VIRY.CZ

Dobrý den,

CCleanerem jsem zjisti, že se při staru spouští i následující:
RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

Nevím co to je. Asi nic radostného,

Jak mám poslat log z RSITu, když má více znaku, než pobere zpráva a příloha s .txt není povolena?

Děkuji

No člověk musí umět číst
Takže log půlím a posílám 1.díl:

Logfile of random's system information tool 1.09 (written by random/random)
Run by hagrid at 2012-01-11 19:23:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 27 GB (54%) free of 50 GB
Total RAM: 2046 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:40, on 11.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\ASUS Bluetooth Suite\BtvStack.exe
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFDE.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\doma\Desktop\RSIT.exe
C:\Program Files\trend micro\hagrid.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AtherosBtStack] C:\Program Files\ASUS Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [ChangeFilterMerit] C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
O4 - HKLM\..\Run: [Presto! PVR Monitor] C:\Program Files\NewSoft\Presto! PVR\Monitor.exe
O4 - HKLM\..\RunOnce: [iessetup] C:\Windows\system32\rundll32.exe "C:\Program Files\Internet Explorer\iessetup.dll",LaunchProcessInputFiles
O4 - HKLM\..\RunOnce: [wmssetup] C:\Windows\system32\rundll32.exe "C:\Program Files\Windows Media Player\wmssetup.dll",LaunchProcessInputFiles
O4 - HKLM\..\RunOnce: [ehssetup] C:\Windows\system32\rundll32.exe "C:\Windows\ehome\ehssetup.dll",LaunchProcessInputFiles
O4 - HKLM\..\RunOnce: [MSPCLOCK] rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
O4 - HKLM\..\RunOnce: [MSPQM] rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
O4 - HKLM\..\RunOnce: [MSKSSRV] rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
O4 - HKLM\..\RunOnce: [MSTEE.CxTransform] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
O4 - HKLM\..\RunOnce: [MSTEE.Splitter] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
O4 - HKLM\..\RunOnce: [WDM_DRMKAUD] rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
O4 - HKCU\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1787063790-2248001238-3445117089-1003\..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Windows\TEMP\E_S6B9E.tmp" /EF "HKCU" (User 'doma')
O4 - HKUS\S-1-5-21-1787063790-2248001238-3445117089-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1787063790-2248001238-3445117089-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

--
End of file - 6092 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"AtherosBtStack"=C:\Program Files\ASUS Bluetooth Suite\BtvStack.exe [2009-10-28 307200]
"ChangeFilterMerit"=C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
"Presto! PVR Monitor"=C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2008-08-08 153424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"iessetup"=C:\Program Files\Internet Explorer\iessetup.dll [2009-07-14 16384]
"wmssetup"=C:\Program Files\Windows Media Player\wmssetup.dll [2009-07-14 16384]
"ehssetup"=C:\Windows\ehome\ehssetup.dll [2009-07-14 16384]
"MSPCLOCK"=streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} []
"MSPQM"=streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} []
"MSKSSRV"=streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} []
"MSTEE.CxTransform"=streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install []
"MSTEE.Splitter"=streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install []
"WDM_DRMKAUD"=streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"=C:\Windows\System32\SPReview\SPReview.exe [2011-12-26 280576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
C:\Windows\system32\browserchoice.exe [2010-02-11 293376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-11 19:23:33 ----D---- C:\Program Files\trend micro
2012-01-10 19:25:44 ----A---- C:\Windows\system32\webio.dll
2012-01-10 19:25:44 ----A---- C:\Windows\system32\sspicli.dll
2012-01-10 19:25:44 ----A---- C:\Windows\system32\schannel.dll
2012-01-10 19:25:44 ----A---- C:\Windows\system32\lsass.exe
2012-01-10 19:25:44 ----A---- C:\Windows\system32\lsasrv.dll
2012-01-10 19:25:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-10 19:25:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-01-10 19:25:44 ----A---- C:\Windows\system32\drivers\cng.sys
2012-01-10 19:25:43 ----A---- C:\Windows\system32\sspisrv.dll
2012-01-10 19:25:43 ----A---- C:\Windows\system32\secur32.dll
2012-01-10 19:20:16 ----A---- C:\Windows\system32\packager.dll
2012-01-10 19:20:16 ----A---- C:\Windows\system32\ntdll.dll
2012-01-10 19:20:15 ----A---- C:\Windows\system32\quartz.dll
2012-01-10 19:20:15 ----A---- C:\Windows\system32\qdvd.dll
2012-01-07 16:40:12 ----D---- C:\Program Files\Microsoft Works
2012-01-04 20:29:21 ----D---- C:\Program Files\Common Files\NewSoft
2012-01-04 20:29:19 ----D---- C:\Program Files\NewSoft
2011-12-28 19:40:34 ----D---- C:\Program Files\WinRAR
2011-12-28 18:20:29 ----D---- C:\Users\hagrid\AppData\Roaming\Media Player Classic
2011-12-28 17:52:45 ----D---- C:\Program Files\Media Player Classic - Home Cinema
2011-12-28 17:42:25 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-12-28 17:42:24 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-12-28 17:42:23 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-12-28 17:42:23 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-12-28 17:42:23 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-12-28 17:42:23 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-12-28 17:42:23 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-12-28 17:42:21 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-12-28 17:42:20 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-12-28 17:42:20 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-12-28 17:42:20 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-12-28 17:42:19 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-12-28 17:42:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-12-28 17:42:19 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-12-28 17:42:19 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-12-28 17:42:19 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-12-28 17:42:18 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-12-28 17:42:17 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-12-28 17:42:17 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-12-28 17:42:17 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-12-28 17:42:17 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-12-28 17:42:17 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-12-28 17:42:17 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-12-28 17:42:16 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-12-28 17:42:15 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-12-28 17:42:14 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-12-28 17:42:14 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-12-28 17:42:14 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-12-28 17:42:14 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-12-28 17:42:14 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-12-28 17:42:14 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\xinput1_3.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-12-28 17:42:13 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\d3dx10.dll
2011-12-28 17:42:12 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-12-28 17:42:11 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-12-28 17:42:11 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-12-28 17:42:11 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-12-28 17:42:10 ----A---- C:\Windows\system32\xinput1_2.dll
2011-12-28 17:42:10 ----A---- C:\Windows\system32\xinput1_1.dll
2011-12-28 17:42:10 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-12-28 17:42:10 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-12-28 17:42:10 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-12-28 17:42:09 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-12-28 17:42:07 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-12-28 17:42:06 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-12-28 17:42:06 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-12-28 17:42:06 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-12-28 17:42:06 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-12-28 17:42:05 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-12-28 17:42:05 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-12-28 17:42:05 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-12-28 17:42:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-12-28 17:41:08 ----D---- C:\Windows\system32\directx
2011-12-26 20:38:17 ----D---- C:\Windows\system32\SPReview
2011-12-26 20:37:42 ----D---- C:\Windows\system32\EventProviders
2011-12-26 20:31:46 ----A---- C:\Windows\system32\dfshim.dll
2011-12-26 20:31:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-12-26 20:31:42 ----A---- C:\Windows\system32\mstscax.dll
2011-12-26 20:31:42 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-12-26 20:31:39 ----A---- C:\Windows\system32\mfc40u.dll
2011-12-26 20:31:39 ----A---- C:\Windows\system32\mfc40.dll
2011-12-26 20:31:39 ----A---- C:\Windows\system32\d3d10warp.dll
2011-12-26 20:31:37 ----A---- C:\Windows\system32\XpsPrint.dll
2011-12-26 20:31:37 ----A---- C:\Windows\system32\sysmain.dll
2011-12-26 20:31:37 ----A---- C:\Windows\system32\d2d1.dll
2011-12-26 20:31:36 ----A---- C:\Windows\system32\shell32.dll
2011-12-26 20:31:36 ----A---- C:\Windows\system32\secproc_isv.dll
2011-12-26 20:31:35 ----A---- C:\Windows\system32\secproc.dll
2011-12-26 20:31:35 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-12-26 20:31:34 ----A---- C:\Windows\system32\RMActivate.exe
2011-12-26 20:31:32 ----A---- C:\Windows\system32\spwizui.dll
2011-12-26 20:31:32 ----A---- C:\Windows\system32\mscoree.dll
2011-12-26 20:31:31 ----A---- C:\Windows\system32\mf.dll
2011-12-26 20:31:31 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-12-26 20:31:30 ----A---- C:\Windows\system32\mssrch.dll
2011-12-26 20:31:30 ----A---- C:\Windows\system32\CertEnroll.dll
2011-12-26 20:31:29 ----A---- C:\Windows\system32\wmp.dll
2011-12-26 20:31:29 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-12-26 20:31:29 ----A---- C:\Windows\system32\PresentationHost.exe
2011-12-26 20:31:29 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-12-26 20:31:28 ----A---- C:\Windows\system32\esent.dll
2011-12-26 20:31:28 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2011-12-26 20:31:27 ----A---- C:\Windows\system32\tquery.dll
2011-12-26 20:31:27 ----A---- C:\Windows\system32\schedsvc.dll
2011-12-26 20:31:26 ----A---- C:\Windows\system32\RacEngn.dll
2011-12-26 20:31:24 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-12-26 20:31:23 ----A---- C:\Windows\system32\rdpdd.dll
2011-12-26 20:31:22 ----A---- C:\Windows\system32\qmgr.dll
2011-12-26 20:31:22 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-12-26 20:31:21 ----A---- C:\Windows\system32\wevtsvc.dll
2011-12-26 20:31:21 ----A---- C:\Windows\system32\ole32.dll
2011-12-26 20:31:20 ----A---- C:\Windows\system32\vssapi.dll
2011-12-26 20:31:20 ----A---- C:\Windows\system32\SearchFolder.dll
2011-12-26 20:31:19 ----A---- C:\Windows\system32\DWrite.dll
2011-12-26 20:31:19 ----A---- C:\Windows\system32\d3d9.dll
2011-12-26 20:31:19 ----A---- C:\Windows\explorer.exe
2011-12-26 20:31:18 ----A---- C:\Windows\system32\taskschd.dll
2011-12-26 20:31:18 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-12-26 20:31:17 ----A---- C:\Windows\system32\spreview.exe
2011-12-26 20:31:17 ----A---- C:\Windows\system32\spinstall.exe
2011-12-26 20:31:17 ----A---- C:\Windows\system32\mstsc.exe
2011-12-26 20:31:17 ----A---- C:\Windows\system32\FntCache.dll
2011-12-26 20:31:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-12-26 20:31:17 ----A---- C:\Windows\system32\crypt32.dll
2011-12-26 20:31:16 ----A---- C:\Windows\system32\wer.dll
2011-12-26 20:31:16 ----A---- C:\Windows\system32\termsrv.dll
2011-12-26 20:31:16 ----A---- C:\Windows\system32\rpcrt4.dll
2011-12-26 20:31:16 ----A---- C:\Windows\system32\certcli.dll
2011-12-26 20:31:15 ----A---- C:\Windows\system32\odbc32.dll
2011-12-26 20:31:15 ----A---- C:\Windows\system32\msxml6.dll
2011-12-26 20:31:15 ----A---- C:\Windows\system32\gpsvc.dll
2011-12-26 20:31:15 ----A---- C:\Windows\system32\dwmcore.dll
2011-12-26 20:31:14 ----A---- C:\Windows\system32\wbengine.exe
2011-12-26 20:31:14 ----A---- C:\Windows\system32\scavengeui.dll
2011-12-26 20:31:14 ----A---- C:\Windows\system32\mstime.dll
2011-12-26 20:31:14 ----A---- C:\Windows\system32\MPSSVC.dll
2011-12-26 20:31:14 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-12-26 20:31:14 ----A---- C:\Windows\system32\diagperf.dll
2011-12-26 20:31:13 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-12-26 20:31:13 ----A---- C:\Windows\system32\WinSAT.exe
2011-12-26 20:31:13 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-12-26 20:31:13 ----A---- C:\Windows\system32\tsmf.dll
2011-12-26 20:31:13 ----A---- C:\Windows\system32\dot3api.dll
2011-12-26 20:31:12 ----A---- C:\Windows\system32\winhttp.dll
2011-12-26 20:31:12 ----A---- C:\Windows\system32\setupapi.dll
2011-12-26 20:31:12 ----A---- C:\Windows\system32\localspl.dll
2011-12-26 20:31:12 ----A---- C:\Windows\system32\iedkcs32.dll
2011-12-26 20:31:12 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-12-26 20:31:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-12-26 20:31:11 ----A---- C:\Windows\system32\dbgeng.dll
2011-12-26 20:31:11 ----A---- C:\Windows\system32\apphelp.dll
2011-12-26 20:31:10 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-12-26 20:31:10 ----A---- C:\Windows\system32\VSSVC.exe
2011-12-26 20:31:10 ----A---- C:\Windows\system32\netlogon.dll
2011-12-26 20:31:10 ----A---- C:\Windows\system32\netcfgx.dll
2011-12-26 20:31:10 ----A---- C:\Windows\system32\d3d11.dll
2011-12-26 20:31:09 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-12-26 20:31:09 ----A---- C:\Windows\system32\winlogon.exe
2011-12-26 20:31:09 ----A---- C:\Windows\system32\user32.dll
2011-12-26 20:31:09 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-12-26 20:31:08 ----A---- C:\Windows\system32\WsmSvc.dll
2011-12-26 20:31:08 ----A---- C:\Windows\system32\upnp.dll
2011-12-26 20:31:08 ----A---- C:\Windows\system32\Query.dll
2011-12-26 20:31:08 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-12-26 20:31:08 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-12-26 20:31:08 ----A---- C:\Windows\system32\advapi32.dll
2011-12-26 20:31:07 ----A---- C:\Windows\system32\netfxperf.dll
2011-12-26 20:31:07 ----A---- C:\Windows\system32\msv1_0.dll
2011-12-26 20:31:07 ----A---- C:\Windows\system32\msdrm.dll
2011-12-26 20:31:07 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-12-26 20:31:07 ----A---- C:\Windows\system32\lsm.exe
2011-12-26 20:31:07 ----A---- C:\Windows\system32\imapi2fs.dll
2011-12-26 20:31:06 ----A---- C:\Windows\system32\sppobjs.dll
2011-12-26 20:31:06 ----A---- C:\Windows\system32\SessEnv.dll
2011-12-26 20:31:06 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-12-26 20:31:06 ----A---- C:\Windows\system32\authui.dll
2011-12-26 20:31:05 ----A---- C:\Windows\system32\usp10.dll
2011-12-26 20:31:05 ----A---- C:\Windows\system32\userenv.dll
2011-12-26 20:31:05 ----A---- C:\Windows\system32\shlwapi.dll
2011-12-26 20:31:05 ----A---- C:\Windows\system32\mcbuilder.exe
2011-12-26 20:31:05 ----A---- C:\Windows\system32\certmgr.dll
2011-12-26 20:31:04 ----A---- C:\Windows\system32\xpsservices.dll
2011-12-26 20:31:04 ----A---- C:\Windows\system32\winload.exe
2011-12-26 20:31:04 ----A---- C:\Windows\system32\WebClnt.dll
2011-12-26 20:31:04 ----A---- C:\Windows\system32\drvstore.dll
2011-12-26 20:31:04 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-12-26 20:31:04 ----A---- C:\Windows\system32\audiosrv.dll
2011-12-26 20:31:03 ----A---- C:\Windows\system32\sppwinob.dll
2011-12-26 20:31:03 ----A---- C:\Windows\system32\rpcss.dll
2011-12-26 20:31:03 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-12-26 20:31:03 ----A---- C:\Windows\system32\comdlg32.dll
2011-12-26 20:31:03 ----A---- C:\Windows\system32\cmd.exe
2011-12-26 20:31:02 ----A---- C:\Windows\system32\Wldap32.dll
2011-12-26 20:31:02 ----A---- C:\Windows\system32\win32spl.dll
2011-12-26 20:31:02 ----A---- C:\Windows\system32\propsys.dll
2011-12-26 20:31:02 ----A---- C:\Windows\system32\nlasvc.dll
2011-12-26 20:31:02 ----A---- C:\Windows\system32\mfds.dll
2011-12-26 20:31:02 ----A---- C:\Windows\system32\framedynos.dll
2011-12-26 20:31:02 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-12-26 20:31:02 ----A---- C:\Windows\system32\BFE.DLL
2011-12-26 20:31:01 ----A---- C:\Windows\system32\wuaueng.dll
2011-12-26 20:31:01 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-12-26 20:31:01 ----A---- C:\Windows\system32\samsrv.dll
2011-12-26 20:31:01 ----A---- C:\Windows\system32\drivers\netio.sys

A tady je 2.díl

2011-12-26 20:31:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-12-26 20:31:00 ----A---- C:\Windows\system32\wucltux.dll
2011-12-26 20:31:00 ----A---- C:\Windows\system32\winresume.exe
2011-12-26 20:31:00 ----A---- C:\Windows\system32\profsvc.dll
2011-12-26 20:31:00 ----A---- C:\Windows\system32\ncsi.dll
2011-12-26 20:31:00 ----A---- C:\Windows\system32\azroles.dll
2011-12-26 20:30:59 ----A---- C:\Windows\system32\werconcpl.dll
2011-12-26 20:30:59 ----A---- C:\Windows\system32\themeui.dll
2011-12-26 20:30:59 ----A---- C:\Windows\system32\taskeng.exe
2011-12-26 20:30:59 ----A---- C:\Windows\system32\spp.dll
2011-12-26 20:30:59 ----A---- C:\Windows\system32\credui.dll
2011-12-26 20:30:58 ----A---- C:\Windows\system32\drivers\storport.sys
2011-12-26 20:30:58 ----A---- C:\Windows\system32\dhcpcore.dll
2011-12-26 20:30:56 ----A---- C:\Windows\system32\wintrust.dll
2011-12-26 20:30:56 ----A---- C:\Windows\system32\mswsock.dll
2011-12-26 20:30:56 ----A---- C:\Windows\system32\drivers\http.sys
2011-12-26 20:30:55 ----A---- C:\Windows\system32\taskcomp.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\msxml3.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\evr.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\dxgi.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\dbghelp.dll
2011-12-26 20:30:55 ----A---- C:\Windows\system32\basecsp.dll
2011-12-26 20:30:54 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-12-26 20:30:54 ----A---- C:\Windows\system32\spoolsv.exe
2011-12-26 20:30:54 ----A---- C:\Windows\system32\gdi32.dll
2011-12-26 20:30:54 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-12-26 20:30:54 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-12-26 20:30:54 ----A---- C:\Windows\system32\calc.exe
2011-12-26 20:30:53 ----A---- C:\Windows\system32\vpnike.dll
2011-12-26 20:30:53 ----A---- C:\Windows\system32\srvsvc.dll
2011-12-26 20:30:53 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-12-26 20:30:53 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-12-26 20:30:53 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-12-26 20:30:52 ----A---- C:\Windows\system32\UIRibbon.dll
2011-12-26 20:30:52 ----A---- C:\Windows\system32\lpksetup.exe
2011-12-26 20:30:52 ----A---- C:\Windows\system32\fveapi.dll
2011-12-26 20:30:52 ----A---- C:\Windows\system32\cryptsvc.dll
2011-12-26 20:30:51 ----A---- C:\Windows\system32\ws2_32.dll
2011-12-26 20:30:51 ----A---- C:\Windows\system32\sxs.dll
2011-12-26 20:30:51 ----A---- C:\Windows\system32\stobject.dll
2011-12-26 20:30:51 ----A---- C:\Windows\system32\netshell.dll
2011-12-26 20:30:51 ----A---- C:\Windows\system32\ie4uinit.exe
2011-12-26 20:30:51 ----A---- C:\Windows\system32\hgprint.dll
2011-12-26 20:30:51 ----A---- C:\Windows\system32\drivers\msdsm.sys
2011-12-26 20:30:51 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-12-26 20:30:50 ----A---- C:\Windows\system32\prncache.dll
2011-12-26 20:30:50 ----A---- C:\Windows\system32\printui.dll
2011-12-26 20:30:50 ----A---- C:\Windows\system32\inetpp.dll
2011-12-26 20:30:50 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-12-26 20:30:50 ----A---- C:\Windows\system32\comctl32.dll
2011-12-26 20:30:49 ----A---- C:\Windows\system32\wmpeffects.dll
2011-12-26 20:30:49 ----A---- C:\Windows\system32\msi.dll
2011-12-26 20:30:49 ----A---- C:\Windows\system32\dps.dll
2011-12-26 20:30:48 ----A---- C:\Windows\system32\WSDApi.dll
2011-12-26 20:30:48 ----A---- C:\Windows\system32\rpchttp.dll
2011-12-26 20:30:48 ----A---- C:\Windows\system32\net1.exe
2011-12-26 20:30:48 ----A---- C:\Windows\system32\ci.dll
2011-12-26 20:30:48 ----A---- C:\Windows\system32\aitagent.exe
2011-12-26 20:30:48 ----A---- C:\Windows\system32\aepdu.dll
2011-12-26 20:30:47 ----A---- C:\Windows\system32\vds.exe
2011-12-26 20:30:47 ----A---- C:\Windows\system32\scansetting.dll
2011-12-26 20:30:47 ----A---- C:\Windows\system32\FXSSVC.exe
2011-12-26 20:30:47 ----A---- C:\Windows\system32\drivers\pci.sys
2011-12-26 20:30:47 ----A---- C:\Windows\system32\cdd.dll
2011-12-26 20:30:46 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-12-26 20:30:46 ----A---- C:\Windows\system32\wlangpui.dll
2011-12-26 20:30:46 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-12-26 20:30:46 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-12-26 20:30:46 ----A---- C:\Windows\system32\davclnt.dll
2011-12-26 20:30:46 ----A---- C:\Windows\system32\aaclient.dll
2011-12-26 20:30:45 ----A---- C:\Windows\system32\wpdshext.dll
2011-12-26 20:30:45 ----A---- C:\Windows\system32\webservices.dll
2011-12-26 20:30:45 ----A---- C:\Windows\system32\t2embed.dll
2011-12-26 20:30:45 ----A---- C:\Windows\system32\pnidui.dll
2011-12-26 20:30:45 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-12-26 20:30:45 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-12-26 20:30:45 ----A---- C:\Windows\system32\consent.exe
2011-12-26 20:30:44 ----A---- C:\Windows\system32\SyncCenter.dll
2011-12-26 20:30:44 ----A---- C:\Windows\system32\netdiagfx.dll
2011-12-26 20:30:44 ----A---- C:\Windows\system32\fde.dll
2011-12-26 20:30:44 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-12-26 20:30:44 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2011-12-26 20:30:44 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-12-26 20:30:43 ----A---- C:\Windows\system32\wuapi.dll
2011-12-26 20:30:43 ----A---- C:\Windows\system32\wscapi.dll
2011-12-26 20:30:43 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2011-12-26 20:30:43 ----A---- C:\Windows\system32\sdengin2.dll
2011-12-26 20:30:42 ----A---- C:\Windows\system32\wisptis.exe
2011-12-26 20:30:42 ----A---- C:\Windows\system32\WinSCard.dll
2011-12-26 20:30:42 ----A---- C:\Windows\system32\pla.dll
2011-12-26 20:30:42 ----A---- C:\Windows\system32\msasn1.dll
2011-12-26 20:30:41 ----A---- C:\Windows\system32\winsta.dll
2011-12-26 20:30:41 ----A---- C:\Windows\system32\setupcl.exe
2011-12-26 20:30:41 ----A---- C:\Windows\system32\rdpcore.dll
2011-12-26 20:30:41 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-12-26 20:30:41 ----A---- C:\Windows\system32\mcmde.dll
2011-12-26 20:30:41 ----A---- C:\Windows\system32\imapi2.dll
2011-12-26 20:30:41 ----A---- C:\Windows\system32\iepeers.dll
2011-12-26 20:30:41 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-12-26 20:30:41 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-12-26 20:30:40 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-12-26 20:30:40 ----A---- C:\Windows\system32\wiaservc.dll
2011-12-26 20:30:40 ----A---- C:\Windows\system32\ntshrui.dll
2011-12-26 20:30:40 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2011-12-26 20:30:40 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-12-26 20:30:40 ----A---- C:\Windows\system32\aeinv.dll
2011-12-26 20:30:39 ----A---- C:\Windows\system32\onex.dll
2011-12-26 20:30:39 ----A---- C:\Windows\system32\gameux.dll
2011-12-26 20:30:39 ----A---- C:\Windows\system32\dwmredir.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\winmm.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\TabSvc.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\shsvcs.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\rasmans.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\mssvp.dll
2011-12-26 20:30:38 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-12-26 20:30:38 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-12-26 20:30:37 ----A---- C:\Windows\system32\vaultsvc.dll
2011-12-26 20:30:37 ----A---- C:\Windows\system32\samcli.dll
2011-12-26 20:30:37 ----A---- C:\Windows\system32\netiohlp.dll
2011-12-26 20:30:37 ----A---- C:\Windows\system32\Narrator.exe
2011-12-26 20:30:37 ----A---- C:\Windows\system32\hbaapi.dll
2011-12-26 20:30:37 ----A---- C:\Windows\system32\bootres.dll
2011-12-26 20:30:37 ----A---- C:\Windows\system32\autochk.exe
2011-12-26 20:30:37 ----A---- C:\Windows\system32\autofmt.exe
2011-12-26 20:30:37 ----A---- C:\Windows\system32\audiodg.exe
2011-12-26 20:30:36 ----A---- C:\Windows\system32\thumbcache.dll
2011-12-26 20:30:36 ----A---- C:\Windows\system32\regapi.dll
2011-12-26 20:30:36 ----A---- C:\Windows\system32\proquota.exe
2011-12-26 20:30:36 ----A---- C:\Windows\system32\msutb.dll
2011-12-26 20:30:36 ----A---- C:\Windows\system32\msinfo32.exe
2011-12-26 20:30:36 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-12-26 20:30:36 ----A---- C:\Windows\system32\halmacpi.dll
2011-12-26 20:30:36 ----A---- C:\Windows\system32\hal.dll
2011-12-26 20:30:36 ----A---- C:\Windows\system32\autoconv.exe
2011-12-26 20:30:36 ----A---- C:\Windows\system32\AudioSes.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\srchadmin.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\schtasks.exe
2011-12-26 20:30:35 ----A---- C:\Windows\system32\powercpl.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\mimefilt.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\framedyn.dll
2011-12-26 20:30:35 ----A---- C:\Windows\system32\eapphost.dll
2011-12-26 20:30:34 ----A---- C:\Windows\system32\wcncsvc.dll
2011-12-26 20:30:34 ----A---- C:\Windows\system32\msihnd.dll
2011-12-26 20:30:34 ----A---- C:\Windows\system32\mscorier.dll
2011-12-26 20:30:34 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-12-26 20:30:33 ----A---- C:\Windows\system32\wdc.dll
2011-12-26 20:30:33 ----A---- C:\Windows\system32\umpo.dll
2011-12-26 20:30:33 ----A---- C:\Windows\system32\QAGENT.DLL
2011-12-26 20:30:33 ----A---- C:\Windows\system32\netid.dll
2011-12-26 20:30:33 ----A---- C:\Windows\system32\DXP.dll
2011-12-26 20:30:33 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-12-26 20:30:33 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-12-26 20:30:33 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-12-26 20:30:33 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-12-26 20:30:33 ----A---- C:\Windows\system32\actxprxy.dll
2011-12-26 20:30:32 ----A---- C:\Windows\system32\untfs.dll
2011-12-26 20:30:32 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-12-26 20:30:32 ----A---- C:\Windows\system32\scesrv.dll
2011-12-26 20:30:32 ----A---- C:\Windows\system32\rastls.dll
2011-12-26 20:30:32 ----A---- C:\Windows\system32\nci.dll
2011-12-26 20:30:32 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-12-26 20:30:31 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-12-26 20:30:31 ----A---- C:\Windows\system32\wlanpref.dll
2011-12-26 20:30:31 ----A---- C:\Windows\system32\Vault.dll
2011-12-26 20:30:31 ----A---- C:\Windows\system32\sppsvc.exe
2011-12-26 20:30:31 ----A---- C:\Windows\system32\sdclt.exe
2011-12-26 20:30:31 ----A---- C:\Windows\system32\RpcRtRemote.dll
2011-12-26 20:30:31 ----A---- C:\Windows\system32\ListSvc.dll
2011-12-26 20:30:31 ----A---- C:\Windows\system32\licmgr10.dll
2011-12-26 20:30:30 ----A---- C:\Windows\system32\Robocopy.exe
2011-12-26 20:30:29 ----A---- C:\Windows\system32\taskmgr.exe
2011-12-26 20:30:29 ----A---- C:\Windows\system32\mtxclu.dll
2011-12-26 20:30:29 ----A---- C:\Windows\system32\mssphtb.dll
2011-12-26 20:30:29 ----A---- C:\Windows\system32\msdri.dll
2011-12-26 20:30:29 ----A---- C:\Windows\system32\DxpTaskSync.dll
2011-12-26 20:30:29 ----A---- C:\Windows\system32\drivers\mpio.sys
2011-12-26 20:30:29 ----A---- C:\Windows\system32\Display.dll
2011-12-26 20:30:28 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-12-26 20:30:28 ----A---- C:\Windows\system32\userinit.exe
2011-12-26 20:30:28 ----A---- C:\Windows\system32\termmgr.dll
2011-12-26 20:30:28 ----A---- C:\Windows\system32\sharemediacpl.dll
2011-12-26 20:30:28 ----A---- C:\Windows\system32\puiobj.dll
2011-12-26 20:30:28 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-12-26 20:30:28 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-12-26 20:30:28 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-12-26 20:30:27 ----A---- C:\Windows\system32\eudcedit.exe
2011-12-26 20:30:27 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-12-26 20:30:27 ----A---- C:\Windows\system32\DiagCpl.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\wiadefui.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\sppcomapi.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\shsetup.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\rasppp.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\msdtctm.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\logoncli.dll
2011-12-26 20:30:26 ----A---- C:\Windows\system32\biocpl.dll
2011-12-26 20:30:25 ----A---- C:\Windows\system32\SensorsCpl.dll
2011-12-26 20:30:25 ----A---- C:\Windows\system32\msconfig.exe
2011-12-26 20:30:25 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2011-12-26 20:30:25 ----A---- C:\Windows\system32\cabview.dll
2011-12-26 20:30:24 ----A---- C:\Windows\system32\wpccpl.dll
2011-12-26 20:30:24 ----A---- C:\Windows\system32\themecpl.dll
2011-12-26 20:30:24 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2011-12-26 20:30:24 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2011-12-26 20:30:24 ----A---- C:\Windows\system32\dnscmmc.dll
2011-12-26 20:30:23 ----A---- C:\Windows\system32\scecli.dll
2011-12-26 20:30:23 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2011-12-26 20:30:23 ----A---- C:\Windows\system32\hgcpl.dll
2011-12-26 20:30:22 ----A---- C:\Windows\system32\tapisrv.dll
2011-12-26 20:30:22 ----A---- C:\Windows\system32\mscories.dll
2011-12-26 20:30:22 ----A---- C:\Windows\system32\mscms.dll
2011-12-26 20:30:22 ----A---- C:\Windows\system32\mprddm.dll
2011-12-26 20:30:22 ----A---- C:\Windows\system32\localsec.dll
2011-12-26 20:30:22 ----A---- C:\Windows\system32\fontext.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\wlanui.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\wkssvc.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\VAN.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\usercpl.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\srcore.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\SndVolSSO.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\qedit.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\prntvpt.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\KMSVC.DLL
2011-12-26 20:30:21 ----A---- C:\Windows\system32\iasacct.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-12-26 20:30:21 ----A---- C:\Windows\system32\bcdsrv.dll
2011-12-26 20:30:21 ----A---- C:\Windows\system32\batmeter.dll
2011-12-26 20:30:20 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-12-26 20:30:20 ----A---- C:\Windows\system32\w32tm.exe
2011-12-26 20:30:20 ----A---- C:\Windows\system32\SndVol.exe
2011-12-26 20:30:20 ----A---- C:\Windows\system32\netcenter.dll
2011-12-26 20:30:20 ----A---- C:\Windows\system32\mblctr.exe
2011-12-26 20:30:19 ----A---- C:\Windows\system32\zipfldr.dll
2011-12-26 20:30:19 ----A---- C:\Windows\system32\wksprt.exe
2011-12-26 20:30:19 ----A---- C:\Windows\system32\spwizeng.dll
2011-12-26 20:30:19 ----A---- C:\Windows\system32\fdeploy.dll
2011-12-26 20:30:19 ----A---- C:\Windows\system32\drivers\ks.sys
2011-12-26 20:30:19 ----A---- C:\Windows\system32\azroleui.dll
2011-12-26 20:30:19 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-12-26 20:30:18 ----A---- C:\Windows\system32\networkmap.dll
2011-12-26 20:30:18 ----A---- C:\Windows\system32\netjoin.dll
2011-12-26 20:30:18 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-12-26 20:30:18 ----A---- C:\Windows\system32\cryptui.dll
2011-12-26 20:30:18 ----A---- C:\Windows\system32\adsldp.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\wusa.exe
2011-12-26 20:30:17 ----A---- C:\Windows\system32\sud.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\prnfldr.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\photowiz.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\mspbda.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\msieftp.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\Faultrep.dll
2011-12-26 20:30:17 ----A---- C:\Windows\system32\ActionCenter.dll
2011-12-26 20:30:16 ----A---- C:\Windows\system32\taskhost.exe
2011-12-26 20:30:16 ----A---- C:\Windows\system32\taskbarcpl.dll
2011-12-26 20:30:16 ----A---- C:\Windows\system32\slui.exe
2011-12-26 20:30:16 ----A---- C:\Windows\system32\rdpcorekmts.dll
2011-12-26 20:30:16 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-12-26 20:30:16 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-12-26 20:30:16 ----A---- C:\Windows\system32\iasrad.dll
2011-12-26 20:30:16 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-12-26 20:30:16 ----A---- C:\Windows\system32\credssp.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\wpd_ci.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\sisbkup.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\shwebsvc.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\ifsutil.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\ieUnatt.exe
2011-12-26 20:30:15 ----A---- C:\Windows\system32\halacpi.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\ftp.exe
2011-12-26 20:30:15 ----A---- C:\Windows\system32\efscore.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\dot3cfg.dll
2011-12-26 20:30:15 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2011-12-26 20:30:14 ----A---- C:\Windows\system32\syncui.dll
2011-12-26 20:30:14 ----A---- C:\Windows\system32\sdcpl.dll
2011-12-26 20:30:14 ----A---- C:\Windows\system32\recovery.dll
2011-12-26 20:30:14 ----A---- C:\Windows\system32\iesysprep.dll
2011-12-26 20:30:14 ----A---- C:\Windows\system32\autoplay.dll
2011-12-26 20:30:14 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\wmpmde.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\sppnp.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\rdpwsx.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\ntlanman.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\dskquoui.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\DeviceCenter.dll
2011-12-26 20:30:13 ----A---- C:\Windows\system32\bcdedit.exe
2011-12-26 20:30:12 ----A---- C:\Windows\system32\vdsutil.dll
2011-12-26 20:30:12 ----A---- C:\Windows\system32\systemcpl.dll
2011-12-26 20:30:12 ----A---- C:\Windows\system32\rtutils.dll
2011-12-26 20:30:12 ----A---- C:\Windows\system32\recdisc.exe
2011-12-26 20:30:12 ----A---- C:\Windows\system32\OobeFldr.dll
2011-12-26 20:30:12 ----A---- C:\Windows\system32\ntprint.dll
2011-12-26 20:30:11 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-12-26 20:30:11 ----A---- C:\Windows\system32\sethc.exe
2011-12-26 20:30:11 ----A---- C:\Windows\system32\rstrui.exe
2011-12-26 20:30:11 ----A---- C:\Windows\system32\riched20.dll
2011-12-26 20:30:11 ----A---- C:\Windows\system32\nshwfp.dll
2011-12-26 20:30:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-12-26 20:30:11 ----A---- C:\Windows\system32\blackbox.dll
2011-12-26 20:30:11 ----A---- C:\Windows\system32\bcdboot.exe
2011-12-26 20:30:11 ----A---- C:\Windows\system32\AxInstSv.dll
2011-12-26 20:30:10 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-12-26 20:30:10 ----A---- C:\Windows\system32\netplwiz.dll
2011-12-26 20:30:10 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-12-26 20:30:10 ----A---- C:\Windows\system32\migisol.dll
2011-12-26 20:30:10 ----A---- C:\Windows\system32\fms.dll
2011-12-26 20:30:10 ----A---- C:\Windows\system32\activeds.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\wsqmcons.exe
2011-12-26 20:30:09 ----A---- C:\Windows\system32\nshipsec.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\nlaapi.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\httpapi.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-12-26 20:30:09 ----A---- C:\Windows\system32\dpx.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\dot3svc.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\cdosys.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-12-26 20:30:09 ----A---- C:\Windows\system32\asycfilt.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\wuwebv.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\wlanmsm.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\wavemsp.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\ReAgent.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\provsvc.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\msftedit.dll
2011-12-26 20:30:08 ----A---- C:\Windows\system32\isoburn.exe
2011-12-26 20:30:08 ----A---- C:\Windows\system32\dot3ui.dll
2011-12-26 20:30:07 ----A---- C:\Windows\system32\wvc.dll
2011-12-26 20:30:07 ----A---- C:\Windows\system32\wtsapi32.dll
2011-12-26 20:30:07 ----A---- C:\Windows\system32\wimgapi.dll
2011-12-26 20:30:07 ----A---- C:\Windows\system32\tzutil.exe
2011-12-26 20:30:07 ----A---- C:\Windows\system32\sysclass.dll
2011-12-26 20:30:07 ----A---- C:\Windows\system32\ocsetup.exe
2011-12-26 20:30:07 ----A---- C:\Windows\system32\dsuiext.dll
2011-12-26 20:30:07 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-12-26 20:30:07 ----A---- C:\Windows\system32\dfrgui.exe
2011-12-26 20:30:07 ----A---- C:\Windows\system32\appinfo.dll
2011-12-26 20:30:06 ----A---- C:\Windows\twain_32.dll
2011-12-26 20:30:06 ----A---- C:\Windows\system32\webcheck.dll
2011-12-26 20:30:06 ----A---- C:\Windows\system32\twext.dll
2011-12-26 20:30:06 ----A---- C:\Windows\system32\shdocvw.dll
2011-12-26 20:30:06 ----A---- C:\Windows\system32\PkgMgr.exe
2011-12-26 20:30:06 ----A---- C:\Windows\system32\mstask.dll
2011-12-26 20:30:06 ----A---- C:\Windows\system32\certprop.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\uxlib.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\SmiEngine.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\slwga.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\setupugc.exe
2011-12-26 20:30:05 ----A---- C:\Windows\system32\qcap.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\qasf.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\occache.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\msrating.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-12-26 20:30:05 ----A---- C:\Windows\system32\imm32.dll
2011-12-26 20:30:04 ----A---- C:\Windows\system32\wwanconn.dll
2011-12-26 20:30:04 ----A---- C:\Windows\system32\ssText3d.scr
2011-12-26 20:30:04 ----A---- C:\Windows\system32\srrstr.dll
2011-12-26 20:30:04 ----A---- C:\Windows\system32\nslookup.exe
2011-12-26 20:30:04 ----A---- C:\Windows\system32\msvfw32.dll
2011-12-26 20:30:04 ----A---- C:\Windows\system32\mciavi32.dll
2011-12-26 20:30:04 ----A---- C:\Windows\system32\imgutil.dll
2011-12-26 20:30:04 ----A---- C:\Windows\system32\audiodev.dll
2011-12-26 20:30:03 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-12-26 20:30:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-12-26 20:30:03 ----A---- C:\Windows\system32\msscp.dll
2011-12-26 20:30:03 ----A---- C:\Windows\system32\diskraid.exe
2011-12-26 20:30:03 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2011-12-26 20:30:03 ----A---- C:\Windows\system32\clusapi.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\wimserv.exe
2011-12-26 20:30:02 ----A---- C:\Windows\system32\TSpkg.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\remotepg.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\rdpencom.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\raschap.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\QUTIL.DLL
2011-12-26 20:30:02 ----A---- C:\Windows\system32\perfmon.exe
2011-12-26 20:30:02 ----A---- C:\Windows\system32\input.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\browser.dll
2011-12-26 20:30:02 ----A---- C:\Windows\system32\acppage.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\wmpdxm.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2011-12-26 20:30:01 ----A---- C:\Windows\system32\vpnikeapi.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\sdrsvc.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\olepro32.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\ocsetapi.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\nltest.exe
2011-12-26 20:30:01 ----A---- C:\Windows\system32\networkexplorer.dll
2011-12-26 20:30:01 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-12-26 20:30:00 ----A---- C:\Windows\system32\wpdwcn.dll
2011-12-26 20:30:00 ----A---- C:\Windows\system32\vdsbas.dll
2011-12-26 20:30:00 ----A---- C:\Windows\system32\runonce.exe
2011-12-26 20:30:00 ----A---- C:\Windows\system32\onexui.dll
2011-12-26 20:30:00 ----A---- C:\Windows\system32\iTVData.dll
2011-12-26 20:30:00 ----A---- C:\Windows\system32\inseng.dll
2011-12-26 20:30:00 ----A---- C:\Windows\bfsvc.exe
2011-12-26 20:29:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-12-26 20:29:59 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-12-26 20:29:59 ----A---- C:\Windows\system32\logagent.exe
2011-12-26 20:29:59 ----A---- C:\Windows\system32\dxdiagn.dll
2011-12-26 20:29:58 ----A---- C:\Windows\system32\msvidc32.dll
2011-12-26 20:29:58 ----A---- C:\Windows\system32\msiexec.exe
2011-12-26 20:29:58 ----A---- C:\Windows\system32\MFPlay.dll
2011-12-26 20:29:58 ----A---- C:\Windows\system32\eapp3hst.dll
2011-12-26 20:29:58 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-12-26 20:29:57 ----A---- C:\Windows\system32\wudriver.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\wmpshell.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\unimdmat.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\sqlcese30.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\shacct.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-12-26 20:29:57 ----A---- C:\Windows\system32\lsmproxy.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\iscsium.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\d3d10level9.dll
2011-12-26 20:29:57 ----A---- C:\Windows\system32\bitsadmin.exe
2011-12-26 20:29:56 ----A---- C:\Windows\system32\tabcal.exe
2011-12-26 20:29:56 ----A---- C:\Windows\system32\rdpd3d.dll
2011-12-26 20:29:56 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2011-12-26 20:29:56 ----A---- C:\Windows\system32\pdh.dll
2011-12-26 20:29:56 ----A---- C:\Windows\system32\OpcServices.dll
2011-12-26 20:29:56 ----A---- C:\Windows\system32\mprapi.dll
2011-12-26 20:29:56 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-12-26 20:29:56 ----A---- C:\Windows\system32\cscapi.dll
2011-12-26 20:29:56 ----A---- C:\Windows\system32\Bubbles.scr
2011-12-26 20:29:55 ----A---- C:\Windows\system32\wwanprotdim.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\WPDSp.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\tsgqec.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\srvcli.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\Ribbons.scr
2011-12-26 20:29:55 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-12-26 20:29:55 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\olethk32.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\ncryptui.dll
2011-12-26 20:29:55 ----A---- C:\Windows\system32\Mystify.scr
2011-12-26 20:29:55 ----A---- C:\Windows\system32\MdSched.exe
2011-12-26 20:29:55 ----A---- C:\Windows\system32\lpremove.exe
2011-12-26 20:29:55 ----A---- C:\Windows\system32\logman.exe
2011-12-26 20:29:55 ----A---- C:\Windows\system32\djoin.exe
2011-12-26 20:29:54 ----A---- C:\Windows\system32\WMPhoto.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-12-26 20:29:54 ----A---- C:\Windows\system32\utildll.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\mapistub.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\mapi32.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\fphc.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\dot3msm.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\avifil32.dll
2011-12-26 20:29:54 ----A---- C:\Windows\system32\ActionQueue.dll
2011-12-26 20:29:53 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-12-26 20:29:53 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-12-26 20:29:53 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2011-12-26 20:29:53 ----A---- C:\Windows\system32\wiavideo.dll
2011-12-26 20:29:53 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-12-26 20:29:53 ----A---- C:\Windows\system32\takeown.exe
2011-12-26 20:29:53 ----A---- C:\Windows\system32\qdv.dll
2011-12-26 20:29:53 ----A---- C:\Windows\system32\iyuv_32.dll
2011-12-26 20:29:53 ----A---- C:\Windows\system32\imagehlp.dll
2011-12-26 20:29:53 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-12-26 20:29:52 ----A---- C:\Windows\system32\unattend.dll
2011-12-26 20:29:52 ----A---- C:\Windows\system32\sppinst.dll
2011-12-26 20:29:52 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-12-26 20:29:52 ----A---- C:\Windows\system32\msyuv.dll
2011-12-26 20:29:52 ----A---- C:\Windows\system32\msrle32.dll
2011-12-26 20:29:52 ----A---- C:\Windows\system32\msnetobj.dll
2011-12-26 20:29:52 ----A---- C:\Windows\system32\cmstp.exe
2011-12-26 20:29:52 ----A---- C:\Windows\system32\cca.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\WUDFx.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\WUDFHost.exe
2011-12-26 20:29:51 ----A---- C:\Windows\system32\wsnmp32.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-12-26 20:29:51 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\umb.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\setupcln.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\RelPost.exe
2011-12-26 20:29:51 ----A---- C:\Windows\system32\pdhui.dll
2011-12-26 20:29:51 ----A---- C:\Windows\system32\MuiUnattend.exe
2011-12-26 20:29:51 ----A---- C:\Windows\system32\basesrv.dll
2011-12-26 20:29:50 ----A---- C:\Windows\system32\wuauclt.exe
2011-12-26 20:29:50 ----A---- C:\Windows\system32\tsbyuv.dll
2011-12-26 20:29:50 ----A---- C:\Windows\system32\relog.exe
2011-12-26 20:29:50 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2011-12-26 20:29:50 ----A---- C:\Windows\system32\msorcl32.dll
2011-12-26 20:29:50 ----A---- C:\Windows\system32\iasrecst.dll
2011-12-26 20:29:50 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-12-26 20:29:50 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-12-26 20:29:50 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\wkscli.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\WavDest.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\sppuinotify.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\spbcd.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\rastapi.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\netiougc.exe
2011-12-26 20:29:49 ----A---- C:\Windows\system32\netbtugc.exe
2011-12-26 20:29:49 ----A---- C:\Windows\system32\mydocs.dll
2011-12-26 20:29:49 ----A---- C:\Windows\system32\iscsicli.exe
2011-12-26 20:29:49 ----A---- C:\Windows\system32\diskpart.exe
2011-12-26 20:29:49 ----A---- C:\Windows\system32\amstream.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\syssetup.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\resutils.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\nrpsrv.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\MultiDigiMon.exe
2011-12-26 20:29:48 ----A---- C:\Windows\system32\itircl.dll
2011-12-26 20:29:48 ----A---- C:\Windows\system32\CertPolEng.dll
2011-12-26 20:29:47 ----A---- C:\Windows\system32\wuapp.exe
2011-12-26 20:29:47 ----A---- C:\Windows\system32\wmpps.dll
2011-12-26 20:29:47 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-12-26 20:29:47 ----A---- C:\Windows\system32\tlscsp.dll
2011-12-26 20:29:47 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-12-26 20:29:47 ----A---- C:\Windows\system32\ReAgentc.exe
2011-12-26 20:29:47 ----A---- C:\Windows\system32\FXSTIFF.dll
2011-12-26 20:29:47 ----A---- C:\Windows\system32\eappgnui.dll
2011-12-26 20:29:47 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-12-26 20:29:46 ----A---- C:\Windows\system32\wiarpc.dll
2011-12-26 20:29:46 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-12-26 20:29:46 ----A---- C:\Windows\system32\netutils.dll
2011-12-26 20:29:46 ----A---- C:\Windows\system32\mciqtz32.dll
2011-12-26 20:29:46 ----A---- C:\Windows\system32\findstr.exe
2011-12-26 20:29:45 ----A---- C:\Windows\system32\sppc.dll
2011-12-26 20:29:45 ----A---- C:\Windows\system32\prevhost.exe
2011-12-26 20:29:45 ----A---- C:\Windows\system32\netapi32.dll
2011-12-26 20:29:45 ----A---- C:\Windows\system32\muifontsetup.dll
2011-12-26 20:29:45 ----A---- C:\Windows\system32\mobsync.exe
2011-12-26 20:29:45 ----A---- C:\Windows\system32\iccvid.dll
2011-12-26 20:29:45 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-12-26 20:29:45 ----A---- C:\Windows\system32\dosx.exe
2011-12-26 20:29:45 ----A---- C:\Windows\system32\cabinet.dll
2011-12-26 20:29:44 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2011-12-26 20:29:44 ----A---- C:\Windows\system32\unlodctr.exe
2011-12-26 20:29:44 ----A---- C:\Windows\system32\spopk.dll
2011-12-26 20:29:44 ----A---- C:\Windows\system32\shimgvw.dll
2011-12-26 20:29:44 ----A---- C:\Windows\system32\repair-bde.exe
2011-12-26 20:29:44 ----A---- C:\Windows\system32\manage-bde.exe
2011-12-26 20:29:44 ----A---- C:\Windows\system32\luainstall.dll
2011-12-26 20:29:44 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-12-26 20:29:44 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2011-12-26 20:29:44 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2011-12-26 20:29:43 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-12-26 20:29:43 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2011-12-26 20:29:43 ----A---- C:\Windows\system32\netcfg.exe
2011-12-26 20:29:43 ----A---- C:\Windows\system32\msdmo.dll
2011-12-26 20:29:43 ----A---- C:\Windows\system32\inetmib1.dll
2011-12-26 20:29:43 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-12-26 20:29:42 ----A---- C:\Windows\system32\wups.dll
2011-12-26 20:29:42 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-12-26 20:29:42 ----A---- C:\Windows\system32\profprov.dll
2011-12-26 20:29:42 ----A---- C:\Windows\system32\odbcconf.dll
2011-12-26 20:29:42 ----A---- C:\Windows\system32\browcli.dll
2011-12-26 20:29:41 ----A---- C:\Windows\system32\perfts.dll
2011-12-26 20:29:41 ----A---- C:\Windows\system32\icaapi.dll
2011-12-26 20:29:40 ----A---- C:\Windows\system32\TRAPI.dll
2011-12-26 20:29:40 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-12-26 20:29:40 ----A---- C:\Windows\system32\msfeedssync.exe
2011-12-26 20:29:40 ----A---- C:\Windows\system32\FXSMON.dll
2011-12-26 20:29:40 ----A---- C:\Windows\system32\elsTrans.dll
2011-12-26 20:29:40 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-12-26 20:29:40 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-12-26 20:29:39 ----A---- C:\Windows\system32\wshbth.dll
2011-12-26 20:29:39 ----A---- C:\Windows\system32\schedcli.dll
2011-12-26 20:29:39 ----A---- C:\Windows\system32\napdsnap.dll
2011-12-26 20:29:39 ----A---- C:\Windows\system32\LogonUI.exe
2011-12-26 20:29:39 ----A---- C:\Windows\system32\dsauth.dll
2011-12-26 20:29:39 ----A---- C:\Windows\system32\cscdll.dll
2011-12-26 20:29:39 ----A---- C:\Windows\system32\bitsperf.dll
2011-12-26 20:29:38 ----A---- C:\Windows\system32\wsdchngr.dll
2011-12-26 20:29:38 ----A---- C:\Windows\system32\sscore.dll
2011-12-26 20:29:38 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2011-12-26 20:29:37 ----A---- C:\Windows\system32\wups2.dll
2011-12-26 20:29:37 ----A---- C:\Windows\system32\shgina.dll
2011-12-26 20:29:37 ----A---- C:\Windows\system32\riched32.dll
2011-12-26 20:29:37 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-12-26 20:29:36 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-12-26 20:29:36 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-12-26 20:29:36 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-12-26 20:29:36 ----A---- C:\Windows\system32\drivers\appid.sys
2011-12-26 20:29:35 ----A---- C:\Windows\system32\wshirda.dll
2011-12-26 20:29:35 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2011-12-26 20:29:34 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-12-26 20:29:34 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2011-12-26 20:29:34 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-12-26 20:29:33 ----A---- C:\Windows\system32\spwmp.dll
2011-12-26 20:29:33 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2011-12-26 20:29:33 ----A---- C:\Windows\system32\browseui.dll
2011-12-26 20:29:32 ----A---- C:\Windows\system32\RDPREFDD.dll
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\scfilter.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-12-26 20:29:32 ----A---- C:\Windows\system32\C_ISCII.DLL
2011-12-26 20:29:31 ----A---- C:\Windows\system32\shunimpl.dll
2011-12-26 20:29:31 ----A---- C:\Windows\system32\dxmasf.dll
2011-12-26 20:29:30 ----A---- C:\Windows\system32\wmploc.DLL
2011-12-26 20:29:30 ----A---- C:\Windows\system32\KBDUS.DLL
2011-12-26 20:29:30 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2011-12-26 20:29:30 ----A---- C:\Windows\system32\KBDTURME.DLL
2011-12-26 20:29:30 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2011-12-26 20:29:30 ----A---- C:\Windows\system32\KBDINTEL.DLL
2011-12-26 20:29:30 ----A---- C:\Windows\system32\KBDINKAN.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDTUQ.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDTUF.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDSG.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDSF.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDPO.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDNEPR.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDMON.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDMAORI.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDLT1.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\kbdlk41a.dll
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDINTAM.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDINORI.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDINMAR.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDINHIN.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDINBEN.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDGR1.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDGKL.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDGEO.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDBULG.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDBLR.DLL
2011-12-26 20:29:29 ----A---- C:\Windows\system32\KBDBASH.DLL
2011-12-26 20:29:28 ----A---- C:\Windows\system32\spwizres.dll
2011-12-26 20:29:28 ----A---- C:\Windows\system32\pifmgr.dll
2011-12-26 20:29:28 ----A---- C:\Windows\system32\nlsbres.dll
2011-12-26 20:29:28 ----A---- C:\Windows\system32\KBDCZ1.DLL
2011-12-26 20:29:28 ----A---- C:\Windows\system32\dpnaddr.dll
2011-12-26 20:29:28 ----A---- C:\Windows\system32\BlbEvents.dll
2011-12-26 20:29:08 ----A---- C:\Windows\system32\wdscore.dll
2011-12-26 20:28:53 ----A---- C:\Windows\system32\wbemcomn.dll
2011-12-26 20:28:44 ----A---- C:\Windows\system32\sqmapi.dll
2011-12-26 20:11:27 ----A---- C:\Windows\system32\fsquirt.exe
2011-12-26 20:11:27 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-12-26 20:11:27 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-12-26 19:35:56 ----D---- C:\ProgramData\NVIDIA
2011-12-26 19:35:51 ----A---- C:\Windows\system32\nvvsvc.exe
2011-12-26 19:35:51 ----A---- C:\Windows\system32\nvsvcr.dll
2011-12-26 19:35:51 ----A---- C:\Windows\system32\nvsvc.dll
2011-12-26 19:35:51 ----A---- C:\Windows\system32\nvshext.dll
2011-12-26 19:35:51 ----A---- C:\Windows\system32\nvmctray.dll
2011-12-26 19:35:51 ----A---- C:\Windows\system32\nvcpl.dll
2011-12-26 19:35:50 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-12-26 19:35:24 ----D---- C:\ProgramData\NVIDIA Corporation
2011-12-26 19:35:20 ----D---- C:\Program Files\NVIDIA Corporation
2011-12-26 19:26:37 ----D---- C:\Windows\system32\Wat
2011-12-26 19:08:19 ----A---- C:\Windows\system32\MRT.exe
2011-12-26 19:04:05 ----A---- C:\Windows\system32\browserchoice.exe
2011-12-26 19:01:54 ----A---- C:\Windows\system32\mfc42.dll
2011-12-26 19:01:53 ----A---- C:\Windows\system32\mfc42u.dll
2011-12-26 19:01:52 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-12-26 19:01:44 ----A---- C:\Windows\system32\mshtml.dll
2011-12-26 19:01:42 ----A---- C:\Windows\system32\wininet.dll
2011-12-26 19:01:40 ----A---- C:\Windows\system32\iertutil.dll
2011-12-26 19:01:40 ----A---- C:\Windows\system32\ieframe.dll
2011-12-26 19:01:39 ----A---- C:\Windows\system32\urlmon.dll
2011-12-26 19:01:38 ----A---- C:\Windows\system32\msfeeds.dll
2011-12-26 19:01:37 ----A---- C:\Windows\system32\url.dll
2011-12-26 19:01:37 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-26 19:01:37 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-26 19:01:37 ----A---- C:\Windows\system32\ieui.dll
2011-12-26 19:01:14 ----A---- C:\Windows\system32\EncDec.dll
2011-12-26 19:01:08 ----A---- C:\Windows\system32\tzres.dll
2011-12-26 19:00:59 ----A---- C:\Windows\system32\winsrv.dll
2011-12-26 19:00:59 ----A---- C:\Windows\system32\KernelBase.dll
2011-12-26 19:00:59 ----A---- C:\Windows\system32\kernel32.dll
2011-12-26 19:00:59 ----A---- C:\Windows\system32\conhost.exe
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-12-26 19:00:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-12-26 19:00:57 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-12-26 19:00:55 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-12-26 19:00:55 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-12-26 19:00:54 ----A---- C:\Windows\system32\CPFilters.dll
2011-12-26 19:00:53 ----A---- C:\Windows\system32\sbe.dll
2011-12-26 19:00:50 ----A---- C:\Windows\system32\WFS.exe
2011-12-26 19:00:50 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-12-26 19:00:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-12-26 19:00:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-12-26 19:00:39 ----A---- C:\Windows\system32\drivers\srv.sys
2011-12-26 19:00:37 ----A---- C:\Windows\system32\fontsub.dll
2011-12-26 19:00:37 ----A---- C:\Windows\system32\atmlib.dll
2011-12-26 19:00:37 ----A---- C:\Windows\system32\atmfd.dll
2011-12-26 19:00:36 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-12-26 19:00:35 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-12-26 19:00:35 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-12-26 19:00:35 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-12-26 19:00:35 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-12-26 19:00:32 ----A---- C:\Windows\system32\drivers\afd.sys
2011-12-26 19:00:28 ----A---- C:\Windows\system32\kerberos.dll
2011-12-26 19:00:27 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-12-26 19:00:27 ----A---- C:\Windows\system32\dnsapi.dll
2011-12-26 19:00:26 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-12-26 19:00:25 ----A---- C:\Windows\system32\psisdecd.dll
2011-12-26 19:00:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-26 19:00:18 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-12-26 19:00:15 ----A---- C:\Windows\system32\vbscript.dll
2011-12-26 19:00:15 ----A---- C:\Windows\system32\jscript.dll
2011-12-26 19:00:14 ----A---- C:\Windows\system32\win32k.sys
2011-12-26 19:00:09 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-26 19:00:05 ----A---- C:\Windows\system32\oleaut32.dll
2011-12-26 19:00:05 ----A---- C:\Windows\system32\oleacc.dll
2011-12-26 19:00:03 ----A---- C:\Windows\system32\inetcomm.dll
2011-12-26 19:00:00 ----A---- C:\Windows\system32\odbcjt32.dll
2011-12-26 19:00:00 ----A---- C:\Windows\system32\odbccu32.dll
2011-12-26 19:00:00 ----A---- C:\Windows\system32\odbccr32.dll
2011-12-26 19:00:00 ----A---- C:\Windows\system32\odbccp32.dll
2011-12-26 18:59:59 ----A---- C:\Windows\system32\odbctrac.dll
2011-12-26 18:59:33 ----A---- C:\Windows\system32\poqexec.exe
2011-12-26 18:59:13 ----D---- C:\Program Files\CCleaner
2011-12-26 18:34:18 ----D---- C:\Program Files\ASUS Bluetooth Suite
2011-12-26 17:38:29 ----A---- C:\Windows\system32\Main.ini
2011-12-26 17:29:25 ----D---- C:\ProgramData\ashampoo
2011-12-26 17:29:22 ----D---- C:\Program Files\Ashampoo
2011-12-26 17:26:35 ----D---- C:\ProgramData\Adobe
2011-12-26 17:26:29 ----D---- C:\Program Files\Common Files\Adobe
2011-12-26 17:26:29 ----D---- C:\Program Files\Adobe
2011-12-26 16:59:56 ----D---- C:\Program Files\DIFX
2011-12-26 16:39:56 ----D---- C:\Program Files\Common Files\DESIGNER
2011-12-26 16:39:48 ----D---- C:\Windows\PCHEALTH
2011-12-26 16:39:48 ----D---- C:\Program Files\Microsoft.NET
2011-12-26 16:34:39 ----D---- C:\ProgramData\Microsoft Help
2011-12-26 16:34:39 ----D---- C:\Program Files\Microsoft Office
2011-12-26 16:33:56 ----RHD---- C:\MSOCache
2011-12-26 16:04:23 ----D---- C:\Windows\Downloaded Installations
2011-12-26 16:04:23 ----D---- C:\Program Files\Common Files\InstallShield
2011-12-26 15:47:13 ----D---- C:\ProgramData\UDL
2011-12-26 15:46:52 ----D---- C:\Program Files\Epson Software
2011-12-26 15:46:51 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-26 15:46:28 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint
2011-12-26 15:45:06 ----A---- C:\Windows\system32\PICSDK2.dll
2011-12-26 15:45:06 ----A---- C:\Windows\system32\PICSDK.ini
2011-12-26 15:45:06 ----A---- C:\Windows\system32\PICSDK.dll
2011-12-26 15:45:06 ----A---- C:\Windows\system32\PICEntry.dll
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EpPicPrt.dll
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPrinterDB.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_PT.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_IT.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_GE.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_FR.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_ES.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_EN.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_DU.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_CF.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPresetData_BP.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern6.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern5.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern4.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern3.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern2.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern131.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern121.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPICPattern1.dat
2011-12-26 15:45:06 ----A---- C:\Windows\system32\EPPicMgr.dll
2011-12-26 15:45:05 ----D---- C:\Users\hagrid\AppData\Roaming\InstallShield
2011-12-26 15:44:38 ----A---- C:\Windows\system32\E_DCINST.DLL
2011-12-26 15:44:33 ----A---- C:\Windows\system32\E_FLBFDE.DLL
2011-12-26 15:44:31 ----A---- C:\Windows\system32\E_FD4BFDE.DLL
2011-12-26 15:44:21 ----D---- C:\ProgramData\EPSON
2011-12-26 15:44:11 ----A---- C:\Windows\system32\eswiaud.dll
2011-12-26 15:44:11 ----A---- C:\Windows\system32\escdev.dll
2011-12-26 15:44:08 ----D---- C:\Program Files\epson
2011-12-26 15:26:49 ----D---- C:\Windows\system32\Macromed
2011-12-26 15:20:45 ----N---- C:\Windows\system32\MpSigStub.exe
2011-12-26 15:15:27 ----D---- C:\Program Files\Mozilla Firefox
2011-12-26 15:12:21 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-12-26 15:12:21 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-12-26 15:12:19 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-12-26 15:12:19 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-12-26 15:12:19 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-12-26 15:12:18 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-12-26 15:11:46 ----SHD---- C:\Windows\Installer
2011-12-26 15:11:42 ----A---- C:\Windows\system32\aswBoot.exe
2011-12-26 15:11:42 ----A---- C:\Windows\avastSS.scr
2011-12-26 15:11:36 ----D---- C:\ProgramData\AVAST Software
2011-12-26 15:11:36 ----D---- C:\Program Files\AVAST Software
2011-12-26 15:07:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-26 15:00:25 ----D---- C:\Users\hagrid\AppData\Roaming\Identities
2011-12-26 15:00:13 ----SD---- C:\Users\hagrid\AppData\Roaming\Microsoft
2011-12-26 15:00:13 ----D---- C:\Users\hagrid\AppData\Roaming\Media Center Programs
2011-12-26 14:59:59 ----SHD---- C:\Recovery
2011-12-26 14:59:59 ----SHD---- C:\ProgramData\Šablony
2011-12-26 14:59:59 ----SHD---- C:\ProgramData\Plocha
2011-12-26 14:59:59 ----SHD---- C:\ProgramData\Oblíbené položky
2011-12-26 14:59:59 ----SHD---- C:\ProgramData\Nabídka Start
2011-12-26 14:59:59 ----SHD---- C:\ProgramData\Dokumenty
2011-12-26 14:59:59 ----SHD---- C:\ProgramData\Data aplikací
2011-12-26 14:45:16 ----D---- C:\Windows\SoftwareDistribution
2011-12-26 14:42:26 ----D---- C:\Windows\Prefetch
2011-12-26 14:41:51 ----ASH---- C:\hiberfil.sys
2011-12-26 14:40:48 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2012-01-11 19:23:35 ----D---- C:\Windows\Temp
2012-01-11 19:23:33 ----RD---- C:\Program Files
2012-01-11 18:46:22 ----D---- C:\Windows\Logs
2012-01-11 18:46:22 ----D---- C:\Windows\inf
2012-01-11 18:46:22 ----D---- C:\Windows\debug
2012-01-11 18:46:22 ----D---- C:\Windows
2012-01-11 17:09:23 ----D---- C:\Windows\System32
2012-01-11 16:42:38 ----D---- C:\Windows\system32\config
2012-01-10 19:29:56 ----D---- C:\Windows\winsxs
2012-01-10 19:28:41 ----D---- C:\Windows\system32\drivers
2012-01-10 19:28:17 ----SHD---- C:\System Volume Information
2012-01-10 19:25:19 ----D---- C:\Windows\system32\catroot2
2012-01-10 19:25:19 ----D---- C:\Windows\system32\catroot
2012-01-10 19:20:34 ----D---- C:\Windows\ehome
2012-01-07 17:06:26 ----D---- C:\Windows\Microsoft.NET
2012-01-07 17:06:22 ----RSD---- C:\Windows\assembly
2012-01-07 16:40:14 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-07 16:39:37 ----D---- C:\Windows\ShellNew
2012-01-04 20:29:21 ----D---- C:\Program Files\Common Files
2012-01-04 20:21:33 ----D---- C:\Windows\system32\DriverStore
2011-12-28 18:24:12 ----SD---- C:\ProgramData\Microsoft
2011-12-28 17:41:09 ----D---- C:\temp
2011-12-27 17:49:39 ----D---- C:\Windows\rescache
2011-12-26 20:57:03 ----SHD---- C:\Boot
2011-12-26 20:52:38 ----D---- C:\Program Files\Windows Sidebar
2011-12-26 20:52:38 ----D---- C:\Program Files\Windows Portable Devices
2011-12-26 20:52:38 ----D---- C:\Program Files\Windows Photo Viewer
2011-12-26 20:52:38 ----D---- C:\Program Files\Windows Media Player
2011-12-26 20:52:38 ----D---- C:\Program Files\Windows Mail
2011-12-26 20:52:38 ----D---- C:\Program Files\Windows Journal
2011-12-26 20:52:38 ----D---- C:\Program Files\Internet Explorer
2011-12-26 20:52:38 ----D---- C:\Program Files\DVD Maker
2011-12-26 20:52:38 ----D---- C:\Program Files\Common Files\System
2011-12-26 20:52:37 ----D---- C:\Windows\servicing
2011-12-26 20:52:37 ----D---- C:\Program Files\Windows Defender
2011-12-26 20:52:31 ----D---- C:\Windows\system32\oobe
2011-12-26 20:52:31 ----D---- C:\Windows\system32\en-US
2011-12-26 20:52:31 ----D---- C:\Windows\system32\da-DK
2011-12-26 20:52:31 ----D---- C:\Windows\PolicyDefinitions
2011-12-26 20:52:30 ----D---- C:\Windows\system32\sysprep
2011-12-26 20:52:30 ----D---- C:\Windows\system32\Setup
2011-12-26 20:52:30 ----D---- C:\Windows\system32\migration
2011-12-26 20:52:30 ----D---- C:\Windows\system32\cs
2011-12-26 20:52:30 ----D---- C:\Windows\system32\AdvancedInstallers
2011-12-26 20:52:29 ----D---- C:\Windows\system32\sppui
2011-12-26 20:52:29 ----D---- C:\Windows\system32\manifeststore
2011-12-26 20:52:29 ----D---- C:\Windows\system32\es-ES
2011-12-26 20:52:29 ----D---- C:\Windows\system32\cs-CZ
2011-12-26 20:52:28 ----D---- C:\Windows\system32\wbem
2011-12-26 20:52:28 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-12-26 20:52:27 ----D---- C:\Windows\system32\migwiz
2011-12-26 20:52:27 ----D---- C:\Windows\system32\Dism
2011-12-26 20:52:17 ----RSD---- C:\Windows\Fonts
2011-12-26 20:52:17 ----D---- C:\Windows\AppPatch
2011-12-26 20:52:07 ----D---- C:\Windows\system32\Boot
2011-12-26 20:52:00 ----D---- C:\Windows\system32\wdi
2011-12-26 20:50:01 ----A---- C:\Windows\system32\msclmd.dll
2011-12-26 19:51:39 ----D---- C:\audiograbber
2011-12-26 19:39:28 ----D---- C:\Windows\system32\LogFiles
2011-12-26 19:35:59 ----RD---- C:\Users
2011-12-26 19:35:56 ----HD---- C:\ProgramData
2011-12-26 19:35:50 ----D---- C:\Windows\Help
2011-12-26 18:27:04 ----D---- C:\Windows\system32\Tasks
2011-12-26 15:44:08 ----D---- C:\Windows\twain_32
2011-12-26 15:05:20 ----SHD---- C:\$Recycle.Bin
2011-12-26 15:01:32 ----D---- C:\Windows\system32\restore
2011-12-26 14:59:59 ----D---- C:\Windows\system32\Recovery
2011-12-26 14:59:59 ----D---- C:\Program Files\Windows NT
2011-12-26 14:51:42 ----D---- C:\Windows\system32\CodeIntegrity
2011-12-26 14:44:28 ----D---- C:\Windows\system32\drivers\UMDF
2011-12-26 14:40:36 ----RASH---- C:\BOOTSECT.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2009-10-21 33280]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2009-10-23 282112]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2009-10-20 20480]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2009-10-22 205312]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2009-10-21 117760]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2009-10-22 49152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2009-09-02 2077696]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AthDfu;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2009-07-25 38272]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-26 1343400]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

• Utilitu spustte a prikazte ji, at skenuje - klik na Scan
• Kliknutim na Save log ulozte log aswMBR na plochu
• Obsah logu aswMBR mi sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost 2 a potvrte enterem
• Utilita provede svou cinnost a da log - ten sem vlozte
• Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

tady je log aswMBR:

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-11 21:09:55
-----------------------------
21:09:55.688 OS Version: Windows 6.1.7601 Service Pack 1
21:09:55.688 Number of processors: 2 586 0xF0B
21:09:55.688 ComputerName: HAGRID-PC UserName: hagrid
21:10:01.273 Initialize success
21:10:01.351 AVAST engine defs: 12011101
21:11:19.430 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
21:11:19.430 Disk 0 Vendor: ST3250410AS 3.AAA Size: 238474MB BusType: 3
21:11:19.445 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-a
21:11:19.445 Disk 1 Vendor: SAMSUNG_SP1654N BV100-50 Size: 152627MB BusType: 3
21:11:19.445 Disk 0 MBR read successfully
21:11:19.461 Disk 0 MBR scan
21:11:19.461 Disk 0 Windows 7 default MBR code
21:11:19.461 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
21:11:19.461 Disk 0 Partition - 00 0F Extended LBA 188473 MB offset 102398310
21:11:19.477 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 188473 MB offset 102398373
21:11:19.492 Disk 0 scanning sectors +488392065
21:11:19.570 Disk 0 scanning C:\Windows\system32\drivers
21:11:31.083 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:11:31.114 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-11 21:09:55
-----------------------------
21:09:55.688 OS Version: Windows 6.1.7601 Service Pack 1
21:09:55.688 Number of processors: 2 586 0xF0B
21:09:55.688 ComputerName: HAGRID-PC UserName: hagrid
21:10:01.273 Initialize success
21:10:01.351 AVAST engine defs: 12011101
21:11:19.430 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
21:11:19.430 Disk 0 Vendor: ST3250410AS 3.AAA Size: 238474MB BusType: 3
21:11:19.445 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-a
21:11:19.445 Disk 1 Vendor: SAMSUNG_SP1654N BV100-50 Size: 152627MB BusType: 3
21:11:19.445 Disk 0 MBR read successfully
21:11:19.461 Disk 0 MBR scan
21:11:19.461 Disk 0 Windows 7 default MBR code
21:11:19.461 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
21:11:19.461 Disk 0 Partition - 00 0F Extended LBA 188473 MB offset 102398310
21:11:19.477 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 188473 MB offset 102398373
21:11:19.492 Disk 0 scanning sectors +488392065
21:11:19.570 Disk 0 scanning C:\Windows\system32\drivers
21:11:31.083 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:11:31.114 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"
21:11:31.598 Service scanning
21:11:34.562 Modules scanning
21:11:39.897 Disk 0 trace - called modules:
21:11:39.913 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:11:39.928 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x856568d8]
21:11:39.928 3 CLASSPNP.SYS[88ddc59e] -> nt!IofCallDriver -> [0x8557d790]
21:11:39.928 5 ACPI.sys[888b73d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x8556e030]
21:11:40.240 AVAST engine scan C:\Windows
21:11:41.145 AVAST engine scan C:\Windows\system32
21:12:57.133 AVAST engine scan C:\Windows\system32\drivers
21:13:02.905 AVAST engine scan C:\Users\hagrid
21:13:05.728 AVAST engine scan C:\ProgramData
21:13:13.794 Scan finished successfully
21:13:28.598 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:13:28.598 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-11 21:09:55
-----------------------------
21:09:55.688 OS Version: Windows 6.1.7601 Service Pack 1
21:09:55.688 Number of processors: 2 586 0xF0B
21:09:55.688 ComputerName: HAGRID-PC UserName: hagrid
21:10:01.273 Initialize success
21:10:01.351 AVAST engine defs: 12011101
21:11:19.430 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
21:11:19.430 Disk 0 Vendor: ST3250410AS 3.AAA Size: 238474MB BusType: 3
21:11:19.445 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-a
21:11:19.445 Disk 1 Vendor: SAMSUNG_SP1654N BV100-50 Size: 152627MB BusType: 3
21:11:19.445 Disk 0 MBR read successfully
21:11:19.461 Disk 0 MBR scan
21:11:19.461 Disk 0 Windows 7 default MBR code
21:11:19.461 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
21:11:19.461 Disk 0 Partition - 00 0F Extended LBA 188473 MB offset 102398310
21:11:19.477 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 188473 MB offset 102398373
21:11:19.492 Disk 0 scanning sectors +488392065
21:11:19.570 Disk 0 scanning C:\Windows\system32\drivers
21:11:31.083 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:11:31.114 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"
21:11:31.598 Service scanning
21:11:34.562 Modules scanning
21:11:39.897 Disk 0 trace - called modules:
21:11:39.913 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:11:39.928 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x856568d8]
21:11:39.928 3 CLASSPNP.SYS[88ddc59e] -> nt!IofCallDriver -> [0x8557d790]
21:11:39.928 5 ACPI.sys[888b73d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x8556e030]
21:11:40.240 AVAST engine scan C:\Windows
21:11:41.145 AVAST engine scan C:\Windows\system32
21:12:57.133 AVAST engine scan C:\Windows\system32\drivers
21:13:02.905 AVAST engine scan C:\Users\hagrid
21:13:05.728 AVAST engine scan C:\ProgramData
21:13:13.794 Scan finished successfully
21:13:28.598 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:13:28.598 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"
21:14:23.869 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:14:23.885 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-11 21:09:55
-----------------------------
21:09:55.688 OS Version: Windows 6.1.7601 Service Pack 1
21:09:55.688 Number of processors: 2 586 0xF0B
21:09:55.688 ComputerName: HAGRID-PC UserName: hagrid
21:10:01.273 Initialize success
21:10:01.351 AVAST engine defs: 12011101
21:11:19.430 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
21:11:19.430 Disk 0 Vendor: ST3250410AS 3.AAA Size: 238474MB BusType: 3
21:11:19.445 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-a
21:11:19.445 Disk 1 Vendor: SAMSUNG_SP1654N BV100-50 Size: 152627MB BusType: 3
21:11:19.445 Disk 0 MBR read successfully
21:11:19.461 Disk 0 MBR scan
21:11:19.461 Disk 0 Windows 7 default MBR code
21:11:19.461 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
21:11:19.461 Disk 0 Partition - 00 0F Extended LBA 188473 MB offset 102398310
21:11:19.477 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 188473 MB offset 102398373
21:11:19.492 Disk 0 scanning sectors +488392065
21:11:19.570 Disk 0 scanning C:\Windows\system32\drivers
21:11:31.083 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:11:31.114 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"
21:11:31.598 Service scanning
21:11:34.562 Modules scanning
21:11:39.897 Disk 0 trace - called modules:
21:11:39.913 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:11:39.928 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x856568d8]
21:11:39.928 3 CLASSPNP.SYS[88ddc59e] -> nt!IofCallDriver -> [0x8557d790]
21:11:39.928 5 ACPI.sys[888b73d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x8556e030]
21:11:40.240 AVAST engine scan C:\Windows
21:11:41.145 AVAST engine scan C:\Windows\system32
21:12:57.133 AVAST engine scan C:\Windows\system32\drivers
21:13:02.905 AVAST engine scan C:\Users\hagrid
21:13:05.728 AVAST engine scan C:\ProgramData
21:13:13.794 Scan finished successfully
21:13:28.598 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:13:28.598 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"
21:14:23.869 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:14:23.885 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"
21:15:41.214 Disk 0 MBR has been saved successfully to "C:\Users\hagrid\Desktop\MBR.dat"
21:15:41.214 The log file has been saved successfully to "C:\Users\hagrid\Desktop\aswMBR.txt"

tady je 2

RogueKiller V6.2.3 [01/09/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: hagrid [Admin rights]
Mode: Remove -- Date : 01/11/2012 21:19:54

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 8 ¤¤¤
[BLACKLIST DLL] HKLM\[...]\RunOnce : iessetup (C:\Windows\system32\rundll32.exe "C:\Program Files\Internet Explorer\iessetup.dll",LaunchProcessInputFiles ) -> DELETED
[BLACKLIST DLL] HKLM\[...]\RunOnce : wmssetup (C:\Windows\system32\rundll32.exe "C:\Program Files\Windows Media Player\wmssetup.dll",LaunchProcessInputFiles ) -> DELETED
[BLACKLIST DLL] HKLM\[...]\RunOnce : ehssetup (C:\Windows\system32\rundll32.exe "C:\Windows\ehome\ehssetup.dll",LaunchProcessInputFiles ) -> DELETED
[BLACKLIST DLL] HKLM\[...]\RunOnce : MSTEE.CxTransform (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> DELETED
[BLACKLIST DLL] HKLM\[...]\RunOnce : MSTEE.Splitter (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> DELETED
[BLACKLIST DLL] HKLM\[...]\RunOnce : WDM_DRMKAUD (rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install) -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] ccd8792a770b9fa34105959ec6b3d3ab
[BSP] 956b9db8dac65806375913db9bce1993 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 52427 Mo
1 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 102398310 | Size: 197628 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 422d619cf0520e0cf9b051912b3e1c80
[BSP] 52f5b6da9e1efae4afa7c167fbc4d85a : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 63 | Size: 160039 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

tady je 3:

RogueKiller V6.2.3 [01/09/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: hagrid [Admin rights]
Mode: HOSTSFix -- Date : 01/11/2012 21:21:37

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

a tady 4:

RogueKiller V6.2.3 [01/09/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User: hagrid [Admin rights]
Mode: ProxyFix -- Date : 01/11/2012 21:22:58

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].tx

fajm stálnul jsem Combofix a avast mi zablokoval rootkit:

Infection Details
URL: http://download.bleepingcomputer.com/sU ... [PECompact]
Process: file://C:\Program Files\Mozilla Firefox\firefox.exe
Infection: win32:Rootkit-gen [Rtk]

Mám pokračovat?

vypnete rezidentni stit do restartu, v CF urcite nic neni

Tady je Combofix log:

ComboFix 12-01-10.02 - hagrid 11.01.2012 21:39:44.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2046.1315 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-11 do 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 20:44 . 2012-01-11 20:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-11 19:52 . 2012-01-11 19:52 -------- d-----w- c:\programdata\Malwarebytes
2012-01-11 19:52 . 2012-01-11 19:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-11 19:52 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-11 18:23 . 2012-01-11 18:23 -------- d-----w- c:\program files\trend micro
2012-01-11 15:31 . 2012-01-11 20:11 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FCACD0C-BB08-46C9-ABF4-F839D216FC26}\offreg.dll
2012-01-10 18:25 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-10 18:25 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-10 18:25 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-10 18:25 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-10 18:25 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-10 18:25 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-10 18:25 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-10 18:25 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-10 18:25 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-10 18:25 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-10 18:20 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-10 18:20 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-10 18:20 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 18:20 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-10 15:30 . 2011-11-30 01:21 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FCACD0C-BB08-46C9-ABF4-F839D216FC26}\mpengine.dll
2012-01-07 15:40 . 2012-01-07 15:40 -------- d-----w- c:\program files\Microsoft Works
2012-01-04 19:29 . 2012-01-04 19:29 -------- d-----w- c:\program files\Common Files\NewSoft
2012-01-04 19:29 . 2012-01-04 19:29 -------- d-----w- c:\program files\NewSoft
2012-01-04 18:45 . 2012-01-04 18:45 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-04 18:45 . 2012-01-04 18:45 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-28 16:52 . 2011-12-28 16:52 -------- d-----w- c:\program files\Media Player Classic - Home Cinema
2011-12-26 19:38 . 2011-12-26 19:38 -------- d-----w- c:\windows\system32\SPReview
2011-12-26 19:37 . 2011-12-26 19:37 -------- d-----w- c:\windows\system32\EventProviders
2011-12-26 19:30 . 2010-11-20 12:21 1063936 ----a-w- c:\windows\system32\werconcpl.dll
2011-12-26 19:29 . 2010-11-20 12:19 68096 ----a-w- c:\windows\system32\Mcx2Svc.dll
2011-12-26 19:28 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-12-26 19:28 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2011-12-26 19:28 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-12-26 19:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2011-12-26 19:11 . 2011-04-28 03:15 60416 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-12-26 19:11 . 2011-04-28 03:15 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-12-26 19:11 . 2010-11-20 12:17 219648 ----a-w- c:\windows\system32\fsquirt.exe
2011-12-26 18:35 . 2011-12-26 18:36 -------- d-----w- c:\users\UpdatusUser
2011-12-26 18:35 . 2011-12-26 18:36 -------- d-----w- c:\programdata\NVIDIA
2011-12-26 18:35 . 2011-05-21 05:01 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-12-26 18:35 . 2011-05-21 05:01 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-12-26 18:35 . 2011-05-21 05:01 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-12-26 18:35 . 2011-05-21 05:01 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-12-26 18:35 . 2011-05-21 05:01 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-12-26 18:35 . 2011-05-21 05:01 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-12-26 18:35 . 2011-05-21 05:01 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-12-26 18:35 . 2011-12-26 18:35 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-12-26 18:35 . 2011-12-26 18:35 -------- d-----w- c:\program files\NVIDIA Corporation
2011-12-26 18:34 . 2011-12-26 18:34 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-12-26 18:26 . 2011-12-26 18:26 -------- d-----w- c:\windows\system32\Wat
2011-12-26 18:04 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-12-26 17:59 . 2011-06-15 08:55 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-12-26 17:59 . 2011-06-15 08:54 94208 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-12-26 17:59 . 2011-04-29 04:57 759296 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-12-26 17:59 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-12-26 17:59 . 2011-12-26 17:59 -------- d-----w- c:\program files\CCleaner
2011-12-26 17:34 . 2011-12-26 17:34 -------- d-----w- c:\program files\ASUS Bluetooth Suite
2011-12-26 16:29 . 2011-12-26 16:29 -------- d-----w- c:\programdata\ashampoo
2011-12-26 16:29 . 2011-12-26 16:29 -------- d-----w- c:\program files\Ashampoo
2011-12-26 16:26 . 2011-12-26 16:26 -------- d-----w- c:\program files\Common Files\Adobe
2011-12-26 15:59 . 2011-12-26 15:59 -------- d-----w- c:\program files\DIFX
2011-12-26 15:39 . 2011-12-26 15:39 -------- d-----w- c:\windows\PCHEALTH
2011-12-26 15:39 . 2011-12-26 15:39 -------- d-----w- c:\program files\Microsoft.NET
2011-12-26 15:34 . 2012-01-07 15:40 -------- d-----w- c:\programdata\Microsoft Help
2011-12-26 15:33 . 2011-12-26 15:33 -------- d-----r- C:\MSOCache
2011-12-26 15:04 . 2012-01-04 19:27 -------- d-----w- c:\program files\Common Files\InstallShield
2011-12-26 15:04 . 2011-12-26 15:04 -------- d-----w- c:\windows\Downloaded Installations
2011-12-26 14:47 . 2011-12-26 14:47 -------- d-----w- c:\programdata\UDL
2011-12-26 14:46 . 2011-12-26 14:46 -------- d-----w- c:\program files\Epson Software
2011-12-26 14:46 . 2012-01-04 19:29 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-12-26 14:46 . 2011-12-26 14:46 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2011-12-26 14:45 . 2007-06-21 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2011-12-26 14:45 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2011-12-26 14:45 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2011-12-26 14:45 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll
2011-12-26 14:45 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll
2011-12-26 14:44 . 2007-04-10 18:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-12-26 14:44 . 2008-08-08 19:09 86528 ----a-w- c:\windows\system32\E_FLBFDE.DLL
2011-12-26 14:44 . 2007-12-07 19:01 78848 ----a-w- c:\windows\system32\E_FD4BFDE.DLL
2011-12-26 14:44 . 2011-12-26 14:44 -------- d-----w- c:\programdata\EPSON
2011-12-26 14:44 . 2008-11-16 23:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2011-12-26 14:44 . 2006-08-25 17:00 9216 ----a-w- c:\windows\system32\escdev.dll
2011-12-26 14:44 . 2011-12-26 14:45 -------- d-----w- c:\program files\epson
2011-12-26 14:26 . 2012-01-11 19:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-26 14:26 . 2011-12-26 14:26 -------- d-----w- c:\windows\system32\Macromed
2011-12-26 14:20 . 2011-11-15 13:29 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-12-26 14:12 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-26 14:12 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-26 14:12 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-26 14:12 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-26 14:12 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-26 14:12 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-26 14:11 . 2012-01-08 22:03 -------- d-sh--w- c:\windows\Installer
2011-12-26 14:11 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-26 14:11 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-26 14:11 . 2011-12-26 14:11 -------- d-----w- c:\programdata\AVAST Software
2011-12-26 14:11 . 2011-12-26 14:11 -------- d-----w- c:\program files\AVAST Software
2011-12-26 14:05 . 2011-12-26 14:05 -------- d-----w- c:\users\doma
2011-12-26 14:01 . 2012-01-11 20:13 -------- d-----w- c:\windows\system32\wbem\Performance
2011-12-26 14:00 . 2012-01-10 18:28 -------- d-----w- c:\users\hagrid
2011-12-26 13:40 . 2012-01-11 17:46 -------- d-----w- c:\windows\Panther
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-26 19:50 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-12-26 17:34 . 2009-10-20 23:31 246804 ----a-w- c:\windows\system32\drivers\AtherosBT.bin
2011-12-21 07:39 . 2011-12-26 14:15 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"AtherosBtStack"="c:\program files\ASUS Bluetooth Suite\BtvStack.exe" [2009-10-28 307200]
"ChangeFilterMerit"="c:\program files\NewSoft\Presto! PVR\ChangeFilterMerit.exe" [2007-06-08 51280]
"Presto! PVR Monitor"="c:\program files\NewSoft\Presto! PVR\Monitor.exe" [2008-08-08 153424]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-07-14 360448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-11 07:10 293376 ----a-w- c:\windows\System32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
2007-06-08 15:27 51280 ----a-w- c:\program files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
.
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2009-09-02 2077696]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2009-07-25 38272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-26 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2009-10-21 33280]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2009-10-23 282112]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2009-10-20 20480]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2009-10-22 205312]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2009-10-21 117760]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2009-10-22 49152]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - TRUESIGHT
*Deregistered* - aswMBR
*Deregistered* - TrueSight
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 62.129.50.20
FF - ProfilePath -
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-11 21:46:19
ComboFix-quarantined-files.txt 2012-01-11 20:46
.
Před spuštěním: Volných bajtů: 27 778 478 080
Po spuštění: Volných bajtů: 27 703 894 016
.
- - End Of File - - 4B17D75D5E0808D3AC50E6CB0925894E

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Adobe Reader Speed Launcher"=-
  "Malwarebytes' Anti-Malware"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  "MSPCLOCK"=-
  "MSPQM"=-
  "MSKSSRV"=-
  "Malwarebytes Anti-Malware"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  ClearJavaCache::
  
  AtJob::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

tak jsem to udělal. Odstavil jsem avast do restartu. ComboFix zapracoval, restartoval. Windows najely. ale i avast a hodil něco do truhly. Log soubor se mi neobjevil a nemůžu ho nikde najít.
V C:/ComboFix je jen ComboFix.txt

v programech, které se spustí při startu je toto:

Ano HKCU:Run EPSON SX210 Series C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE /FU "C:\Windows\TEMP\E_S6B9E.tmp" /EF "HKCU"
Ano HKCU:Run Sidebar C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Ne HKLM:Run *WerKernelReporting %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq
Ano HKLM:Run AtherosBtStack C:\Program Files\ASUS Bluetooth Suite\BtvStack.exe
Ano HKLM:Run avast "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
Ano HKLM:Run ChangeFilterMerit C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe
Ano HKLM:Run combofix C:\ComboFix\CF7376.3XE /c C:\ComboFix\Combobatch.bat
Ano HKLM:Run Presto! PVR Monitor
Ano HKLM:RunOnce combofix C:\ComboFix\CF7376.3XE /c C:\ComboFixCombobatch.bat

Mám to zkusit ještě jednou ??

tak už ho mám:

ComboFix 12-01-10.02 - hagrid 12.01.2012 17:04:12.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2046.1352 [GMT 1:00]
Spuštěný z: C:\Users\doma\Desktop\ComboFix.exe
Použité ovládací přepínače :: C:\Users\doma\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení


((((((((((((((((((((((((( Soubory vytvořené od 2011-12-12 do 2012-01-12 )))))))))))))))))))))))))))))))


2012-01-11 19:52:56 . 2012-01-11 19:52:56 -------- d-----w- C:\ProgramData\Malwarebytes
2012-01-11 18:23:33 . 2012-01-11 18:23:40 -------- d-----w- C:\Program Files\trend micro
2012-01-10 18:25:44 . 2011-11-17 05:41:52 67440 ----a-w- C:\Windows\system32\drivers\ksecdd.sys
2012-01-10 18:25:44 . 2011-11-17 05:41:51 134000 ----a-w- C:\Windows\system32\drivers\ksecpkg.sys
2012-01-10 18:25:44 . 2011-11-17 05:39:24 369352 ----a-w- C:\Windows\system32\drivers\cng.sys
2012-01-10 18:25:44 . 2011-11-17 05:35:02 314880 ----a-w- C:\Windows\system32\webio.dll
2012-01-10 18:25:44 . 2011-11-17 05:34:55 100352 ----a-w- C:\Windows\system32\sspicli.dll
2012-01-10 18:25:44 . 2011-11-17 05:34:52 224768 ----a-w- C:\Windows\system32\schannel.dll
2012-01-10 18:25:44 . 2011-11-17 05:32:51 1038848 ----a-w- C:\Windows\system32\lsasrv.dll
2012-01-10 18:25:44 . 2011-11-17 05:29:50 22528 ----a-w- C:\Windows\system32\lsass.exe
2012-01-10 18:25:43 . 2011-11-17 05:34:55 15872 ----a-w- C:\Windows\system32\sspisrv.dll
2012-01-10 18:25:43 . 2011-11-17 05:34:52 22016 ----a-w- C:\Windows\system32\secur32.dll
2012-01-10 18:20:16 . 2011-11-19 14:01:00 67072 ----a-w- C:\Windows\system32\packager.dll
2012-01-10 18:20:16 . 2011-11-17 05:38:39 1288472 ----a-w- C:\Windows\system32\ntdll.dll
2012-01-10 18:20:15 . 2011-10-26 04:32:11 514560 ----a-w- C:\Windows\system32\qdvd.dll
2012-01-10 18:20:15 . 2011-10-26 04:32:11 1328128 ----a-w- C:\Windows\system32\quartz.dll
2012-01-10 15:30:44 . 2011-11-30 01:21:44 6823496 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5FCACD0C-BB08-46C9-ABF4-F839D216FC26}\mpengine.dll
2012-01-07 15:40:12 . 2012-01-07 15:40:12 -------- d-----w- C:\Program Files\Microsoft Works
2012-01-04 19:29:21 . 2012-01-04 19:29:26 -------- d-----w- C:\Program Files\Common Files\NewSoft
2012-01-04 19:29:19 . 2012-01-04 19:29:19 -------- d-----w- C:\Program Files\NewSoft
2012-01-04 18:45:12 . 2012-01-04 18:45:12 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-04 18:45:08 . 2012-01-04 18:45:08 484176 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-28 16:52:45 . 2011-12-28 16:52:47 -------- d-----w- C:\Program Files\Media Player Classic - Home Cinema
2011-12-26 19:38:17 . 2011-12-26 19:38:19 -------- d-----w- C:\Windows\system32\SPReview
2011-12-26 19:37:42 . 2011-12-26 19:37:43 -------- d-----w- C:\Windows\system32\EventProviders
2011-12-26 19:30:59 . 2010-11-20 12:21:35 1063936 ----a-w- C:\Windows\system32\werconcpl.dll
2011-12-26 19:29:59 . 2010-11-20 12:19:33 68096 ----a-w- C:\Windows\system32\Mcx2Svc.dll
2011-12-26 19:28:53 . 2010-11-20 12:21:34 363008 ----a-w- C:\Windows\system32\wbemcomn.dll
2011-12-26 19:28:53 . 2010-11-20 12:21:25 189952 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2011-12-26 19:28:53 . 2010-11-20 12:19:02 606208 ----a-w- C:\Windows\system32\wbem\fastprox.dll
2011-12-26 19:28:44 . 2010-11-20 12:21:25 189952 ----a-w- C:\Windows\system32\sqmapi.dll
2011-12-26 19:11:27 . 2011-04-28 03:15:03 60416 ----a-w- C:\Windows\system32\drivers\BTHUSB.SYS
2011-12-26 19:11:27 . 2011-04-28 03:15:02 393728 ----a-w- C:\Windows\system32\drivers\bthport.sys
2011-12-26 19:11:27 . 2010-11-20 12:17:11 219648 ----a-w- C:\Windows\system32\fsquirt.exe
2011-12-26 18:35:59 . 2011-12-26 18:36:03 -------- d-----w- C:\Users\UpdatusUser
2011-12-26 18:35:56 . 2011-12-26 18:36:43 -------- d-----w- C:\ProgramData\NVIDIA
2011-12-26 18:35:51 . 2011-05-21 05:01:00 66664 ----a-w- C:\Windows\system32\nvshext.dll
2011-12-26 18:35:51 . 2011-05-21 05:01:00 615528 ----a-w- C:\Windows\system32\nvvsvc.exe
2011-12-26 18:35:51 . 2011-05-21 05:01:00 3693672 ----a-w- C:\Windows\system32\nvcpl.dll
2011-12-26 18:35:51 . 2011-05-21 05:01:00 2560616 ----a-w- C:\Windows\system32\nvsvcr.dll
2011-12-26 18:35:51 . 2011-05-21 05:01:00 2557544 ----a-w- C:\Windows\system32\nvsvc.dll
2011-12-26 18:35:51 . 2011-05-21 05:01:00 111208 ----a-w- C:\Windows\system32\nvmctray.dll
2011-12-26 18:35:50 . 2011-05-21 05:01:00 543336 ----a-w- C:\Windows\system32\easyupdatusapiu.dll
2011-12-26 18:35:24 . 2011-12-26 18:35:24 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2011-12-26 18:35:20 . 2011-12-26 18:35:57 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-12-26 18:34:17 . 2011-12-26 18:34:17 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2011-12-26 18:26:37 . 2011-12-26 18:26:38 -------- d-----w- C:\Windows\system32\Wat
2011-12-26 18:04:05 . 2010-02-11 07:10:14 293376 ----a-w- C:\Windows\system32\browserchoice.exe
2011-12-26 17:59:59 . 2011-06-15 08:55:19 163840 ----a-w- C:\Windows\system32\odbctrac.dll
2011-12-26 17:59:55 . 2011-04-29 04:57:42 759296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-12-26 17:59:33 . 2011-04-09 05:56:38 123904 ----a-w- C:\Windows\system32\poqexec.exe
2011-12-26 17:59:13 . 2011-12-26 17:59:15 -------- d-----w- C:\Program Files\CCleaner
2011-12-26 17:34:18 . 2011-12-26 17:34:23 -------- d-----w- C:\Program Files\ASUS Bluetooth Suite
2011-12-26 16:29:25 . 2011-12-26 16:29:25 -------- d-----w- C:\ProgramData\ashampoo
2011-12-26 16:29:22 . 2011-12-26 16:29:22 -------- d-----w- C:\Program Files\Ashampoo
2011-12-26 16:26:29 . 2011-12-26 16:26:37 -------- d-----w- C:\Program Files\Common Files\Adobe
2011-12-26 15:59:56 . 2011-12-26 15:59:56 -------- d-----w- C:\Program Files\DIFX
2011-12-26 15:39:48 . 2011-12-26 15:39:48 -------- d-----w- C:\Windows\PCHEALTH
2011-12-26 15:39:48 . 2011-12-26 15:39:48 -------- d-----w- C:\Program Files\Microsoft.NET
2011-12-26 15:34:39 . 2012-01-07 15:40:32 -------- d-----w- C:\ProgramData\Microsoft Help
2011-12-26 15:33:56 . 2011-12-26 15:33:56 -------- d-----r- C:\MSOCache
2011-12-26 15:04:23 . 2012-01-04 19:27:53 -------- d-----w- C:\Program Files\Common Files\InstallShield
2011-12-26 15:04:23 . 2011-12-26 15:04:23 -------- d-----w- C:\Windows\Downloaded Installations
2011-12-26 14:47:13 . 2011-12-26 14:47:13 -------- d-----w- C:\ProgramData\UDL
2011-12-26 14:46:52 . 2011-12-26 14:46:52 -------- d-----w- C:\Program Files\Epson Software
2011-12-26 14:46:51 . 2012-01-04 19:29:15 -------- d--h--w- C:\Program Files\InstallShield Installation Information
2011-12-26 14:46:28 . 2011-12-26 14:46:48 -------- d-----w- C:\Program Files\ABBYY FineReader 6.0 Sprint
2011-12-26 14:45:06 . 2007-06-21 23:10:00 501912 ----a-w- C:\Windows\system32\PICSDK2.dll
2011-12-26 14:45:06 . 2006-10-30 23:10:00 71840 ----a-w- C:\Windows\system32\EPPicMgr.dll
2011-12-26 14:45:06 . 2006-10-30 23:10:00 120992 ----a-w- C:\Windows\system32\EpPicPrt.dll
2011-12-26 14:45:06 . 2006-10-19 23:10:00 80024 ----a-w- C:\Windows\system32\PICSDK.dll
2011-12-26 14:45:06 . 2006-10-19 23:10:00 108704 ----a-w- C:\Windows\system32\PICEntry.dll
2011-12-26 14:44:38 . 2007-04-10 18:06:00 8192 ----a-w- C:\Windows\system32\E_DCINST.DLL
2011-12-26 14:44:33 . 2008-08-08 19:09:00 86528 ----a-w- C:\Windows\system32\E_FLBFDE.DLL
2011-12-26 14:44:31 . 2007-12-07 19:01:00 78848 ----a-w- C:\Windows\system32\E_FD4BFDE.DLL
2011-12-26 14:44:21 . 2011-12-26 14:44:49 -------- d-----w- C:\ProgramData\EPSON
2011-12-26 14:44:11 . 2008-11-16 23:00:00 342016 ----a-w- C:\Windows\system32\eswiaud.dll
2011-12-26 14:44:11 . 2006-08-25 17:00:00 9216 ----a-w- C:\Windows\system32\escdev.dll
2011-12-26 14:44:08 . 2011-12-26 14:45:48 -------- d-----w- C:\Program Files\epson
2011-12-26 14:26:50 . 2012-01-11 19:38:45 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2011-12-26 14:26:49 . 2011-12-26 14:26:49 -------- d-----w- C:\Windows\system32\Macromed
2011-12-26 14:20:45 . 2011-11-15 13:29:56 222080 ------w- C:\Windows\system32\MpSigStub.exe
2011-12-26 14:12:21 . 2011-11-28 17:53:35 314456 ----a-w- C:\Windows\system32\drivers\aswSP.sys
2011-12-26 14:12:21 . 2011-11-28 17:51:50 20568 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys
2011-12-26 14:12:19 . 2011-11-28 17:53:53 435032 ----a-w- C:\Windows\system32\drivers\aswSnx.sys
2011-12-26 14:12:19 . 2011-11-28 17:52:19 34392 ----a-w- C:\Windows\system32\drivers\aswRdr.sys
2011-12-26 14:12:19 . 2011-11-28 17:52:16 52952 ----a-w- C:\Windows\system32\drivers\aswTdi.sys
2011-12-26 14:12:18 . 2011-11-28 17:52:07 55128 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2011-12-26 14:11:46 . 2012-01-08 22:03:56 -------- d-sh--w- C:\Windows\Installer
2011-12-26 14:11:42 . 2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
2011-12-26 14:11:42 . 2011-11-28 18:01:23 199816 ----a-w- C:\Windows\system32\aswBoot.exe
2011-12-26 14:11:36 . 2011-12-26 14:11:36 -------- d-----w- C:\ProgramData\AVAST Software
2011-12-26 14:11:36 . 2011-12-26 14:11:36 -------- d-----w- C:\Program Files\AVAST Software
2011-12-26 14:05:14 . 2011-12-26 14:05:29 -------- d-----w- C:\Users\doma
2011-12-26 14:01:34 . 2012-01-12 16:14:04 -------- d-----w- C:\Windows\system32\wbem\Performance
2011-12-26 14:00:10 . 2012-01-10 18:28:11 -------- d-----w- C:\Users\hagrid
2011-12-26 13:40:48 . 2012-01-11 17:46:22 -------- d-----w- C:\Windows\Panther
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))



(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]

S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]



------- Doplňkový sken -------

TCP: DhcpNameServer = 62.129.50.20
FF - ProfilePath -

Nejak nam neudelal vse co mel a log je tez nejaky zkraceny...

Opakujte prosim postup v NR (restart PC, mackat F8, zvolit Stav nouze s praci v siti)