VIRY.CZ

Ahoj ahoj. Mám problém, že na externom hard disku sa mi po pripojení do kamoškinho zavíreneho notebooku objavilo hrozne veľa súborov so symbolmi namiesto mena. Nedajú sa otvoriť nedajú sa vymazať, presunúť ani upraviť. Navyše v súbore s fotkami, ktoré si tá kamoška chcela skopírovať, tak tento súbor sa zmenil na poškodený. ma stále rovnakú veľkosť ale nedá sa sním robiť absolútne nič.
Pomoc pomoc

Logfile of random's system information tool 1.09 (written by random/random)
Run by koko at 2012-10-27 11:57:23
Microsoft Windows 7 Ultimate
System drive C: has 33 GB (56%) free of 60 GB
Total RAM: 4072 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:32 AM, on 10/27/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\AsScrPro.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\koko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={FB93BBD2- ... 2012-09-07 22:38:00&v=12.2.0.5&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\koko\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater12.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10297 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
taskeng.exe {73E952D1-A131-485C-A59C-75B53C49419A}
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {CE14EE04-69D7-46AC-BC03-C5090D01E2D2}
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
ATKOSD.exe
"C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
WDC.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2484.2.1335489229\603166267" --gpu-vendor-id=0x1002 --gpu-device-id=0x6760 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.901.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.3.1454981800\635713893" /prefetch:3
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.4.953459574\630285686" /prefetch:3
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.7.1566064763\1862558027" /prefetch:3
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\koko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll" --lang=bg --channel="2484.8.139108230\864919623" /prefetch:4
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2484.9.649281976\1751657798" --lang=bg --ignored=" --type=renderer " /prefetch:13
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.10.1978734011\1366693642" /prefetch:3
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.17.234367986\1827403867" /prefetch:3
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.23.629699750\1515602218" /prefetch:3
"C:\Users\koko\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=bg --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin10/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="2484.26.554908697\1353115363" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\koko\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1776410817-1395037436-76359829-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1776410817-1395037436-76359829-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll [2012-09-07 2045024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll [2012-09-07 2045024]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-04 2712360]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2011-03-04 97064]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\koko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-06 116648]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-06 102568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-09-06 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-18 2319536]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-09-07 1162848]
"ROC_roc_ssl_v12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe [2012-09-07 1020512]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-27 11:57:24 ----D---- C:\Program Files\trend micro
2012-10-27 11:57:23 ----D---- C:\rsit
2012-10-24 11:32:26 ----D---- C:\Users\koko\AppData\Roaming\Skype
2012-10-24 11:32:12 ----RD---- C:\Program Files (x86)\Skype
2012-10-24 11:32:04 ----D---- C:\ProgramData\Skype
2012-10-23 22:51:19 ----D---- C:\Users\koko\AppData\Roaming\vlc
2012-10-23 22:50:33 ----D---- C:\Program Files (x86)\VideoLAN
2012-10-23 18:44:30 ----D---- C:\ProgramData\Adobe
2012-10-16 13:42:04 ----D---- C:\ProgramData\YTD Video Downloader
2012-10-16 13:41:57 ----D---- C:\Program Files (x86)\YTD Video Downloader
2012-10-02 10:27:18 ----A---- C:\Windows\ntbtlog.txt
2012-09-28 10:42:38 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-09-28 10:23:54 ----A---- C:\Windows\SYSWOW64\acovcnt.exe
2012-09-28 10:10:06 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2012-09-28 10:10:06 ----A---- C:\Windows\system32\wcncsvc.dll
2012-09-28 10:05:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2012-09-28 10:05:03 ----A---- C:\Windows\system32\msv1_0.dll
2012-09-28 10:00:44 ----D---- C:\Windows\SYSWOW64\Wat
2012-09-28 10:00:44 ----D---- C:\Windows\system32\Wat
2012-09-28 09:26:34 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2012-09-28 09:26:34 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2012-09-28 09:26:34 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2012-09-28 09:26:34 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2012-09-28 09:26:34 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2012-09-28 09:26:34 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-09-28 09:26:34 ----A---- C:\Windows\system32\PresentationHost.exe
2012-09-28 09:26:34 ----A---- C:\Windows\system32\netfxperf.dll
2012-09-28 09:26:34 ----A---- C:\Windows\system32\mscoree.dll
2012-09-28 09:26:34 ----A---- C:\Windows\system32\dfshim.dll
2012-09-28 09:25:03 ----A---- C:\Windows\system32\browserchoice.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-09-28 09:22:20 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\wininet.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\wextract.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\webcheck.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\vbscript.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\urlmon.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\url.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\pngfilt.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\occache.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\msrating.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\msls31.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\mshtmler.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\mshtml.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\mshta.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\msfeedssync.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\licmgr10.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\jscript9.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\jscript.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\inseng.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\imgutil.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iexpress.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieui.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iesysprep.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iesetup.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iertutil.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iernonce.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iepeers.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieframe.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\iedkcs32.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieapfltr.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieapfltr.dat
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieakui.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieaksie.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ieakeng.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\ie4uinit.exe
2012-09-28 09:22:19 ----A---- C:\Windows\system32\icardie.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\dxtrans.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\dxtmsft.dll
2012-09-28 09:22:19 ----A---- C:\Windows\system32\admparse.dll
2012-09-28 09:10:44 ----A---- C:\Windows\system32\MRT.exe
2012-09-28 09:07:57 ----A---- C:\Windows\system32\imagehlp.dll
2012-09-28 09:07:57 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-09-28 09:07:56 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-09-28 09:07:56 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-09-28 09:07:56 ----A---- C:\Windows\system32\wintrust.dll
2012-09-28 09:07:55 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-09-28 09:07:55 ----A---- C:\Windows\system32\wmi.dll
2012-09-28 09:05:16 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2012-09-28 09:05:16 ----A---- C:\Windows\system32\drivers\ks.sys
2012-09-28 09:04:26 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-09-28 09:04:26 ----A---- C:\Windows\system32\msxml6.dll
2012-09-28 09:04:26 ----A---- C:\Windows\system32\msxml3.dll
2012-09-28 09:04:25 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-09-28 09:04:23 ----A---- C:\Windows\system32\secproc_isv.dll
2012-09-28 09:04:22 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2012-09-28 09:04:22 ----A---- C:\Windows\SYSWOW64\secproc.dll
2012-09-28 09:04:22 ----A---- C:\Windows\system32\secproc.dll
2012-09-28 09:04:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-09-28 09:04:22 ----A---- C:\Windows\system32\RMActivate.exe
2012-09-28 09:04:21 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2012-09-28 09:04:21 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2012-09-28 09:04:21 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2012-09-28 09:04:21 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-09-28 09:04:21 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-09-28 09:04:21 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-09-28 09:04:21 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-09-28 09:04:20 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2012-09-28 09:04:20 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2012-09-28 09:04:20 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2012-09-28 09:03:30 ----A---- C:\Windows\system32\CertEnroll.dll
2012-09-28 09:03:29 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2012-09-28 09:03:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-09-28 09:03:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-09-28 09:03:16 ----A---- C:\Windows\system32\d3d10warp.dll
2012-09-28 09:03:16 ----A---- C:\Windows\system32\d2d1.dll
2012-09-28 09:03:15 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-09-28 09:03:15 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-09-28 09:03:15 ----A---- C:\Windows\system32\DWrite.dll
2012-09-28 09:03:15 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-09-28 09:03:14 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-09-28 09:03:14 ----A---- C:\Windows\system32\d3d10_1.dll
2012-09-28 09:03:03 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-09-28 09:03:03 ----A---- C:\Windows\system32\ntshrui.dll
2012-09-28 09:03:01 ----A---- C:\Windows\system32\schedsvc.dll
2012-09-28 09:03:00 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2012-09-28 09:03:00 ----A---- C:\Windows\system32\wmicmiplugin.dll
2012-09-28 09:03:00 ----A---- C:\Windows\system32\taskschd.dll
2012-09-28 09:03:00 ----A---- C:\Windows\system32\taskeng.exe
2012-09-28 09:03:00 ----A---- C:\Windows\system32\taskcomp.dll
2012-09-28 09:03:00 ----A---- C:\Windows\system32\schtasks.exe
2012-09-28 09:02:59 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2012-09-28 09:02:59 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2012-09-28 09:02:59 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2012-09-28 09:02:54 ----A---- C:\Windows\system32\mssrch.dll
2012-09-28 09:02:53 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2012-09-28 09:02:52 ----A---- C:\Windows\system32\tquery.dll
2012-09-28 09:02:51 ----A---- C:\Windows\SYSWOW64\tquery.dll
2012-09-28 09:02:50 ----A---- C:\Windows\system32\SearchIndexer.exe
2012-09-28 09:02:49 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2012-09-28 09:02:49 ----A---- C:\Windows\system32\mssph.dll
2012-09-28 09:02:48 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2012-09-28 09:02:48 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2012-09-28 09:02:48 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2012-09-28 09:02:48 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2012-09-28 09:02:48 ----A---- C:\Windows\SYSWOW64\mssph.dll
2012-09-28 09:02:48 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2012-09-28 09:02:48 ----A---- C:\Windows\system32\SearchFilterHost.exe
2012-09-28 09:02:48 ----A---- C:\Windows\system32\mssvp.dll
2012-09-28 09:02:48 ----A---- C:\Windows\system32\msscntrs.dll
2012-09-28 09:02:47 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2012-09-28 09:02:47 ----A---- C:\Windows\system32\mssphtb.dll
2012-09-28 09:02:45 ----A---- C:\Windows\system32\CPFilters.dll
2012-09-28 09:02:44 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2012-09-28 09:02:44 ----A---- C:\Windows\system32\sbe.dll
2012-09-28 09:02:43 ----A---- C:\Windows\SYSWOW64\sbe.dll
2012-09-28 09:02:35 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-09-28 09:02:35 ----A---- C:\Windows\system32\webio.dll
2012-09-28 09:02:28 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2012-09-28 09:02:28 ----A---- C:\Windows\system32\poqexec.exe
2012-09-28 09:02:27 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-09-28 09:02:27 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-09-28 09:02:27 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-09-28 09:02:25 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2012-09-28 09:02:25 ----A---- C:\Windows\system32\StructuredQuery.dll
2012-09-28 09:02:24 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2012-09-28 09:02:24 ----A---- C:\Windows\system32\asycfilt.dll
2012-09-28 09:02:23 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2012-09-28 09:02:23 ----A---- C:\Windows\system32\t2embed.dll
2012-09-28 09:02:21 ----A---- C:\Windows\explorer.exe
2012-09-28 09:02:20 ----A---- C:\Windows\SYSWOW64\explorer.exe
2012-09-28 09:02:19 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-09-28 09:02:18 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-09-28 09:02:18 ----A---- C:\Windows\system32\quartz.dll
2012-09-28 09:02:17 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-09-28 09:02:17 ----A---- C:\Windows\system32\qdvd.dll
2012-09-28 09:02:14 ----A---- C:\Windows\system32\ole32.dll
2012-09-28 09:02:13 ----A---- C:\Windows\SYSWOW64\ole32.dll
2012-09-28 09:02:10 ----A---- C:\Windows\system32\srcore.dll
2012-09-28 09:02:09 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-09-28 09:02:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-09-28 09:02:00 ----A---- C:\Windows\system32\kerberos.dll
2012-09-28 09:01:59 ----A---- C:\Windows\system32\odbctrac.dll
2012-09-28 09:01:59 ----A---- C:\Windows\system32\odbccu32.dll
2012-09-28 09:01:59 ----A---- C:\Windows\system32\odbccr32.dll
2012-09-28 09:01:59 ----A---- C:\Windows\system32\odbccp32.dll
2012-09-28 09:01:58 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-09-28 09:01:58 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-09-28 09:01:58 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-09-28 09:01:58 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-09-28 09:01:57 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-09-28 09:01:35 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2012-09-28 09:01:35 ----A---- C:\Windows\system32\xmllite.dll
2012-09-28 09:01:01 ----A---- C:\Windows\system32\msdri.dll
2012-09-28 08:56:49 ----A---- C:\Windows\system32\WMVDECOD.DLL
2012-09-28 08:56:48 ----A---- C:\Windows\system32\mf.dll
2012-09-28 08:56:48 ----A---- C:\Windows\system32\FntCache.dll
2012-09-28 08:56:47 ----A---- C:\Windows\SYSWOW64\mf.dll
2012-09-28 08:56:46 ----A---- C:\Windows\system32\ExplorerFrame.dll
2012-09-28 08:56:45 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2012-09-28 08:56:45 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2012-09-28 08:56:45 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2012-09-28 08:56:45 ----A---- C:\Windows\system32\XpsRasterService.dll
2012-09-28 08:56:45 ----A---- C:\Windows\system32\mfreadwrite.dll
2012-09-28 08:56:45 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2012-09-28 08:56:45 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-09-28 08:56:45 ----A---- C:\Windows\system32\cdd.dll
2012-09-28 08:56:44 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2012-09-28 08:56:44 ----A---- C:\Windows\system32\mfps.dll
2012-09-28 08:56:20 ----A---- C:\Windows\SYSWOW64\upnp.dll
2012-09-28 08:56:20 ----A---- C:\Windows\system32\upnp.dll
2012-09-28 08:56:19 ----A---- C:\Windows\system32\winhttp.dll
2012-09-28 08:56:19 ----A---- C:\Windows\system32\WebClnt.dll
2012-09-28 08:56:18 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2012-09-28 08:56:18 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2012-09-28 08:56:18 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2012-09-28 08:56:18 ----A---- C:\Windows\SYSWOW64\slwga.dll
2012-09-28 08:56:18 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2012-09-28 08:56:18 ----A---- C:\Windows\system32\wscsvc.dll
2012-09-28 08:56:18 ----A---- C:\Windows\system32\wscapi.dll
2012-09-28 08:56:18 ----A---- C:\Windows\system32\slwga.dll
2012-09-28 08:56:18 ----A---- C:\Windows\system32\davclnt.dll
2012-09-28 08:56:14 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-09-28 08:56:14 ----A---- C:\Windows\system32\win32spl.dll
2012-09-28 08:56:14 ----A---- C:\Windows\system32\spoolsv.exe
2012-09-28 08:56:14 ----A---- C:\Windows\splwow64.exe
2012-09-28 08:55:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-09-28 08:55:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-09-28 08:55:49 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-09-28 08:55:47 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2012-09-28 08:55:47 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2012-09-28 08:55:30 ----A---- C:\Windows\system32\shell32.dll
2012-09-28 08:55:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-09-28 08:54:48 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-09-28 08:54:47 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2012-09-28 08:54:47 ----A---- C:\Windows\system32\XpsPrint.dll
2012-09-28 08:54:37 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-09-28 08:54:37 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-09-28 08:54:37 ----A---- C:\Windows\system32\cryptsvc.dll
2012-09-28 08:54:37 ----A---- C:\Windows\system32\cryptnet.dll
2012-09-28 08:54:37 ----A---- C:\Windows\system32\crypt32.dll
2012-09-28 08:54:36 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-09-28 08:54:22 ----A---- C:\Windows\system32\KernelBase.dll
2012-09-28 08:54:21 ----A---- C:\Windows\system32\kernel32.dll
2012-09-28 08:54:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-09-28 08:54:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-09-28 08:54:20 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-09-28 08:54:20 ----A---- C:\Windows\system32\wow64win.dll
2012-09-28 08:54:20 ----A---- C:\Windows\system32\wow64.dll
2012-09-28 08:54:20 ----A---- C:\Windows\system32\winsrv.dll
2012-09-28 08:54:20 ----A---- C:\Windows\system32\conhost.exe
2012-09-28 08:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-09-28 08:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-09-28 08:54:19 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-09-28 08:54:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-09-28 08:54:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-09-28 08:54:19 ----A---- C:\Windows\system32\wow64cpu.dll
2012-09-28 08:54:19 ----A---- C:\Windows\system32\ntvdm64.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-09-28 08:54:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-09-28 08:54:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-09-28 08:54:15 ----A---- C:\Windows\SYSWOW64\user.exe
2012-09-28 08:54:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-09-28 08:54:14 ----A---- C:\Windows\system32\drivers\srv.sys
2012-09-28 08:54:13 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-09-28 08:54:02 ----A---- C:\Windows\system32\wmp.dll
2012-09-28 08:54:00 ----A---- C:\Windows\SYSWOW64\wmp.dll
2012-09-28 08:53:56 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2012-09-28 08:53:55 ----A---- C:\Windows\system32\wmploc.DLL
2012-09-28 08:53:54 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-09-28 08:53:53 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-09-28 08:53:53 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-09-28 08:53:53 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-09-28 08:53:53 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\system32\tsbyuv.dll
2012-09-28 08:53:50 ----A---- C:\Windows\system32\msyuv.dll
2012-09-28 08:53:50 ----A---- C:\Windows\system32\msvidc32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\system32\msrle32.dll
2012-09-28 08:53:50 ----A---- C:\Windows\system32\iyuv_32.dll
2012-09-28 08:53:36 ----A---- C:\Windows\system32\winlogon.exe
2012-09-28 08:53:35 ----A---- C:\Windows\system32\schannel.dll
2012-09-28 08:53:34 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-09-28 08:53:34 ----A---- C:\Windows\system32\ncrypt.dll
2012-09-28 08:53:34 ----A---- C:\Windows\system32\lsasrv.dll
2012-09-28 08:53:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-09-28 08:53:34 ----A---- C:\Windows\system32\drivers\cng.sys
2012-09-28 08:53:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-09-28 08:53:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-09-28 08:53:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-09-28 08:53:33 ----A---- C:\Windows\system32\sspisrv.dll
2012-09-28 08:53:33 ----A---- C:\Windows\system32\sspicli.dll
2012-09-28 08:53:33 ----A---- C:\Windows\system32\secur32.dll
2012-09-28 08:53:33 ----A---- C:\Windows\system32\lsass.exe
2012-09-28 08:53:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-09-28 08:53:30 ----A---- C:\Windows\system32\mfc42u.dll
2012-09-28 08:53:30 ----A---- C:\Windows\system32\mfc42.dll
2012-09-28 08:53:29 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2012-09-28 08:53:29 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2012-09-28 08:53:26 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-09-28 08:53:25 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-09-28 08:53:25 ----A---- C:\Windows\system32\netapi32.dll
2012-09-28 08:53:25 ----A---- C:\Windows\system32\browser.dll
2012-09-28 08:53:25 ----A---- C:\Windows\system32\browcli.dll
2012-09-28 08:53:22 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-09-28 08:53:22 ----A---- C:\Windows\system32\fontsub.dll
2012-09-28 08:53:22 ----A---- C:\Windows\system32\atmfd.dll
2012-09-28 08:53:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2012-09-28 08:53:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-09-28 08:53:21 ----A---- C:\Windows\system32\atmlib.dll
2012-09-28 08:53:12 ----A---- C:\Windows\system32\winresume.exe
2012-09-28 08:53:12 ----A---- C:\Windows\system32\winload.exe
2012-09-28 08:53:11 ----A---- C:\Windows\system32\kdusb.dll
2012-09-28 08:53:11 ----A---- C:\Windows\system32\kdcom.dll
2012-09-28 08:53:11 ----A---- C:\Windows\system32\kd1394.dll
2012-09-28 08:53:10 ----A---- C:\Windows\system32\msi.dll
2012-09-28 08:53:09 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-09-28 08:53:01 ----A---- C:\Windows\system32\drivers\afd.sys
2012-09-28 08:52:58 ----A---- C:\Windows\system32\psisdecd.dll
2012-09-28 08:52:57 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-09-28 08:52:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2012-09-28 08:52:55 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2012-09-28 08:52:55 ----A---- C:\Windows\system32\mstscax.dll
2012-09-28 08:52:54 ----A---- C:\Windows\system32\mstsc.exe
2012-09-28 08:52:51 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2012-09-28 08:52:51 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2012-09-28 08:52:50 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2012-09-28 08:52:50 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2012-09-28 08:52:50 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-09-28 08:52:50 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-09-28 08:52:50 ----A---- C:\Windows\system32\dnsapi.dll
2012-09-28 08:52:43 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-09-28 08:52:42 ----A---- C:\Windows\system32\rdpwsx.dll
2012-09-28 08:52:42 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-09-28 08:52:42 ----A---- C:\Windows\system32\profsvc.dll
2012-09-28 08:52:40 ----A---- C:\Windows\system32\rtutils.dll
2012-09-28 08:52:39 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2012-09-28 08:52:32 ----A---- C:\Windows\system32\csrsrv.dll
2012-09-28 08:52:29 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2012-09-28 08:52:29 ----A---- C:\Windows\system32\msasn1.dll
2012-09-28 08:52:19 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2012-09-28 08:52:19 ----A---- C:\Windows\system32\wmpmde.dll
2012-09-28 08:52:09 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-28 08:52:09 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-28 08:52:04 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2012-09-28 08:52:04 ----A---- C:\Windows\system32\comctl32.dll
2012-09-28 08:52:03 ----A---- C:\Windows\system32\drivers\fvevol.sys
2012-09-28 08:52:02 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2012-09-28 08:52:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-09-28 08:51:56 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2012-09-28 08:51:43 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-09-28 08:51:43 ----A---- C:\Windows\system32\msvcrt.dll
2012-09-28 08:51:31 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-09-28 08:51:31 ----A---- C:\Windows\system32\EncDec.dll
2012-09-28 08:51:30 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2012-09-28 08:51:30 ----A---- C:\Windows\system32\prevhost.exe
2012-09-28 08:51:27 ----A---- C:\Windows\system32\win32k.sys
2012-09-28 08:51:17 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-09-28 08:51:17 ----A---- C:\Windows\system32\tzres.dll
2012-09-28 08:51:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-09-28 08:51:10 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-09-28 08:51:10 ----A---- C:\Windows\system32\oleaut32.dll
2012-09-28 08:51:10 ----A---- C:\Windows\system32\oleacc.dll
2012-09-28 08:50:53 ----A---- C:\Windows\system32\localspl.dll
2012-09-28 08:50:42 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-09-28 08:50:42 ----A---- C:\Windows\system32\inetcomm.dll
2012-09-28 08:50:41 ----A---- C:\Windows\system32\consent.exe
2012-09-28 08:50:38 ----A---- C:\Windows\system32\drivers\bowser.sys
2012-09-28 08:50:37 ----A---- C:\Windows\system32\FXSCOVER.exe
2012-09-28 08:50:29 ----A---- C:\Windows\system32\ntdll.dll
2012-09-28 08:50:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-09-28 08:50:20 ----A---- C:\Windows\system32\odbc32.dll
2012-09-28 08:50:19 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2012-09-28 08:50:16 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-28 08:50:15 ----A---- C:\Windows\SYSWOW64\sscore.dll
2012-09-28 08:50:15 ----A---- C:\Windows\system32\srvsvc.dll
2012-09-28 08:44:58 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-09-28 08:44:58 ----A---- C:\Windows\system32\packager.dll
2012-09-28 08:38:25 ----A---- C:\Windows\SYSWOW64\cabview.dll
2012-09-28 08:38:25 ----A---- C:\Windows\system32\cabview.dll
2012-09-28 08:37:29 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-09-28 08:37:29 ----A---- C:\Windows\system32\rdpcore.dll
2012-09-28 08:37:28 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-09-28 08:33:43 ----A---- C:\Windows\system32\wups2.dll
2012-09-28 08:33:43 ----A---- C:\Windows\system32\wucltux.dll
2012-09-28 08:33:43 ----A---- C:\Windows\system32\wuaueng.dll
2012-09-28 08:33:43 ----A---- C:\Windows\system32\wuauclt.exe
2012-09-28 08:33:35 ----A---- C:\Windows\system32\wups.dll
2012-09-28 08:33:35 ----A---- C:\Windows\system32\wudriver.dll
2012-09-28 08:33:35 ----A---- C:\Windows\system32\wuapi.dll
2012-09-28 08:33:27 ----A---- C:\Windows\system32\wuwebv.dll
2012-09-28 08:33:27 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2012-10-27 11:57:32 ----D---- C:\Windows\Prefetch
2012-10-27 11:57:27 ----D---- C:\Windows\Temp
2012-10-27 11:57:24 ----RD---- C:\Program Files
2012-10-27 11:21:51 ----D---- C:\Windows\System32
2012-10-27 11:21:51 ----D---- C:\Windows\inf
2012-10-27 11:21:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-27 10:37:35 ----SHD---- C:\System Volume Information
2012-10-27 10:00:43 ----A---- C:\Windows\SYSWOW64\log.txt
2012-10-27 09:59:05 ----HD---- C:\ASUS.DAT
2012-10-27 09:34:25 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-10-27 09:34:25 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-10-25 11:45:17 ----D---- C:\Users\koko\AppData\Roaming\uTorrent
2012-10-24 13:15:19 ----D---- C:\Windows\system32\config
2012-10-24 11:33:30 ----SHD---- C:\Windows\Installer
2012-10-24 11:32:13 ----D---- C:\Program Files (x86)\Common Files
2012-10-24 11:32:12 ----RD---- C:\Program Files (x86)
2012-10-24 11:32:04 ----HD---- C:\ProgramData
2012-10-23 22:39:54 ----SD---- C:\Users\koko\AppData\Roaming\Microsoft
2012-10-21 18:12:52 ----D---- C:\Windows\system32\catroot2
2012-10-17 01:31:29 ----D---- C:\Windows\system32\NDF
2012-10-10 20:19:27 ----D---- C:\Users\koko\AppData\Roaming\Winamp
2012-10-04 16:22:06 ----D---- C:\Windows\system32\LogFiles
2012-10-04 07:13:07 ----SD---- C:\ProgramData\Microsoft
2012-10-02 10:56:45 ----D---- C:\Windows\system32\catroot
2012-10-02 10:52:04 ----D---- C:\Windows\winsxs
2012-10-02 10:27:18 ----D---- C:\Windows
2012-10-01 00:46:22 ----D---- C:\Windows\rescache
2012-10-01 00:24:21 ----D---- C:\Windows\Microsoft.NET
2012-10-01 00:24:13 ----RSD---- C:\Windows\assembly
2012-09-28 10:42:45 ----D---- C:\Windows\SysWOW64
2012-09-28 10:42:40 ----D---- C:\Windows\SYSWOW64\en-US
2012-09-28 10:42:40 ----D---- C:\Windows\system32\en-US
2012-09-28 10:29:11 ----D---- C:\Windows\system32\wdi
2012-09-28 10:25:16 ----D---- C:\Windows\system32\drivers
2012-09-28 10:25:13 ----D---- C:\Program Files\Common Files\System
2012-09-28 10:25:00 ----D---- C:\Windows\ehome
2012-09-28 10:24:51 ----RSD---- C:\Windows\Fonts
2012-09-28 10:24:44 ----D---- C:\Program Files\Windows Mail
2012-09-28 10:24:44 ----D---- C:\Program Files (x86)\Windows Mail
2012-09-28 10:01:07 ----D---- C:\Windows\AppPatch
2012-09-28 09:49:47 ----D---- C:\Windows\SYSWOW64\migration
2012-09-28 09:49:35 ----D---- C:\Windows\system32\migration
2012-09-28 09:49:35 ----D---- C:\Windows\PolicyDefinitions
2012-09-28 09:49:25 ----D---- C:\Program Files\Internet Explorer
2012-09-28 09:49:21 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-28 09:49:16 ----D---- C:\Windows\system32\Boot
2012-09-28 09:49:12 ----D---- C:\Program Files (x86)\Windows Media Player
2012-09-28 09:49:11 ----D---- C:\Program Files\Windows Media Player
2012-09-28 09:49:06 ----D---- C:\Program Files\Windows Journal
2012-09-28 09:48:56 ----D---- C:\Windows\system32\DriverStore
2012-09-28 09:23:00 ----D---- C:\Windows\Logs
2012-09-28 09:10:46 ----D---- C:\Windows\debug
2012-09-28 09:05:23 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-09-07 31080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-27 10207232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-27 317952]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2011-11-14 1813056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-04 1413168]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\E:\I386\AsPrOb64.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-03 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-27 204288]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-03 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-09-07 927840]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-28 1255736]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

-----------------EOF-----------------

Zdravim

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

No keď som spustila deletion v 90 % mi to vyhodí error okienko :
Line 13079 (File "C:/UsbFix/Go.exe"):
Error: Subscript used with non-Array variable

Okej Našla som nejaký súbor z tej Deletion.. ale aj tak sa nedokončila ani raz ked som to skusala, iba na 90 % Ale tu je tá správa z toho :

############################## | UsbFix V 7.096 | [Deletion]

User: koko (Administrator) # KOKO-PC
Updated 15/08/2012 by El Desaparecido
Started at 15:15:06 | 27/10/2012

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: ASUSTeK Computer Inc. (K54HR) (x64-based PC) # Notebook
CPU: Intel(R) Pentium(R) CPU B960 @ 2.20GHz (2200)
RAM -> [Total : 4072 | Free : 2822]
BIOS: BIOS Date: 03/20/12 09:44:25 Ver: 04.06.03
BOOT: Normal boot

OS: Microsoft Windows 7 Ultimate (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 58 Gb (32 Mb free - 55%) [] # NTFS
D:\ -> Fixed drive # 640 Gb (571 Mb free - 89%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Fixed drive # 140 Gb (6 Mb free - 5%) [DATA] # FAT32
H:\ -> Fixed drive # 93 Gb (93 Mb free - 100%) [] # NTFS

################## | Active Processes |

C:\Windows\system32\csrss.exe (504)
C:\Windows\system32\wininit.exe (584)
C:\Windows\system32\services.exe (640)
C:\Windows\system32\lsass.exe (656)
C:\Windows\system32\lsm.exe (664)
C:\Windows\system32\svchost.exe (776)
C:\Windows\system32\svchost.exe (916)
C:\Windows\System32\svchost.exe (380)
C:\Windows\System32\svchost.exe (524)
C:\Windows\system32\svchost.exe (408)
C:\Windows\system32\svchost.exe (1128)
C:\Windows\system32\svchost.exe (1228)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1584)
C:\Windows\system32\svchost.exe (1760)
C:\Windows\system32\svchost.exe (1384)
C:\Windows\system32\svchost.exe (2540)
C:\Windows\system32\svchost.exe (2332)
C:\Windows\System32\svchost.exe (3744)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4432)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (3636)
C:\Windows\system32\SearchIndexer.exe (1460)
C:\Program Files\Windows Media Player\wmpnetwk.exe (1380)
C:\Windows\System32\spoolsv.exe (3464)
C:\Windows\system32\csrss.exe (2500)
C:\Windows\system32\winlogon.exe (2508)
C:\Windows\system32\taskhost.exe (4468)
C:\Windows\system32\taskeng.exe (3372)
C:\Windows\system32\Dwm.exe (2808)
C:\Windows\Explorer.EXE (3176)
C:\Windows\system32\taskeng.exe (4684)
C:\Program Files\ASUS\P4G\BatteryLife.exe (4740)
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (4260)
C:\Windows\system32\wbem\wmiprvse.exe (4744)
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (3456)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4896)
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (3140)
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (5096)
C:\Program Files (x86)\Skype\Phone\Skype.exe (1944)
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (4652)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4644)
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (4592)
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (3792)
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (4112)
C:\Program Files (x86)\AVG Secure Search\vprot.exe (2656)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (2004)
C:\Program Files (x86)\Internet Explorer\IELowutil.exe (2952)
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (1928)
C:\UsbFix\Go.exe (2668)
C:\Windows\system32\wbem\wmiprvse.exe (3320)

################## | Stopped processes |

Stopped! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1584)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4432)
Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (3636)
Stopped! C:\Windows\system32\SearchIndexer.exe (1460)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (1380)
Stopped! C:\Windows\System32\spoolsv.exe (3464)
Stopped! C:\Windows\system32\taskhost.exe (4468)
Stopped! C:\Windows\system32\taskeng.exe (3372)
Stopped! C:\Windows\system32\taskeng.exe (4684)
Stopped! C:\Program Files\ASUS\P4G\BatteryLife.exe (4740)
Stopped! C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe (4260)
Stopped! C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (3456)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (4896)
Stopped! C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (3140)
Stopped! C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (5096)
Stopped! C:\Program Files (x86)\Skype\Phone\Skype.exe (1944)
Stopped! C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (4652)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4644)
Stopped! C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (4592)
Stopped! C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (3792)
Stopped! C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (4112)
Stopped! C:\Program Files (x86)\AVG Secure Search\vprot.exe (2656)
Stopped! C:\Program Files\AVAST Software\Avast\AvastUI.exe (2004)
Stopped! C:\Program Files (x86)\Internet Explorer\IELowutil.exe (2952)
Stopped! C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (1928)

################## | Files # Infected Folders |

Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1776410817-1395037436-76359829-1000
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1776410817-1395037436-76359829-1000
Deleted ! H:\$RECYCLE.BIN\S-1-5-21-1776410817-1395037436-76359829-1000

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[27/10/2012 - 15:15:43 | SHD ] C:\$Recycle.Bin
[27/10/2012 - 15:13:23 | D ] C:\ASUS.DAT
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[06/09/2012 - 22:02:37 | D ] C:\eSupport
[27/10/2012 - 12:36:48 | ASH | 3202449408] C:\hiberfil.sys
[06/09/2012 - 21:43:20 | D ] C:\Intel
[27/10/2012 - 12:36:52 | ASH | 4269932544] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[27/10/2012 - 11:57:24 | D ] C:\Program Files
[24/10/2012 - 11:32:12 | D ] C:\Program Files (x86)
[24/10/2012 - 11:32:04 | HD ] C:\ProgramData
[06/09/2012 - 21:35:06 | SHD ] C:\Recovery
[06/09/2012 - 21:58:46 | N | 2466] C:\RHDSetup.log
[27/10/2012 - 11:57:38 | D ] C:\rsit
[23/07/2009 - 14:29:14 | N | 881] C:\setup.iss
[06/09/2012 - 21:57:24 | N | 87] C:\setup.log
[27/10/2012 - 10:37:35 | SHD ] C:\System Volume Information
[27/10/2012 - 15:15:43 | D ] C:\UsbFix
[27/10/2012 - 15:15:12 | A | 6610] C:\UsbFix.txt
[06/09/2012 - 21:39:14 | D ] C:\Users
[14/11/2007 - 09:18:40 | N | 553] C:\USetup.iss
[02/10/2012 - 10:27:18 | D ] C:\Windows
[27/10/2012 - 15:15:43 | SHD ] D:\$RECYCLE.BIN
[23/10/2012 - 22:35:54 | D ] D:\Films
[16/10/2012 - 10:34:35 | D ] D:\MUSIC
[24/10/2012 - 15:38:01 | D ] D:\Photos
[06/09/2012 - 21:44:53 | SHD ] D:\System Volume Information
[18/02/2009 - 17:20:04 | D ] F:\Movies
[25/01/2009 - 19:54:42 | SHD ] F:\System Volume Information
[31/03/2010 - 23:22:40 | SHD ] F:\$RECYCLE.BIN
[11/04/2010 - 08:51:08 | D ] F:\$AVG
[27/08/2011 - 14:17:14 | D ] F:\ducuments
[12/06/2012 - 15:11:48 | D ] F:\snimki
[25/01/2009 - 20:18:48 | D ] F:\Recycled
[27/01/2009 - 12:14:32 | D ] F:\films
[04/02/2009 - 12:18:38 | D ] F:\msdownld.tmp

Nechte disk zapojeny

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Rkill log :
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/28/2012 12:16:11 PM in x64 mode.
Windows Version: Windows 7 Ultimate

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\koko\Desktop\rkill\rkill-10-28-2012-12-16-15.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/28/2012 12:16:32 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)


ComboFix log :

ComboFix 12-10-26.05 - koko 10/28/2012 12:22:51.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4072.2778 [GMT 1:00]
Running from: c:\users\koko\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msvcr71.dll
.
c:\windows\SysWow64\Drivers\atapi.sys . . . is infected!!
.
.
((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-28 )))))))))))))))))))))))))))))))
.
.
2012-10-27 13:04 . 2012-10-27 13:15 -------- d-----w- C:\UsbFix
2012-10-27 09:57 . 2012-10-27 09:57 -------- d-----w- c:\program files\trend micro
2012-10-27 09:57 . 2012-10-27 09:57 -------- d-----w- C:\rsit
2012-10-24 09:32 . 2012-10-28 11:15 -------- d-----w- c:\users\koko\AppData\Roaming\Skype
2012-10-24 09:32 . 2012-10-24 09:32 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-10-24 09:32 . 2012-10-24 09:33 -------- d-----r- c:\program files (x86)\Skype
2012-10-24 09:32 . 2012-10-24 09:33 -------- d-----w- c:\programdata\Skype
2012-10-23 20:51 . 2012-10-28 11:15 -------- d-----w- c:\users\koko\AppData\Roaming\vlc
2012-10-23 20:50 . 2012-10-23 20:50 -------- d-----w- c:\program files (x86)\VideoLAN
2012-10-16 11:42 . 2012-10-16 11:42 -------- d-----w- c:\programdata\YTD Video Downloader
2012-10-16 11:41 . 2012-10-16 11:41 -------- d-----w- c:\program files (x86)\YTD Video Downloader
2012-10-02 06:59 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A87944D-38CA-47FF-B1CC-C0B76333F77A}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-27 12:35 . 2012-09-06 20:07 380 ----a-w- c:\users\koko\AppData\Roaming\sp_data.sys
2012-09-28 08:23 . 2012-09-28 08:23 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-09-28 07:22 . 2012-09-28 07:22 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-28 07:22 . 2012-09-28 07:22 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-28 07:22 . 2012-09-28 07:22 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-28 07:22 . 2012-09-28 07:22 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-28 07:22 . 2012-09-28 07:22 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-28 07:22 . 2012-09-28 07:22 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-28 07:22 . 2012-09-28 07:22 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-09-28 07:22 . 2012-09-28 07:22 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-28 07:22 . 2012-09-28 07:22 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-28 07:22 . 2012-09-28 07:22 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-09-28 07:22 . 2012-09-28 07:22 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-28 07:22 . 2012-09-28 07:22 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-09-28 07:22 . 2012-09-28 07:22 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-28 07:22 . 2012-09-28 07:22 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-28 07:22 . 2012-09-28 07:22 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-28 07:22 . 2012-09-28 07:22 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-09-28 07:22 . 2012-09-28 07:22 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-09-28 07:22 . 2012-09-28 07:22 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-28 07:22 . 2012-09-28 07:22 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-09-28 07:22 . 2012-09-28 07:22 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-28 07:22 . 2012-09-28 07:22 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-09-28 07:22 . 2012-09-28 07:22 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-09-28 07:22 . 2012-09-28 07:22 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-28 07:22 . 2012-09-28 07:22 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-28 07:22 . 2012-09-28 07:22 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-28 07:22 . 2012-09-28 07:22 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-09-28 07:22 . 2012-09-28 07:22 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-28 07:22 . 2012-09-28 07:22 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-28 07:22 . 2012-09-28 07:22 816640 ----a-w- c:\windows\system32\jscript.dll
2012-09-28 07:22 . 2012-09-28 07:22 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-28 07:22 . 2012-09-28 07:22 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-09-28 07:22 . 2012-09-28 07:22 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-28 07:22 . 2012-09-28 07:22 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-09-28 07:22 . 2012-09-28 07:22 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-28 07:22 . 2012-09-28 07:22 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-28 07:22 . 2012-09-28 07:22 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-28 07:22 . 2012-09-28 07:22 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-28 07:22 . 2012-09-28 07:22 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-28 07:22 . 2012-09-28 07:22 448512 ----a-w- c:\windows\system32\html.iec
2012-09-28 07:22 . 2012-09-28 07:22 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-28 07:22 . 2012-09-28 07:22 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-28 07:22 . 2012-09-28 07:22 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-28 07:22 . 2012-09-28 07:22 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-28 07:22 . 2012-09-28 07:22 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-28 07:22 . 2012-09-28 07:22 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-28 07:22 . 2012-09-28 07:22 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-28 07:22 . 2012-09-28 07:22 248320 ----a-w- c:\windows\system32\ieui.dll
2012-09-28 07:22 . 2012-09-28 07:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-28 07:22 . 2012-09-28 07:22 237056 ----a-w- c:\windows\system32\url.dll
2012-09-28 07:22 . 2012-09-28 07:22 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-09-28 07:22 . 2012-09-28 07:22 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-28 07:22 . 2012-09-28 07:22 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-09-28 07:22 . 2012-09-28 07:22 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-28 07:22 . 2012-09-28 07:22 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-09-28 07:22 . 2012-09-28 07:22 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-09-28 07:22 . 2012-09-28 07:22 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-28 07:22 . 2012-09-28 07:22 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-28 07:22 . 2012-09-28 07:22 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-28 07:22 . 2012-09-28 07:22 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-28 07:22 . 2012-09-28 07:22 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-28 07:22 . 2012-09-28 07:22 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-09-28 07:22 . 2012-09-28 07:22 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-28 07:22 . 2012-09-28 07:22 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-09-28 07:22 . 2012-09-28 07:22 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-28 07:22 . 2012-09-28 07:22 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-09-28 07:22 . 2012-09-28 07:22 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-28 07:22 . 2012-09-28 07:22 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-28 07:22 . 2012-09-28 07:22 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-28 07:22 . 2012-09-28 07:22 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-09-28 07:22 . 2012-09-28 07:22 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-28 07:22 . 2012-09-28 07:22 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-07 19:37 . 2012-09-07 19:37 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-09-06 20:05 . 2012-09-06 20:05 520192 ----a-w- c:\windows\SysWow64\ASUS_Screensaver.scr
2012-09-06 20:04 . 2012-09-06 20:04 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-08-30 22:43 . 2012-09-28 07:10 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 09:13 . 2012-09-08 06:38 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-09-08 06:38 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-09-08 06:38 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-09-08 06:38 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-09-08 06:38 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-09-08 06:38 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-09-08 06:37 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-09-08 06:37 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2012-09-08 06:38 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-02 17:55 . 2012-09-28 06:52 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 17:05 . 2012-09-28 06:52 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-09-07 19:37 2045024 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll" [2012-09-07 2045024]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-09 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-22 318080]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-18 2319536]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-07 1162848]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-09-07 1020512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-9-6 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-09-27 204288]
R2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-03 277120]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-09-07 927840]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;e:\i386\AsPrOb64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-28 1255736]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-07 31080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-09-27 10207232]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-09-27 317952]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-11-14 1813056]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776410817-1395037436-76359829-1000Core.job
- c:\users\koko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-06 21:18]
.
2012-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776410817-1395037436-76359829-1000UA.job
- c:\users\koko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-06 21:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*?*ë*U%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*k*i*#\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m**‘%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*q*V%]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*q*V%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**%è**]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**%è**\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*R%a%û*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*R%a%û*\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*V%p*%]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*V%p*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*W%R*[%]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*W%R*[%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X%¿*À]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X%¿*À\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Z%*%d*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1776410817-1395037436-76359829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Z%*%d*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-28 12:43:31
ComboFix-quarantined-files.txt 2012-10-28 11:43
.
Pre-Run: 34,185,334,784 bytes free
Post-Run: 34,311,774,208 bytes free
.
- - End Of File - - C8B68E8776923522FA044CB50E58CD65

Ale aj keď som všetko spravila tak na disku su stále tie subory poskodene a stále sa snimi nedá nič robiť

Zkuste tento tip od kolegy http://www.viruskasino.com/2011/02/malw ... IAASGdEySo