\drivers\ndis.sys
2011-03-10 22:28:53 ----A---- C:\windows\system32\NaturalLanguage6.dll
2011-03-10 22:28:50 ----A---- C:\windows\system32\QUTIL.DLL
2011-03-10 22:28:50 ----A---- C:\windows\system32\KMSVC.DLL
2011-03-10 22:28:49 ----A---- C:\windows\system32\QSVRMGMT.DLL
2011-03-10 22:28:49 ----A---- C:\windows\system32\QSHVHOST.DLL
2011-03-10 22:28:49 ----A---- C:\windows\system32\ipsmsnap.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\QCLIPROV.DLL
2011-03-10 22:28:48 ----A---- C:\windows\system32\QAGENTRT.DLL
2011-03-10 22:28:48 ----A---- C:\windows\system32\QAGENT.DLL
2011-03-10 22:28:48 ----A---- C:\windows\system32\nshipsec.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\netdiagfx.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\napdsnap.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\iasrecst.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\iasrad.dll
2011-03-10 22:28:48 ----A---- C:\windows\system32\iasacct.dll
2011-03-10 22:28:46 ----A---- C:\windows\system32\mydocs.dll
2011-03-10 22:28:46 ----A---- C:\windows\system32\msxml6.dll
2011-03-10 22:28:46 ----A---- C:\windows\system32\mcbuilder.exe
2011-03-10 22:28:46 ----A---- C:\windows\system32\IPSECSVC.DLL
2011-03-10 22:28:45 ----A---- C:\windows\system32\msxml3.dll
2011-03-10 22:28:45 ----A---- C:\windows\system32\MSMPEG2ENC.DLL
2011-03-10 22:28:44 ----A---- C:\windows\system32\msinfo32.exe
2011-03-10 22:28:44 ----A---- C:\windows\system32\msieftp.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\msftedit.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\msconfig.exe
2011-03-10 22:28:44 ----A---- C:\windows\system32\msasn1.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\MSAC3ENC.DLL
2011-03-10 22:28:44 ----A---- C:\windows\system32\mprapi.dll
2011-03-10 22:28:44 ----A---- C:\windows\system32\drivers\mountmgr.sys
2011-03-10 22:28:43 ----A---- C:\windows\system32\SyncCenter.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\SensorsCpl.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\mobsync.exe
2011-03-10 22:28:43 ----A---- C:\windows\system32\MMDevAPI.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\mfreadwrite.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\MFPlay.dll
2011-03-10 22:28:43 ----A---- C:\windows\system32\mfds.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\WMVCORE.DLL
2011-03-10 22:28:42 ----A---- C:\windows\system32\wmdrmnet.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\wmdrmdev.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\mfc42u.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\mfc40u.dll
2011-03-10 22:28:42 ----A---- C:\windows\system32\mfc40.dll
2011-03-10 22:28:41 ----A---- C:\windows\system32\wmpsrcwp.dll
2011-03-10 22:28:41 ----A---- C:\windows\system32\wmpshell.dll
2011-03-10 22:28:41 ----A---- C:\windows\system32\wmpps.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\WMPEncEn.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\wmpeffects.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\wmpdxm.dll
2011-03-10 22:28:40 ----A---- C:\windows\system32\WMNetMgr.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\wmdrmsdk.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\msscp.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\msnetobj.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\logagent.exe
2011-03-10 22:28:39 ----A---- C:\windows\system32\drmmgrtn.dll
2011-03-10 22:28:39 ----A---- C:\windows\system32\blackbox.dll
2011-03-10 22:28:38 ----A---- C:\windows\system32\wmploc.DLL
2011-03-10 22:28:37 ----A---- C:\windows\system32\wmp.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\spwmp.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\mf.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\MediaMetadataHandler.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\mapistub.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\mapi32.dll
2011-03-10 22:28:37 ----A---- C:\windows\system32\dxmasf.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\migisol.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\inetcomm.dll
2011-03-10 22:28:36 ----A---- C:\windows\system32\AuxiliaryDisplayCpl.dll
2011-03-10 22:28:35 ----A---- C:\windows\system32\sqlsrv32.dll
2011-03-10 22:28:35 ----A---- C:\windows\system32\odbcconf.dll
2011-03-10 22:28:35 ----A---- C:\windows\system32\AuxiliaryDisplayServices.dll
2011-03-10 22:28:34 ----A---- C:\windows\system32\mcmde.dll
2011-03-10 22:28:33 ----A---- C:\windows\system32\mblctr.exe
2011-03-10 22:28:32 ----A---- C:\windows\system32\odbctrac.dll
2011-03-10 22:28:32 ----A---- C:\windows\system32\mmcndmgr.dll
2011-03-10 22:28:32 ----A---- C:\windows\system32\MdSched.exe
2011-03-10 22:28:31 ----A---- C:\windows\system32\odbccp32.dll
2011-03-10 22:28:31 ----A---- C:\windows\system32\odbc32.dll
2011-03-10 22:28:31 ----A---- C:\windows\system32\msorcl32.dll
2011-03-10 22:28:31 ----A---- C:\windows\system32\defaultlocationcpl.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\sspisrv.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\sspicli.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\secur32.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\odbcjt32.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\luainstall.dll
2011-03-10 22:28:30 ----A---- C:\windows\system32\consent.exe
2011-03-10 22:28:30 ----A---- C:\windows\system32\appinfo.dll
2011-03-10 22:28:29 ----A---- C:\windows\system32\nrpsrv.dll
2011-03-10 22:28:29 ----A---- C:\windows\system32\lsasrv.dll
2011-03-10 22:28:29 ----A---- C:\windows\system32\lpremove.exe
2011-03-10 22:28:29 ----A---- C:\windows\system32\lpksetup.exe
2011-03-10 22:28:29 ----A---- C:\windows\system32\drivers\ksecdd.sys
2011-03-10 22:28:28 ----A---- C:\windows\system32\Wldap32.dll
2011-03-10 22:28:23 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2011-03-10 22:28:16 ----A---- C:\windows\system32\KernelBase.dll
2011-03-10 22:28:16 ----A---- C:\windows\system32\kernel32.dll
2011-03-10 22:28:16 ----A---- C:\windows\system32\iTVData.dll
2011-03-10 22:28:16 ----A---- C:\windows\system32\isoburn.exe
2011-03-10 22:28:16 ----A---- C:\windows\system32\drivers\ks.sys
2011-03-10 22:28:15 ----A---- C:\windows\system32\wshirda.dll
2011-03-10 22:28:15 ----A---- C:\windows\system32\nlsbres.dll
2011-03-10 22:28:15 ----A---- C:\windows\system32\MuiUnattend.exe
2011-03-10 22:28:15 ----A---- C:\windows\system32\msihnd.dll
2011-03-10 22:28:15 ----A---- C:\windows\system32\msiexec.exe
2011-03-10 22:28:15 ----A---- C:\windows\system32\msi.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\imm32.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\imapi2.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\dbghelp.dll
2011-03-10 22:28:14 ----A---- C:\windows\system32\dbgeng.dll
2011-03-10 22:28:12 ----A---- C:\windows\system32\ieframe.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\webcheck.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\occache.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\msrating.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\inseng.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\iesysprep.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\iertutil.dll
2011-03-10 22:28:11 ----A---- C:\windows\system32\ie4uinit.exe
2011-03-10 22:28:10 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2011-03-10 22:28:10 ----A---- C:\windows\system32\mshtmled.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\msfeedssync.exe
2011-03-10 22:28:10 ----A---- C:\windows\system32\msfeedsbs.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\msfeeds.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\imgutil.dll
2011-03-10 22:28:10 ----A---- C:\windows\system32\ieUnatt.exe
2011-03-10 22:28:09 ----A---- C:\windows\system32\mscms.dll
2011-03-10 22:28:09 ----A---- C:\windows\system32\licmgr10.dll
2011-03-10 22:28:09 ----A---- C:\windows\system32\iepeers.dll
2011-03-10 22:28:09 ----A---- C:\windows\system32\iedkcs32.dll
2011-03-10 22:28:08 ----A---- C:\windows\system32\wininet.dll
2011-03-10 22:28:07 ----A---- C:\windows\system32\tzres.dll
2011-03-10 22:28:07 ----A---- C:\windows\system32\kbdlk41a.dll
2011-03-10 22:28:04 ----A---- C:\windows\system32\KBDUS.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\mstime.dll
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDUGHR1.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDSF.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDGKL.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\KBDBULG.DLL
2011-03-10 22:28:03 ----A---- C:\windows\system32\iphlpsvc.dll
2011-03-10 22:28:03 ----A---- C:\windows\system32\C_ISCII.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDTURME.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDTUF.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDTAJIK.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDSG.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDPO.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDNEPR.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDMON.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDMAORI.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDLT1.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINTEL.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINTAM.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINORI.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINMAR.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINKAN.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINHIN.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDINBEN.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDGR1.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDGEO.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDCZ1.DLL
2011-03-10 22:28:02 ----A---- C:\windows\system32\KBDBASH.DLL
2011-03-10 22:28:01 ----A---- C:\windows\system32\KBDTUQ.DLL
2011-03-10 22:28:01 ----A---- C:\windows\system32\KBDBLR.DLL
2011-03-10 22:28:01 ----A---- C:\windows\system32\iscsium.dll
2011-03-10 22:28:01 ----A---- C:\windows\system32\iscsicli.exe
2011-03-10 22:28:01 ----A---- C:\windows\system32\elsTrans.dll
2011-03-10 22:27:59 ----A---- C:\windows\system32\urlmon.dll
2011-03-10 22:27:59 ----A---- C:\windows\system32\imapi2fs.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\provsvc.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\ListSvc.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\itircl.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\httpapi.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\HotStartUserAgent.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\hgcpl.dll
2011-03-10 22:27:58 ----A---- C:\windows\system32\drivers\http.sys
2011-03-10 22:27:57 ----A---- C:\windows\system32\hbaapi.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\halmacpi.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\halacpi.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\hal.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\drivers\hwpolicy.sys
2011-03-10 22:27:57 ----A---- C:\windows\system32\ActionCenterCPL.dll
2011-03-10 22:27:57 ----A---- C:\windows\system32\ActionCenter.dll
2011-03-10 22:27:46 ----A---- C:\windows\system32\gpsvc.dll
2011-03-10 22:27:46 ----A---- C:\windows\system32\gdi32.dll
2011-03-10 22:27:45 ----A---- C:\windows\system32\gameux.dll
2011-03-10 22:27:43 ----A---- C:\windows\system32\ftp.exe
2011-03-10 22:27:42 ----A---- C:\windows\system32\t2embed.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\muifontsetup.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\fontext.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\fms.dll
2011-03-10 22:27:42 ----A---- C:\windows\system32\findstr.exe
2011-03-10 22:27:41 ----A---- C:\windows\system32\resutils.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\ifsutil.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\FXSTIFF.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\FXSSVC.exe
2011-03-10 22:27:41 ----A---- C:\windows\system32\FXSMON.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\fdeploy.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\fde.dll
2011-03-10 22:27:41 ----A---- C:\windows\system32\clusapi.dll
2011-03-10 22:27:40 ----A---- C:\windows\system32\untfs.dll
2011-03-10 22:27:39 ----A---- C:\windows\system32\WFS.exe
2011-03-10 22:27:39 ----A---- C:\windows\system32\FXSCOVER.exe
2011-03-10 22:27:38 ----A---- C:\windows\system32\wevtsvc.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\WerFaultSecure.exe
2011-03-10 22:27:38 ----A---- C:\windows\system32\wer.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\Faultrep.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\ExplorerFrame.dll
2011-03-10 22:27:38 ----A---- C:\windows\system32\eudcedit.exe
2011-03-10 22:27:38 ----A---- C:\windows\explorer.exe
2011-03-10 22:27:37 ----A---- C:\windows\system32\werconcpl.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\mspbda.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\msdri.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\evr.dll
2011-03-10 22:27:37 ----A---- C:\windows\system32\EhStorAPI.dll
2011-03-10 22:27:36 ----A---- C:\windows\system32\Mcx2Svc.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\MCEWMDRMNDBootstrap.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\esent.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\efscore.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\eapphost.dll
2011-03-10 22:27:35 ----A---- C:\windows\system32\eappgnui.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\eapp3hst.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\DxpTaskSync.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\DXPTaskRingtone.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\DXP.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dskquoui.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\drvstore.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dot3ui.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dot3svc.dll
2011-03-10 22:27:34 ----A---- C:\windows\system32\dot3msm.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dot3cfg.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dot3api.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnsrslvr.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnscmmc.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnscacheugc.exe
2011-03-10 22:27:33 ----A---- C:\windows\system32\dnsapi.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\Display.dll
2011-03-10 22:27:33 ----A---- C:\windows\system32\diskraid.exe
2011-03-10 22:27:32 ----A---- C:\windows\system32\dxgi.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\drivers\Diskdump.sys
2011-03-10 22:27:32 ----A---- C:\windows\system32\dpnaddr.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\diskpart.exe
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d9.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d11.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d10warp.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d10level9.dll
2011-03-10 22:27:32 ----A---- C:\windows\system32\d3d10_1core.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\vfwwdm32.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\samsrv.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\quartz.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qdvd.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qdv.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qcap.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\qasf.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\msdmo.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\mciqtz32.dll
2011-03-10 22:27:31 ----A---- C:\windows\system32\amstream.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\setupugc.exe
2011-03-10 22:27:30 ----A---- C:\windows\system32\dxdiagn.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\dsauth.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\drivers\dfsc.sys
2011-03-10 22:27:30 ----A---- C:\windows\system32\dpx.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\DiagCpl.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\dhcpcore.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\dfrgui.exe
2011-03-10 22:27:30 ----A---- C:\windows\system32\DevicePairingFolder.dll
2011-03-10 22:27:30 ----A---- C:\windows\system32\DeviceCenter.dll
2011-03-10 22:27:29 ----A---- C:\windows\system32\samcli.dll
2011-03-10 22:27:29 ----A---- C:\windows\system32\dwmredir.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\tsbyuv.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\msyuv.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\iyuv_32.dll
2011-03-10 22:27:26 ----A---- C:\windows\system32\dwmcore.dll
2011-03-10 22:27:23 ----A---- C:\windows\system32\WUDFx.dll
2011-03-10 22:27:23 ----A---- C:\windows\system32\WUDFSvc.dll
2011-03-10 22:27:23 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2011-03-10 22:27:23 ----A---- C:\windows\system32\dps.dll
2011-03-10 22:27:22 ----A---- C:\windows\system32\WUDFPlatform.dll
2011-03-10 22:27:22 ----A---- C:\windows\system32\WUDFHost.exe
2011-03-10 22:27:22 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2011-03-10 22:27:22 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2011-03-10 22:27:15 ----A---- C:\windows\system32\localsec.dll
2011-03-10 22:27:11 ----A---- C:\windows\system32\cryptui.dll
2011-03-10 22:27:09 ----A---- C:\windows\system32\cryptsvc.dll
2011-03-10 22:27:09 ----A---- C:\windows\system32\crypt32.dll
2011-03-10 22:27:09 ----A---- C:\windows\system32\credui.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\umpnpmgr.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\OpcServices.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\olethk32.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\netid.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\msdtctm.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\mimefilt.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\imagehlp.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\conhost.exe
2011-03-10 22:27:08 ----A---- C:\windows\system32\comdlg32.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\cmd.exe
2011-03-10 22:27:08 ----A---- C:\windows\system32\cfgmgr32.dll
2011-03-10 22:27:08 ----A---- C:\windows\system32\autoconv.exe
2011-03-10 22:27:07 ----A---- C:\windows\system32\rpcss.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\ole32.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\ci.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\cdosys.dll
2011-03-10 22:27:07 ----A---- C:\windows\system32\calc.exe
2011-03-10 22:27:06 ----A---- C:\windows\system32\xpsservices.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\diagperf.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\certcli.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\cabview.dll
2011-03-10 22:27:06 ----A---- C:\windows\system32\cabinet.dll
2011-03-10 22:27:05 ----A---- C:\windows\system32\XpsRasterService.dll
2011-03-10 22:27:05 ----A---- C:\windows\system32\Query.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\wshbth.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\mtxclu.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\certmgr.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\browseui.dll
2011-03-10 22:27:04 ----A---- C:\windows\system32\browser.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\wbengine.exe
2011-03-10 22:27:03 ----A---- C:\windows\system32\qmgr.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\browcli.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bootres.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\BlbEvents.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bitsperf.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bitsadmin.exe
2011-03-10 22:27:03 ----A---- C:\windows\system32\biocpl.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\bcdboot.exe
2011-03-10 22:27:03 ----A---- C:\windows\system32\batmeter.dll
2011-03-10 22:27:03 ----A---- C:\windows\system32\basesrv.dll
2011-03-10 22:27:02 ----A---- C:\windows\system32\winresume.exe
2011-03-10 22:27:02 ----A---- C:\windows\system32\winload.exe
2011-03-10 22:27:02 ----A---- C:\windows\system32\sdcpl.dll
2011-03-10 22:27:02 ----A---- C:\windows\system32\bcdsrv.dll
2011-03-10 22:27:02 ----A---- C:\windows\bfsvc.exe
2011-03-10 22:27:00 ----A---- C:\windows\system32\setbcdlocale.dll
2011-03-10 22:27:00 ----A---- C:\windows\system32\bcdedit.exe
2011-03-10 22:26:59 ----A---- C:\windows\system32\LogonUI.exe
2011-03-10 22:26:59 ----A---- C:\windows\system32\AzSqlExt.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\azroleui.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\azroles.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\AxInstSv.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\autoplay.dll
2011-03-10 22:26:59 ----A---- C:\windows\system32\autochk.exe
2011-03-10 22:26:59 ----A---- C:\windows\system32\autofmt.exe
2011-03-10 22:26:58 ----A---- C:\windows\system32\winmm.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\WindowsAnytimeUpgrade.exe
2011-03-10 22:26:58 ----A---- C:\windows\system32\SndVolSSO.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\SndVol.exe
2011-03-10 22:26:58 ----A---- C:\windows\system32\drivers\appid.sys
2011-03-10 22:26:58 ----A---- C:\windows\system32\authui.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\audiosrv.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\AudioSes.dll
2011-03-10 22:26:58 ----A---- C:\windows\system32\audiodg.exe
2011-03-10 22:26:57 ----A---- C:\windows\system32\wdiasqmmodule.dll
2011-03-10 22:26:57 ----A---- C:\windows\system32\advapi32.dll
2011-03-10 22:26:57 ----A---- C:\windows\system32\actxprxy.dll
2011-03-10 22:26:57 ----A---- C:\windows\system32\accessibilitycpl.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\aepdu.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\aeinv.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\adsldp.dll
2011-03-10 22:26:56 ----A---- C:\windows\system32\acppage.dll
2011-03-10 22:26:55 ----A---- C:\windows\system32\WindowsAnytimeUpgradeResults.exe
2011-03-10 22:26:55 ----A---- C:\windows\system32\aitagent.exe
2011-03-10 22:26:55 ----A---- C:\windows\system32\activeds.dll
2011-03-10 22:26:54 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2011-03-10 22:26:54 ----A---- C:\windows\system32\apphelp.dll
2011-03-10 22:26:53 ----A---- C:\windows\system32\drivers\usbser.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\volmgr.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\termdd.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\pci.sys
2011-03-10 22:26:52 ----A---- C:\windows\system32\drivers\kbdhid.sys
2011-03-10 22:26:51 ----A---- C:\windows\system32\drivers\msiscsi.sys
2011-03-10 22:26:51 ----A---- C:\windows\system32\drivers\IPMIDrv.sys
2011-03-10 22:26:50 ----A---- C:\windows\system32\dsuiext.dll
2011-03-10 22:26:50 ----A---- C:\windows\system32\drivers\iaStorV.sys
2011-03-10 22:26:50 ----A---- C:\windows\system32\drivers\HdAudio.sys
2011-03-10 22:26:50 ----A---- C:\windows\system32\drivers\hdaudbus.sys
2011-03-10 22:26:49 ----A---- C:\windows\system32\srchadmin.dll
2011-03-10 22:26:49 ----A---- C:\windows\system32\OobeFldr.dll
2011-03-10 22:26:49 ----A---- C:\windows\system32\drivers\CompositeBus.sys
2011-03-10 22:26:48 ----A---- C:\windows\system32\fsquirt.exe
2011-03-10 22:26:48 ----A---- C:\windows\system32\drivers\cdrom.sys
2011-03-10 22:26:48 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2011-03-10 22:26:48 ----A---- C:\windows\system32\drivers\bthport.sys
2011-03-10 22:26:47 ----A---- C:\windows\system32\drivers\amdxata.sys
2011-03-10 22:26:47 ----A---- C:\windows\system32\drivers\amdsata.sys
2011-03-10 22:26:47 ----A---- C:\windows\system32\drivers\acpipmi.sys
2011-03-10 22:26:46 ----A---- C:\windows\system32\drivers\acpi.sys
2011-03-10 22:26:46 ----A---- C:\windows\system32\drivers\1394ohci.sys
2011-03-09 07:53:47 ----A---- C:\windows\system32\DWrite.dll
2011-03-09 07:53:46 ----A---- C:\windows\system32\FntCache.dll
2011-03-09 07:53:44 ----A---- C:\windows\system32\d2d1.dll
2011-03-09 07:53:37 ----A---- C:\windows\system32\CPFilters.dll
2011-03-09 07:53:36 ----A---- C:\windows\system32\EncDec.dll
2011-03-09 07:53:34 ----A---- C:\windows\system32\sbe.dll
2011-03-02 09:48:25 ----D---- C:\Program Files\Axis Communications
2011-03-01 19:27:43 ----D---- C:\Program Files\VAG908
2011-02-28 17:16:23 ----A---- C:\windows\system32\drivers\RT-USB.SYS
2011-02-28 17:16:22 ----A---- C:\windows\system32\RT-USB.DLL
2011-02-23 12:28:05 ----A---- C:\windows\SonySNCCS1011.ini
2011-02-23 08:03:29 ----A---- C:\windows\system32\XpsPrint.dll
2011-02-23 08:03:29 ----A---- C:\windows\system32\XpsGdiConverter.dll

======List of files/folders modified in the last 1 months======

2011-03-21 13:20:04 ----D---- C:\windows\Prefetch
2011-03-21 13:16:49 ----AD---- C:\Windows
2011-03-21 13:07:58 ----SHD---- C:\System Volume Information
2011-03-21 13:06:18 ----D---- C:\windows\system32\drivers
2011-03-21 11:23:06 ----D---- C:\windows\system32\config
2011-03-20 20:11:12 ----RD---- C:\Program Files
2011-03-20 19:48:54 ----D---- C:\windows\Tasks
2011-03-20 19:42:50 ----A---- C:\windows\system.ini
2011-03-20 19:42:22 ----D---- C:\windows\system32\drivers\etc
2011-03-20 19:38:03 ----D---- C:\windows\System32
2011-03-20 19:38:01 ----D---- C:\ProgramData
2011-03-20 19:27:27 ----D---- C:\windows\AppPatch
2011-03-20 19:27:20 ----D---- C:\Program Files\Common Files
2011-03-20 19:26:18 ----D---- C:\windows\system32\wbem
2011-03-20 14:47:28 ----D---- C:\windows\Minidump
2011-03-20 14:47:28 ----D---- C:\windows\debug
2011-03-20 14:37:51 ----D---- C:\windows\system32\Tasks
2011-03-20 13:20:43 ----D---- C:\windows\schemas
2011-03-20 09:53:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-03-20 09:53:15 ----D---- C:\windows\inf
2011-03-20 08:32:29 ----SHD---- C:\windows\Installer
2011-03-18 15:54:09 ----A---- C:\windows\FPConfig.INI
2011-03-17 19:08:34 ----D---- C:\windows\system32\DriverStore
2011-03-17 19:08:34 ----D---- C:\windows\system32\catroot
2011-03-17 19:03:55 ----D---- C:\windows\system32\NDF
2011-03-17 10:19:08 ----A---- C:\windows\wcx_ftp.ini
2011-03-16 11:11:58 ----A---- C:\windows\glxy_gld32.ini
2011-03-14 15:35:50 ----D---- C:\Users\Standa\AppData\Roaming\FileZilla
2011-03-13 10:09:54 ----D---- C:\Users\Standa\AppData\Roaming\PC Suite
2011-03-12 20:32:52 ----D---- C:\windows\Microsoft.NET
2011-03-12 20:30:46 ----RSD---- C:\windows\assembly
2011-03-12 08:58:21 ----D---- C:\windows\winsxs
2011-03-12 08:55:52 ----D---- C:\Boot
2011-03-10 23:48:44 ----D---- C:\Program Files\Windows Mail
2011-03-10 23:48:43 ----D---- C:\Program Files\Windows Sidebar
2011-03-10 23:48:43 ----D---- C:\Program Files\Windows Portable Devices
2011-03-10 23:48:43 ----D---- C:\Program Files\Windows Media Player
2011-03-10 23:48:43 ----D---- C:\Program Files\Internet Explorer
2011-03-10 23:48:43 ----D---- C:\Program Files\DVD Maker
2011-03-10 23:48:42 ----D---- C:\Program Files\Windows Photo Viewer
2011-03-10 23:48:42 ----D---- C:\Program Files\Windows Journal
2011-03-10 23:48:39 ----D---- C:\Program Files\Windows Defender
2011-03-10 23:48:38 ----D---- C:\windows\servicing
2011-03-10 23:48:38 ----D---- C:\windows\ehome
2011-03-10 23:48:29 ----D---- C:\windows\system32\oobe
2011-03-10 23:48:29 ----D---- C:\windows\system32\en-US
2011-03-10 23:48:29 ----D---- C:\windows\system32\da-DK
2011-03-10 23:48:29 ----D---- C:\windows\PolicyDefinitions
2011-03-10 23:48:28 ----D---- C:\windows\system32\sysprep
2011-03-10 23:48:28 ----D---- C:\windows\system32\migration
2011-03-10 23:48:27 ----D---- C:\windows\system32\Setup
2011-03-10 23:48:27 ----D---- C:\windows\system32\cs
2011-03-10 23:48:27 ----D---- C:\windows\system32\AdvancedInstallers
2011-03-10 23:48:25 ----D---- C:\windows\system32\cs-CZ
2011-03-10 23:48:23 ----D---- C:\windows\system32\sppui
2011-03-10 23:48:23 ----D---- C:\windows\system32\manifeststore
2011-03-10 23:48:23 ----D---- C:\windows\system32\es-ES
2011-03-10 23:48:21 ----D---- C:\windows\system32\drivers\cs-CZ
2011-03-10 23:48:19 ----D---- C:\windows\system32\migwiz
2011-03-10 23:48:19 ----D---- C:\windows\system32\Dism
2011-03-10 23:47:47 ----RSD---- C:\windows\Fonts
2011-03-10 23:47:30 ----D---- C:\windows\system32\Boot
2011-03-10 23:04:44 ----A---- C:\windows\system32\MRT.exe
2011-03-10 23:03:06 ----D---- C:\ProgramData\Microsoft Help
2011-03-10 22:55:36 ----A---- C:\windows\system32\msclmd.dll
2011-03-10 21:57:40 ----D---- C:\windows\system32\catroot2
2011-03-09 09:35:31 ----D---- C:\WinloadPrivateDir
2011-03-02 09:49:35 ----D---- C:\windows\Downloaded Program Files
2011-02-23 16:04:17 ----A---- C:\windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2010-06-24 64288]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
R2 CBN;CBN; \??\C:\windows\System32\Drivers\CBN.SYS [2010-11-08 17408]
R3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2009-10-22 57800]
R3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2009-10-22 72520]
R3 gwiopm;gwiopm; \??\C:\windows\system32\gwiopm.sys [2010-11-08 3904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-09-29 2776672]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2009-08-11 66592]
R3 nvsmu;nvsmu; C:\windows\system32\DRIVERS\nvsmu.sys [2009-06-28 17920]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 862208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-20 213552]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Hardlock;Hardlock; C:\windows\system32\drivers\hardlock.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\windows\system32\Drivers\NSHE.SYS [2010-07-28 97792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 BULKUSB;BMZ Integral; C:\windows\System32\Drivers\SecoBlkUSB.sys [2006-09-08 17664]
S3 CBUSB;MARX CryptoTech LP; C:\windows\System32\drivers\CBUSB.sys [2007-02-14 45136]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RT-USB;Ross-Tech USB driver; C:\windows\system32\drivers\RT-USB.SYS [2009-05-22 58880]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 USBEFI;USB Efi Driver (usbefi.sys); C:\windows\System32\Drivers\usbefi.sys [2001-05-07 19805]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-02-23 42184]
R2 B5USBPort;B5 USB-Port; C:\Seconet\Integral\USB\B5USBPort.exe [2008-07-21 1140224]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-03 582944]
R2 IRCPAcousticDriver;IRCPAcousticDriver; C:\windows\system32\IRCPAcousticDriver.exe [2010-06-24 514560]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-07 211488]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-11 1352832]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-28 1343400]

-----------------EOF-----------------

Otevřete si Poznámkový blok a zkopírujte do něj text

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.



Vitsoft neznám, CCleaner doporučuji . Ad aware už taky nepatří mezi ty námi doporučované, raději jendou za čas sken mbamem.
Jsou ještě nějaké problémy s počítačem?

Počítač je OK, ještě jednou děkuji za pomoc.

Není zač