VIRY.CZ

Zdravím,
vzhledem k tomu, že se u mě v ntb zabydlel trojan a bojuji s ním už několik dní, prosím o pomoc a kontrolu logu z RSIT.
(Trojana našel původní antivir Comodo, odstranil ho a už ho nedetekoval. Nakonec jsem odstranila já antivir Comodo a stáhla Ad-aware. Ten ho opět našel, zlikvidoval, ale začaly problémy s připojením. Tak jsem odinstalovala i ten a stáhla Spyware Terminator. Ten identifikoval asi trojana nebo jeho součásti znovu a zasažené soubory, ale nedaří se mi s jeho pomocí problém vyřešit).
Děkuju předem za pomoc, Veronika

Log z RSIT - 1.část

Running processes:
C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Milos\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Milos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O2 - BHO: IEPwdBankBHO - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ReadyComm5] C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe -TrayMode
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skypeb\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [C:\Users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\install.exe] C:\Users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\install.exe /l*v "C:\Users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\msilog.txt" ProductLanguage=1029 INSTALL_TYPE=1 DB_INSTALL=1 CLOG="C:\Users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\CLOG.txt" WEB_SITE_NEW_HOST="PC" CM="false" UID="{21CADF69-E4FB-4AD3-9CAF-BEC04D4E6440}" WIN_EDITION=""
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1219161485-3790775211-283343708-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1219161485-3790775211-283343708-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O15 - Trusted Zone: http://*.i-darky.com
O15 - Trusted Zone: http://seminare.i-vzdelani.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} (ElevatedCreater Class) - http://consumersupport.lenovo.com/ot/en ... pdueng.cab
O16 - DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} (MachineInfoActiveX.MachineInfoActiveX) - http://shop.lenovo.com/SEUILibrary/leno ... neInfo.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Data Security Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe
O23 - Service: EgisTec Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
O23 - Service: EgisTec Service Help - Egis Technology Inc. - C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtLedService Installer (RtLedService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtLED\RtLEDService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\windows\system32\inetsrv\wmsvc.exe (file missing)

--
End of file - 16841 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56CBB761-DA41-4E31-B270-B13B4B0A61D0}]
IEPwdBankBHO Class - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll [2010-05-28 53616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-01 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-04 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-11-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-01 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2009-09-30 111640]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584]
"PLTSR"=C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [2010-05-19 364400]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2010-11-15 149280]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SpywareTerminator"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2011-04-17 2557440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"ReadyComm5"=C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe [2009-09-22 1501000]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-11-16 39408]
"Skype"=C:\Program Files (x86)\Skypeb\Phone\Skype.exe [2011-01-26 16945032]
"C:\Users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\install.exe"=C:\Users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\install.exe [2010-07-02 304664]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-04-17 3318784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

C:\Users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\SysWOW64\nvinit.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
EgisPwdFilter
EgisDSPwdFilter
EgisPLPwdFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2011-04-17 18:07:44 ----D---- C:\Program Files (x86)\trend micro
2011-04-17 18:07:40 ----D---- C:\rsit
2011-04-17 17:50:51 ----D---- C:\Program Files (x86)\ESET
2011-04-17 04:19:02 ----D---- C:\Program Files (x86)\WinClamAVShield
2011-04-17 04:09:48 ----D---- C:\Users\Milos\AppData\Roaming\Spyware Terminator
2011-04-17 04:09:48 ----D---- C:\ProgramData\Spyware Terminator
2011-04-17 04:09:48 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-04-17 01:35:13 ----D---- C:\ProgramData\Vodafone
2011-04-16 21:25:22 ----D---- C:\Users\Milos\AppData\Roaming\GRETECH
2011-04-16 19:15:11 ----D---- C:\Program Files (x86)\GRETECH
2011-04-16 18:27:34 ----D---- C:\Users\Milos\AppData\Roaming\InstallShield
2011-04-16 12:08:51 ----D---- C:\Program Files (x86)\O2
2011-04-13 18:51:58 ----A---- C:\windows\SysWOW64\mshtml.dll
2011-04-13 18:51:56 ----A---- C:\windows\SysWOW64\ieframe.dll
2011-04-13 18:51:55 ----A---- C:\windows\SysWOW64\wininet.dll
2011-04-13 18:51:55 ----A---- C:\windows\SysWOW64\urlmon.dll
2011-04-13 18:51:53 ----A---- C:\windows\SysWOW64\ieui.dll
2011-04-13 18:51:51 ----A---- C:\windows\SysWOW64\jsproxy.dll
2011-04-13 18:51:45 ----A---- C:\windows\SysWOW64\dnsapi.dll
2011-04-13 18:51:44 ----A---- C:\windows\SysWOW64\dnscacheugc.exe
2011-04-13 18:51:42 ----A---- C:\windows\SysWOW64\inetcomm.dll
2011-04-13 18:51:26 ----A---- C:\windows\SysWOW64\mfc42u.dll
2011-04-13 18:51:26 ----A---- C:\windows\SysWOW64\mfc42.dll
2011-04-13 18:51:21 ----A---- C:\windows\SysWOW64\jscript.dll
2011-04-13 18:51:20 ----A---- C:\windows\SysWOW64\vbscript.dll
2011-04-13 18:51:18 ----A---- C:\windows\SysWOW64\XpsGdiConverter.dll
2011-04-13 18:51:18 ----A---- C:\windows\SysWOW64\atmfd.dll
2011-04-13 18:51:17 ----A---- C:\windows\SysWOW64\atmlib.dll
2011-04-13 05:26:32 ----D---- C:\ProgramData\Lavasoft
2011-04-11 20:51:49 ----D---- C:\Program Files (x86)\Ultimate Process Manager
2011-04-05 16:51:13 ----D---- C:\Program Files (x86)\I.CA
2011-03-18 16:10:41 ----D---- C:\Users\Milos\AppData\Roaming\picpick
2011-03-18 16:10:08 ----D---- C:\Program Files (x86)\PicPick
2011-03-18 12:38:18 ----A---- C:\windows\SysWOW64\d3d10_1.dll
2011-03-16 18:43:38 ----D---- C:\Program Files (x86)\Common Files\COWON
2011-03-16 18:43:37 ----D---- C:\Program Files (x86)\JetAudio
2011-03-13 23:35:29 ----D---- C:\Users\Milos\AppData\Roaming\ColorSchemer
2011-03-12 18:56:22 ----A---- C:\windows\SysWOW64\dfshim.dll
2011-03-12 18:56:16 ----A---- C:\windows\SysWOW64\mstscax.dll
2011-03-12 18:56:14 ----A---- C:\windows\SysWOW64\d3d10warp.dll
2011-03-12 18:56:13 ----A---- C:\windows\SysWOW64\mfc40u.dll
2011-03-12 18:56:13 ----A---- C:\windows\SysWOW64\mfc40.dll
2011-03-12 18:56:06 ----A---- C:\windows\SysWOW64\shell32.dll
2011-03-12 18:56:06 ----A---- C:\windows\SysWOW64\secproc_isv.dll
2011-03-12 18:56:05 ----A---- C:\windows\SysWOW64\RMActivate_isv.exe
2011-03-12 18:56:04 ----A---- C:\windows\SysWOW64\secproc.dll
2011-03-12 18:56:03 ----A---- C:\windows\SysWOW64\RMActivate.exe
2011-03-12 18:56:00 ----A---- C:\windows\SysWOW64\mscoree.dll
2011-03-12 18:55:59 ----A---- C:\windows\SysWOW64\mf.dll
2011-03-12 18:55:58 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe
2011-03-12 18:55:58 ----A---- C:\windows\SysWOW64\CertEnroll.dll
2011-03-12 18:55:57 ----A---- C:\windows\SysWOW64\mssrch.dll
2011-03-12 18:55:57 ----A---- C:\windows\SysWOW64\iertutil.dll
2011-03-12 18:55:56 ----A---- C:\windows\SysWOW64\wmp.dll
2011-03-12 18:55:56 ----A---- C:\windows\explorer.exe
2011-03-12 18:55:54 ----A---- C:\windows\SysWOW64\PresentationHostProxy.dll
2011-03-12 18:55:54 ----A---- C:\windows\SysWOW64\PresentationHost.exe
2011-03-12 18:55:54 ----A---- C:\windows\SysWOW64\esent.dll
2011-03-12 18:55:53 ----A---- C:\windows\SysWOW64\ntoskrnl.exe
2011-03-12 18:55:51 ----A---- C:\windows\SysWOW64\tquery.dll
2011-03-12 18:55:50 ----A---- C:\windows\SysWOW64\RacEngn.dll
2011-03-12 18:55:48 ----A---- C:\windows\SysWOW64\AuthFWSnapin.dll
2011-03-12 18:55:44 ----A---- C:\windows\SysWOW64\ole32.dll
2011-03-12 18:55:44 ----A---- C:\windows\SysWOW64\ExplorerFrame.dll
2011-03-12 18:55:40 ----A---- C:\windows\SysWOW64\vssapi.dll
2011-03-12 18:55:40 ----A---- C:\windows\SysWOW64\SearchFolder.dll
2011-03-12 18:55:40 ----A---- C:\windows\SysWOW64\d3d9.dll
2011-03-12 18:55:39 ----A---- C:\windows\SysWOW64\taskschd.dll
2011-03-12 18:55:39 ----A---- C:\windows\SysWOW64\explorer.exe
2011-03-12 18:55:38 ----A---- C:\windows\SysWOW64\crypt32.dll
2011-03-12 18:55:36 ----A---- C:\windows\SysWOW64\mstsc.exe
2011-03-12 18:55:35 ----A---- C:\windows\SysWOW64\wer.dll
2011-03-12 18:55:35 ----A---- C:\windows\SysWOW64\ntdll.dll
2011-03-12 18:55:34 ----A---- C:\windows\SysWOW64\msxml6.dll
2011-03-12 18:55:34 ----A---- C:\windows\SysWOW64\certcli.dll
2011-03-12 18:55:33 ----A---- C:\windows\SysWOW64\odbc32.dll
2011-03-12 18:55:33 ----A---- C:\windows\SysWOW64\dwmcore.dll
2011-03-12 18:55:32 ----A---- C:\windows\SysWOW64\tcpmonui.dll
2011-03-12 18:55:32 ----A---- C:\windows\SysWOW64\mstime.dll
2011-03-12 18:55:31 ----A---- C:\windows\SysWOW64\quartz.dll
2011-03-12 18:55:30 ----A---- C:\windows\SysWOW64\TSWorkspace.dll
2011-03-12 18:55:30 ----A---- C:\windows\SysWOW64\tsmf.dll
2011-03-12 18:55:30 ----A---- C:\windows\SysWOW64\msfeeds.dll
2011-03-12 18:55:30 ----A---- C:\windows\SysWOW64\iedkcs32.dll
2011-03-12 18:55:30 ----A---- C:\windows\SysWOW64\dot3api.dll
2011-03-12 18:55:29 ----A---- C:\windows\SysWOW64\winhttp.dll
2011-03-12 18:55:29 ----A---- C:\windows\SysWOW64\setupapi.dll
2011-03-12 18:55:29 ----A---- C:\windows\SysWOW64\apphelp.dll
2011-03-12 18:55:28 ----A---- C:\windows\SysWOW64\MSVidCtl.dll
2011-03-12 18:55:28 ----A---- C:\windows\SysWOW64\dbgeng.dll
2011-03-12 18:55:27 ----A---- C:\windows\SysWOW64\WindowsCodecs.dll
2011-03-12 18:55:27 ----A---- C:\windows\SysWOW64\netlogon.dll
2011-03-12 18:55:27 ----A---- C:\windows\SysWOW64\d3d11.dll
2011-03-12 18:55:26 ----A---- C:\windows\SysWOW64\WMVDECOD.DLL
2011-03-12 18:55:26 ----A---- C:\windows\SysWOW64\netcfgx.dll
2011-03-12 18:55:25 ----A---- C:\windows\SysWOW64\webio.dll
2011-03-12 18:55:25 ----A---- C:\windows\SysWOW64\Query.dll
2011-03-12 18:55:24 ----A---- C:\windows\SysWOW64\WsmSvc.dll
2011-03-12 18:55:24 ----A---- C:\windows\SysWOW64\upnp.dll
2011-03-12 18:55:24 ----A---- C:\windows\SysWOW64\schannel.dll
2011-03-12 18:55:24 ----A---- C:\windows\SysWOW64\DShowRdpFilter.dll
2011-03-12 18:55:24 ----A---- C:\windows\SysWOW64\advapi32.dll
2011-03-12 18:55:23 ----A---- C:\windows\SysWOW64\netfxperf.dll
2011-03-12 18:55:23 ----A---- C:\windows\SysWOW64\mmcndmgr.dll
2011-03-12 18:55:22 ----A---- C:\windows\SysWOW64\msv1_0.dll
2011-03-12 18:55:22 ----A---- C:\windows\SysWOW64\msdrm.dll
2011-03-12 18:55:22 ----A---- C:\windows\SysWOW64\imapi2fs.dll
2011-03-12 18:55:22 ----A---- C:\windows\SysWOW64\authui.dll
2011-03-12 18:55:21 ----A---- C:\windows\SysWOW64\SessEnv.dll
2011-03-12 18:55:20 ----A---- C:\windows\SysWOW64\usp10.dll
2011-03-12 18:55:20 ----A---- C:\windows\SysWOW64\shlwapi.dll
2011-03-12 18:55:20 ----A---- C:\windows\SysWOW64\PortableDeviceApi.dll
2011-03-12 18:55:20 ----A---- C:\windows\SysWOW64\mcbuilder.exe
2011-03-12 18:55:19 ----A---- C:\windows\SysWOW64\certmgr.dll
2011-03-12 18:55:18 ----A---- C:\windows\SysWOW64\xpsservices.dll
2011-03-12 18:55:18 ----A---- C:\windows\SysWOW64\WebClnt.dll
2011-03-12 18:55:18 ----A---- C:\windows\SysWOW64\userenv.dll
2011-03-12 18:55:18 ----A---- C:\windows\SysWOW64\kernel32.dll
2011-03-12 18:55:18 ----A---- C:\windows\SysWOW64\d3d10_1core.dll
2011-03-12 18:55:17 ----A---- C:\windows\SysWOW64\comdlg32.dll
2011-03-12 18:55:16 ----A---- C:\windows\SysWOW64\cmd.exe
2011-03-12 18:55:14 ----A---- C:\windows\SysWOW64\Wldap32.dll
2011-03-12 18:55:14 ----A---- C:\windows\SysWOW64\win32spl.dll
2011-03-12 18:55:14 ----A---- C:\windows\SysWOW64\propsys.dll
2011-03-12 18:55:14 ----A---- C:\windows\SysWOW64\mfds.dll
2011-03-12 18:55:14 ----A---- C:\windows\SysWOW64\framedynos.dll
2011-03-12 18:55:13 ----A---- C:\windows\SysWOW64\user32.dll
2011-03-12 18:55:11 ----A---- C:\windows\SysWOW64\ncsi.dll
2011-03-12 18:55:11 ----A---- C:\windows\SysWOW64\azroles.dll
2011-03-12 18:55:09 ----A---- C:\windows\SysWOW64\themeui.dll
2011-03-12 18:55:09 ----A---- C:\windows\SysWOW64\credui.dll
2011-03-12 18:55:09 ----A---- C:\windows\splwow64.exe
2011-03-12 18:55:08 ----A---- C:\windows\SysWOW64\taskeng.exe
2011-03-12 18:55:08 ----A---- C:\windows\SysWOW64\spp.dll
2011-03-12 18:55:08 ----A---- C:\windows\SysWOW64\mswsock.dll
2011-03-12 18:55:08 ----A---- C:\windows\SysWOW64\dhcpcore.dll
2011-03-12 18:55:06 ----A---- C:\windows\SysWOW64\wintrust.dll
2011-03-12 18:55:06 ----A---- C:\windows\SysWOW64\msxml3.dll
2011-03-12 18:55:06 ----A---- C:\windows\SysWOW64\mfreadwrite.dll
2011-03-12 18:55:06 ----A---- C:\windows\SysWOW64\dxgi.dll
2011-03-12 18:55:06 ----A---- C:\windows\SysWOW64\dbghelp.dll
2011-03-12 18:55:06 ----A---- C:\windows\SysWOW64\basecsp.dll
2011-03-12 18:55:05 ----A---- C:\windows\SysWOW64\NaturalLanguage6.dll
2011-03-12 18:55:04 ----A---- C:\windows\SysWOW64\taskcomp.dll
2011-03-12 18:55:04 ----A---- C:\windows\SysWOW64\evr.dll
2011-03-12 18:55:02 ----A---- C:\windows\SysWOW64\WinSATAPI.dll
2011-03-12 18:55:01 ----A---- C:\windows\SysWOW64\calc.exe
2011-03-12 18:55:00 ----A---- C:\windows\SysWOW64\sqlsrv32.dll
2011-03-12 18:54:59 ----A---- C:\windows\SysWOW64\UIRibbon.dll
2011-03-12 18:54:59 ----A---- C:\windows\SysWOW64\sxs.dll
2011-03-12 18:54:59 ----A---- C:\windows\SysWOW64\ie4uinit.exe
2011-03-12 18:54:59 ----A---- C:\windows\SysWOW64\cryptsvc.dll
2011-03-12 18:54:58 ----A---- C:\windows\SysWOW64\ws2_32.dll
2011-03-12 18:54:58 ----A---- C:\windows\SysWOW64\stobject.dll
2011-03-12 18:54:58 ----A---- C:\windows\SysWOW64\netshell.dll
2011-03-12 18:54:57 ----A---- C:\windows\SysWOW64\gdi32.dll
2011-03-12 18:54:57 ----A---- C:\windows\SysWOW64\comctl32.dll
2011-03-12 18:54:56 ----A---- C:\windows\SysWOW64\prncache.dll
2011-03-12 18:54:56 ----A---- C:\windows\SysWOW64\printui.dll
2011-03-12 18:54:56 ----A---- C:\windows\SysWOW64\msi.dll
2011-03-12 18:54:55 ----A---- C:\windows\SysWOW64\WSDApi.dll
2011-03-12 18:54:55 ----A---- C:\windows\SysWOW64\wmpeffects.dll
2011-03-12 18:54:55 ----A---- C:\windows\SysWOW64\net1.exe
2011-03-12 18:54:54 ----A---- C:\windows\SysWOW64\scansetting.dll
2011-03-12 18:54:54 ----A---- C:\windows\SysWOW64\rpchttp.dll
2011-03-12 18:54:52 ----A---- C:\windows\SysWOW64\WMVCORE.DLL
2011-03-12 18:54:52 ----A---- C:\windows\SysWOW64\MMDevAPI.dll
2011-03-12 18:54:52 ----A---- C:\windows\SysWOW64\davclnt.dll
2011-03-12 18:54:51 ----A---- C:\windows\SysWOW64\wlangpui.dll
2011-03-12 18:54:51 ----A---- C:\windows\SysWOW64\QSHVHOST.DLL
2011-03-12 18:54:51 ----A---- C:\windows\SysWOW64\aaclient.dll
2011-03-12 18:54:50 ----A---- C:\windows\SysWOW64\wpdshext.dll
2011-03-12 18:54:50 ----A---- C:\windows\SysWOW64\webservices.dll
2011-03-12 18:54:50 ----A---- C:\windows\SysWOW64\t2embed.dll
2011-03-12 18:54:50 ----A---- C:\windows\SysWOW64\pnidui.dll
2011-03-12 18:54:50 ----A---- C:\windows\SysWOW64\fde.dll
2011-03-12 18:54:49 ----A---- C:\windows\SysWOW64\SyncCenter.dll
2011-03-12 18:54:49 ----A---- C:\windows\SysWOW64\netdiagfx.dll
2011-03-12 18:54:48 ----A---- C:\windows\SysWOW64\wuapi.dll
2011-03-12 18:54:48 ----A---- C:\windows\SysWOW64\wscapi.dll
2011-03-12 18:54:47 ----A---- C:\windows\SysWOW64\WinSCard.dll
2011-03-12 18:54:46 ----A---- C:\windows\SysWOW64\pla.dll
2011-03-12 18:54:46 ----A---- C:\windows\SysWOW64\msasn1.dll
2011-03-12 18:54:45 ----A---- C:\windows\SysWOW64\winsta.dll
2011-03-12 18:54:45 ----A---- C:\windows\SysWOW64\rdpcore.dll
2011-03-12 18:54:45 ----A---- C:\windows\SysWOW64\MSMPEG2ENC.DLL
2011-03-12 18:54:45 ----A---- C:\windows\SysWOW64\iepeers.dll
2011-03-12 18:54:44 ----A---- C:\windows\SysWOW64\ntshrui.dll
2011-03-12 18:54:44 ----A---- C:\windows\SysWOW64\imapi2.dll
2011-03-12 18:54:44 ----A---- C:\windows\SysWOW64\DXPTaskRingtone.dll
2011-03-12 18:54:43 ----A---- C:\windows\SysWOW64\gameux.dll
2011-03-12 18:54:42 ----A---- C:\windows\SysWOW64\WMPEncEn.dll
2011-03-12 18:54:42 ----A---- C:\windows\SysWOW64\onex.dll
2011-03-12 18:54:41 ----A---- C:\windows\SysWOW64\winmm.dll
2011-03-12 18:54:41 ----A---- C:\windows\SysWOW64\shsvcs.dll
2011-03-12 18:54:41 ----A---- C:\windows\SysWOW64\mssvp.dll
2011-03-12 18:54:41 ----A---- C:\windows\SysWOW64\hbaapi.dll
2011-03-12 18:54:40 ----A---- C:\windows\SysWOW64\samcli.dll
2011-03-12 18:54:40 ----A---- C:\windows\SysWOW64\netiohlp.dll
2011-03-12 18:54:40 ----A---- C:\windows\SysWOW64\autochk.exe
2011-03-12 18:54:40 ----A---- C:\windows\SysWOW64\autofmt.exe
2011-03-12 18:54:39 ----A---- C:\windows\SysWOW64\proquota.exe
2011-03-12 18:54:39 ----A---- C:\windows\SysWOW64\msutb.dll
2011-03-12 18:54:39 ----A---- C:\windows\SysWOW64\IPHLPAPI.DLL
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\thumbcache.dll
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\regapi.dll
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\msinfo32.exe
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\mimefilt.dll
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\ipsmsnap.dll
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\autoconv.exe
2011-03-12 18:54:38 ----A---- C:\windows\SysWOW64\AudioSes.dll
2011-03-12 18:54:37 ----A---- C:\windows\SysWOW64\tcpipcfg.dll
2011-03-12 18:54:37 ----A---- C:\windows\SysWOW64\srchadmin.dll
2011-03-12 18:54:37 ----A---- C:\windows\SysWOW64\schtasks.exe
2011-03-12 18:54:36 ----A---- C:\windows\SysWOW64\wcncsvc.dll
2011-03-12 18:54:36 ----A---- C:\windows\SysWOW64\powercpl.dll
2011-03-12 18:54:36 ----A---- C:\windows\SysWOW64\msihnd.dll
2011-03-12 18:54:36 ----A---- C:\windows\SysWOW64\framedyn.dll
2011-03-12 18:54:36 ----A---- C:\windows\SysWOW64\eapphost.dll
2011-03-12 18:54:35 ----A---- C:\windows\SysWOW64\QAGENT.DLL
2011-03-12 18:54:35 ----A---- C:\windows\SysWOW64\mscorier.dll
2011-03-12 18:54:35 ----A---- C:\windows\SysWOW64\AuxiliaryDisplayCpl.dll
2011-03-12 18:54:34 ----A---- C:\windows\SysWOW64\wdc.dll
2011-03-12 18:54:34 ----A---- C:\windows\SysWOW64\StructuredQuery.dll
2011-03-12 18:54:34 ----A---- C:\windows\SysWOW64\netid.dll
2011-03-12 18:54:34 ----A---- C:\windows\SysWOW64\actxprxy.dll
2011-03-12 18:54:33 ----A---- C:\windows\SysWOW64\scesrv.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\WMNetMgr.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\wlanpref.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\Vault.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\untfs.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\RpcRtRemote.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\rastls.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\oleaut32.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\nci.dll
2011-03-12 18:54:32 ----A---- C:\windows\SysWOW64\licmgr10.dll
2011-03-12 18:54:31 ----A---- C:\windows\SysWOW64\Robocopy.exe
2011-03-12 18:54:30 ----A---- C:\windows\SysWOW64\snmpsnap.dll
2011-03-12 18:54:29 ----A---- C:\windows\SysWOW64\taskmgr.exe
2011-03-12 18:54:29 ----A---- C:\windows\SysWOW64\DxpTaskSync.dll
2011-03-12 18:54:28 ----A---- C:\windows\SysWOW64\mtxclu.dll
2011-03-12 18:54:28 ----A---- C:\windows\SysWOW64\Display.dll
2011-03-12 18:54:27 ----A---- C:\windows\SysWOW64\XpsRasterService.dll
2011-03-12 18:54:27 ----A---- C:\windows\SysWOW64\userinit.exe
2011-03-12 18:54:27 ----A---- C:\windows\SysWOW64\puiobj.dll
2011-03-12 18:54:27 ----A---- C:\windows\SysWOW64\mssphtb.dll
2011-03-12 18:54:26 ----A---- C:\windows\SysWOW64\termmgr.dll
2011-03-12 18:54:26 ----A---- C:\windows\SysWOW64\eudcedit.exe
2011-03-12 18:54:25 ----A---- C:\windows\SysWOW64\shsetup.dll
2011-03-12 18:54:25 ----A---- C:\windows\SysWOW64\logoncli.dll
2011-03-12 18:54:24 ----A---- C:\windows\SysWOW64\wiadefui.dll
2011-03-12 18:54:24 ----A---- C:\windows\SysWOW64\sppcomapi.dll
2011-03-12 18:54:24 ----A---- C:\windows\SysWOW64\rasppp.dll
2011-03-12 18:54:24 ----A---- C:\windows\SysWOW64\FirewallControlPanel.dll
2011-03-12 18:54:24 ----A---- C:\windows\SysWOW64\cabview.dll
2011-03-12 18:54:23 ----A---- C:\windows\SysWOW64\themecpl.dll
2011-03-12 18:54:23 ----A---- C:\windows\SysWOW64\SensorsCpl.dll
2011-03-12 18:54:22 ----A---- C:\windows\SysWOW64\FWPUCLNT.DLL
2011-03-12 18:54:22 ----A---- C:\windows\SysWOW64\dnscmmc.dll
2011-03-12 18:54:21 ----A---- C:\windows\SysWOW64\hgcpl.dll
2011-03-12 18:54:20 ----A---- C:\windows\SysWOW64\tapisrv.dll
2011-03-12 18:54:20 ----A---- C:\windows\SysWOW64\scecli.dll
2011-03-12 18:54:20 ----A---- C:\windows\SysWOW64\mscories.dll
2011-03-12 18:54:20 ----A---- C:\windows\SysWOW64\mscms.dll
2011-03-12 18:54:20 ----A---- C:\windows\SysWOW64\fontext.dll
2011-03-12 18:54:19 ----A---- C:\windows\SysWOW64\mprddm.dll
2011-03-12 18:54:19 ----A---- C:\windows\SysWOW64\localsec.dll
2011-03-12 18:54:19 ----A---- C:\windows\SysWOW64\iasacct.dll
2011-03-12 18:54:18 ----A---- C:\windows\SysWOW64\wlanui.dll
2011-03-12 18:54:18 ----A---- C:\windows\SysWOW64\usercpl.dll
2011-03-12 18:54:18 ----A---- C:\windows\SysWOW64\SndVolSSO.dll
2011-03-12 18:54:18 ----A---- C:\windows\SysWOW64\PerfCenterCPL.dll
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\VAN.dll
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\SndVol.exe
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\qedit.dll
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\qdvd.dll
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\prntvpt.dll
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\netcenter.dll
2011-03-12 18:54:17 ----A---- C:\windows\SysWOW64\batmeter.dll
2011-03-12 18:54:16 ----A---- C:\windows\SysWOW64\w32tm.exe
2011-03-12 18:54:16 ----A---- C:\windows\SysWOW64\spwizeng.dll
2011-03-12 18:54:16 ----A---- C:\windows\SysWOW64\azroleui.dll
2011-03-12 18:54:15 ----A---- C:\windows\SysWOW64\zipfldr.dll
2011-03-12 18:54:15 ----A---- C:\windows\SysWOW64\fdeploy.dll
2011-03-12 18:54:15 ----A---- C:\windows\SysWOW64\accessibilitycpl.dll
2011-03-12 18:54:14 ----A---- C:\windows\SysWOW64\netjoin.dll
2011-03-12 18:54:14 ----A---- C:\windows\SysWOW64\MSAC3ENC.DLL
2011-03-12 18:54:14 ----A---- C:\windows\SysWOW64\cryptui.dll
2011-03-12 18:54:14 ----A---- C:\windows\SysWOW64\adsldp.dll
2011-03-12 18:54:13 ----A---- C:\windows\SysWOW64\networkmap.dll
2011-03-12 18:54:13 ----A---- C:\windows\SysWOW64\Faultrep.dll
2011-03-12 18:54:12 ----A---- C:\windows\SysWOW64\wusa.exe
2011-03-12 18:54:12 ----A---- C:\windows\SysWOW64\prnfldr.dll
2011-03-12 18:54:12 ----A---- C:\windows\SysWOW64\OnLineIDCpl.dll
2011-03-12 18:54:12 ----A---- C:\windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2011-03-12 18:54:12 ----A---- C:\windows\SysWOW64\cfgmgr32.dll
2011-03-12 18:54:11 ----A---- C:\windows\SysWOW64\sud.dll
2011-03-12 18:54:11 ----A---- C:\windows\SysWOW64\photowiz.dll
2011-03-12 18:54:11 ----A---- C:\windows\SysWOW64\msieftp.dll
2011-03-12 18:54:11 ----A---- C:\windows\SysWOW64\ActionCenter.dll
2011-03-12 18:54:10 ----A---- C:\windows\SysWOW64\MediaMetadataHandler.dll
2011-03-12 18:54:10 ----A---- C:\windows\SysWOW64\iprtrmgr.dll
2011-03-12 18:54:10 ----A---- C:\windows\SysWOW64\iasrad.dll
2011-03-12 18:54:10 ----A---- C:\windows\SysWOW64\credssp.dll
2011-03-12 18:54:09 ----A---- C:\windows\SysWOW64\ftp.exe
2011-03-12 18:54:09 ----A---- C:\windows\SysWOW64\dot3cfg.dll
2011-03-12 18:54:09 ----A---- C:\windows\SysWOW64\defaultlocationcpl.dll
2011-03-12 18:54:08 ----A---- C:\windows\SysWOW64\sisbkup.dll
2011-03-12 18:54:08 ----A---- C:\windows\SysWOW64\shwebsvc.dll
2011-03-12 18:54:08 ----A---- C:\windows\SysWOW64\ifsutil.dll
2011-03-12 18:54:08 ----A---- C:\windows\SysWOW64\ieUnatt.exe
2011-03-12 18:54:08 ----A---- C:\windows\SysWOW64\efscore.dll
2011-03-12 18:54:07 ----A---- C:\windows\SysWOW64\odbcjt32.dll
2011-03-12 18:54:07 ----A---- C:\windows\SysWOW64\iesysprep.dll
2011-03-12 18:54:07 ----A---- C:\windows\SysWOW64\ActionCenterCPL.dll
2011-03-12 18:54:06 ----A---- C:\windows\SysWOW64\syncui.dll
2011-03-12 18:54:06 ----A---- C:\windows\SysWOW64\ntlanman.dll
2011-03-12 18:54:06 ----A---- C:\windows\SysWOW64\DeviceCenter.dll
2011-03-12 18:54:06 ----A---- C:\windows\SysWOW64\autoplay.dll
2011-03-12 18:54:05 ----A---- C:\windows\SysWOW64\wmpmde.dll
2011-03-12 18:54:05 ----A---- C:\windows\SysWOW64\rtutils.dll
2011-03-12 18:54:05 ----A---- C:\windows\SysWOW64\dskquoui.dll
2011-03-12 18:54:04 ----A---- C:\windows\SysWOW64\systemcpl.dll
2011-03-12 18:54:04 ----A---- C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2011-03-12 18:54:04 ----A---- C:\windows\SysWOW64\sethc.exe
2011-03-12 18:54:04 ----A---- C:\windows\SysWOW64\OobeFldr.dll
2011-03-12 18:54:04 ----A---- C:\windows\SysWOW64\ntprint.dll
2011-03-12 18:54:04 ----A---- C:\windows\SysWOW64\nshwfp.dll
2011-03-12 18:54:03 ----A---- C:\windows\SysWOW64\riched20.dll
2011-03-12 18:54:03 ----A---- C:\windows\SysWOW64\blackbox.dll
2011-03-12 18:54:02 ----A---- C:\windows\SysWOW64\wmpsrcwp.dll
2011-03-12 18:54:02 ----A---- C:\windows\SysWOW64\netplwiz.dll
2011-03-12 18:54:02 ----A---- C:\windows\SysWOW64\NAPHLPR.DLL
2011-03-12 18:54:02 ----A---- C:\windows\SysWOW64\migisol.dll
2011-03-12 18:54:02 ----A---- C:\windows\SysWOW64\fms.dll
2011-03-12 18:54:02 ----A---- C:\windows\SysWOW64\activeds.dll
2011-03-12 18:54:01 ----A---- C:\windows\SysWOW64\httpapi.dll
2011-03-12 18:54:01 ----A---- C:\windows\SysWOW64\cdosys.dll
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\wavemsp.dll
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\ReAgent.dll
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\nshipsec.dll
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\nlaapi.dll
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\msftedit.dll
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\isoburn.exe
2011-03-12 18:54:00 ----A---- C:\windows\SysWOW64\asycfilt.dll
2011-03-12 18:53:59 ----A---- C:\windows\SysWOW64\wuwebv.dll
2011-03-12 18:53:59 ----A---- C:\windows\SysWOW64\wlanmsm.dll
2011-03-12 18:53:59 ----A---- C:\windows\SysWOW64\provsvc.dll
2011-03-12 18:53:59 ----A---- C:\windows\SysWOW64\dot3ui.dll
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\wvc.dll
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\wtsapi32.dll
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\tzutil.exe
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\ocsetup.exe
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\KernelBase.dll
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\dsuiext.dll
2011-03-12 18:53:58 ----A---- C:\windows\SysWOW64\dfrgui.exe
2011-03-12 18:53:57 ----A---- C:\windows\SysWOW64\wimgapi.dll
2011-03-12 18:53:57 ----A---- C:\windows\SysWOW64\mstask.dll
2011-03-12 18:53:56 ----A---- C:\windows\twain_32.dll
2011-03-12 18:53:56 ----A---- C:\windows\SysWOW64\webcheck.dll
2011-03-12 18:53:56 ----A---- C:\windows\SysWOW64\twext.dll
2011-03-12 18:53:56 ----A---- C:\windows\SysWOW64\shdocvw.dll
2011-03-12 18:53:56 ----A---- C:\windows\SysWOW64\qcap.dll
2011-03-12 18:53:55 ----A---- C:\windows\SysWOW64\setupugc.exe
2011-03-12 18:53:55 ----A---- C:\windows\SysWOW64\qasf.dll
2011-03-12 18:53:55 ----A---- C:\windows\SysWOW64\occache.dll
2011-03-12 18:53:55 ----A---- C:\windows\SysWOW64\msrating.dll
2011-03-12 18:53:55 ----A---- C:\windows\SysWOW64\msfeedsbs.dll
2011-03-12 18:53:54 ----A---- C:\windows\SysWOW64\uxlib.dll
2011-03-12 18:53:54 ----A---- C:\windows\SysWOW64\slwga.dll
2011-03-12 18:53:54 ----A---- C:\windows\SysWOW64\iisRtl.dll
2011-03-12 18:53:53 ----A---- C:\windows\SysWOW64\msvfw32.dll
2011-03-12 18:53:53 ----A---- C:\windows\SysWOW64\mciavi32.dll
2011-03-12 18:53:53 ----A---- C:\windows\SysWOW64\imgutil.dll
2011-03-12 18:53:52 ----A---- C:\windows\SysWOW64\wmdrmsdk.dll
2011-03-12 18:53:52 ----A---- C:\windows\SysWOW64\snmp.exe
2011-03-12 18:53:52 ----A---- C:\windows\SysWOW64\nslookup.exe
2011-03-12 18:53:52 ----A---- C:\windows\SysWOW64\DevicePairingFolder.dll
2011-03-12 18:53:52 ----A---- C:\windows\SysWOW64\clusapi.dll
2011-03-12 18:53:52 ----A---- C:\windows\SysWOW64\audiodev.dll
2011-03-12 18:53:51 ----A---- C:\windows\SysWOW64\WPDShServiceObj.dll
2011-03-12 18:53:51 ----A---- C:\windows\SysWOW64\rpcrt4.dll
2011-03-12 18:53:51 ----A---- C:\windows\SysWOW64\msscp.dll
2011-03-12 18:53:51 ----A---- C:\windows\SysWOW64\diskraid.exe
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\wimserv.exe
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\TSpkg.dll
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\remotepg.dll
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\rdpencom.dll
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\raschap.dll
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\perfmon.exe
2011-03-12 18:53:50 ----A---- C:\windows\SysWOW64\acppage.dll
2011-03-12 18:53:50 ----A---- C:\windows\bfsvc.exe
2011-03-12 18:53:49 ----A---- C:\windows\SysWOW64\QUTIL.DLL
2011-03-12 18:53:49 ----A---- C:\windows\SysWOW64\input.dll
2011-03-12 18:53:49 ----A---- C:\windows\SysWOW64\drmmgrtn.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\vpnikeapi.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\UserAccountControlSettings.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\olepro32.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\odbccp32.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\ocsetapi.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\networkexplorer.dll
2011-03-12 18:53:48 ----A---- C:\windows\SysWOW64\NAPCRYPT.DLL
2011-03-12 18:53:47 ----A---- C:\windows\SysWOW64\wmpdxm.dll
2011-03-12 18:53:47 ----A---- C:\windows\SysWOW64\vdsbas.dll
2011-03-12 18:53:47 ----A---- C:\windows\SysWOW64\onexui.dll
2011-03-12 18:53:47 ----A---- C:\windows\SysWOW64\iTVData.dll
2011-03-12 18:53:46 ----A---- C:\windows\SysWOW64\wpdwcn.dll
2011-03-12 18:53:46 ----A---- C:\windows\SysWOW64\runonce.exe
2011-03-12 18:53:46 ----A---- C:\windows\SysWOW64\inseng.dll
2011-03-12 18:53:46 ----A---- C:\windows\SysWOW64\dxdiagn.dll
2011-03-12 18:53:45 ----A---- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2011-03-12 18:53:45 ----A---- C:\windows\SysWOW64\msvidc32.dll
2011-03-12 18:53:45 ----A---- C:\windows\SysWOW64\MFPlay.dll
2011-03-12 18:53:45 ----A---- C:\windows\SysWOW64\logagent.exe
2011-03-12 18:53:45 ----A---- C:\windows\SysWOW64\eapp3hst.dll
2011-03-12 18:53:44 ----A---- C:\windows\SysWOW64\wmdrmdev.dll
2011-03-12 18:53:44 ----A---- C:\windows\SysWOW64\shacct.dll
2011-03-12 18:53:44 ----A---- C:\windows\SysWOW64\msiexec.exe
2011-03-12 18:53:44 ----A---- C:\windows\SysWOW64\d3d10level9.dll
2011-03-12 18:53:43 ----A---- C:\windows\SysWOW64\wmpshell.dll
2011-03-12 18:53:43 ----A---- C:\windows\SysWOW64\lsmproxy.dll
2011-03-12 18:53:43 ----A---- C:\windows\SysWOW64\bitsadmin.exe
2011-03-12 18:53:42 ----A---- C:\windows\SysWOW64\wudriver.dll
2011-03-12 18:53:42 ----A---- C:\windows\SysWOW64\unimdmat.dll
2011-03-12 18:53:42 ----A---- C:\windows\SysWOW64\sqlcese30.dll
2011-03-12 18:53:42 ----A---- C:\windows\SysWOW64\rdpd3d.dll
2011-03-12 18:53:42 ----A---- C:\windows\SysWOW64\mprapi.dll
2011-03-12 18:53:42 ----A---- C:\windows\SysWOW64\iscsium.dll
2011-03-12 18:53:41 ----A---- C:\windows\SysWOW64\pdh.dll
2011-03-12 18:53:41 ----A---- C:\windows\SysWOW64\OpcServices.dll
2011-03-12 18:53:41 ----A---- C:\windows\SysWOW64\cscapi.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\WPDSp.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\tsgqec.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\srvcli.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\QSVRMGMT.DLL
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\PortableDeviceSyncProvider.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\PortableDeviceStatus.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\olethk32.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\odbctrac.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\ncryptui.dll
2011-03-12 18:53:40 ----A---- C:\windows\SysWOW64\logman.exe
2011-03-12 18:53:39 ----A---- C:\windows\SysWOW64\WMPhoto.dll
2011-03-12 18:53:39 ----A---- C:\windows\SysWOW64\mapistub.dll
2011-03-12 18:53:39 ----A---- C:\windows\SysWOW64\mapi32.dll
2011-03-12 18:53:38 ----A---- C:\windows\SysWOW64\WMADMOD.DLL
2011-03-12 18:53:38 ----A---- C:\windows\SysWOW64\utildll.dll
2011-03-12 18:53:38 ----A---- C:\windows\SysWOW64\mshtmled.dll
2011-03-12 18:53:38 ----A---- C:\windows\SysWOW64\fphc.dll
2011-03-12 18:53:38 ----A---- C:\windows\SysWOW64\dot3msm.dll
2011-03-12 18:53:38 ----A---- C:\windows\SysWOW64\avifil32.dll
2011-03-12 18:53:37 ----A---- C:\windows\SysWOW64\WMVSDECD.DLL
2011-03-12 18:53:37 ----A---- C:\windows\SysWOW64\wiavideo.dll
2011-03-12 18:53:37 ----A---- C:\windows\SysWOW64\takeown.exe
2011-03-12 18:53:37 ----A---- C:\windows\SysWOW64\iyuv_32.dll
2011-03-12 18:53:36 ----A---- C:\windows\SysWOW64\wmdrmnet.dll
2011-03-12 18:53:36 ----A---- C:\windows\SysWOW64\sqmapi.dll
2011-03-12 18:53:36 ----A---- C:\windows\SysWOW64\qdv.dll
2011-03-12 18:53:36 ----A---- C:\windows\SysWOW64\imagehlp.dll
2011-03-12 18:53:36 ----A---- C:\windows\SysWOW64\EhStorAPI.dll
2011-03-12 18:53:35 ----A---- C:\windows\SysWOW64\sppinst.dll
2011-03-12 18:53:35 ----A---- C:\windows\SysWOW64\msyuv.dll
2011-03-12 18:53:35 ----A---- C:\windows\SysWOW64\msnetobj.dll
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\wsnmp32.dll
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\vfwwdm32.dll
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\sspicli.dll
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\QCLIPROV.DLL
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\pdhui.dll
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\MuiUnattend.exe
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\msrle32.dll
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\cmstp.exe
2011-03-12 18:53:34 ----A---- C:\windows\SysWOW64\cca.dll
2011-03-12 18:53:33 ----A---- C:\windows\SysWOW64\WMSPDMOD.DLL
2011-03-12 18:53:33 ----A---- C:\windows\SysWOW64\tsbyuv.dll
2011-03-12 18:53:33 ----A---- C:\windows\SysWOW64\setupcln.dll
2011-03-12 18:53:33 ----A---- C:\windows\SysWOW64\msorcl32.dll
2011-03-12 18:53:33 ----A---- C:\windows\SysWOW64\AzSqlExt.dll
2011-03-12 18:53:32 ----A---- C:\windows\SysWOW64\wkscli.dll
2011-03-12 18:53:32 ----A---- C:\windows\SysWOW64\spbcd.dll
2011-03-12 18:53:32 ----A---- C:\windows\SysWOW64\relog.exe
2011-03-12 18:53:32 ----A---- C:\windows\SysWOW64\netiougc.exe
2011-03-12 18:53:32 ----A---- C:\windows\SysWOW64\iscsicli.exe
2011-03-12 18:53:32 ----A---- C:\windows\SysWOW64\iasrecst.dll
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\secproc_ssp_isv.dll
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\resutils.dll
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\rastapi.dll
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\netbtugc.exe
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\mydocs.dll
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\itircl.dll
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\diskpart.exe
2011-03-12 18:53:31 ----A---- C:\windows\SysWOW64\amstream.dll
2011-03-12 18:53:30 ----A---- C:\windows\SysWOW64\wmpps.dll
2011-03-12 18:53:30 ----A---- C:\windows\SysWOW64\syssetup.dll
2011-03-12 18:53:30 ----A---- C:\windows\SysWOW64\secproc_ssp.dll
2011-03-12 18:53:30 ----A---- C:\windows\SysWOW64\CertPolEng.dll
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\wuapp.exe
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\WerFaultSecure.exe
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\tlscsp.dll
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\secur32.dll
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\ReAgentc.exe
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\findstr.exe
2011-03-12 18:53:29 ----A---- C:\windows\SysWOW64\eappgnui.dll
2011-03-12 18:53:28 ----A---- C:\windows\SysWOW64\RMActivate_ssp.exe
2011-03-12 18:53:28 ----A---- C:\windows\SysWOW64\netutils.dll
2011-03-12 18:53:28 ----A---- C:\windows\SysWOW64\netapi32.dll
2011-03-12 18:53:28 ----A---- C:\windows\SysWOW64\mobsync.exe
2011-03-12 18:53:28 ----A---- C:\windows\SysWOW64\mciqtz32.dll
2011-03-12 18:53:27 ----A---- C:\windows\SysWOW64\sppc.dll
2011-03-12 18:53:27 ----A---- C:\windows\SysWOW64\muifontsetup.dll
2011-03-12 18:53:27 ----A---- C:\windows\SysWOW64\iccvid.dll
2011-03-12 18:53:27 ----A---- C:\windows\SysWOW64\cabinet.dll
2011-03-12 18:53:26 ----A---- C:\windows\SysWOW64\unlodctr.exe
2011-03-12 18:53:26 ----A---- C:\windows\SysWOW64\spopk.dll
2011-03-12 18:53:26 ----A---- C:\windows\SysWOW64\shimgvw.dll
2011-03-12 18:53:26 ----A---- C:\windows\SysWOW64\prevhost.exe
2011-03-12 18:53:26 ----A---- C:\windows\SysWOW64\msdmo.dll
2011-03-12 18:53:26 ----A---- C:\windows\SysWOW64\luainstall.dll
2011-03-12 18:53:25 ----A---- C:\windows\SysWOW64\rdprefdrvapi.dll
2011-03-12 18:53:25 ----A---- C:\windows\SysWOW64\inetmib1.dll
2011-03-12 18:53:24 ----A---- C:\windows\SysWOW64\UIRibbonRes.dll
2011-03-12 18:53:24 ----A---- C:\windows\SysWOW64\odbcconf.dll
2011-03-12 18:53:24 ----A---- C:\windows\SysWOW64\browcli.dll
2011-03-12 18:53:23 ----A---- C:\windows\SysWOW64\wups.dll
2011-03-12 18:53:23 ----A---- C:\windows\SysWOW64\perfts.dll
2011-03-12 18:53:22 ----A---- C:\windows\SysWOW64\imm32.dll
2011-03-12 18:53:21 ----A---- C:\windows\SysWOW64\TRAPI.dll
2011-03-12 18:53:21 ----A---- C:\windows\SysWOW64\msfeedssync.exe
2011-03-12 18:53:21 ----A---- C:\windows\SysWOW64\elsTrans.dll
2011-03-12 18:53:21 ----A---- C:\windows\SysWOW64\bitsperf.dll
2011-03-12 18:53:20 ----A---- C:\windows\SysWOW64\wshbth.dll
2011-03-12 18:53:20 ----A---- C:\windows\SysWOW64\schedcli.dll
2011-03-12 18:53:20 ----A---- C:\windows\SysWOW64\napdsnap.dll
2011-03-12 18:53:20 ----A---- C:\windows\SysWOW64\dsauth.dll
2011-03-12 18:53:20 ----A---- C:\windows\SysWOW64\cscdll.dll
2011-03-12 18:53:18 ----A---- C:\windows\SysWOW64\sscore.dll
2011-03-12 18:53:17 ----A---- C:\windows\SysWOW64\wsdchngr.dll
2011-03-12 18:53:17 ----A---- C:\windows\SysWOW64\shgina.dll
2011-03-12 18:53:17 ----A---- C:\windows\SysWOW64\riched32.dll
2011-03-12 18:53:14 ----A---- C:\windows\SysWOW64\wshirda.dll
2011-03-12 18:53:11 ----A---- C:\windows\SysWOW64\spwmp.dll
2011-03-12 18:53:11 ----A---- C:\windows\SysWOW64\browseui.dll
2011-03-12 18:53:10 ----A---- C:\windows\SysWOW64\shunimpl.dll
2011-03-12 18:53:10 ----A---- C:\windows\SysWOW64\dxmasf.dll
2011-03-12 18:53:10 ----A---- C:\windows\SysWOW64\C_ISCII.DLL
2011-03-12 18:53:09 ----A---- C:\windows\SysWOW64\KBDTUQ.DLL
2011-03-12 18:53:09 ----A---- C:\windows\SysWOW64\KBDTUF.DLL
2011-03-12 18:53:09 ----A---- C:\windows\SysWOW64\KBDSG.DLL
2011-03-12 18:53:09 ----A---- C:\windows\SysWOW64\kbdlk41a.dll
2011-03-12 18:53:09 ----A---- C:\windows\SysWOW64\KBDGR1.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\wmploc.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDUS.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDTURME.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDTAJIK.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDMON.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDINTEL.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDINHIN.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDGKL.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDGEO.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDCZ1.DLL
2011-03-12 18:53:08 ----A---- C:\windows\SysWOW64\KBDBLR.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\tzres.dll
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDUGHR1.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDSF.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDPO.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDNEPR.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDMAORI.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDLT1.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDINTAM.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDINORI.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDINMAR.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDINKAN.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDINBEN.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDBULG.DLL
2011-03-12 18:53:07 ----A---- C:\windows\SysWOW64\KBDBASH.DLL
2011-03-12 18:53:06 ----A---- C:\windows\SysWOW64\spwizres.dll
2011-03-12 18:53:06 ----A---- C:\windows\SysWOW64\pifmgr.dll
2011-03-12 18:53:06 ----A---- C:\windows\SysWOW64\nlsbres.dll
2011-03-12 18:53:06 ----A---- C:\windows\SysWOW64\dpnaddr.dll
2011-03-12 18:52:31 ----A---- C:\windows\SysWOW64\wdscore.dll
2011-03-12 18:52:31 ----A---- C:\windows\SysWOW64\PkgMgr.exe
2011-03-12 18:52:16 ----A---- C:\windows\SysWOW64\drvstore.dll
2011-03-12 18:52:15 ----A---- C:\windows\SysWOW64\dpx.dll
2011-03-12 18:52:12 ----A---- C:\windows\SysWOW64\wbemcomn.dll
2011-03-12 18:25:11 ----A---- C:\windows\SysWOW64\EncDec.dll
2011-03-12 18:25:11 ----A---- C:\windows\SysWOW64\CPFilters.dll
2011-03-12 18:25:10 ----A---- C:\windows\SysWOW64\sbe.dll
2011-03-12 18:25:09 ----A---- C:\windows\SysWOW64\XpsPrint.dll
2011-03-12 18:25:07 ----A---- C:\windows\SysWOW64\DWrite.dll
2011-03-12 18:25:07 ----A---- C:\windows\SysWOW64\d2d1.dll
2011-03-06 15:23:58 ----A---- C:\windows\ocsetup_cbs_install_IIS-WebServerRole;IIS-WebServer.txt
2011-03-06 15:19:55 ----D---- C:\Users\Milos\AppData\Roaming\Sprinx Systems
2011-03-06 15:19:55 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2011-03-06 15:18:53 ----D---- C:\Program Files (x86)\onCourse
2011-03-03 00:45:48 ----D---- C:\Program Files (x86)\PROFIT
2011-03-02 21:43:58 ----RD---- C:\Program Files (x86)\Skypeb
2011-02-15 21:54:51 ----A---- C:\windows\SysWOW64\kerberos.dll
2011-02-15 21:54:47 ----A---- C:\windows\SysWOW64\fontsub.dll
2011-02-11 19:04:40 ----A---- C:\windows\SysWOW64\igd10umd32.dll
2011-02-11 18:51:10 ----A---- C:\windows\SysWOW64\ig4icd32.dll
2011-02-11 18:41:28 ----A---- C:\windows\SysWOW64\igfxexps32.dll
2011-02-11 18:40:38 ----A---- C:\windows\SysWOW64\igfxdv32.dll
2011-02-11 18:35:00 ----A---- C:\windows\SysWOW64\iglhsip32.dll
2011-02-11 18:35:00 ----A---- C:\windows\SysWOW64\iglhcp32.dll
2011-02-03 02:34:18 ----D---- C:\ProgramData\Comodo
2011-02-03 02:34:16 ----A---- C:\windows\SysWOW64\gdiplus.dll
2011-02-01 01:05:44 ----D---- C:\Program Files (x86)\Mobile Partner
2011-02-01 01:05:29 ----D---- C:\Drivers
2011-02-01 00:59:23 ----D---- C:\windows\SysWOW64\lenovo
2011-01-31 17:46:15 ----D---- C:\Users\Milos\AppData\Roaming\Telefónica Móviles
2011-01-31 15:11:33 ----D---- C:\Program Files (x86)\Common Files\Lenovo.com
2011-01-31 14:18:34 ----D---- C:\Users\Milos\AppData\Roaming\Lenovo
2011-01-28 15:15:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-01-19 18:38:39 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-01-18 01:43:37 ----D---- C:\Program Files (x86)\Microsoft Works
2011-01-18 01:43:08 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2011-01-18 01:40:20 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-01-18 01:39:06 ----RHD---- C:\MSOCache

======List of files/folders modified in the last 3 months======

2011-04-17 18:07:55 ----D---- C:\windows\Temp
2011-04-17 18:07:44 ----D---- C:\Program Files (x86)
2011-04-17 17:51:09 ----D---- C:\windows\tracing
2011-04-17 17:50:53 ----D---- C:\windows\Downloaded Program Files
2011-04-17 17:48:48 ----D---- C:\windows\inf
2011-04-17 16:26:02 ----SHD---- C:\System Volume Information
2011-04-17 16:04:41 ----D---- C:\Users\Milos\AppData\Roaming\Skype
2011-04-17 16:04:03 ----D---- C:\windows\System32
2011-04-17 15:59:02 ----D---- C:\Program Files (x86)\Common Files\Akamai
2011-04-17 15:59:02 ----A---- C:\windows\SysWOW64\log.txt
2011-04-17 15:57:16 ----SHD---- C:\windows\Installer
2011-04-17 15:57:15 ----D---- C:\Program Files (x86)\totalcmd
2011-04-17 09:15:49 ----D---- C:\Windows
2011-04-17 04:09:48 ----D---- C:\ProgramData
2011-04-17 01:36:41 ----D---- C:\windows\SysWOW64
2011-04-17 01:36:41 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI
2011-04-17 00:47:03 ----D---- C:\windows\ModemLogs
2011-04-16 20:06:32 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-04-16 20:05:52 ----D---- C:\windows\registration
2011-04-16 17:03:13 ----D---- C:\windows\Tasks
2011-04-16 16:56:15 ----D---- C:\windows\Prefetch
2011-04-16 05:36:45 ----D---- C:\windows\rescache
2011-04-16 01:41:48 ----D---- C:\Program Files (x86)\Common Files\Adobe
2011-04-16 01:39:34 ----RSD---- C:\windows\Fonts
2011-04-16 01:29:11 ----D---- C:\windows\winsxs
2011-04-16 01:26:30 ----D---- C:\Users\Milos\AppData\Roaming\SoftGrid Client
2011-04-13 23:13:22 ----D---- C:\CDSM
2011-04-13 20:41:35 ----D---- C:\windows\Microsoft.NET
2011-04-13 20:41:05 ----RSD---- C:\windows\assembly
2011-04-13 19:22:49 ----D---- C:\windows\SysWOW64\NV
2011-04-13 19:20:04 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-13 19:20:03 ----D---- C:\windows\SysWOW64\migration
2011-04-13 19:15:48 ----D---- C:\ProgramData\Microsoft Help
2011-04-13 05:49:58 ----D---- C:\windows\Logs
2011-04-11 21:22:20 ----D---- C:\Program Files (x86)\Adobe
2011-04-11 21:20:22 ----D---- C:\Users\Milos\AppData\Roaming\Adobe
2011-04-11 21:19:54 ----D---- C:\Program Files (x86)\Common Files
2011-03-27 13:32:10 ----SD---- C:\ProgramData\Microsoft
2011-03-23 23:26:00 ----D---- C:\windows\Minidump
2011-03-16 18:46:17 ----D---- C:\Users\Milos\AppData\Roaming\COWON
2011-03-16 18:43:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-03-16 16:36:45 ----RD---- C:\Users
2011-03-12 22:42:55 ----D---- C:\ProgramData\McAfee
2011-03-12 22:42:54 ----D---- C:\Program Files (x86)\McAfee
2011-03-12 22:37:56 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-03-12 22:37:56 ----D---- C:\Program Files (x86)\Windows Mail
2011-03-12 22:37:54 ----D---- C:\Program Files (x86)\Windows Portable Devices
2011-03-12 22:37:54 ----D---- C:\Program Files (x86)\Windows Media Player
2011-03-12 22:37:52 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-03-12 22:37:19 ----D---- C:\windows\servicing
2011-03-12 22:37:18 ----D---- C:\windows\ehome
2011-03-12 22:36:25 ----D---- C:\windows\SysWOW64\oobe
2011-03-12 22:36:25 ----D---- C:\windows\SysWOW64\da-DK
2011-03-12 22:36:22 ----D---- C:\windows\SysWOW64\AdvancedInstallers
2011-03-12 22:36:21 ----D---- C:\windows\SysWOW64\Setup
2011-03-12 22:36:21 ----D---- C:\windows\SysWOW64\cs
2011-03-12 22:36:19 ----D---- C:\windows\SysWOW64\cs-CZ
2011-03-12 22:36:15 ----D---- C:\windows\SysWOW64\sppui
2011-03-12 22:36:15 ----D---- C:\windows\SysWOW64\manifeststore
2011-03-12 22:36:15 ----D---- C:\windows\SysWOW64\es-ES
2011-03-12 22:36:14 ----D---- C:\windows\SysWOW64\inetsrv
2011-03-12 22:36:09 ----D---- C:\windows\SysWOW64\wbem
2011-03-12 22:36:06 ----D---- C:\windows\SysWOW64\migwiz
2011-03-12 22:36:04 ----D---- C:\windows\SysWOW64\Dism
2011-03-12 22:34:22 ----D---- C:\windows\PolicyDefinitions
2011-03-12 22:33:18 ----D---- C:\windows\AppPatch
2011-03-12 19:22:45 ----D---- C:\windows\debug
2011-03-12 19:16:49 ----A---- C:\windows\SysWOW64\msclmd.dll
2011-03-06 15:27:58 ----RD---- C:\Program Files
2011-03-06 15:25:30 ----D---- C:\inetpub
2011-03-03 02:30:02 ----SD---- C:\Users\Milos\AppData\Roaming\Microsoft
2011-03-02 17:02:59 ----D---- C:\Users\Milos\AppData\Roaming\skypePM
2011-03-02 12:52:28 ----D---- C:\ProgramData\Skype
2011-02-16 14:24:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-02-11 19:12:16 ----A---- C:\windows\SysWOW64\igdumd32.dll
2011-02-11 19:09:48 ----A---- C:\windows\SysWOW64\igdumdx32.dll
2011-02-07 11:54:51 ----D---- C:\Users\Milos\AppData\Roaming\Nokia
2011-02-06 03:02:31 ----D---- C:\Tono
2011-02-05 17:47:46 ----D---- C:\Program Files (x86)\Corel
2011-02-05 17:47:11 ----D---- C:\ProgramData\Corel
2011-02-02 16:54:10 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-02-02 16:52:38 ----A---- C:\windows\win.ini
2011-01-31 01:17:44 ----D---- C:\Users\Milos\AppData\Roaming\FreeCommander
2011-01-28 15:53:29 ----D---- C:\Users\Milos\AppData\Roaming\GHISLER
2011-01-28 15:53:27 ----D---- C:\ProgramData\Port Locker
2011-01-28 15:19:12 ----D---- C:\Users\Milos\AppData\Roaming\Mozilla
2011-01-18 01:50:58 ----D---- C:\windows\ShellNew
2011-01-18 01:43:26 ----D---- C:\Program Files (x86)\MSBuild
2011-01-18 01:43:20 ----D---- C:\Program Files (x86)\Microsoft Office
2011-01-18 01:39:49 ----D---- C:\Program Files (x86)\Common Files\System

2.část logu na stránce http://viry.cz/forum/viewtopic.php?f=13 ... 9afb7e3a7d

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Hezký večer,

přikládám log z combofixu (a děkuju za pomoc:)


ComboFix 11-04-16.03 - Milos 17.04.2011 20:25:19.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3828.1576 [GMT 2:00]
Spuštěný z: c:\users\Milos\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-17 do 2011-04-17 )))))))))))))))))))))))))))))))
.
.
2011-04-17 16:07 . 2011-04-17 16:08 -------- d-----w- c:\program files (x86)\trend micro
2011-04-17 16:07 . 2011-04-17 16:08 -------- d-----w- C:\rsit
2011-04-17 15:50 . 2011-04-17 15:50 -------- d-----w- c:\program files (x86)\ESET
2011-04-17 02:19 . 2011-04-17 14:46 -------- d-----w- c:\program files (x86)\WinClamAVShield
2011-04-17 02:09 . 2011-04-17 14:41 -------- d-----w- c:\program files (x86)\Spyware Terminator
2011-04-17 02:09 . 2011-04-17 14:05 -------- d-----w- c:\programdata\Spyware Terminator
2011-04-17 02:09 . 2011-04-17 02:17 -------- d-----w- c:\users\Milos\AppData\Roaming\Spyware Terminator
2011-04-16 23:35 . 2009-06-29 16:00 132608 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-04-16 23:35 . 2009-06-29 16:00 116096 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2011-04-16 23:35 . 2011-04-16 23:35 -------- d-----w- c:\programdata\Vodafone
2011-04-16 19:25 . 2011-04-16 19:25 -------- d-----w- c:\users\Milos\AppData\Roaming\GRETECH
2011-04-16 17:15 . 2011-04-16 17:15 -------- d-----w- c:\program files (x86)\GRETECH
2011-04-16 17:12 . 2009-10-12 14:23 114304 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2011-04-16 17:12 . 2009-09-10 14:31 117248 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-04-16 17:12 . 2007-08-09 03:10 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-04-16 16:27 . 2011-04-16 16:27 -------- d-----w- c:\users\Milos\AppData\Roaming\InstallShield
2011-04-16 10:08 . 2011-04-16 17:12 -------- d-----w- c:\program files (x86)\O2
2011-04-14 20:42 . 2011-04-14 20:42 -------- d-----w- c:\program files\Common Files\Canon
2011-04-13 16:50 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-13 03:28 . 2011-04-13 03:28 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-13 03:28 . 2011-04-13 03:28 -------- d-----w- c:\users\Milos\AppData\Local\Sunbelt Software
2011-04-13 03:26 . 2011-04-16 16:34 -------- d-----w- c:\programdata\Lavasoft
2011-04-11 18:51 . 2011-04-11 18:52 -------- d-----w- c:\program files (x86)\Ultimate Process Manager
2011-04-05 14:51 . 2011-04-05 14:51 -------- d-----w- c:\program files (x86)\I.CA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-16 18:06 . 2010-04-20 16:41 947712 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\WEB\ePubMaker\ePubMaker.exe
2011-03-12 17:16 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-03-12 17:16 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-19 12:05 . 2011-03-12 16:25 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-12 16:25 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-12 16:25 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30 . 2011-03-12 16:25 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-12 16:25 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-11 17:25 . 2011-02-11 17:25 162328 ----a-w- c:\windows\system32\igfxtray.exe
2011-02-11 17:25 . 2011-02-11 17:25 509976 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-02-11 17:25 . 2011-02-11 17:25 417304 ----a-w- c:\windows\system32\igfxpers.exe
2011-02-11 17:25 . 2011-02-11 17:25 223768 ----a-w- c:\windows\system32\igfxext.exe
2011-02-11 17:25 . 2011-02-11 17:25 386584 ----a-w- c:\windows\system32\hkcmd.exe
2011-02-11 17:25 . 2011-02-11 17:25 3157528 ----a-w- c:\windows\system32\GfxUI.exe
2011-02-11 17:25 . 2011-02-11 17:25 152600 ----a-w- c:\windows\system32\difx64.exe
2011-02-11 17:21 . 2011-02-11 17:21 90112 ----a-w- c:\windows\system32\igfxCoIn_v2302.dll
2011-02-11 17:16 . 2011-02-11 17:16 6549504 ----a-w- c:\windows\system32\igdumd64.dll
2011-02-11 17:16 . 2011-02-11 17:16 10628640 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-02-11 17:15 . 2011-02-11 17:15 874048 ----a-w- c:\windows\system32\igkrng575.bin
2011-02-11 17:12 . 2010-05-27 07:55 4967424 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-02-11 17:09 . 2010-05-27 07:55 571904 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-02-11 17:07 . 2010-05-27 07:55 4722176 ----a-w- c:\windows\system32\igd10umd64.dll
2011-02-11 17:04 . 2011-02-11 17:04 4411392 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-02-11 16:59 . 2011-02-11 16:59 15035392 ----a-w- c:\windows\system32\ig4icd64.dll
2011-02-11 16:51 . 2011-02-11 16:51 11039744 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-02-11 16:47 . 2011-02-11 16:47 88064 ----a-w- c:\windows\system32\igfxrsky.lrc
2011-02-11 16:47 . 2011-02-11 16:47 87552 ----a-w- c:\windows\system32\igfxrtrk.lrc
2011-02-11 16:47 . 2011-02-11 16:47 87552 ----a-w- c:\windows\system32\igfxrslv.lrc
2011-02-11 16:47 . 2011-02-11 16:47 88576 ----a-w- c:\windows\system32\igfxresn.lrc
2011-02-11 16:47 . 2011-02-11 16:47 88064 ----a-w- c:\windows\system32\igfxrrus.lrc
2011-02-11 16:47 . 2011-02-11 16:47 87552 ----a-w- c:\windows\system32\igfxrsve.lrc
2011-02-11 16:47 . 2011-02-11 16:47 87040 ----a-w- c:\windows\system32\igfxrtha.lrc
2011-02-11 16:47 . 2011-02-11 16:47 88064 ----a-w- c:\windows\system32\igfxrptg.lrc
2011-02-11 16:47 . 2011-02-11 16:47 88064 ----a-w- c:\windows\system32\igfxrplk.lrc
2011-02-11 16:47 . 2011-02-11 16:47 87552 ----a-w- c:\windows\system32\igfxrptb.lrc
2011-02-11 16:47 . 2011-02-11 16:47 87552 ----a-w- c:\windows\system32\igfxrnor.lrc
2011-02-11 16:46 . 2011-02-11 16:46 88064 ----a-w- c:\windows\system32\igfxrita.lrc
2011-02-11 16:46 . 2011-02-11 16:46 87552 ----a-w- c:\windows\system32\igfxrhun.lrc
2011-02-11 16:46 . 2011-02-11 16:46 86528 ----a-w- c:\windows\system32\igfxrheb.lrc
2011-02-11 16:46 . 2011-02-11 16:46 84992 ----a-w- c:\windows\system32\igfxrkor.lrc
2011-02-11 16:46 . 2011-02-11 16:46 84992 ----a-w- c:\windows\system32\igfxrjpn.lrc
2011-02-11 16:46 . 2011-02-11 16:46 88576 ----a-w- c:\windows\system32\igfxrfra.lrc
2011-02-11 16:46 . 2011-02-11 16:46 88576 ----a-w- c:\windows\system32\igfxrell.lrc
2011-02-11 16:46 . 2011-02-11 16:46 88064 ----a-w- c:\windows\system32\igfxrnld.lrc
2011-02-11 16:46 . 2011-02-11 16:46 88064 ----a-w- c:\windows\system32\igfxrdeu.lrc
2011-02-11 16:46 . 2011-02-11 16:46 87552 ----a-w- c:\windows\system32\igfxrfin.lrc
2011-02-11 16:46 . 2011-02-11 16:46 87552 ----a-w- c:\windows\system32\igfxrcsy.lrc
2011-02-11 16:46 . 2011-02-11 16:46 87040 ----a-w- c:\windows\system32\igfxrdan.lrc
2011-02-11 16:46 . 2011-02-11 16:46 86528 ----a-w- c:\windows\system32\igfxrara.lrc
2011-02-11 16:46 . 2011-02-11 16:46 83968 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-02-11 16:46 . 2011-02-11 16:46 83968 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-02-11 16:46 . 2011-02-11 16:46 122368 ----a-w- c:\windows\system32\igfxcpl.cpl
2011-02-11 16:46 . 2011-02-11 16:46 244224 ----a-w- c:\windows\system32\igfxpph.dll
2011-02-11 16:46 . 2011-02-11 16:46 380416 ----a-w- c:\windows\system32\igfxTMM.dll
2011-02-11 16:46 . 2011-02-11 16:46 27648 ----a-w- c:\windows\system32\igfxexps.dll
2011-02-11 16:46 . 2010-05-27 07:55 61952 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-02-11 16:45 . 2010-05-27 07:55 108544 ----a-w- c:\windows\system32\hccutils.dll
2011-02-11 16:45 . 2011-02-11 16:45 119808 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-02-11 16:45 . 2011-02-11 16:45 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-02-11 16:45 . 2011-02-11 16:45 272896 ----a-w- c:\windows\system32\igfxdev.dll
2011-02-11 16:45 . 2011-02-11 16:45 87552 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-02-11 16:45 . 2011-02-11 16:45 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-02-11 16:45 . 2010-05-27 07:55 830464 ----a-w- c:\windows\system32\igfxress.dll
2011-02-11 16:41 . 2011-02-11 16:41 23552 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-02-11 16:40 . 2011-02-11 16:40 228864 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-02-11 16:35 . 2011-02-11 16:35 208896 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-02-11 16:35 . 2011-02-11 16:35 206336 ----a-w- c:\windows\system32\iglhsip64.dll
2011-02-11 16:35 . 2011-02-11 16:35 188416 ----a-w- c:\windows\system32\iglhcp64.dll
2011-02-11 16:35 . 2011-02-11 16:35 147456 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-02-03 00:34 . 2011-02-03 00:34 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2011-01-20 09:39 . 2011-02-02 14:58 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CDDA4F2-1426-4A46-A491-88DA66FCAC55}\mpengine.dll.ren
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"ReadyComm5"="c:\program files\Lenovo\ReadyComm\ReadyComm.exe" [2009-09-22 1501000]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-16 39408]
"Skype"="c:\program files (x86)\Skypeb\Phone\Skype.exe" [2011-01-26 16945032]
"c:\users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\install.exe"="c:\users\Milos\AppData\Roaming\Sprinx Systems\SprinxCRM 6.2.0.0\install.exe" [2010-07-02 304664]
"SpywareTerminatorUpdate"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-04-17 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2009-09-30 111640]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 536576]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-10 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-10 201584]
"PLTSR"="c:\program files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [2010-05-19 364400]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-11-15 149280]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-04-17 2557440]
.
c:\users\Milos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-4-20 1083680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16 136176]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Služba webové správy;c:\windows\system32\inetsrv\wmsvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [x]
S1 EgisTecFF;EgisTecFF;c:\windows\system32\DRIVERS\EgisTecFF.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 EgisTec Data Security Service;EgisTec Data Security Service;c:\program files (x86)\EgisTec BioExcess\EgisDSService.exe [2010-05-28 314736]
S2 EgisTec Service Help;EgisTec Service Help;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-05-19 322416]
S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [2010-05-28 709488]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]
S2 ftpsvc;Služba Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-07-11 1620584]
S2 RtLedService;RtLedService Installer;c:\program files\Realtek\RtLED\RtLEDService.exe [2010-02-05 311296]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-07-03 9216]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16 10:59]
.
2011-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16 10:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF7890.cfxxe" [X]
"TpShocks"="c:\windows\System32\TpShocks.exe" [2010-03-15 231328]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Trusted Zone: i-darky.com
Trusted Zone: i-vzdelani.cz\seminare
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\Crawler\Toolbar\ctbr.dll
DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} - hxxp://consumersupport.lenovo.com/ot/en/SmartDownloading/cab/npdueng.cab
DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} - hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-ETDWare - %ProgramFiles%\Elantech\ETDCtrl.exe
AddRemove-{F9766AC1-1461-1033-B862-DF8FE1C033BE} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7c,a3,d8,9c,dd,13,1b,4e,af,ae,63,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7c,a3,d8,9c,dd,13,1b,4e,af,ae,63,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2011-04-17 20:41:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-17 18:41
.
Před spuštěním: Volných bajtů: 325 958 328 320
Po spuštění: Volných bajtů: 325 760 581 632
.
- - End Of File - - 8016CE3E6EFAC665266FEE50D284BDBE

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Driver::
Akamai

Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Vytvořila jsem txt soubor podle Vaší rady, jen mi nejde přetáhnout nad ikonu ComboFixu a zobrazí se mi hláška: "Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění". Mám jen jeden uživatelský profil a je admin. Nevíte co s tím?

V.

To je divné, dosud jsem toto neviděl. Přesvědčte se, zda je uložen jako CFScript.txt, příp. to zkuste v nouz. režimu.