VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vir Win 7 Home Security

https://forum.viry.cz:443/viewtopic.php?t=112269

Stránka 1 z 1

Vir Win 7 Home Security

Napsal: 06 čer 2011 13:15
od mike771
Dobry den,
mam problem s timto virem. Uz to bylo reseno v http://www.viry.cz/forum/viewtopic.php?f=13&t=111310

Prosím o kontrolu logu:

Logfile of random's system information tool 1.08 (written by random/random)
Run by donknutson at 2011-06-06 13:18:51
Microsoft Windows 7 Enterprise Service Pack 1
System drive C: has 85 GB (35%) free of 244 GB
Total RAM: 8180 MB (74% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c1c9e8e5-b988-4064-8899-740e24a64280 -SystemEventPortName:HostProcess-30671e5e-392b-4b3c-b794-1ec0fa4ab3c0 -IoCancelEventPortName:HostProcess-d8947f76-8ec5-4870-853b-e181833a694a -NonStateChangingEventPortName:HostProcess-21b83a89-3f24-4632-9212-3cae10998c2a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:48f1d131-22a2-4ba1-b90c-ac49909f7d63
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\SysWOW64\lkcitdl.exe
C:\Windows\SysWOW64\lkads.exe
C:\Windows\SysWOW64\lktsrv.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sUTSSQLEXPRESS
"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
C:\Windows\SysWOW64\nisvcloc.exe -s
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
C:\Windows\system32\svchost.exe -k regsvc
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe"
"C:\Program Files\UltraVNC\WinVNC.exe" -service
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\UltraVNC\WinVNC.exe" -service_run
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
\\.\pipe\SygateSecurityAgentR41T50247 \\.\pipe\SygateSecurityAgentW18467T50247
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe" {EE68EAFC-BF28-4017-8A92-D17DACF0B459} -Embedding
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe" /fromrunkey
"C:\Program Files (x86)\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe" /auto
"C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Users\donknutson\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Users\donknutson\AppData\Local\eye.exe -dtm -a
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\UI0Detect.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -Embedding
"C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe" -Embedding
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\donknutson\Desktop\Construction\APSplanbook.pdf"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:9.0 /MODE:2
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\donknutson\AppData\Local\eye.exe" -a "C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea161fb2-82d7-4341-9933-65e3dafeb23a -SystemEventPortName:HostProcess-f95a662f-f36e-43e1-a269-1a7f38fdf26a -IoCancelEventPortName:HostProcess-3936ee6d-110d-4441-bb5e-0ab55fdeb275 -NonStateChangingEventPortName:HostProcess-bd418c48-fd40-4962-a87d-91ede5d71107 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7b75483a-51b3-4cd6-a4ff-d9d0e423a424
"C:\Users\donknutson\AppData\Local\eye.exe" -a "C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
"C:\Users\donknutson\AppData\Local\eye.exe" -a "C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
"C:\Users\donknutson\AppData\Local\eye.exe" -a "C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
"C:\Users\donknutson\AppData\Local\eye.exe" -a "C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"E:\other\RSITx64.exe"
wmiadap.exe /R /T
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\donknutson.exe" /silentautolog

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1274732764-53309532-4069937376-1633Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1274732764-53309532-4069937376-1633UA.job
C:\Windows\tasks\Microsoft.Management.Services.HostProtection.FullScan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-14 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-10 487424]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-11 1890088]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1875048]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2010-07-09 282728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"Google Update"=C:\Users\donknutson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 136176]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2010-07-24 319280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Communicator"=C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [2011-03-07 5150560]
"DataFinder"=C:\Program Files (x86)\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe [2009-06-01 3103264]
"ccApp"=C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2011-05-03 115624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"consentpromptbehavioradmin"=0
"enableinstallerdetection"=0
"enablelua"=0
"enablesecureuiapaths"=0
"legalnoticecaption"=IT IS AN OFFENSE TO CONTINUE WITHOUT PROPER AUTHORIZATION
"legalnoticetext"=This system is restricted to authorized users. Individuals attempting
unauthorized access will be prosecuted. If unauthorized, terminate
access now! Clicking OK indicates your acceptance of the information
in the background.
"enableuiadesktoptoggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.exe - open - "C:\Users\donknutson\AppData\Local\eye.exe" -a "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-06 13:18:52 ----D---- C:\Program Files\trend micro
2011-06-06 13:18:51 ----D---- C:\rsit
2011-06-03 17:47:48 ----SHD---- C:\Config.Msi
2011-06-03 17:31:18 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2011-06-03 17:31:17 ----D---- C:\Program Files\Symantec
2011-06-03 17:30:51 ----A---- C:\Windows\SYSWOW64\MSVCR71.DLL
2011-06-03 17:30:51 ----A---- C:\Windows\SYSWOW64\MSVCP71.DLL
2011-06-03 17:30:51 ----A---- C:\Windows\SYSWOW64\MFC71.DLL
2011-06-03 17:30:51 ----A---- C:\Windows\SYSWOW64\capicom.dll
2011-06-03 17:30:39 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-06-03 17:30:38 ----D---- C:\ProgramData\Symantec
2011-06-03 17:30:38 ----D---- C:\Program Files (x86)\Symantec
2011-05-13 08:22:07 ----D---- C:\Windows\system32\SPReview
2011-05-13 07:55:25 ----A---- C:\Windows\SYSWOW64\mobsync.exe
2011-05-13 07:55:25 ----A---- C:\Windows\system32\mprddm.dll
2011-05-13 07:55:24 ----A---- C:\Windows\system32\mobsync.exe
2011-05-13 07:55:23 ----A---- C:\Windows\SYSWOW64\MSAC3ENC.DLL
2011-05-13 07:55:22 ----A---- C:\Windows\SYSWOW64\mstask.dll
2011-05-13 07:55:22 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-05-13 07:55:22 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-05-13 07:55:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-05-13 07:55:22 ----A---- C:\Windows\SYSWOW64\MMDevAPI.dll
2011-05-13 07:55:21 ----A---- C:\Windows\SYSWOW64\mscories.dll
2011-05-13 07:55:21 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2011-05-13 07:55:21 ----A---- C:\Windows\SYSWOW64\KBDLT1.DLL
2011-05-13 07:55:21 ----A---- C:\Windows\SYSWOW64\KBDINTEL.DLL
2011-05-13 07:55:21 ----A---- C:\Windows\SYSWOW64\KBDCZ1.DLL
2011-05-13 07:55:21 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\mstime.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\msdri.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\KernelBase.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\kernel32.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\KBDBLR.DLL
2011-05-13 07:55:21 ----A---- C:\Windows\system32\itircl.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\inseng.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\inetmib1.dll
2011-05-13 07:55:21 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-05-13 07:55:21 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\raschap.dll
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\RacEngn.dll
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\qedit.dll
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\propsys.dll
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\logagent.exe
2011-05-13 07:55:20 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-05-13 07:55:20 ----A---- C:\Windows\system32\printui.dll
2011-05-13 07:55:20 ----A---- C:\Windows\system32\pnidui.dll
2011-05-13 07:55:20 ----A---- C:\Windows\system32\pifmgr.dll
2011-05-13 07:55:18 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-05-13 07:55:18 ----A---- C:\Windows\SYSWOW64\samcli.dll
2011-05-13 07:55:18 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2011-05-13 07:55:18 ----A---- C:\Windows\system32\sdcpl.dll
2011-05-13 07:55:18 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\rdprefdrvapi.dll
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\netiougc.exe
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\netiohlp.dll
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2011-05-13 07:55:17 ----A---- C:\Windows\SYSWOW64\ncryptui.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-05-13 07:55:17 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\rdpclip.exe
2011-05-13 07:55:17 ----A---- C:\Windows\system32\OobeFldr.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\odbctrac.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\ntdll.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\nslookup.exe
2011-05-13 07:55:17 ----A---- C:\Windows\system32\nlasvc.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\nlaapi.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\netshell.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\netlogon.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\netjoin.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\ncsi.dll
2011-05-13 07:55:17 ----A---- C:\Windows\system32\MultiDigiMon.exe
2011-05-13 07:55:17 ----A---- C:\Windows\system32\msxml6.dll
2011-05-13 07:55:16 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2011-05-13 07:55:16 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2011-05-13 07:55:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-05-13 07:55:15 ----A---- C:\Windows\SYSWOW64\ntlanman.dll
2011-05-13 07:55:15 ----A---- C:\Windows\SYSWOW64\cmd.exe
2011-05-13 07:55:15 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2011-05-13 07:55:15 ----A---- C:\Windows\SYSWOW64\C_ISCII.DLL
2011-05-13 07:55:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-13 07:55:15 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-05-13 07:55:15 ----A---- C:\Windows\system32\CertPolEng.dll
2011-05-13 07:55:15 ----A---- C:\Windows\system32\certmgr.dll
2011-05-13 07:55:15 ----A---- C:\Windows\system32\certcli.dll
2011-05-13 07:55:15 ----A---- C:\Windows\system32\cdd.dll
2011-05-13 07:55:14 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2011-05-13 07:55:14 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2011-05-13 07:55:14 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-13 07:55:14 ----A---- C:\Windows\system32\diagperf.dll
2011-05-13 07:55:14 ----A---- C:\Windows\system32\d3d10level9.dll
2011-05-13 07:55:13 ----A---- C:\Windows\system32\dbgeng.dll
2011-05-13 07:55:12 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2011-05-13 07:55:12 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2011-05-13 07:55:12 ----A---- C:\Windows\system32\dbghelp.dll
2011-05-13 07:55:12 ----A---- C:\Windows\system32\d3d9.dll
2011-05-13 07:55:12 ----A---- C:\Windows\system32\consent.exe
2011-05-13 07:55:12 ----A---- C:\Windows\system32\conhost.exe
2011-05-13 07:55:12 ----A---- C:\Windows\system32\comdlg32.dll
2011-05-13 07:55:12 ----A---- C:\Windows\system32\AdmTmpl.dll
2011-05-13 07:55:11 ----A---- C:\Windows\system32\aepdu.dll
2011-05-13 07:55:11 ----A---- C:\Windows\system32\aeinv.dll
2011-05-13 07:55:10 ----A---- C:\Windows\SYSWOW64\AuxiliaryDisplayCpl.dll
2011-05-13 07:55:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2011-05-13 07:55:10 ----A---- C:\Windows\SYSWOW64\activeds.dll
2011-05-13 07:55:10 ----A---- C:\Windows\system32\bcdsrv.dll
2011-05-13 07:55:10 ----A---- C:\Windows\system32\bcdedit.exe
2011-05-13 07:55:10 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-05-13 07:55:10 ----A---- C:\Windows\system32\authui.dll
2011-05-13 07:55:10 ----A---- C:\Windows\system32\acppage.dll
2011-05-13 07:55:09 ----A---- C:\Windows\SYSWOW64\imapi2.dll
2011-05-13 07:55:09 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2011-05-13 07:55:09 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2011-05-13 07:55:09 ----A---- C:\Windows\system32\imapi2fs.dll
2011-05-13 07:55:09 ----A---- C:\Windows\system32\ftp.exe
2011-05-13 07:55:09 ----A---- C:\Windows\system32\fsquirt.exe
2011-05-13 07:55:09 ----A---- C:\Windows\system32\drivers\http.sys
2011-05-13 07:55:09 ----A---- C:\Windows\system32\drivers\HpSAMD.sys
2011-05-13 07:55:09 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2011-05-13 07:55:09 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-05-13 07:55:09 ----A---- C:\Windows\system32\drivers\appid.sys
2011-05-13 07:55:09 ----A---- C:\Windows\system32\BdeHdCfg.exe
2011-05-13 07:55:09 ----A---- C:\Windows\system32\appinfo.dll
2011-05-13 07:55:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-05-13 07:55:08 ----A---- C:\Windows\SYSWOW64\evr.dll
2011-05-13 07:55:08 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2011-05-13 07:55:08 ----A---- C:\Windows\system32\iepeers.dll
2011-05-13 07:55:08 ----A---- C:\Windows\system32\elsTrans.dll
2011-05-13 07:55:08 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-05-13 07:55:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-13 07:55:07 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-05-13 07:55:07 ----A---- C:\Windows\SYSWOW64\dskquoui.dll
2011-05-13 07:55:07 ----A---- C:\Windows\SYSWOW64\diskpart.exe
2011-05-13 07:55:07 ----A---- C:\Windows\system32\SearchFolder.dll
2011-05-13 07:55:07 ----A---- C:\Windows\system32\Faultrep.dll
2011-05-13 07:55:07 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-05-13 07:55:07 ----A---- C:\Windows\system32\Display.dll
2011-05-13 07:55:06 ----A---- C:\Windows\SYSWOW64\systemcpl.dll
2011-05-13 07:55:06 ----A---- C:\Windows\system32\tscfgwmi.dll
2011-05-13 07:55:05 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2011-05-13 07:55:05 ----A---- C:\Windows\SYSWOW64\tcpipcfg.dll
2011-05-13 07:55:05 ----A---- C:\Windows\system32\thumbcache.dll
2011-05-13 07:55:05 ----A---- C:\Windows\system32\taskschd.dll
2011-05-13 07:55:05 ----A---- C:\Windows\system32\tabcal.exe
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\sppinst.dll
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\spp.dll
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\spbcd.dll
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2011-05-13 07:55:04 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\sysmain.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\sysclass.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\srchadmin.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\sqmapi.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\sppsvc.exe
2011-05-13 07:55:04 ----A---- C:\Windows\system32\spp.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\shwebsvc.dll
2011-05-13 07:55:04 ----A---- C:\Windows\system32\shell32.dll
2011-05-13 07:55:03 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2011-05-13 07:55:03 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-05-13 07:55:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-05-13 07:55:03 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-05-13 07:55:03 ----A---- C:\Windows\system32\wmpeffects.dll
2011-05-13 07:55:03 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-05-13 07:55:03 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-05-13 07:55:03 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-05-13 07:55:03 ----A---- C:\Windows\system32\wkssvc.dll
2011-05-13 07:55:03 ----A---- C:\Windows\system32\drivers\winusb.sys
2011-05-13 07:55:01 ----A---- C:\Windows\system32\winhttp.dll
2011-05-13 07:54:58 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-05-13 07:54:58 ----A---- C:\Windows\SYSWOW64\wvc.dll
2011-05-13 07:54:58 ----A---- C:\Windows\SYSWOW64\wtsapi32.dll
2011-05-13 07:54:58 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2011-05-13 07:54:58 ----A---- C:\Windows\system32\wwanconn.dll
2011-05-13 07:54:58 ----A---- C:\Windows\system32\wsqmcons.exe
2011-05-13 07:54:58 ----A---- C:\Windows\system32\wpdwcn.dll
2011-05-13 07:54:58 ----A---- C:\Windows\system32\wpd_ci.dll
2011-05-13 07:54:57 ----A---- C:\Windows\system32\wsdchngr.dll
2011-05-13 07:54:57 ----A---- C:\Windows\system32\ws2_32.dll
2011-05-13 07:54:57 ----A---- C:\Windows\system32\userinit.exe
2011-05-13 07:54:56 ----A---- C:\Windows\system32\VPCWizard.exe
2011-05-13 07:54:56 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-05-13 07:54:54 ----A---- C:\Windows\twain_32.dll
2011-05-13 07:54:54 ----A---- C:\Windows\SYSWOW64\tzutil.exe
2011-05-13 07:54:54 ----A---- C:\Windows\system32\umb.dll
2011-05-13 07:54:53 ----A---- C:\Windows\SYSWOW64\untfs.dll
2011-05-13 07:54:53 ----A---- C:\Windows\SYSWOW64\unlodctr.exe
2011-05-13 07:54:53 ----A---- C:\Windows\system32\umrdp.dll
2011-05-13 07:54:53 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-05-13 07:54:52 ----A---- C:\Windows\SYSWOW64\wiadefui.dll
2011-05-13 07:54:52 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-05-13 07:54:52 ----A---- C:\Windows\SYSWOW64\wdc.dll
2011-05-13 07:54:52 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-05-13 07:54:52 ----A---- C:\Windows\system32\webio.dll
2011-05-13 07:54:52 ----A---- C:\Windows\system32\VSSVC.exe
2011-05-13 07:54:52 ----A---- C:\Windows\system32\vssapi.dll
2011-05-13 07:54:52 ----A---- C:\Windows\system32\vss_ps.dll
2011-05-13 07:54:51 ----A---- C:\Windows\SYSWOW64\wavemsp.dll
2011-05-13 07:54:51 ----A---- C:\Windows\SYSWOW64\shacct.dll
2011-05-13 07:54:47 ----A---- C:\Windows\SYSWOW64\secproc.dll
2011-05-13 07:54:45 ----A---- C:\Windows\SYSWOW64\setupugc.exe
2011-05-13 07:54:45 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2011-05-13 07:54:43 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-05-13 07:54:43 ----A---- C:\Windows\system32\mimefilt.dll
2011-05-13 07:54:43 ----A---- C:\Windows\system32\mf.dll
2011-05-13 07:54:43 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-05-13 07:54:42 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2011-05-13 07:54:42 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2011-05-13 07:54:42 ----A---- C:\Windows\SYSWOW64\KBDSF.DLL
2011-05-13 07:54:42 ----A---- C:\Windows\SYSWOW64\itircl.dll
2011-05-13 07:54:42 ----A---- C:\Windows\system32\mscorier.dll
2011-05-13 07:54:42 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-05-13 07:54:42 ----A---- C:\Windows\system32\mfps.dll
2011-05-13 07:54:42 ----A---- C:\Windows\system32\MFPlay.dll
2011-05-13 07:54:42 ----A---- C:\Windows\system32\mfds.dll
2011-05-13 07:54:42 ----A---- C:\Windows\system32\KBDTUF.DLL
2011-05-13 07:54:42 ----A---- C:\Windows\system32\KBDINBEN.DLL
2011-05-13 07:54:42 ----A---- C:\Windows\system32\KBDGKL.DLL
2011-05-13 07:54:42 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-05-13 07:54:41 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2011-05-13 07:54:41 ----A---- C:\Windows\SYSWOW64\logman.exe
2011-05-13 07:54:41 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-05-13 07:54:41 ----A---- C:\Windows\system32\mblctr.exe
2011-05-13 07:54:41 ----A---- C:\Windows\system32\luainstall.dll
2011-05-13 07:54:41 ----A---- C:\Windows\system32\LSCSHostPolicy.dll
2011-05-13 07:54:41 ----A---- C:\Windows\system32\LogonUI.exe
2011-05-13 07:54:41 ----A---- C:\Windows\system32\logoff.exe
2011-05-13 07:54:41 ----A---- C:\Windows\system32\KBDUS.DLL
2011-05-13 07:54:40 ----A---- C:\Windows\SYSWOW64\OnLineIDCpl.dll
2011-05-13 07:54:40 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2011-05-13 07:54:40 ----A---- C:\Windows\SYSWOW64\nshipsec.dll
2011-05-13 07:54:40 ----A---- C:\Windows\system32\netutils.dll
2011-05-13 07:54:39 ----A---- C:\Windows\SYSWOW64\ocsetup.exe
2011-05-13 07:54:39 ----A---- C:\Windows\SYSWOW64\ocsetapi.dll
2011-05-13 07:54:39 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-05-13 07:54:39 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2011-05-13 07:54:39 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2011-05-13 07:54:39 ----A---- C:\Windows\system32\OpcServices.dll
2011-05-13 07:54:39 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2011-05-13 07:54:39 ----A---- C:\Windows\system32\ole32.dll
2011-05-13 07:54:39 ----A---- C:\Windows\system32\msrle32.dll
2011-05-13 07:54:39 ----A---- C:\Windows\system32\mspbda.dll
2011-05-13 07:54:39 ----A---- C:\Windows\system32\msdmo.dll
2011-05-13 07:54:38 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2011-05-13 07:54:38 ----A---- C:\Windows\SYSWOW64\MuiUnattend.exe
2011-05-13 07:54:38 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-05-13 07:54:38 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-05-13 07:54:38 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-05-13 07:54:38 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-05-13 07:54:38 ----A---- C:\Windows\system32\netapi32.dll
2011-05-13 07:54:38 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-05-13 07:54:38 ----A---- C:\Windows\system32\muifontsetup.dll
2011-05-13 07:54:38 ----A---- C:\Windows\system32\msvidc32.dll
2011-05-13 07:54:38 ----A---- C:\Windows\system32\msfeedssync.exe
2011-05-13 07:54:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-05-13 07:54:38 ----A---- C:\Windows\system32\msdrm.dll
2011-05-13 07:54:38 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-05-13 07:54:38 ----A---- C:\Windows\system32\drivers\msdsm.sys
2011-05-13 07:54:38 ----A---- C:\Windows\system32\CscMig.dll
2011-05-13 07:54:37 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2011-05-13 07:54:37 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2011-05-13 07:54:37 ----A---- C:\Windows\SYSWOW64\dot3cfg.dll
2011-05-13 07:54:37 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2011-05-13 07:54:37 ----A---- C:\Windows\SYSWOW64\credui.dll
2011-05-13 07:54:37 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-05-13 07:54:37 ----A---- C:\Windows\system32\drivers\csc.sys
2011-05-13 07:54:37 ----A---- C:\Windows\system32\dot3cfg.dll
2011-05-13 07:54:37 ----A---- C:\Windows\system32\d3d11.dll
2011-05-13 07:54:37 ----A---- C:\Windows\system32\cryptsvc.dll
2011-05-13 07:54:37 ----A---- C:\Windows\system32\choice.exe
2011-05-13 07:54:37 ----A---- C:\Windows\system32\chgusr.exe
2011-05-13 07:54:36 ----A---- C:\Windows\SYSWOW64\autochk.exe
2011-05-13 07:54:36 ----A---- C:\Windows\SYSWOW64\AdmTmpl.dll
2011-05-13 07:54:36 ----A---- C:\Windows\SYSWOW64\accessibilitycpl.dll
2011-05-13 07:54:36 ----A---- C:\Windows\system32\diskraid.exe
2011-05-13 07:54:36 ----A---- C:\Windows\system32\cca.dll
2011-05-13 07:54:36 ----A---- C:\Windows\system32\asycfilt.dll
2011-05-13 07:54:36 ----A---- C:\Windows\system32\apphelp.dll
2011-05-13 07:54:36 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2011-05-13 07:54:35 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2011-05-13 07:54:35 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2011-05-13 07:54:35 ----A---- C:\Windows\SYSWOW64\cabview.dll
2011-05-13 07:54:35 ----A---- C:\Windows\SYSWOW64\browcli.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\IcCoinstall.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\iasrad.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\iasacct.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\fvecpl.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\fveapi.dll
2011-05-13 07:54:35 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2011-05-13 07:54:35 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-05-13 07:54:35 ----A---- C:\Windows\system32\chgport.exe
2011-05-13 07:54:35 ----A---- C:\Windows\system32\chglogon.exe
2011-05-13 07:54:35 ----A---- C:\Windows\system32\change.exe
2011-05-13 07:54:34 ----A---- C:\Windows\SYSWOW64\imm32.dll
2011-05-13 07:54:34 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2011-05-13 07:54:34 ----A---- C:\Windows\system32\imapi2.dll
2011-05-13 07:54:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2011-05-13 07:54:33 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2011-05-13 07:54:33 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2011-05-13 07:54:33 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2011-05-13 07:54:33 ----A---- C:\Windows\SYSWOW64\DxpTaskSync.dll
2011-05-13 07:54:33 ----A---- C:\Windows\SYSWOW64\dxdiagn.dll
2011-05-13 07:54:33 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2011-05-13 07:54:32 ----A---- C:\Windows\SYSWOW64\fde.dll
2011-05-13 07:54:32 ----A---- C:\Windows\system32\fontext.dll
2011-05-13 07:54:32 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-05-13 07:54:31 ----A---- C:\Windows\SYSWOW64\TRAPI.dll
2011-05-13 07:54:31 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-05-13 07:54:31 ----A---- C:\Windows\SYSWOW64\themeui.dll
2011-05-13 07:54:31 ----A---- C:\Windows\SYSWOW64\elsTrans.dll
2011-05-13 07:54:31 ----A---- C:\Windows\SYSWOW64\efscore.dll
2011-05-13 07:54:31 ----A---- C:\Windows\system32\tsmf.dll
2011-05-13 07:54:31 ----A---- C:\Windows\system32\tskill.exe
2011-05-13 07:54:31 ----A---- C:\Windows\system32\tsdiscon.exe
2011-05-13 07:54:31 ----A---- C:\Windows\system32\tscon.exe
2011-05-13 07:54:31 ----A---- C:\Windows\system32\TRAPI.dll
2011-05-13 07:54:30 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2011-05-13 07:54:30 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2011-05-13 07:54:30 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-05-13 07:54:30 ----A---- C:\Windows\system32\UIRibbon.dll
2011-05-13 07:54:30 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-05-13 07:54:30 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-05-13 07:54:30 ----A---- C:\Windows\system32\tssrvlic.dll
2011-05-13 07:54:28 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2011-05-13 07:54:27 ----A---- C:\Windows\SYSWOW64\SyncCenter.dll
2011-05-13 07:54:26 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-05-13 07:54:26 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-05-13 07:54:26 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-05-13 07:54:26 ----A---- C:\Windows\system32\termsrv.dll
2011-05-13 07:54:26 ----A---- C:\Windows\system32\taskmgr.exe
2011-05-13 07:54:26 ----A---- C:\Windows\system32\taskbarcpl.dll
2011-05-13 07:54:26 ----A---- C:\Windows\system32\takeown.exe
2011-05-13 07:54:26 ----A---- C:\Windows\system32\t2embed.dll
2011-05-13 07:54:26 ----A---- C:\Windows\system32\syssetup.dll
2011-05-13 07:54:25 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2011-05-13 07:54:25 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2011-05-13 07:54:25 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2011-05-13 07:54:25 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2011-05-13 07:54:25 ----A---- C:\Windows\SYSWOW64\wlanui.dll
2011-05-13 07:54:25 ----A---- C:\Windows\SYSWOW64\winmm.dll
2011-05-13 07:54:25 ----A---- C:\Windows\system32\wvc.dll
2011-05-13 07:54:25 ----A---- C:\Windows\system32\wusa.exe
2011-05-13 07:54:25 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-05-13 07:54:25 ----A---- C:\Windows\system32\WinSAT.exe
2011-05-13 07:54:23 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\wsnmp32.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\wpdshext.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\wow64win.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\wow64cpu.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\wow64.dll
2011-05-13 07:54:23 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-05-13 07:54:22 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2011-05-13 07:54:22 ----A---- C:\Windows\SYSWOW64\wdscore.dll
2011-05-13 07:54:22 ----A---- C:\Windows\SYSWOW64\wbemcomn.dll
2011-05-13 07:54:22 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2011-05-13 07:54:22 ----A---- C:\Windows\SYSWOW64\user32.dll
2011-05-13 07:54:22 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-05-13 07:54:22 ----A---- C:\Windows\system32\win32spl.dll
2011-05-13 07:54:22 ----A---- C:\Windows\system32\wdc.dll
2011-05-13 07:54:22 ----A---- C:\Windows\system32\usp10.dll
2011-05-13 07:54:22 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2011-05-13 07:54:22 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-05-13 07:54:22 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-05-13 07:54:22 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-05-13 07:54:20 ----A---- C:\Windows\SYSWOW64\relog.exe
2011-05-13 07:54:20 ----A---- C:\Windows\system32\VPCSettings.exe
2011-05-13 07:54:20 ----A---- C:\Windows\system32\vmicsvc.exe
2011-05-13 07:54:20 ----A---- C:\Windows\system32\vmicres.dll
2011-05-13 07:54:20 ----A---- C:\Windows\system32\SyncCenter.dll
2011-05-13 07:54:20 ----A---- C:\Windows\system32\runonce.exe
2011-05-13 07:54:20 ----A---- C:\Windows\system32\rtutils.dll
2011-05-13 07:54:20 ----A---- C:\Windows\system32\Robocopy.exe
2011-05-13 07:54:20 ----A---- C:\Windows\system32\riched32.dll
2011-05-13 07:54:20 ----A---- C:\Windows\system32\riched20.dll
2011-05-13 07:54:20 ----A---- C:\Windows\system32\reset.exe
2011-05-13 07:54:20 ----A---- C:\Windows\system32\regapi.dll
2011-05-13 07:54:19 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2011-05-13 07:54:19 ----A---- C:\Windows\system32\schedsvc.dll
2011-05-13 07:54:19 ----A---- C:\Windows\system32\scesrv.dll
2011-05-13 07:54:19 ----A---- C:\Windows\system32\scansetting.dll
2011-05-13 07:54:19 ----A---- C:\Windows\system32\rwinsta.exe
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\rastls.dll
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\powercpl.dll
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\PortableDeviceSyncProvider.dll
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\pla.dll
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\PerfCenterCPL.dll
2011-05-13 07:54:17 ----A---- C:\Windows\SYSWOW64\pdh.dll
2011-05-13 07:54:17 ----A---- C:\Windows\system32\rdpudd.dll
2011-05-13 07:54:17 ----A---- C:\Windows\system32\rdpdd.dll
2011-05-13 07:54:17 ----A---- C:\Windows\system32\rdpcorets.dll
2011-05-13 07:54:17 ----A---- C:\Windows\system32\rasmans.dll
2011-05-13 07:54:17 ----A---- C:\Windows\system32\perfmon.exe
2011-05-13 07:54:17 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2011-05-13 07:54:17 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-05-13 07:54:17 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2011-05-13 07:54:15 ----A---- C:\Windows\SYSWOW64\qcap.dll
2011-05-13 07:54:15 ----A---- C:\Windows\system32\qappsrv.exe
2011-05-13 07:54:14 ----A---- C:\Windows\SYSWOW64\quartz.dll
2011-05-13 07:54:14 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2011-05-13 07:54:14 ----A---- C:\Windows\system32\query.exe
2011-05-13 07:54:14 ----A---- C:\Windows\system32\qprocess.exe
2011-05-13 07:54:14 ----A---- C:\Windows\system32\qdv.dll
2011-05-13 07:54:14 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2011-05-13 07:54:13 ----A---- C:\Windows\SYSWOW64\sppcomapi.dll
2011-05-13 07:54:13 ----A---- C:\Windows\system32\spinstall.exe
2011-05-13 07:54:11 ----A---- C:\Windows\system32\sppcomapi.dll
2011-05-13 07:54:11 ----A---- C:\Windows\system32\spoolsv.exe
2011-05-13 07:54:11 ----A---- C:\Windows\system32\slui.exe
2011-05-13 07:54:11 ----A---- C:\Windows\splwow64.exe
2011-05-13 07:54:08 ----A---- C:\Windows\SYSWOW64\sud.dll
2011-05-13 07:54:08 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-05-13 07:54:08 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-05-13 07:54:08 ----A---- C:\Windows\system32\spreview.exe
2011-05-13 07:54:08 ----A---- C:\Windows\system32\SmiEngine.dll
2011-05-13 07:54:07 ----A---- C:\Windows\system32\srrstr.dll
2011-05-13 07:54:07 ----A---- C:\Windows\system32\spwizui.dll
2011-05-13 07:54:07 ----A---- C:\Windows\system32\sppwinob.dll
2011-05-13 07:54:07 ----A---- C:\Windows\system32\shunimpl.dll
2011-05-13 07:54:06 ----A---- C:\Windows\SYSWOW64\setupcln.dll
2011-05-13 07:54:06 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2011-05-13 07:54:06 ----A---- C:\Windows\SYSWOW64\KBDUGHR1.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\SYSWOW64\KBDTUF.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\SYSWOW64\KBDSG.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\system32\sharemediacpl.dll
2011-05-13 07:54:06 ----A---- C:\Windows\system32\shadow.exe
2011-05-13 07:54:06 ----A---- C:\Windows\system32\mcbuilder.exe
2011-05-13 07:54:06 ----A---- C:\Windows\system32\manage-bde.exe
2011-05-13 07:54:06 ----A---- C:\Windows\system32\lsasrv.dll
2011-05-13 07:54:06 ----A---- C:\Windows\system32\lpksetup.exe
2011-05-13 07:54:06 ----A---- C:\Windows\system32\logman.exe
2011-05-13 07:54:06 ----A---- C:\Windows\system32\localspl.dll
2011-05-13 07:54:06 ----A---- C:\Windows\system32\KMSVC.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\system32\KBDSG.DLL
2011-05-13 07:54:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2011-05-13 07:54:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-05-13 07:54:05 ----A---- C:\Windows\SYSWOW64\migisol.dll
2011-05-13 07:54:05 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-05-13 07:54:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2011-05-13 07:54:04 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-05-13 07:54:04 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-05-13 07:54:04 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\netshell.dll
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\KBDPO.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\KBDMAORI.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\KBDINORI.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\KBDINKAN.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\KBDBLR.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\isoburn.exe
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\iscsicli.exe
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2011-05-13 07:54:03 ----A---- C:\Windows\SYSWOW64\imapi2fs.dll
2011-05-13 07:54:03 ----A---- C:\Windows\system32\odbc32.dll
2011-05-13 07:54:03 ----A---- C:\Windows\system32\KBDNEPR.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\system32\kbdlk41a.dll
2011-05-13 07:54:03 ----A---- C:\Windows\system32\KBDINKAN.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\system32\KBDINHIN.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\system32\KBDBULG.DLL
2011-05-13 07:54:03 ----A---- C:\Windows\system32\iTVData.dll
2011-05-13 07:54:03 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-05-13 07:54:03 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-05-13 07:54:02 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2011-05-13 07:54:02 ----A---- C:\Windows\SYSWOW64\networkmap.dll
2011-05-13 07:54:02 ----A---- C:\Windows\SYSWOW64\networkexplorer.dll
2011-05-13 07:54:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2011-05-13 07:54:02 ----A---- C:\Windows\system32\nrpsrv.dll
2011-05-13 07:54:02 ----A---- C:\Windows\system32\nlsbres.dll
2011-05-13 07:54:02 ----A---- C:\Windows\system32\netid.dll
2011-05-13 07:54:02 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-05-13 07:54:01 ----A---- C:\Windows\SYSWOW64\pnidui.dll
2011-05-13 07:54:01 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-05-13 07:54:00 ----A---- C:\Windows\SYSWOW64\olethk32.dll
2011-05-13 07:54:00 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-05-13 07:54:00 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-05-13 07:54:00 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\mscoree.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\mscms.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\MPSSVC.dll
2011-05-13 07:54:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-05-13 07:53:59 ----A---- C:\Windows\SYSWOW64\nci.dll
2011-05-13 07:53:59 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2011-05-13 07:53:59 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2011-05-13 07:53:59 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-05-13 07:53:59 ----A---- C:\Windows\system32\napdsnap.dll
2011-05-13 07:53:59 ----A---- C:\Windows\system32\mswsock.dll
2011-05-13 07:53:59 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-05-13 07:53:59 ----A---- C:\Windows\system32\drivers\mpio.sys
2011-05-13 07:53:58 ----A---- C:\Windows\SYSWOW64\napdsnap.dll
2011-05-13 07:53:58 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2011-05-13 07:53:58 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2011-05-13 07:53:58 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2011-05-13 07:53:58 ----A---- C:\Windows\system32\msv1_0.dll
2011-05-13 07:53:58 ----A---- C:\Windows\system32\mstask.dll
2011-05-13 07:53:58 ----A---- C:\Windows\system32\msscp.dll
2011-05-13 07:53:58 ----A---- C:\Windows\system32\msnetobj.dll
2011-05-13 07:53:58 ----A---- C:\Windows\system32\msiexec.exe
2011-05-13 07:53:58 ----A---- C:\Windows\system32\msftedit.dll
2011-05-13 07:53:58 ----A---- C:\Windows\system32\msfeeds.dll
2011-05-13 07:53:57 ----A---- C:\Windows\SYSWOW64\DevicePairingFolder.dll
2011-05-13 07:53:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2011-05-13 07:53:57 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2011-05-13 07:53:57 ----A---- C:\Windows\SYSWOW64\calc.exe
2011-05-13 07:53:57 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-05-13 07:53:57 ----A---- C:\Windows\system32\drivers\cng.sys
2011-05-13 07:53:57 ----A---- C:\Windows\system32\dhcpcore.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\cscobj.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\cryptui.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\clusapi.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\certprop.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\CertEnroll.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\cabview.dll
2011-05-13 07:53:57 ----A---- C:\Windows\system32\browseui.dll
2011-05-13 07:53:55 ----A---- C:\Windows\SYSWOW64\appmgr.dll
2011-05-13 07:53:55 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2011-05-13 07:53:55 ----A---- C:\Windows\SYSWOW64\acppage.dll
2011-05-13 07:53:55 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-05-13 07:53:54 ----A---- C:\Windows\SYSWOW64\batmeter.dll
2011-05-13 07:53:54 ----A---- C:\Windows\SYSWOW64\ActionCenterCPL.dll
2011-05-13 07:53:54 ----A---- C:\Windows\SYSWOW64\ActionCenter.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\hgcpl.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\gdi32.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\BlbEvents.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\blackbox.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\biocpl.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\BFE.DLL
2011-05-13 07:53:54 ----A---- C:\Windows\system32\bcryptprimitives.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\basecsp.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\AxInstSv.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-05-13 07:53:54 ----A---- C:\Windows\system32\autochk.exe
2011-05-13 07:53:54 ----A---- C:\Windows\bfsvc.exe
2011-05-13 07:53:53 ----A---- C:\Windows\SYSWOW64\FirewallControlPanel.dll
2011-05-13 07:53:53 ----A---- C:\Windows\SYSWOW64\findstr.exe
2011-05-13 07:53:53 ----A---- C:\Windows\system32\FXSUNATD.exe
2011-05-13 07:53:53 ----A---- C:\Windows\system32\FXSSVC.exe
2011-05-13 07:53:53 ----A---- C:\Windows\system32\FXSMON.dll
2011-05-13 07:53:53 ----A---- C:\Windows\system32\fphc.dll
2011-05-13 07:53:53 ----A---- C:\Windows\system32\fms.dll
2011-05-13 07:53:53 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\ftp.exe
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\dsauth.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\dpx.dll
2011-05-13 07:53:52 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2011-05-13 07:53:52 ----A---- C:\Windows\system32\hgprint.dll
2011-05-13 07:53:52 ----A---- C:\Windows\system32\DXP.dll
2011-05-13 07:53:52 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-05-13 07:53:52 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-05-13 07:53:52 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-05-13 07:53:52 ----A---- C:\Windows\system32\diskpart.exe
2011-05-13 07:53:51 ----A---- C:\Windows\SYSWOW64\fdeploy.dll
2011-05-13 07:53:51 ----A---- C:\Windows\SYSWOW64\eudcedit.exe
2011-05-13 07:53:51 ----A---- C:\Windows\SYSWOW64\dnscmmc.dll
2011-05-13 07:53:51 ----A---- C:\Windows\system32\eudcedit.exe
2011-05-13 07:53:51 ----A---- C:\Windows\system32\dot3ui.dll
2011-05-13 07:53:50 ----A---- C:\Windows\system32\DxpTaskSync.dll
2011-05-13 07:53:48 ----A---- C:\Windows\system32\tlscsp.dll
2011-05-13 07:53:46 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2011-05-13 07:53:44 ----A---- C:\Windows\SYSWOW64\tcpmonui.dll
2011-05-13 07:53:44 ----A---- C:\Windows\SYSWOW64\takeown.exe
2011-05-13 07:53:44 ----A---- C:\Windows\system32\upnp.dll
2011-05-13 07:53:44 ----A---- C:\Windows\system32\untfs.dll
2011-05-13 07:53:44 ----A---- C:\Windows\system32\themecpl.dll
2011-05-13 07:53:44 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-13 07:53:44 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-05-13 07:53:44 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-05-13 07:53:43 ----A---- C:\Windows\SYSWOW64\unimdmat.dll
2011-05-13 07:53:43 ----A---- C:\Windows\SYSWOW64\twext.dll
2011-05-13 07:53:43 ----A---- C:\Windows\system32\tzutil.exe
2011-05-13 07:53:43 ----A---- C:\Windows\system32\twext.dll
2011-05-13 07:53:43 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-13 07:53:43 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-05-13 07:53:43 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-05-13 07:53:43 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-05-13 07:53:41 ----A---- C:\Windows\SYSWOW64\stobject.dll
2011-05-13 07:53:41 ----A---- C:\Windows\system32\sspisrv.dll
2011-05-13 07:53:41 ----A---- C:\Windows\system32\sspicli.dll
2011-05-13 07:53:39 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2011-05-13 07:53:39 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\WMPhoto.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\wlanmsm.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\wlangpui.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\wkscli.dll
2011-05-13 07:53:39 ----A---- C:\Windows\system32\wintrust.dll
2011-05-13 07:53:38 ----A---- C:\Windows\system32\winlogon.exe
2011-05-13 07:53:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-05-13 07:53:37 ----A---- C:\Windows\SYSWOW64\wusa.exe
2011-05-13 07:53:37 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2011-05-13 07:53:37 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2011-05-13 07:53:37 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2011-05-13 07:53:37 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2011-05-13 07:53:37 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2011-05-13 07:53:37 ----A---- C:\Windows\system32\wwanprotdim.dll
2011-05-13 07:53:37 ----A---- C:\Windows\system32\WsmSvc.dll
2011-05-13 07:53:37 ----A---- C:\Windows\system32\WSDApi.dll
2011-05-13 07:53:37 ----A---- C:\Windows\system32\WPDSp.dll
2011-05-13 07:53:37 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\wimserv.exe
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\wiavideo.dll
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\wer.dll
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\webservices.dll
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\w32tm.exe
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\Vault.dll
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\userinit.exe
2011-05-13 07:53:36 ----A---- C:\Windows\SYSWOW64\userenv.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\wiadefui.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\wevtsvc.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\werconcpl.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\webservices.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\wcncsvc.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\wavemsp.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\VMWindow.exe
2011-05-13 07:53:36 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\vdsutil.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\vds.exe
2011-05-13 07:53:36 ----A---- C:\Windows\system32\VAN.dll
2011-05-13 07:53:36 ----A---- C:\Windows\system32\drivers\vpcusb.sys
2011-05-13 07:53:34 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-05-13 07:53:33 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2011-05-13 07:53:33 ----A---- C:\Windows\SYSWOW64\remotepg.dll
2011-05-13 07:53:33 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2011-05-13 07:53:33 ----A---- C:\Windows\SYSWOW64\rdpd3d.dll
2011-05-13 07:53:33 ----A---- C:\Windows\system32\relog.exe
2011-05-13 07:53:33 ----A---- C:\Windows\system32\rastls.dll
2011-05-13 07:53:33 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2011-05-13 07:53:32 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-05-13 07:53:32 ----A---- C:\Windows\system32\schannel.dll
2011-05-13 07:53:32 ----A---- C:\Windows\system32\drivers\scfilter.sys
2011-05-13 07:53:31 ----A---- C:\Windows\SYSWOW64\scecli.dll
2011-05-13 07:53:31 ----A---- C:\Windows\SYSWOW64\RpcRtRemote.dll
2011-05-13 07:53:31 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2011-05-13 07:53:31 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2011-05-13 07:53:31 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2011-05-13 07:53:31 ----A---- C:\Windows\SYSWOW64\QAGENT.DLL
2011-05-13 07:53:31 ----A---- C:\Windows\system32\secur32.dll
2011-05-13 07:53:31 ----A---- C:\Windows\system32\scecli.dll
2011-05-13 07:53:31 ----A---- C:\Windows\system32\rstrui.exe
2011-05-13 07:53:31 ----A---- C:\Windows\system32\rpcrt4.dll
2011-05-13 07:53:31 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-05-13 07:53:31 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-05-13 07:53:31 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-05-13 07:53:31 ----A---- C:\Windows\system32\QAGENT.DLL
2011-05-13 07:53:31 ----A---- C:\Windows\system32\proquota.exe
2011-05-13 07:53:31 ----A---- C:\Windows\system32\propsys.dll
2011-05-13 07:53:30 ----A---- C:\Windows\SYSWOW64\prntvpt.dll
2011-05-13 07:53:30 ----A---- C:\Windows\system32\raschap.dll
2011-05-13 07:53:29 ----A---- C:\Windows\system32\Query.dll
2011-05-13 07:53:28 ----A---- C:\Windows\SYSWOW64\QUTIL.DLL
2011-05-13 07:53:28 ----A---- C:\Windows\SYSWOW64\QCLIPROV.DLL
2011-05-13 07:53:28 ----A---- C:\Windows\system32\qmgr.dll
2011-05-13 07:53:26 ----A---- C:\Windows\SYSWOW64\SndVolSSO.dll
2011-05-13 07:53:26 ----A---- C:\Windows\SYSWOW64\SndVol.exe
2011-05-13 07:53:26 ----A---- C:\Windows\system32\shsvcs.dll
2011-05-13 07:53:26 ----A---- C:\Windows\system32\RacEngn.dll
2011-05-13 07:53:25 ----A---- C:\Windows\system32\srcore.dll
2011-05-13 07:53:25 ----A---- C:\Windows\system32\sqlcese30.dll
2011-05-13 07:53:24 ----A---- C:\Windows\system32\sppnp.dll
2011-05-13 07:53:24 ----A---- C:\Windows\system32\spopk.dll
2011-05-13 07:53:20 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2011-05-13 07:53:20 ----A---- C:\Windows\SYSWOW64\mfds.dll
2011-05-13 07:53:20 ----A---- C:\Windows\SYSWOW64\mf.dll
2011-05-13 07:53:20 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2011-05-13 07:53:20 ----A---- C:\Windows\SYSWOW64\mcbuilder.exe
2011-05-13 07:53:20 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2011-05-13 07:53:19 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2011-05-13 07:53:19 ----A---- C:\Windows\SYSWOW64\KBDNEPR.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\SYSWOW64\KBDGR1.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\SYSWOW64\KBDGEO.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-05-13 07:53:19 ----A---- C:\Windows\system32\KBDMON.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\system32\KBDINMAR.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\system32\KBDGEO.DLL
2011-05-13 07:53:19 ----A---- C:\Windows\system32\iyuv_32.dll
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\nslookup.exe
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\netid.dll
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\KBDTURME.DLL
2011-05-13 07:53:18 ----A---- C:\Windows\SYSWOW64\KBDTUQ.DLL
2011-05-13 07:53:18 ----A---- C:\Windows\system32\ntlanman.dll
2011-05-13 07:53:18 ----A---- C:\Windows\system32\netplwiz.dll
2011-05-13 07:53:18 ----A---- C:\Windows\system32\netfxperf.dll
2011-05-13 07:53:18 ----A---- C:\Windows\system32\logoncli.dll
2011-05-13 07:53:18 ----A---- C:\Windows\system32\KBDSF.DLL
2011-05-13 07:53:18 ----A---- C:\Windows\system32\KBDPO.DLL
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\pifmgr.dll
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\onexui.dll
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\onex.dll
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-05-13 07:53:17 ----A---- C:\Windows\SYSWOW64\occache.dll
2011-05-13 07:53:17 ----A---- C:\Windows\system32\odbcconf.dll
2011-05-13 07:53:17 ----A---- C:\Windows\system32\ocsetup.exe
2011-05-13 07:53:17 ----A---- C:\Windows\system32\ocsetapi.dll
2011-05-13 07:53:17 ----A---- C:\Windows\system32\ntshrui.dll
2011-05-13 07:53:16 ----A---- C:\Windows\system32\msieftp.dll
2011-05-13 07:53:15 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2011-05-13 07:53:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2011-05-13 07:53:15 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-05-13 07:53:15 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2011-05-13 07:53:15 ----A---- C:\Windows\system32\mssphtb.dll
2011-05-13 07:53:15 ----A---- C:\Windows\system32\msasn1.dll
2011-05-13 07:53:14 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2011-05-13 07:53:14 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2011-05-13 07:53:14 ----A---- C:\Windows\SYSWOW64\msvfw32.dll
2011-05-13 07:53:14 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2011-05-13 07:53:14 ----A---- C:\Windows\system32\net1.exe
2011-05-13 07:53:14 ----A---- C:\Windows\system32\ncryptui.dll
2011-05-13 07:53:14 ----A---- C:\Windows\system32\mydocs.dll
2011-05-13 07:53:14 ----A---- C:\Windows\system32\msyuv.dll
2011-05-13 07:53:14 ----A---- C:\Windows\system32\mstsc.exe
2011-05-13 07:53:14 ----A---- C:\Windows\system32\mssvp.dll
2011-05-13 07:53:14 ----A---- C:\Windows\system32\mssrch.dll
2011-05-13 07:53:13 ----A---- C:\Windows\system32\cmstp.exe
2011-05-13 07:53:12 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2011-05-13 07:53:12 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-05-13 07:53:12 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-05-13 07:53:12 ----A---- C:\Windows\SYSWOW64\d3d9.dll
2011-05-13 07:53:12 ----A---- C:\Windows\SYSWOW64\certcli.dll
2011-05-13 07:53:12 ----A---- C:\Windows\system32\DeviceCenter.dll
2011-05-13 07:53:12 ----A---- C:\Windows\system32\davclnt.dll
2011-05-13 07:53:12 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-05-13 07:53:12 ----A---- C:\Windows\system32\cdosys.dll
2011-05-13 07:53:10 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2011-05-13 07:53:10 ----A---- C:\Windows\SYSWOW64\adsldp.dll
2011-05-13 07:53:10 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2011-05-13 07:53:10 ----A---- C:\Windows\system32\drivers\afd.sys
2011-05-13 07:53:10 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-05-13 07:53:10 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-13 07:53:10 ----A---- C:\Windows\system32\ActionQueue.dll
2011-05-13 07:53:10 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-05-13 07:53:09 ----A---- C:\Windows\SYSWOW64\httpapi.dll
2011-05-13 07:53:09 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2011-05-13 07:53:09 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2011-05-13 07:53:09 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\hal.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\gpsvc.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\cabinet.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\browser.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\bcdboot.exe
2011-05-13 07:53:09 ----A---- C:\Windows\system32\autoplay.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\autofmt.exe
2011-05-13 07:53:09 ----A---- C:\Windows\system32\actxprxy.dll
2011-05-13 07:53:09 ----A---- C:\Windows\system32\ActionCenter.dll
2011-05-13 07:53:08 ----A---- C:\Windows\SYSWOW64\iasrad.dll
2011-05-13 07:53:08 ----A---- C:\Windows\SYSWOW64\iasacct.dll
2011-05-13 07:53:08 ----A---- C:\Windows\system32\inetpp.dll
2011-05-13 07:53:05 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2011-05-13 07:53:05 ----A---- C:\Windows\SYSWOW64\Display.dll
2011-05-13 07:53:05 ----A---- C:\Windows\system32\evr.dll
2011-05-13 07:53:05 ----A---- C:\Windows\system32\efscore.dll
2011-05-13 07:53:05 ----A---- C:\Windows\system32\dwmredir.dll
2011-05-13 07:53:05 ----A---- C:\Windows\system32\dsauth.dll
2011-05-13 07:53:05 ----A---- C:\Windows\system32\drvstore.dll
2011-05-13 07:53:05 ----A---- C:\Windows\system32\dot3msm.dll
2011-05-13 07:53:04 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2011-05-13 07:53:04 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2011-05-13 07:53:04 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-05-13 07:53:04 ----A---- C:\Windows\system32\dot3svc.dll
2011-05-13 07:53:04 ----A---- C:\Windows\system32\dot3api.dll
2011-05-13 07:53:02 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-05-13 07:53:02 ----A---- C:\Windows\SYSWOW64\fontext.dll
2011-05-13 07:53:02 ----A---- C:\Windows\system32\fde.dll
2011-05-13 07:53:01 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-05-13 07:53:01 ----A---- C:\Windows\system32\syncui.dll
2011-05-13 07:53:01 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-05-13 07:53:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-05-13 07:52:58 ----A---- C:\Windows\SYSWOW64\tapisrv.dll
2011-05-13 07:52:58 ----A---- C:\Windows\system32\tquery.dll
2011-05-13 07:52:58 ----A---- C:\Windows\system32\SndVol.exe
2011-05-13 07:52:57 ----A---- C:\Windows\SYSWOW64\srchadmin.dll
2011-05-13 07:52:57 ----A---- C:\Windows\SYSWOW64\sppc.dll
2011-05-13 07:52:57 ----A---- C:\Windows\system32\srvcli.dll
2011-05-13 07:52:57 ----A---- C:\Windows\system32\SndVolSSO.dll
2011-05-13 07:52:57 ----A---- C:\Windows\system32\drivers\storvsc.sys
2011-05-13 07:52:56 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2011-05-13 07:52:56 ----A---- C:\Windows\SYSWOW64\sqlcese30.dll
2011-05-13 07:52:56 ----A---- C:\Windows\SYSWOW64\spwizres.dll
2011-05-13 07:52:56 ----A---- C:\Windows\SYSWOW64\spwizeng.dll
2011-05-13 07:52:55 ----A---- C:\Windows\system32\WinSCard.dll
2011-05-13 07:52:55 ----A---- C:\Windows\system32\WebClnt.dll
2011-05-13 07:52:55 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2011-05-13 07:52:55 ----A---- C:\Windows\system32\wbengine.exe
2011-05-13 07:52:53 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-05-13 07:52:53 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2011-05-13 07:52:53 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2011-05-13 07:52:53 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2011-05-13 07:52:53 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2011-05-13 07:52:53 ----A---- C:\Windows\system32\wmpdxm.dll
2011-05-13 07:52:52 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2011-05-13 07:52:52 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2011-05-13 07:52:52 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2011-05-13 07:52:52 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-05-13 07:52:52 ----A---- C:\Windows\system32\tzres.dll
2011-05-13 07:52:52 ----A---- C:\Windows\system32\tspubwmi.dll
2011-05-13 07:52:52 ----A---- C:\Windows\system32\tsbyuv.dll
2011-05-13 07:52:51 ----A---- C:\Windows\SYSWOW64\uxlib.dll
2011-05-13 07:52:51 ----A---- C:\Windows\SYSWOW64\utildll.dll
2011-05-13 07:52:51 ----A---- C:\Windows\SYSWOW64\usp10.dll
2011-05-13 07:52:51 ----A---- C:\Windows\system32\wbemcomn.dll
2011-05-13 07:52:51 ----A---- C:\Windows\system32\vpnikeapi.dll
2011-05-13 07:52:51 ----A---- C:\Windows\system32\vpnike.dll
2011-05-13 07:52:51 ----A---- C:\Windows\system32\vpc.exe
2011-05-13 07:52:51 ----A---- C:\Windows\system32\vmstorfltres.dll
2011-05-13 07:52:51 ----A---- C:\Windows\system32\vmsal.exe
2011-05-13 07:52:51 ----A---- C:\Windows\system32\Vault.dll
2011-05-13 07:52:51 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2011-05-13 07:52:50 ----A---- C:\Windows\SYSWOW64\shsvcs.dll
2011-05-13 07:52:50 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2011-05-13 07:52:50 ----A---- C:\Windows\system32\VmdCoinstall.dll
2011-05-13 07:52:50 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-05-13 07:52:50 ----A---- C:\Windows\system32\drivers\sdbus.sys
2011-05-13 07:52:49 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-05-13 07:52:49 ----A---- C:\Windows\system32\schtasks.exe
2011-05-13 07:52:49 ----A---- C:\Windows\system32\schedcli.dll
2011-05-13 07:52:48 ----A---- C:\Windows\SYSWOW64\QSVRMGMT.DLL
2011-05-13 07:52:48 ----A---- C:\Windows\system32\rdpcore.dll
2011-05-13 07:52:48 ----A---- C:\Windows\system32\QUTIL.DLL
2011-05-13 07:52:48 ----A---- C:\Windows\system32\quartz.dll
2011-05-13 07:52:46 ----A---- C:\Windows\SYSWOW64\qdv.dll
2011-05-13 07:52:46 ----A---- C:\Windows\SYSWOW64\proquota.exe
2011-05-13 07:52:46 ----A---- C:\Windows\SYSWOW64\prnfldr.dll
2011-05-13 07:52:46 ----A---- C:\Windows\system32\prncache.dll
2011-05-13 07:52:46 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-05-13 07:52:45 ----A---- C:\Windows\SYSWOW64\riched32.dll
2011-05-13 07:52:45 ----A---- C:\Windows\SYSWOW64\riched20.dll
2011-05-13 07:52:45 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2011-05-13 07:52:45 ----A---- C:\Windows\SYSWOW64\QSHVHOST.DLL
2011-05-13 07:52:45 ----A---- C:\Windows\SYSWOW64\qasf.dll
2011-05-13 07:52:45 ----A---- C:\Windows\system32\SensorsCpl.dll
2011-05-13 07:52:45 ----A---- C:\Windows\system32\rpchttp.dll
2011-05-13 07:52:45 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-05-13 07:52:45 ----A---- C:\Windows\system32\recovery.dll
2011-05-13 07:52:45 ----A---- C:\Windows\system32\rdpsign.exe
2011-05-13 07:52:45 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2011-05-13 07:52:44 ----A---- C:\Windows\SYSWOW64\shimgvw.dll
2011-05-13 07:52:44 ----A---- C:\Windows\system32\shlwapi.dll
2011-05-13 07:52:44 ----A---- C:\Windows\system32\shdocvw.dll
2011-05-13 07:52:44 ----A---- C:\Windows\system32\shacct.dll
2011-05-13 07:52:44 ----A---- C:\Windows\system32\setupapi.dll
2011-05-13 07:52:38 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-05-13 07:52:38 ----A---- C:\Windows\SYSWOW64\mciqtz32.dll
2011-05-13 07:52:38 ----A---- C:\Windows\system32\MdSched.exe
2011-05-13 07:52:38 ----A---- C:\Windows\system32\mciqtz32.dll
2011-05-13 07:52:38 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2011-05-13 07:52:38 ----A---- C:\Windows\system32\lsmproxy.dll
2011-05-13 07:52:37 ----A---- C:\Windows\SYSWOW64\mimefilt.dll
2011-05-13 07:52:37 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-05-13 07:52:36 ----A---- C:\Windows\SYSWOW64\input.dll
2011-05-13 07:52:36 ----A---- C:\Windows\system32\iasrecst.dll
2011-05-13 07:52:36 ----A---- C:\Windows\system32\httpapi.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\NAPHLPR.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\mydocs.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\localsec.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\kbdlk41a.dll
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\KBDINBEN.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\KBDGKL.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\KBDBULG.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\system32\netiohlp.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\netcfgx.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\netcenter.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\msxml3.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\ListSvc.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\licmgr10.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\KBDTURME.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\system32\KBDMAORI.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\system32\KBDINTAM.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\system32\KBDGR1.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\system32\KBDCZ1.DLL
2011-05-13 07:52:35 ----A---- C:\Windows\system32\isoburn.exe
pokracovani dale

Předem děkuji.

Michal

Re: Vir Win 7 Home Security

Napsal: 06 čer 2011 13:17
od mike771
2011-05-13 07:52:35 ----A---- C:\Windows\system32\iscsium.dll
2011-05-13 07:52:35 ----A---- C:\Windows\system32\iscsicli.exe
2011-05-13 07:52:35 ----A---- C:\Windows\system32\imagehlp.dll
2011-05-13 07:52:34 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2011-05-13 07:52:34 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2011-05-13 07:52:34 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-05-13 07:52:34 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-05-13 07:52:34 ----A---- C:\Windows\system32\ntprint.dll
2011-05-13 07:52:34 ----A---- C:\Windows\system32\nltest.exe
2011-05-13 07:52:34 ----A---- C:\Windows\system32\mtxclu.dll
2011-05-13 07:52:33 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2011-05-13 07:52:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-05-13 07:52:33 ----A---- C:\Windows\SYSWOW64\netutils.dll
2011-05-13 07:52:33 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2011-05-13 07:52:32 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2011-05-13 07:52:32 ----A---- C:\Windows\system32\mprapi.dll
2011-05-13 07:52:32 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-05-13 07:52:31 ----A---- C:\Windows\SYSWOW64\msscp.dll
2011-05-13 07:52:31 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2011-05-13 07:52:31 ----A---- C:\Windows\SYSWOW64\msi.dll
2011-05-13 07:52:31 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-05-13 07:52:31 ----A---- C:\Windows\system32\msi.dll
2011-05-13 07:52:30 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2011-05-13 07:52:30 ----A---- C:\Windows\SYSWOW64\clusapi.dll
2011-05-13 07:52:30 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-05-13 07:52:30 ----A---- C:\Windows\system32\msdtctm.dll
2011-05-13 07:52:30 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2011-05-13 07:52:29 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2011-05-13 07:52:29 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2011-05-13 07:52:29 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-05-13 07:52:29 ----A---- C:\Windows\SYSWOW64\cscobj.dll
2011-05-13 07:52:29 ----A---- C:\Windows\SYSWOW64\cmstp.exe
2011-05-13 07:52:29 ----A---- C:\Windows\SYSWOW64\certmgr.dll
2011-05-13 07:52:29 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2011-05-13 07:52:29 ----A---- C:\Windows\system32\crypt32.dll
2011-05-13 07:52:29 ----A---- C:\Windows\system32\credui.dll
2011-05-13 07:52:29 ----A---- C:\Windows\system32\cmd.exe
2011-05-13 07:52:29 ----A---- C:\Windows\system32\BWUnpairElevated.dll
2011-05-13 07:52:29 ----A---- C:\Windows\system32\bootres.dll
2011-05-13 07:52:28 ----AH---- C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2011-05-13 07:52:28 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2011-05-13 07:52:28 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2011-05-13 07:52:28 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-05-13 07:52:27 ----A---- C:\Windows\SYSWOW64\AzSqlExt.dll
2011-05-13 07:52:27 ----A---- C:\Windows\SYSWOW64\amstream.dll
2011-05-13 07:52:27 ----A---- C:\Windows\system32\bitsperf.dll
2011-05-13 07:52:27 ----A---- C:\Windows\system32\batmeter.dll
2011-05-13 07:52:27 ----A---- C:\Windows\system32\amstream.dll
2011-05-13 07:52:27 ----A---- C:\Windows\system32\aitagent.exe
2011-05-13 07:52:26 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2011-05-13 07:52:26 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2011-05-13 07:52:26 ----A---- C:\Windows\SYSWOW64\bitsadmin.exe
2011-05-13 07:52:26 ----A---- C:\Windows\SYSWOW64\azroles.dll
2011-05-13 07:52:26 ----A---- C:\Windows\SYSWOW64\autoplay.dll
2011-05-13 07:52:26 ----A---- C:\Windows\SYSWOW64\autofmt.exe
2011-05-13 07:52:26 ----A---- C:\Windows\system32\fdProxy.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\eapphost.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\eappgnui.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\eapp3hst.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\azroles.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\autoconv.exe
2011-05-13 07:52:26 ----A---- C:\Windows\system32\audiosrv.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\AudioSes.dll
2011-05-13 07:52:26 ----A---- C:\Windows\system32\audiodg.exe
2011-05-13 07:52:25 ----A---- C:\Windows\SYSWOW64\dsuiext.dll
2011-05-13 07:52:25 ----A---- C:\Windows\system32\gameux.dll
2011-05-13 07:52:25 ----A---- C:\Windows\system32\dxmasf.dll
2011-05-13 07:52:25 ----A---- C:\Windows\system32\dxgi.dll
2011-05-13 07:52:25 ----A---- C:\Windows\system32\dxdiagn.dll
2011-05-13 07:52:24 ----A---- C:\Windows\SYSWOW64\fphc.dll
2011-05-13 07:52:24 ----A---- C:\Windows\SYSWOW64\diskraid.exe
2011-05-13 07:52:24 ----A---- C:\Windows\SYSWOW64\dfrgui.exe
2011-05-13 07:52:24 ----A---- C:\Windows\SYSWOW64\DeviceCenter.dll
2011-05-13 07:52:24 ----A---- C:\Windows\system32\hbaapi.dll
2011-05-13 07:52:24 ----A---- C:\Windows\system32\framedynos.dll
2011-05-13 07:52:24 ----A---- C:\Windows\system32\framedyn.dll
2011-05-13 07:52:24 ----A---- C:\Windows\system32\djoin.exe
2011-05-13 07:52:24 ----A---- C:\Windows\system32\dfshim.dll
2011-05-13 07:52:23 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2011-05-13 07:52:23 ----A---- C:\Windows\system32\dpx.dll
2011-05-13 07:52:22 ----A---- C:\Windows\SYSWOW64\tlscsp.dll
2011-05-13 07:52:22 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2011-05-13 07:52:22 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2011-05-13 07:52:22 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2011-05-13 07:52:22 ----A---- C:\Windows\system32\taskcomp.dll
2011-05-13 07:52:22 ----A---- C:\Windows\system32\TabSvc.dll
2011-05-13 07:52:22 ----A---- C:\Windows\system32\odbccp32.dll
2011-05-13 07:52:22 ----A---- C:\Windows\system32\dps.dll
2011-05-13 07:52:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-05-13 07:52:21 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2011-05-13 07:52:21 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2011-05-13 07:52:21 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2011-05-13 07:52:21 ----A---- C:\Windows\SYSWOW64\sscore.dll
2011-05-13 07:52:21 ----A---- C:\Windows\system32\user32.dll
2011-05-13 07:52:21 ----A---- C:\Windows\system32\unimdmat.dll
2011-05-13 07:52:21 ----A---- C:\Windows\system32\taskhost.exe
2011-05-13 07:52:21 ----A---- C:\Windows\system32\taskeng.exe
2011-05-13 07:52:21 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2011-05-13 07:52:21 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-05-13 07:52:17 ----A---- C:\Windows\system32\spwmp.dll
2011-05-13 07:52:17 ----A---- C:\Windows\system32\sppobjs.dll
2011-05-13 07:52:16 ----A---- C:\Windows\SYSWOW64\sxs.dll
2011-05-13 07:52:16 ----A---- C:\Windows\system32\sud.dll
2011-05-13 07:52:14 ----A---- C:\Windows\SYSWOW64\syssetup.dll
2011-05-13 07:52:14 ----A---- C:\Windows\SYSWOW64\syncui.dll
2011-05-13 07:52:14 ----A---- C:\Windows\SYSWOW64\spopk.dll
2011-05-13 07:52:14 ----A---- C:\Windows\system32\wmp.dll
2011-05-13 07:52:13 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2011-05-13 07:52:13 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2011-05-13 07:52:13 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2011-05-13 07:52:13 ----A---- C:\Windows\SYSWOW64\wlangpui.dll
2011-05-13 07:52:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-05-13 07:52:13 ----A---- C:\Windows\system32\wmpmde.dll
2011-05-13 07:52:13 ----A---- C:\Windows\system32\wmploc.DLL
2011-05-13 07:52:13 ----A---- C:\Windows\system32\Wldap32.dll
2011-05-13 07:52:13 ----A---- C:\Windows\system32\wlanui.dll
2011-05-13 07:52:13 ----A---- C:\Windows\system32\wlanpref.dll
2011-05-13 07:52:13 ----A---- C:\Windows\system32\wisptis.exe
2011-05-13 07:52:13 ----A---- C:\Windows\system32\winsta.dll
2011-05-13 07:52:11 ----A---- C:\Windows\SYSWOW64\xpsservices.dll
2011-05-13 07:52:11 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2011-05-13 07:52:11 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2011-05-13 07:52:11 ----A---- C:\Windows\system32\xpsservices.dll
2011-05-13 07:52:11 ----A---- C:\Windows\system32\WUDFx.dll
2011-05-13 07:52:11 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-05-13 07:52:11 ----A---- C:\Windows\system32\wshbth.dll
2011-05-13 07:52:11 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-05-13 07:52:10 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-05-13 07:52:10 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-05-13 07:52:10 ----A---- C:\Windows\system32\WUDFHost.exe
2011-05-13 07:52:10 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-05-13 07:52:09 ----A---- C:\Windows\SYSWOW64\vmsal.exe
2011-05-13 07:52:09 ----A---- C:\Windows\system32\VMCPropertyHandler.dll
2011-05-13 07:52:09 ----A---- C:\Windows\system32\vmbusres.dll
2011-05-13 07:52:09 ----A---- C:\Windows\system32\vmbuspipe.dll
2011-05-13 07:52:09 ----A---- C:\Windows\system32\vdsbas.dll
2011-05-13 07:52:09 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-05-13 07:52:08 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2011-05-13 07:52:08 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-05-13 07:52:08 ----A---- C:\Windows\SYSWOW64\vpnikeapi.dll
2011-05-13 07:52:08 ----A---- C:\Windows\SYSWOW64\rdpendp.dll
2011-05-13 07:52:08 ----A---- C:\Windows\SYSWOW64\rdpencom.dll
2011-05-13 07:52:08 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\webcheck.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\WavDest.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\vpchbuspipe.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\rdpendp.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\rdpd3d.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\rdpcorekmts.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\rasppp.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-05-13 07:52:08 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-05-13 07:52:08 ----A---- C:\Windows\system32\qasf.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\puiobj.dll
2011-05-13 07:52:08 ----A---- C:\Windows\system32\drivers\winhv.sys
2011-05-13 07:52:08 ----A---- C:\Windows\system32\drivers\vpcnfltr.sys
2011-05-13 07:52:08 ----A---- C:\Windows\system32\drivers\vpchbus.sys
2011-05-13 07:52:08 ----A---- C:\Windows\system32\drivers\vmbus.sys
2011-05-13 07:52:08 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2011-05-13 07:52:08 ----A---- C:\Windows\system32\drivers\raspptp.sys
2011-05-13 07:52:07 ----A---- C:\Windows\SYSWOW64\resutils.dll
2011-05-13 07:52:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2011-05-13 07:52:07 ----A---- C:\Windows\SYSWOW64\regapi.dll
2011-05-13 07:52:07 ----A---- C:\Windows\system32\remotepg.dll
2011-05-13 07:52:07 ----A---- C:\Windows\system32\ReAgent.dll
2011-05-13 07:52:05 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2011-05-13 07:52:05 ----A---- C:\Windows\SYSWOW64\PkgMgr.exe
2011-05-13 07:52:05 ----A---- C:\Windows\SYSWOW64\perfts.dll
2011-05-13 07:52:05 ----A---- C:\Windows\SYSWOW64\OobeFldr.dll
2011-05-13 07:52:05 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-05-13 07:52:05 ----A---- C:\Windows\system32\RDVGHelper.exe
2011-05-13 07:52:05 ----A---- C:\Windows\system32\rdpwsx.dll
2011-05-13 07:52:05 ----A---- C:\Windows\system32\rdpshell.exe
2011-05-13 07:52:05 ----A---- C:\Windows\system32\rdpinit.exe
2011-05-13 07:52:05 ----A---- C:\Windows\system32\PresentationHost.exe
2011-05-13 07:52:05 ----A---- C:\Windows\system32\powercpl.dll
2011-05-13 07:52:05 ----A---- C:\Windows\system32\pla.dll
2011-05-13 07:52:05 ----A---- C:\Windows\system32\PkgMgr.exe
2011-05-13 07:52:05 ----A---- C:\Windows\system32\photowiz.dll
2011-05-13 07:52:05 ----A---- C:\Windows\system32\pdh.dll
2011-05-13 07:52:05 ----A---- C:\Windows\system32\drivers\pci.sys
2011-05-13 07:52:05 ----A---- C:\Windows\system32\drivers\pacer.sys
2011-05-13 07:52:04 ----A---- C:\Windows\SYSWOW64\prncache.dll
2011-05-13 07:52:04 ----A---- C:\Windows\SYSWOW64\printui.dll
2011-05-13 07:52:04 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-05-13 07:52:04 ----A---- C:\Windows\system32\provsvc.dll
2011-05-13 07:52:04 ----A---- C:\Windows\system32\prnfldr.dll
2011-05-13 07:52:04 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2011-05-13 07:52:04 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-05-13 07:52:03 ----A---- C:\Windows\system32\setupcl.exe
2011-05-13 07:52:02 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2011-05-13 07:52:02 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-05-13 07:52:02 ----A---- C:\Windows\system32\SessEnv.dll
2011-05-13 07:52:01 ----A---- C:\Windows\SYSWOW64\shwebsvc.dll
2011-05-13 07:52:00 ----A---- C:\Windows\SYSWOW64\sisbkup.dll
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\shunimpl.dll
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\scansetting.dll
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\runonce.exe
2011-05-13 07:51:59 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\shimgvw.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\shgina.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\secproc.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\scrptadm.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\scavengeui.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\samsrv.dll
2011-05-13 07:51:59 ----A---- C:\Windows\system32\samcli.dll
2011-05-13 07:51:58 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2011-05-13 07:51:58 ----A---- C:\Windows\system32\RpcRtRemote.dll
2011-05-13 07:51:58 ----A---- C:\Windows\system32\RMActivate.exe
2011-05-13 07:51:58 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-05-13 07:51:54 ----A---- C:\Windows\SYSWOW64\shgina.dll
2011-05-13 07:51:54 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2011-05-13 07:51:54 ----A---- C:\Windows\SYSWOW64\msdmo.dll
2011-05-13 07:51:54 ----A---- C:\Windows\SYSWOW64\mscms.dll
2011-05-13 07:51:54 ----A---- C:\Windows\system32\sisbkup.dll
2011-05-13 07:51:54 ----A---- C:\Windows\system32\shsetup.dll
2011-05-13 07:51:54 ----A---- C:\Windows\system32\msconfig.exe
2011-05-13 07:51:54 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-05-13 07:51:53 ----A---- C:\Windows\SYSWOW64\sethc.exe
2011-05-13 07:51:53 ----A---- C:\Windows\SYSWOW64\SensorsCpl.dll
2011-05-13 07:51:53 ----A---- C:\Windows\system32\slwga.dll
2011-05-13 07:51:53 ----A---- C:\Windows\system32\sethc.exe
2011-05-13 07:51:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-05-13 07:51:52 ----A---- C:\Windows\system32\mshtmled.dll
2011-05-13 07:51:51 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2011-05-13 07:51:51 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-05-13 07:51:51 ----A---- C:\Windows\system32\wksprt.exe
2011-05-13 07:51:50 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-05-13 07:51:50 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2011-05-13 07:51:50 ----A---- C:\Windows\SYSWOW64\winsta.dll
2011-05-13 07:51:49 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2011-05-13 07:51:49 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2011-05-13 07:51:49 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2011-05-13 07:51:49 ----A---- C:\Windows\SYSWOW64\WinSATAPI.dll
2011-05-13 07:51:49 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-05-13 07:51:49 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2011-05-13 07:51:49 ----A---- C:\Windows\system32\wmpshell.dll
2011-05-13 07:51:49 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-05-13 07:51:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-05-13 07:51:48 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2011-05-13 07:51:48 ----A---- C:\Windows\SYSWOW64\azroleui.dll
2011-05-13 07:51:48 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2011-05-13 07:51:48 ----A---- C:\Windows\system32\wmpps.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\TSpkg.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\tsgqec.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\sxs.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\stobject.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\sscore.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-05-13 07:51:48 ----A---- C:\Windows\system32\azroleui.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-05-13 07:51:48 ----A---- C:\Windows\system32\appmgr.dll
2011-05-13 07:51:47 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2011-05-13 07:51:47 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\tapisrv.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\srvsvc.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\spwizres.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\spwizeng.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\sppc.dll
2011-05-13 07:51:47 ----A---- C:\Windows\system32\spbcd.dll
2011-05-13 07:51:46 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2011-05-13 07:51:46 ----A---- C:\Windows\SYSWOW64\termmgr.dll
2011-05-13 07:51:46 ----A---- C:\Windows\SYSWOW64\taskmgr.exe
2011-05-13 07:51:46 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-05-13 07:51:46 ----A---- C:\Windows\system32\themeui.dll
2011-05-13 07:51:46 ----A---- C:\Windows\system32\termmgr.dll
2011-05-13 07:51:46 ----A---- C:\Windows\system32\systemcpl.dll
2011-05-13 07:51:46 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-05-13 07:51:45 ----A---- C:\Windows\SYSWOW64\printmanagement.msc
2011-05-13 07:51:45 ----A---- C:\Windows\SYSWOW64\ppcsnap.dll
2011-05-13 07:51:45 ----A---- C:\Windows\SYSWOW64\pmcsnap.dll
2011-05-13 07:51:45 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2011-05-13 07:51:45 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\seclogon.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\sdrsvc.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\sdengin2.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\sdclt.exe
2011-05-13 07:51:45 ----A---- C:\Windows\system32\prntvpt.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\onexui.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\onex.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\oleaut32.dll
2011-05-13 07:51:45 ----A---- C:\Windows\system32\nshipsec.dll
2011-05-13 07:51:44 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2011-05-13 07:51:43 ----A---- C:\Windows\system32\networkexplorer.dll
2011-05-13 07:51:42 ----A---- C:\Windows\system32\repair-bde.exe
2011-05-13 07:51:42 ----A---- C:\Windows\system32\recdisc.exe
2011-05-13 07:51:42 ----A---- C:\Windows\system32\networkmap.dll
2011-05-13 07:51:41 ----A---- C:\Windows\SYSWOW64\scrptadm.dll
2011-05-13 07:51:41 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2011-05-13 07:51:41 ----A---- C:\Windows\SYSWOW64\rdvgumd32.dll
2011-05-13 07:51:41 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2011-05-13 07:51:40 ----A---- C:\Windows\system32\rpcss.dll
2011-05-13 07:51:40 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-05-13 07:51:39 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2011-05-13 07:51:39 ----A---- C:\Windows\system32\profsvc.dll
2011-05-13 07:51:39 ----A---- C:\Windows\system32\profprov.dll
2011-05-13 07:51:37 ----A---- C:\Windows\SYSWOW64\PushPrinterConnections.exe
2011-05-13 07:51:37 ----A---- C:\Windows\system32\rdpencom.dll
2011-05-13 07:51:37 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-05-13 07:51:37 ----A---- C:\Windows\system32\qcap.dll
2011-05-13 07:51:37 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-05-13 07:51:36 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2011-05-13 07:51:36 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2011-05-13 07:51:36 ----A---- C:\Windows\SYSWOW64\Query.dll
2011-05-13 07:51:36 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2011-05-13 07:51:36 ----A---- C:\Windows\system32\wscapi.dll
2011-05-13 07:51:36 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-05-13 07:51:36 ----A---- C:\Windows\system32\wpccpl.dll
2011-05-13 07:51:36 ----A---- C:\Windows\system32\qedit.dll
2011-05-13 07:51:36 ----A---- C:\Windows\system32\qdvd.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\wshirda.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\secur32.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\netdiagfx.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\net1.exe
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\msutb.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-05-13 07:51:35 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2011-05-13 07:51:35 ----A---- C:\Windows\system32\wshirda.dll
2011-05-13 07:51:35 ----A---- C:\Windows\system32\secproc_isv.dll
2011-05-13 07:51:35 ----A---- C:\Windows\system32\mstscax.dll
2011-05-13 07:51:35 ----A---- C:\Windows\system32\msinfo32.exe
2011-05-13 07:51:35 ----A---- C:\Windows\system32\drivers\netio.sys
2011-05-13 07:51:35 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-05-13 07:51:35 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-05-13 07:51:35 ----A---- C:\Windows\system32\drivers\msrpc.sys
2011-05-13 07:51:34 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2011-05-13 07:51:34 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2011-05-13 07:51:34 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2011-05-13 07:51:34 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2011-05-13 07:51:34 ----A---- C:\Windows\system32\netdiagfx.dll
2011-05-13 07:51:34 ----A---- C:\Windows\system32\nci.dll
2011-05-13 07:51:34 ----A---- C:\Windows\system32\Narrator.exe
2011-05-13 07:51:34 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-05-13 07:51:33 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2011-05-13 07:51:33 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2011-05-13 07:51:33 ----A---- C:\Windows\system32\lsm.exe
2011-05-13 07:51:33 ----A---- C:\Windows\system32\localsec.dll
2011-05-13 07:51:33 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-05-13 07:51:33 ----A---- C:\Windows\system32\drivers\ks.sys
2011-05-13 07:51:33 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2011-05-13 07:51:33 ----A---- C:\Windows\system32\aaclient.dll
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\vfwwdm32.dll
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\vdsbas.dll
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\VAN.dll
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\KBDUS.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\KBDTAJIK.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\KBDMON.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\KBDINTAM.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\KBDINMAR.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\KBDINHIN.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\SYSWOW64\inetmib1.dll
2011-05-13 07:51:32 ----A---- C:\Windows\system32\uxlib.dll
2011-05-13 07:51:32 ----A---- C:\Windows\system32\userenv.dll
2011-05-13 07:51:32 ----A---- C:\Windows\system32\KBDTUQ.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\system32\KBDLT1.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\system32\KBDINTEL.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\system32\KBDINORI.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\system32\KBDBASH.DLL
2011-05-13 07:51:32 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2011-05-13 07:51:32 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2011-05-13 07:51:31 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2011-05-13 07:51:31 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2011-05-13 07:51:31 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2011-05-13 07:51:31 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2011-05-13 07:51:31 ----A---- C:\Windows\system32\wiavideo.dll
2011-05-13 07:51:31 ----A---- C:\Windows\system32\wiaservc.dll
2011-05-13 07:51:31 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-13 07:51:31 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-05-13 07:51:31 ----A---- C:\Windows\system32\mcmde.dll
2011-05-13 07:51:31 ----A---- C:\Windows\system32\drivers\vpcvmm.sys
2011-05-13 07:51:30 ----A---- C:\Windows\SYSWOW64\UserAccountControlSettings.dll
2011-05-13 07:51:30 ----A---- C:\Windows\SYSWOW64\MCEWMDRMNDBootstrap.dll
2011-05-13 07:51:30 ----A---- C:\Windows\SYSWOW64\luainstall.dll
2011-05-13 07:51:30 ----A---- C:\Windows\system32\usercpl.dll
2011-05-13 07:51:30 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-05-13 07:51:30 ----A---- C:\Windows\system32\mapistub.dll
2011-05-13 07:51:30 ----A---- C:\Windows\system32\mapi32.dll
2011-05-13 07:51:29 ----A---- C:\Windows\system32\DiagCpl.dll
2011-05-13 07:51:23 ----A---- C:\Windows\SYSWOW64\defaultlocationcpl.dll
2011-05-13 07:51:23 ----A---- C:\Windows\system32\cscui.dll
2011-05-13 07:51:08 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2011-05-13 07:51:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2011-05-13 07:51:08 ----A---- C:\Windows\SYSWOW64\cca.dll
2011-05-13 07:51:08 ----A---- C:\Windows\SYSWOW64\cabinet.dll
2011-05-13 07:51:08 ----A---- C:\Windows\SYSWOW64\browseui.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\dwmcore.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\dsuiext.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\dskquoui.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\dpnaddr.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\dnscmmc.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\dfrgui.exe
2011-05-13 07:51:08 ----A---- C:\Windows\system32\ci.dll
2011-05-13 07:51:08 ----A---- C:\Windows\system32\C_ISCII.DLL
2011-05-13 07:51:07 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2011-05-13 07:51:07 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2011-05-13 07:51:07 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2011-05-13 07:51:07 ----A---- C:\Windows\SYSWOW64\bitsperf.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\gpprefcl.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\cscsvc.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\cscdll.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\cscapi.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\credssp.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\comctl32.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\browcli.dll
2011-05-13 07:51:07 ----A---- C:\Windows\system32\bitsadmin.exe
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\iasrecst.dll
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\gameux.dll
2011-05-13 07:51:05 ----A---- C:\Windows\SYSWOW64\fms.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\zipfldr.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\ifsutil.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\iertutil.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\iedkcs32.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\FXSTIFF.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\FXSAPI.dll
2011-05-13 07:51:05 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2011-05-13 07:51:04 ----A---- C:\Windows\SYSWOW64\EhStorAPI.dll
2011-05-13 07:51:04 ----A---- C:\Windows\system32\fixmapi.exe
2011-05-13 07:51:04 ----A---- C:\Windows\system32\findstr.exe
2011-05-13 07:51:04 ----A---- C:\Windows\system32\fdeploy.dll
2011-05-13 07:51:04 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-05-13 07:50:34 ----D---- C:\Windows\system32\EventProviders
2011-05-09 18:48:11 ----A---- C:\Windows\system32\ieframe.dll
2011-05-09 18:48:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-05-09 18:48:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-05-09 18:48:01 ----A---- C:\Windows\system32\wininet.dll
2011-05-09 18:48:01 ----A---- C:\Windows\system32\urlmon.dll
2011-05-09 18:48:01 ----A---- C:\Windows\system32\mshtml.dll
2011-05-09 18:48:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-05-09 18:48:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-05-09 18:47:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-05-09 18:47:59 ----A---- C:\Windows\system32\ieui.dll
2011-05-09 18:47:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-05-09 18:47:58 ----A---- C:\Windows\system32\jsproxy.dll
2011-05-09 18:43:24 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-05-09 18:43:23 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-05-09 18:43:23 ----A---- C:\Windows\system32\esent.dll
2011-05-09 18:43:23 ----A---- C:\Windows\system32\drivers\storport.sys
2011-05-09 18:43:23 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-05-09 18:43:23 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-05-09 18:43:23 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-05-09 18:43:22 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-05-09 18:43:22 ----A---- C:\Windows\system32\fsutil.exe
2011-05-09 18:43:22 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-05-09 18:43:22 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-05-09 18:43:22 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-05-09 18:43:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-05-09 18:43:19 ----A---- C:\Windows\system32\drivers\srv.sys
2011-05-09 18:43:18 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-05-09 18:42:49 ----A---- C:\Windows\system32\EncDec.dll
2011-05-09 18:42:48 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-05-09 18:42:48 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-05-09 18:42:48 ----A---- C:\Windows\system32\sbe.dll
2011-05-09 18:42:48 ----A---- C:\Windows\system32\CPFilters.dll
2011-05-09 18:42:47 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-05-09 18:42:40 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-09 18:42:39 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-05-09 18:42:29 ----A---- C:\Windows\system32\mfc42u.dll
2011-05-09 18:42:28 ----A---- C:\Windows\system32\mfc42.dll
2011-05-09 18:42:27 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-05-09 18:42:27 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-05-09 18:42:22 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-05-09 18:42:22 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-05-09 18:42:22 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-05-09 18:42:22 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-05-09 18:42:22 ----A---- C:\Windows\system32\dnsapi.dll
2011-05-09 18:42:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-05-09 18:42:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-05-09 18:42:21 ----A---- C:\Windows\system32\atmfd.dll
2011-05-09 18:42:20 ----A---- C:\Windows\system32\atmlib.dll
2011-05-09 18:42:15 ----A---- C:\Windows\system32\jscript.dll
2011-05-09 18:42:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-05-09 18:42:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-05-09 18:42:14 ----A---- C:\Windows\system32\vbscript.dll
2011-05-09 18:42:13 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-05-09 18:42:13 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-09 18:42:12 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-05-09 18:42:12 ----A---- C:\Windows\system32\inetcomm.dll
2011-05-09 18:42:12 ----A---- C:\Windows\system32\FntCache.dll
2011-05-09 18:42:12 ----A---- C:\Windows\system32\DWrite.dll
2011-05-09 18:42:11 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-05-09 18:42:11 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-05-09 18:42:11 ----A---- C:\Windows\system32\d2d1.dll
2011-05-09 18:41:47 ----A---- C:\Windows\explorer.exe
2011-05-09 18:41:46 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-05-09 18:41:43 ----A---- C:\Windows\system32\winresume.exe
2011-05-09 18:41:43 ----A---- C:\Windows\system32\winload.exe
2011-05-09 18:41:43 ----A---- C:\Windows\system32\kdusb.dll
2011-05-09 18:41:43 ----A---- C:\Windows\system32\kdcom.dll
2011-05-09 18:41:43 ----A---- C:\Windows\system32\kd1394.dll
2011-05-09 18:41:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-05-09 18:41:32 ----A---- C:\Windows\system32\win32k.sys
2011-05-09 18:41:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-05-09 18:41:31 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-05-09 18:41:31 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-05-09 18:41:31 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-05-09 18:41:30 ----A---- C:\Windows\system32\WFS.exe
2011-05-09 18:41:30 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-05-09 18:41:09 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-05-09 18:41:09 ----A---- C:\Windows\system32\prevhost.exe

======List of files/folders modified in the last 1 months======

2011-06-06 13:18:59 ----D---- C:\Windows\Temp
2011-06-06 13:18:52 ----RD---- C:\Program Files
2011-06-06 13:11:32 ----D---- C:\Windows\system32\config
2011-06-06 12:45:23 ----D---- C:\Windows\System32
2011-06-06 12:45:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-06 12:45:22 ----D---- C:\Windows\inf
2011-06-06 12:41:21 ----A---- C:\Windows\BRWMARK.INI
2011-06-06 12:41:21 ----A---- C:\Windows\BRPP2KA.INI
2011-06-06 12:40:27 ----D---- C:\Windows\SysWOW64
2011-06-06 12:40:27 ----D---- C:\temp
2011-06-06 12:31:57 ----HD---- C:\ProgramData
2011-06-03 17:57:59 ----D---- C:\Windows\winsxs
2011-06-03 17:48:41 ----D---- C:\Windows
2011-06-03 17:48:36 ----SHD---- C:\Windows\Installer
2011-06-03 17:48:12 ----RD---- C:\Program Files (x86)
2011-06-03 17:48:12 ----D---- C:\Windows\system32\drivers
2011-06-03 17:47:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-03 17:47:44 ----D---- C:\Windows\system32\Tasks
2011-06-03 17:47:43 ----D---- C:\Windows\Tasks
2011-06-03 17:31:17 ----D---- C:\Windows\SYSWOW64\drivers
2011-06-03 17:30:39 ----D---- C:\Program Files\Common Files
2011-06-03 17:30:39 ----D---- C:\Program Files (x86)\Common Files
2011-05-27 11:37:31 ----D---- C:\Windows\Minidump
2011-05-26 16:02:13 ----A---- C:\Windows\Library.ini
2011-05-19 19:44:51 ----D---- C:\Windows\rescache
2011-05-15 08:22:25 ----D---- C:\Windows\Microsoft.NET
2011-05-15 08:22:09 ----RSD---- C:\Windows\assembly
2011-05-15 08:18:22 ----D---- C:\Windows\Prefetch
2011-05-15 07:45:55 ----D---- C:\Windows\system32\DriverStore
2011-05-15 07:45:07 ----D---- C:\Windows\system32\drivers\UMDF
2011-05-15 07:43:13 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-05-15 07:43:13 ----D---- C:\Program Files (x86)\Windows Portable Devices
2011-05-15 07:43:13 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-05-15 07:43:13 ----D---- C:\Program Files (x86)\Windows Media Player
2011-05-15 07:43:13 ----D---- C:\Program Files (x86)\Windows Mail
2011-05-15 07:43:13 ----D---- C:\Program Files (x86)\Internet Explorer
2011-05-15 07:43:12 ----D---- C:\Program Files\Windows Sidebar
2011-05-15 07:43:12 ----D---- C:\Program Files\Windows Portable Devices
2011-05-15 07:43:12 ----D---- C:\Program Files\Windows Photo Viewer
2011-05-15 07:43:12 ----D---- C:\Program Files\Windows Media Player
2011-05-15 07:43:12 ----D---- C:\Program Files\Windows Mail
2011-05-15 07:43:12 ----D---- C:\Program Files\Windows Journal
2011-05-15 07:43:12 ----D---- C:\Program Files\Internet Explorer
2011-05-15 07:43:12 ----D---- C:\Program Files\DVD Maker
2011-05-15 07:43:10 ----D---- C:\Windows\servicing
2011-05-15 07:43:10 ----D---- C:\Windows\ehome
2011-05-15 07:43:10 ----D---- C:\Program Files\Windows Defender
2011-05-15 07:43:08 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2011-05-15 07:43:08 ----D---- C:\Windows\SYSWOW64\ko-KR
2011-05-15 07:43:08 ----D---- C:\Windows\SYSWOW64\da-DK
2011-05-15 07:43:07 ----D---- C:\Windows\SYSWOW64\en-US
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\zh-TW
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\zh-CN
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\wbem
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\tr-TR
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\th-TH
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\sv-SE
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\sppui
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\Setup
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\ru-RU
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\ro-RO
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\pt-PT
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\pl-PL
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\oobe
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\nl-NL
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\nb-NO
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\migwiz
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\migration
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\manifeststore
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\ja-JP
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\it-IT
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\hu-HU
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\he-IL
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\fr-FR
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\fi-FI
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\es-ES
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\en
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\el-GR
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\Dism
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\de-DE
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\ar-SA
2011-05-15 07:43:06 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2011-05-15 07:43:05 ----D---- C:\Windows\SYSWOW64\pt-BR
2011-05-15 07:42:59 ----D---- C:\Windows\system32\ko-KR
2011-05-15 07:42:59 ----D---- C:\Windows\system32\da-DK
2011-05-15 07:42:59 ----D---- C:\Windows\PolicyDefinitions
2011-05-15 07:42:58 ----D---- C:\Windows\system32\oobe
2011-05-15 07:42:58 ----D---- C:\Windows\system32\it-IT
2011-05-15 07:42:58 ----D---- C:\Windows\system32\en-US
2011-05-15 07:42:58 ----D---- C:\Windows\system32\el-GR
2011-05-15 07:42:58 ----D---- C:\Windows\system32\de-DE
2011-05-15 07:42:57 ----D---- C:\Windows\system32\zh-TW
2011-05-15 07:42:57 ----D---- C:\Windows\system32\zh-CN
2011-05-15 07:42:57 ----D---- C:\Windows\system32\sv-SE
2011-05-15 07:42:57 ----D---- C:\Windows\system32\sppui
2011-05-15 07:42:57 ----D---- C:\Windows\system32\Setup
2011-05-15 07:42:57 ----D---- C:\Windows\system32\ru-RU
2011-05-15 07:42:57 ----D---- C:\Windows\system32\pt-PT
2011-05-15 07:42:57 ----D---- C:\Windows\system32\pl-PL
2011-05-15 07:42:57 ----D---- C:\Windows\system32\migration
2011-05-15 07:42:57 ----D---- C:\Windows\system32\manifeststore
2011-05-15 07:42:57 ----D---- C:\Windows\system32\ja-JP
2011-05-15 07:42:57 ----D---- C:\Windows\system32\hu-HU
2011-05-15 07:42:57 ----D---- C:\Windows\system32\he-IL
2011-05-15 07:42:57 ----D---- C:\Windows\system32\fr-FR
2011-05-15 07:42:57 ----D---- C:\Windows\system32\fi-FI
2011-05-15 07:42:57 ----D---- C:\Windows\system32\es-ES
2011-05-15 07:42:57 ----D---- C:\Windows\system32\cs-CZ
2011-05-15 07:42:57 ----D---- C:\Windows\system32\AdvancedInstallers
2011-05-15 07:42:56 ----D---- C:\Windows\system32\th-TH
2011-05-15 07:42:56 ----D---- C:\Windows\system32\ro-RO
2011-05-15 07:42:56 ----D---- C:\Windows\system32\drivers\pt-PT
2011-05-15 07:42:56 ----D---- C:\Windows\system32\drivers\pt-BR
2011-05-15 07:42:56 ----D---- C:\Windows\system32\drivers\pl-PL
2011-05-15 07:42:56 ----D---- C:\Windows\system32\drivers\it-IT
2011-05-15 07:42:56 ----D---- C:\Windows\system32\drivers\he-IL
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\zh-TW
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\zh-CN
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\tr-TR
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\th-TH
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\sv-SE
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\ru-RU
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\ro-RO
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\nl-NL
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\nb-NO
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\ko-KR
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\ja-JP
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\hu-HU
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\fr-FR
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\fi-FI
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\es-ES
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\en-US
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\el-GR
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\de-DE
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\da-DK
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-05-15 07:42:55 ----D---- C:\Windows\system32\drivers\ar-SA
2011-05-15 07:42:54 ----D---- C:\Windows\system32\wbem
2011-05-15 07:42:54 ----D---- C:\Windows\system32\tr-TR
2011-05-15 07:42:54 ----D---- C:\Windows\system32\pt-BR
2011-05-15 07:42:54 ----D---- C:\Windows\system32\nl-NL
2011-05-15 07:42:54 ----D---- C:\Windows\system32\nb-NO
2011-05-15 07:42:54 ----D---- C:\Windows\system32\migwiz
2011-05-15 07:42:54 ----D---- C:\Windows\system32\Dism
2011-05-15 07:42:54 ----D---- C:\Windows\system32\ar-SA
2011-05-15 07:42:48 ----RSD---- C:\Windows\Fonts
2011-05-15 07:42:48 ----D---- C:\Windows\AppPatch
2011-05-15 07:42:44 ----D---- C:\Windows\system32\Boot
2011-05-15 07:04:53 ----D---- C:\Windows\system32\catroot
2011-05-13 08:14:44 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2011-05-13 08:14:43 ----A---- C:\Windows\system32\msclmd.dll
2011-05-13 08:11:14 ----D---- C:\Windows\system32\catroot2
2011-05-10 06:22:09 ----D---- C:\ProgramData\Microsoft Help
2011-05-10 06:20:34 ----D---- C:\Program Files (x86)\Microsoft Office Communicator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 32240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-05-10 481912]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [2011-05-03 453240]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [2011-05-03 32376]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2009-11-03 38440]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-06-03 136824]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-27 151936]
R3 NAVENG;NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20110605.002\ENG64.SYS [2011-06-03 117880]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20110605.002\EX64.SYS [2011-06-03 2011768]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-10 505856]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-06-03 173616]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-11 301104]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-06-19 319488]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUSB.sys [2010-11-20 41984]
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys [2009-05-11 102400]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [2011-05-03 482424]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64; C:\Windows\system32\DRIVERS\vpnva64.sys [2010-05-06 22752]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-18 868128]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2011-05-03 108456]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2011-05-03 108456]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2009-12-17 1039776]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2009-12-17 31136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\SysWOW64\lkcitdl.exe [2007-10-23 695136]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\SysWOW64\lkads.exe [2008-11-11 40496]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2008-11-11 50736]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$UTSSQLEXPRESS;SQL Server (UTSSQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2008-11-11 213552]
R2 niSvcLoc;NI Service Locator; C:\Windows\SysWOW64\nisvcloc.exe [2007-11-06 8656]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R2 SmcService;Symantec Management Client; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [2011-05-03 3250416]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 156016]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [2010-03-10 244736]
R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2011-05-03 1839888]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2009-12-07 1793976]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-05-06 583360]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 omupdsrv;Microsoft Online Management Updates Service; C:\Program Files\Microsoft\OnlineManagement\Common\omsvchost.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2011-01-19 3093944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-04 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NILM License Manager;NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2008-11-18 1007616]
S4 SNAC;Symantec Network Access Control; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [2011-05-03 428960]

-----------------EOF-----------------

Combofix:
ComboFix 11-06-05.06 - donknutson 06/06/2011 13:35:35.2.4 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.8180.5901 [GMT 2:00]
Running from: c:\users\donknutson\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Symantec Endpoint Protection *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\users\donknutson\AppData\Local\eye.exe
c:\users\donknutson\AppData\Local\rch.exe
c:\windows\system32\favicon.ico
.
.
((((((((((((((((((((((((( Files Created from 2011-05-06 to 2011-06-06 )))))))))))))))))))))))))))))))
.
.
2011-06-06 11:37 . 2011-06-06 11:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-06 11:37 . 2011-06-06 11:37 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-06-06 11:18 . 2011-06-06 11:19 -------- d-----w- c:\program files\trend micro
2011-06-06 11:18 . 2011-06-06 11:19 -------- d-----w- C:\rsit
2011-06-03 15:32 . 2011-06-03 15:32 -------- d-----w- c:\users\donknutson\AppData\Local\Symantec
2011-06-03 15:31 . 2011-06-03 15:31 173616 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-06-03 15:31 . 2011-06-03 15:31 -------- d-----w- c:\program files\Symantec
2011-06-03 15:30 . 2007-03-21 18:39 1060864 ----a-w- c:\windows\SysWow64\MFC71.DLL
2011-06-03 15:30 . 2007-03-21 18:33 503808 ----a-w- c:\windows\SysWow64\MSVCP71.DLL
2011-06-03 15:30 . 2007-03-21 18:33 348160 ----a-w- c:\windows\SysWow64\MSVCR71.DLL
2011-06-03 15:30 . 2011-06-03 15:32 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-06-03 15:30 . 2011-06-03 15:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-06-03 15:30 . 2011-06-03 15:30 -------- d-----w- c:\program files (x86)\Symantec
2011-05-13 06:22 . 2011-05-13 06:22 -------- d-----w- c:\windows\system32\SPReview
2011-05-13 06:05 . 2010-11-20 04:33 3072 ----a-w- c:\windows\system32\drivers\ko-KR\vpchbus.sys.mui
2011-05-13 06:03 . 2010-11-20 03:41 14336 ----a-w- c:\windows\system32\drivers\hu-HU\vpcvmm.sys.mui
2011-05-13 06:01 . 2010-11-20 03:46 3584 ----a-w- c:\windows\system32\drivers\ru-RU\vpchbus.sys.mui
2011-05-13 05:59 . 2010-11-20 03:49 14336 ----a-w- c:\windows\system32\drivers\th-TH\vpcvmm.sys.mui
2011-05-13 05:57 . 2010-11-20 03:32 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\vpchbus.sys.mui
2011-05-13 05:57 . 2010-11-20 03:31 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcuxd.sys.mui
2011-05-13 05:57 . 2010-11-20 03:31 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcnfltr.sys.mui
2011-05-13 05:57 . 2010-11-20 03:31 14336 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcvmm.sys.mui
2011-05-13 05:57 . 2010-11-20 03:26 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcusb.sys.mui
2011-05-13 05:55 . 2010-11-20 03:27 211456 ----a-w- c:\windows\system32\mprddm.dll
2011-05-13 05:54 . 2010-11-20 03:27 222720 ----a-w- c:\windows\system32\wwanconn.dll
2011-05-13 05:53 . 2010-11-20 03:44 133632 ----a-w- c:\windows\system32\NAPHLPR.DLL
2011-05-13 05:52 . 2010-11-20 03:27 2314752 ----a-w- c:\windows\system32\tquery.dll
2011-05-13 05:51 . 2010-11-20 03:27 758784 ----a-w- c:\windows\system32\samsrv.dll
2011-05-13 05:50 . 2011-05-13 05:50 -------- d-----w- c:\windows\system32\EventProviders
2011-05-09 16:48 . 2011-03-07 06:31 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-05-09 16:48 . 2011-03-07 05:33 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-09 16:47 . 2011-03-07 06:28 451072 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2011-05-09 16:47 . 2011-03-07 05:31 163328 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2011-05-09 16:47 . 2011-03-07 03:52 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-09 16:47 . 2011-03-07 04:24 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-09 16:42 . 2010-12-23 10:42 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-05-09 16:41 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-13 06:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-13 06:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-05-03 18:00 . 2011-05-03 18:00 89600 ----a-w- c:\windows\SysWow64\atl71.dll
2011-05-03 18:00 . 2011-05-03 18:00 87456 ----a-w- c:\windows\SysWow64\FwsVpn.dll
2011-05-03 18:00 . 2011-05-03 18:00 20384 ----a-w- c:\windows\system32\SnacNp.dll
2011-05-03 18:00 . 2011-05-03 18:00 18336 ----a-w- c:\windows\SysWow64\SnacNp.dll
2011-05-03 18:00 . 2011-05-03 18:00 137632 ----a-w- c:\windows\SysWow64\SymVPN.dll
2011-05-03 18:00 . 2011-05-03 18:00 137632 ----a-w- c:\windows\system32\SymVPN.dll
2011-05-03 18:00 . 2011-05-03 18:00 482424 ----a-w- c:\windows\SysWow64\drivers\srtspl64.sys
2011-05-03 18:00 . 2011-05-03 18:00 482424 ----a-w- c:\windows\system32\drivers\srtspl64.sys
2011-05-03 18:00 . 2011-05-03 18:00 453240 ----a-w- c:\windows\SysWow64\drivers\srtsp64.sys
2011-05-03 18:00 . 2011-05-03 18:00 453240 ----a-w- c:\windows\system32\drivers\srtsp64.sys
2011-05-03 18:00 . 2011-05-03 18:00 32376 ----a-w- c:\windows\SysWow64\drivers\srtspx64.sys
2011-05-03 18:00 . 2011-05-03 18:00 32376 ----a-w- c:\windows\system32\drivers\srtspx64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Communicator"="c:\program files (x86)\Microsoft Office Communicator\communicator.exe" [2011-03-07 5150560]
"DataFinder"="c:\program files (x86)\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe" [2009-06-01 3103264]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2011-05-03 115624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Microsoft Security Client"="c:\program files\Microsoft Security Client\msseces.exe" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-18 1080096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"enableinstallerdetection"= 0 (0x0)
"enablelua"= 0 (0x0)
"enablesecureuiapaths"= 0 (0x0)
"enableuiadesktoptoggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\0\0]
"Script"=\\diicorp.com\SysVol\diicorp.com\scripts\Messaging\dii-outlook-spell-check.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\0\1]
"Script"=\\diicorp.com\sysvol\diicorp.com\scripts\Messaging\autodiscover-hosts.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\0\2]
"Script"=\\diicorp.com\sysvol\diicorp.com\scripts\Messaging\comm-update.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\1\0]
"Script"=ad-tagger.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\2\0]
"Script"=addgroups.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\3\0]
"Script"=common-logon.vbs
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 omupdsrv;Microsoft Online Management Updates Service;c:\program files\Microsoft\OnlineManagement\Common\omsvchost.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2009-12-17 1039776]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2009-12-17 31136]
S2 MSSQL$UTSSQLEXPRESS;SQL Server (UTSSQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
S2 uvnc_service;uvnc_service;c:\program files\UltraVNC\WinVNC.exe [2009-12-07 1793976]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-05-06 583360]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-06-03 136824]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ERASERUTILREBOOTDRV
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1274732764-53309532-4069937376-1633Core.job
- c:\users\donknutson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 05:53]
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1274732764-53309532-4069937376-1633UA.job
- c:\users\donknutson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 05:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-10 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1875048]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-07-09 282728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://be450.diicorp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.52.32.10 10.52.16.10
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn2.diicorp.com/CACHE/stc/1/binaries/vpnweb.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-06-06 13:39:20
ComboFix-quarantined-files.txt 2011-06-06 11:39
.
Pre-Run: 94,861,180,928 bytes free
Post-Run: 94,808,489,984 bytes free
.
- - End Of File - - 39E55EED2FFEE81C3E01D86FA14278B6

Děkuji. Michal

Re: Vir Win 7 Home Security

Napsal: 06 čer 2011 15:33
od Roli
Zdravím, pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock:: 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Re: Vir Win 7 Home Security

Napsal: 07 čer 2011 07:54
od mike771
Dekuji. Zde je log:


ComboFix 11-06-06.03 - donknutson 06/07/2011 8:31.5.4 - x64
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.8180.6470 [GMT 2:00]
Running from: c:\users\donknutson\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Symantec Endpoint Protection *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-05-07 to 2011-06-07 )))))))))))))))))))))))))))))))
.
.
2011-06-07 06:34 . 2011-06-07 06:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-07 06:34 . 2011-06-07 06:34 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-06-06 11:18 . 2011-06-06 11:19 -------- d-----w- c:\program files\trend micro
2011-06-06 11:18 . 2011-06-06 11:19 -------- d-----w- C:\rsit
2011-06-03 15:32 . 2011-06-03 15:32 -------- d-----w- c:\users\donknutson\AppData\Local\Symantec
2011-06-03 15:31 . 2011-06-03 15:31 173616 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-06-03 15:31 . 2011-06-03 15:31 -------- d-----w- c:\program files\Symantec
2011-06-03 15:30 . 2007-03-21 18:39 1060864 ----a-w- c:\windows\SysWow64\MFC71.DLL
2011-06-03 15:30 . 2007-03-21 18:33 503808 ----a-w- c:\windows\SysWow64\MSVCP71.DLL
2011-06-03 15:30 . 2007-03-21 18:33 348160 ----a-w- c:\windows\SysWow64\MSVCR71.DLL
2011-06-03 15:30 . 2011-06-03 15:32 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-06-03 15:30 . 2011-06-03 15:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-06-03 15:30 . 2011-06-03 15:30 -------- d-----w- c:\program files (x86)\Symantec
2011-05-13 06:22 . 2011-05-13 06:22 -------- d-----w- c:\windows\system32\SPReview
2011-05-13 06:05 . 2010-11-20 04:33 3072 ----a-w- c:\windows\system32\drivers\ko-KR\vpchbus.sys.mui
2011-05-13 06:03 . 2010-11-20 03:41 14336 ----a-w- c:\windows\system32\drivers\hu-HU\vpcvmm.sys.mui
2011-05-13 06:01 . 2010-11-20 03:46 3584 ----a-w- c:\windows\system32\drivers\ru-RU\vpchbus.sys.mui
2011-05-13 05:59 . 2010-11-20 03:49 14336 ----a-w- c:\windows\system32\drivers\th-TH\vpcvmm.sys.mui
2011-05-13 05:57 . 2010-11-20 03:32 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\vpchbus.sys.mui
2011-05-13 05:57 . 2010-11-20 03:31 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcuxd.sys.mui
2011-05-13 05:57 . 2010-11-20 03:31 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcnfltr.sys.mui
2011-05-13 05:57 . 2010-11-20 03:31 14336 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcvmm.sys.mui
2011-05-13 05:57 . 2010-11-20 03:26 2048 ----a-w- c:\windows\system32\drivers\cs-CZ\vpcusb.sys.mui
2011-05-13 05:55 . 2010-11-20 03:27 211456 ----a-w- c:\windows\system32\mprddm.dll
2011-05-13 05:54 . 2010-11-20 03:27 222720 ----a-w- c:\windows\system32\wwanconn.dll
2011-05-13 05:53 . 2010-11-20 03:44 133632 ----a-w- c:\windows\system32\NAPHLPR.DLL
2011-05-13 05:52 . 2010-11-20 03:27 2314752 ----a-w- c:\windows\system32\tquery.dll
2011-05-13 05:51 . 2010-11-20 03:27 758784 ----a-w- c:\windows\system32\samsrv.dll
2011-05-13 05:50 . 2011-05-13 05:50 -------- d-----w- c:\windows\system32\EventProviders
2011-05-09 16:48 . 2011-03-07 06:31 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-05-09 16:48 . 2011-03-07 05:33 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-09 16:47 . 2011-03-07 06:28 451072 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2011-05-09 16:47 . 2011-03-07 05:31 163328 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2011-05-09 16:47 . 2011-03-07 03:52 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-09 16:47 . 2011-03-07 04:24 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-09 16:42 . 2010-12-23 10:42 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-05-09 16:41 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-13 06:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-13 06:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-05-03 18:00 . 2011-05-03 18:00 89600 ----a-w- c:\windows\SysWow64\atl71.dll
2011-05-03 18:00 . 2011-05-03 18:00 87456 ----a-w- c:\windows\SysWow64\FwsVpn.dll
2011-05-03 18:00 . 2011-05-03 18:00 20384 ----a-w- c:\windows\system32\SnacNp.dll
2011-05-03 18:00 . 2011-05-03 18:00 18336 ----a-w- c:\windows\SysWow64\SnacNp.dll
2011-05-03 18:00 . 2011-05-03 18:00 137632 ----a-w- c:\windows\SysWow64\SymVPN.dll
2011-05-03 18:00 . 2011-05-03 18:00 137632 ----a-w- c:\windows\system32\SymVPN.dll
2011-05-03 18:00 . 2011-05-03 18:00 482424 ----a-w- c:\windows\SysWow64\drivers\srtspl64.sys
2011-05-03 18:00 . 2011-05-03 18:00 482424 ----a-w- c:\windows\system32\drivers\srtspl64.sys
2011-05-03 18:00 . 2011-05-03 18:00 453240 ----a-w- c:\windows\SysWow64\drivers\srtsp64.sys
2011-05-03 18:00 . 2011-05-03 18:00 453240 ----a-w- c:\windows\system32\drivers\srtsp64.sys
2011-05-03 18:00 . 2011-05-03 18:00 32376 ----a-w- c:\windows\SysWow64\drivers\srtspx64.sys
2011-05-03 18:00 . 2011-05-03 18:00 32376 ----a-w- c:\windows\system32\drivers\srtspx64.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-06_11.31.53 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-06-06 10:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-07 06:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-06 10:40 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-07 06:28 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-06 10:40 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-07 06:28 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-06-07 06:30 33700 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-06-07 12:50 . 2011-06-07 06:29 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-06-07 12:50 . 2011-06-06 11:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-06-07 12:50 . 2011-06-07 06:29 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-06-07 12:50 . 2011-06-06 11:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-06 11:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-07 06:29 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-06-07 06:12 83232 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-07-21 11:05 . 2011-06-06 11:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-21 11:05 . 2011-06-07 06:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-21 11:05 . 2011-06-07 06:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-21 11:05 . 2011-06-06 11:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-14 19:15 . 2011-06-07 06:30 4976 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1274732764-53309532-4069937376-1633_UserData.bin
+ 2011-06-07 06:28 . 2011-06-07 06:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-06 10:40 . 2011-06-06 10:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-06 10:40 . 2011-06-06 10:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-07 06:28 . 2011-06-07 06:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-06-08 15:51 . 2011-06-07 01:32 252684 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-06-06 11:21 719896 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-06-07 06:33 719896 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-06-06 11:21 144110 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-06-07 06:33 144110 c:\windows\system32\perfc009.dat
- 2009-07-14 05:12 . 2011-06-06 10:47 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-06-07 06:29 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-06-07 06:27 390344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-06-06 10:39 390344 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Communicator"="c:\program files (x86)\Microsoft Office Communicator\communicator.exe" [2011-03-07 5150560]
"DataFinder"="c:\program files (x86)\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe" [2009-06-01 3103264]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2011-05-03 115624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Microsoft Security Client"="c:\program files\Microsoft Security Client\msseces.exe" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-18 1080096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"enableinstallerdetection"= 0 (0x0)
"enablelua"= 0 (0x0)
"enablesecureuiapaths"= 0 (0x0)
"enableuiadesktoptoggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\0\0]
"Script"=\\diicorp.com\SysVol\diicorp.com\scripts\Messaging\dii-outlook-spell-check.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\0\1]
"Script"=\\diicorp.com\sysvol\diicorp.com\scripts\Messaging\autodiscover-hosts.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\0\2]
"Script"=\\diicorp.com\sysvol\diicorp.com\scripts\Messaging\comm-update.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\1\0]
"Script"=ad-tagger.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\2\0]
"Script"=addgroups.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1274732764-53309532-4069937376-1633\Scripts\Logon\3\0]
"Script"=common-logon.vbs
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 omupdsrv;Microsoft Online Management Updates Service;c:\program files\Microsoft\OnlineManagement\Common\omsvchost.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2009-12-17 1039776]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2009-12-17 31136]
S2 MSSQL$UTSSQLEXPRESS;SQL Server (UTSSQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
S2 uvnc_service;uvnc_service;c:\program files\UltraVNC\WinVNC.exe [2009-12-07 1793976]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-05-06 583360]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-06-03 136824]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1274732764-53309532-4069937376-1633Core.job
- c:\users\donknutson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 05:53]
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1274732764-53309532-4069937376-1633UA.job
- c:\users\donknutson\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-16 05:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-10 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1875048]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-07-09 282728]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://be450.diicorp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.52.32.10 10.52.16.10
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn2.diicorp.com/CACHE/stc/1/binaries/vpnweb.cab
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-HijackThis - e:\other\HijackThis.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2011-06-07 08:35:53
ComboFix-quarantined-files.txt 2011-06-07 06:35
ComboFix2.txt 2011-06-06 11:39
.
Pre-Run: 94,858,207,232 bytes free
Post-Run: 94,801,473,536 bytes free
.
- - End Of File - - 6771B07BE353EDD3E52F3479ECB227DC

Dekuji Michal

Re: Vir Win 7 Home Security

Napsal: 07 čer 2011 15:04
od Roli
Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Pak dej vědět jaký je stav PC.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz