VIRY.CZ

ComboFix 10-01-29.09 - Hong 31.01.2010 12:50:02.4.1 - x86
Running from: c:\documents and settings\Hong\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-31 )))))))))))))))))))))))))))))))
.

2010-01-30 22:55 . 2010-01-30 22:56 -------- d-----w- c:\program files\ICQ7.0
2010-01-30 22:31 . 2010-01-30 22:58 -------- d-----w- c:\program files\ICQ6Toolbar
2010-01-30 11:01 . 2010-01-30 11:01 -------- d-----w- c:\windows\ServicePackFiles
2010-01-30 11:00 . 2010-01-30 11:00 -------- d-----w- c:\program files\MSXML 4.0
2010-01-30 10:52 . 2006-08-16 11:58 100352 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2010-01-30 10:52 . 2009-10-15 21:51 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-01-30 10:52 . 2009-10-15 17:21 82432 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-30 10:50 . 2009-07-17 18:55 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2010-01-30 10:36 . 2010-01-30 10:36 3038 ----a-w- C:\fix_svchost.bat
2010-01-25 16:28 . 2010-01-25 16:28 -------- d-----w- c:\program files\Realtek AC97
2010-01-23 14:20 . 2006-07-01 21:39 36864 ----a-w- c:\windows\system32\drivers\AmdK8.sys
2010-01-23 14:20 . 2010-01-23 14:20 -------- d-----w- c:\program files\AMD
2010-01-21 18:02 . 2010-01-21 18:13 -------- d-----w- c:\program files\Setup Files
2010-01-21 17:58 . 2010-01-21 17:58 -------- d-----w- c:\program files\MSI
2010-01-21 17:28 . 2009-03-27 00:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2010-01-21 17:28 . 2010-01-21 17:28 -------- d-----w- c:\program files\CPUID
2010-01-15 14:01 . 2004-08-03 22:08 25600 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-01-15 14:01 . 2004-08-03 22:08 25600 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-01-15 14:00 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-01-13 18:13 . 2010-01-13 18:13 -------- d-----w- c:\program files\Common Files\NVIDIA Shared
2010-01-13 18:13 . 2010-01-13 18:13 -------- d-----w- C:\NV29604068.TMP
2010-01-13 18:12 . 2010-01-13 18:12 -------- d-----w- C:\NV20161944.TMP
2010-01-13 18:12 . 2010-01-13 18:12 -------- d-----w- C:\NV2000372.TMP
2010-01-09 13:10 . 2010-01-09 13:10 -------- d-----w- c:\documents and settings\Hong\EurekaLog

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 22:16 . 2009-02-02 04:55 318064 ----a-w- c:\documents and settings\Hong\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-30 22:13 . 2009-11-07 22:56 -------- d-----w- c:\program files\QIP
2010-01-30 22:11 . 2009-09-25 12:30 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-30 22:11 . 2009-03-21 21:09 -------- d-----w- c:\program files\Common Files\AOL
2010-01-30 22:11 . 2009-02-07 04:10 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-30 21:53 . 2009-02-04 04:44 -------- d-----w- c:\documents and settings\Hong\Application Data\ICQ
2010-01-30 14:04 . 2010-01-30 14:04 4904 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2010-01-30 11:13 . 2009-11-24 18:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-30 11:09 . 2009-03-31 03:53 -------- d-----w- c:\program files\Microsoft Works
2010-01-27 14:21 . 2009-08-11 22:50 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-01-20 21:25 . 2009-02-02 05:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-15 14:00 . 2010-01-15 14:00 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-15 14:00 . 2010-01-15 14:00 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-13 18:13 . 2009-12-20 16:26 -------- d-----w- c:\program files\NVIDIA Corporation
2010-01-10 22:12 . 2009-02-02 06:31 -------- d-----w- c:\documents and settings\Hong\Application Data\Ventrilo
2010-01-06 21:11 . 2009-02-02 05:01 7156 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-29 10:26 . 2009-02-15 20:36 -------- d-----w- c:\documents and settings\Hong\Application Data\MobMapUpdater
2009-12-27 22:18 . 2009-02-10 04:25 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-26 14:16 . 2009-02-15 20:36 317568 ----a-w- c:\documents and settings\Hong\Application Data\MobMapUpdater\MobMapUpdaterExternals.dll
2009-12-23 09:36 . 2009-12-23 09:36 -------- d-----w- c:\program files\NVIDIA nTune Performance Application
2009-12-22 05:42 . 2004-08-03 22:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-20 16:26 . 2009-12-20 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-12-19 15:47 . 2009-12-10 19:33 -------- d-----w- c:\program files\Pinnacle
2009-12-19 15:46 . 2009-05-28 02:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts
2009-12-19 15:45 . 2009-06-24 22:44 -------- d-----w- c:\program files\Counter-Strike 1.6
2009-12-13 14:04 . 2009-12-13 14:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle VideoSpin
2009-12-12 11:09 . 2009-09-16 15:04 -------- d-----w- c:\program files\Heroes of Newerth
2009-12-10 19:33 . 2009-12-10 19:33 -------- d-----w- c:\documents and settings\All Users\Application Data\VideoSpin
2009-12-10 19:32 . 2009-12-10 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle
2009-12-04 22:08 . 2009-09-07 21:13 798 ---h--r- c:\windows\system32\ttri.dat
2009-11-21 16:36 . 2004-08-03 22:56 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 19:32 . 2009-11-20 19:32 278120 ----a-w- c:\windows\system32\nvmccs.dll
2009-11-20 19:32 . 2009-11-20 19:32 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2009-11-20 19:32 . 2009-11-20 19:32 145000 ----a-w- c:\windows\system32\nvcolor.exe
2009-11-20 19:32 . 2009-11-20 19:32 12669544 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:32 . 2009-11-20 19:32 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-11-20 19:32 . 2009-11-20 19:32 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-11-19 20:42 . 2009-05-18 01:27 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-30_14.29.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-03 22:56 . 2004-08-03 22:56 37888 c:\windows\system32\url.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 96256 c:\windows\system32\occache.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 69120 c:\windows\system32\notepad.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 90624 c:\windows\system32\mydocs.dll
+ 2001-08-23 12:00 . 2001-08-23 12:00 66560 c:\windows\system32\console.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 64000 c:\windows\system32\cleanmgr.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 84480 c:\windows\system32\cabview.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 98304 c:\windows\system32\ahui.exe
+ 2009-02-01 20:35 . 2004-08-03 22:56 69120 c:\windows\notepad.exe
+ 2010-01-30 15:25 . 2010-01-30 15:25 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\a31f5136a236dae58c03db56ea2a1a7a\WindowsLiveWriter.ni.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0cce8134aebab15d6c31143f850af1a7\WindowsLive.Writer.Api.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2010-01-30 15:24 . 2010-01-30 15:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 337920 c:\windows\system32\zipfldr.dll
+ 2009-02-02 04:45 . 2004-08-03 22:56 165888 c:\windows\system32\wuauclt1.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 290816 c:\windows\system32\winsrv.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 764928 c:\windows\system32\WINNTBBU.DLL
+ 2004-08-03 22:56 . 2008-10-16 01:00 666112 c:\windows\system32\wininet.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 589312 c:\windows\system32\wiashext.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 433664 c:\windows\system32\wiaacmgr.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 276480 c:\windows\system32\webcheck.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 240128 c:\windows\system32\usmt\migwiz.exe
+ 2004-08-03 22:56 . 2008-10-16 01:00 619520 c:\windows\system32\urlmon.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 385536 c:\windows\system32\themeui.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 135680 c:\windows\system32\taskmgr.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 984576 c:\windows\system32\syssetup.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 105984 c:\windows\system32\sysocmgr.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 121856 c:\windows\system32\stobject.dll
+ 2009-02-02 04:43 . 2001-08-23 12:00 138752 c:\windows\system32\sndvol32.exe
+ 2009-02-02 04:43 . 2004-08-03 22:56 131584 c:\windows\system32\sndrec32.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 438272 c:\windows\system32\shimgvw.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 549376 c:\windows\system32\shdoclc.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 657920 c:\windows\system32\rasdlg.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 560640 c:\windows\system32\printui.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 143872 c:\windows\system32\ntshrui.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 248832 c:\windows\system32\newdev.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 139264 c:\windows\system32\netid.dll
+ 2009-02-02 04:44 . 2004-08-03 22:56 274944 c:\windows\system32\mstask.dll
+ 2009-02-02 04:43 . 2004-08-03 22:56 343040 c:\windows\system32\mspaint.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 994304 c:\windows\system32\msgina.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 216064 c:\windows\system32\moricons.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 514560 c:\windows\system32\logonui.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 220672 c:\windows\system32\logon.scr
+ 2004-08-03 22:56 . 2004-08-03 22:56 150528 c:\windows\system32\keymgr.dll
+ 2001-08-23 12:00 . 2001-08-23 12:00 110592 c:\windows\system32\inetcplc.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 144896 c:\windows\system32\hotplug.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 382976 c:\windows\system32\fontext.dll
+ 2010-01-30 10:51 . 2008-10-16 01:00 699904 c:\windows\system32\dllcache\wininet.dll
+ 2010-01-30 10:51 . 2008-10-16 01:00 693248 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 163840 c:\windows\system32\credui.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 343040 c:\windows\system32\cmdial32.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 388608 c:\windows\system32\cmd.exe
+ 2009-02-02 04:43 . 2001-08-23 12:00 114688 c:\windows\system32\calc.exe
+ 2004-08-03 22:56 . 2004-08-03 22:56 146432 c:\windows\regedit.exe
+ 2009-02-02 04:44 . 2004-08-03 22:56 768512 c:\windows\pchealth\helpctr\binaries\helpctr.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\9d1a36d51bb6a24f943e73c0011e342a\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\feb5009ee6406995983c67d61254b713\WindowsLive.Writer.Extensibility.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ef0daf9b5b7002d4d3493671db79fec5\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ea3b7fc0ae639a2cd268d9a0aab47d15\WindowsLive.Writer.BrowserControl.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd20f981722448ea96d2c0995eeaf9b7\WindowsLive.Writer.Mshtml.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ac50120d9dfafb4868aa4531456cf2e7\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9603a068ba2de2c7ec244454e8ad0763\WindowsLive.Writer.SpellChecker.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b674da2d622aec8a9c150e4f7437c4f\WindowsLive.Writer.Controls.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7ca3eb94ab1ae6867d35382ecf407260\WindowsLive.Writer.Passport.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c494448c732a975d727098bad24f42b\WindowsLive.Writer.Localization.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\75a1c524a87004611e911be710454234\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63d852a9374556240906cbd19946f7b0\WindowsLive.Writer.Instrumentation.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\627621628abc220fd9c02f442178e41c\WindowsLive.Writer.FileDestinations.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\60e6ca35b86ce10970a63fa5ea8b1d9c\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\551d4211cde9574615ad847741667699\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\311874611f12ea8440bc760c3203cbd3\WindowsLive.Writer.Interop.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\f5d7a7417ffcd9af285e64946ba48f74\WindowsLive.Client.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:27 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\af21e3011fb4e107b13ea5c40c351ec4\System.Runtime.Remoting.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2010-01-30 15:24 . 2010-01-30 15:24 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2010-01-30 15:24 . 2010-01-30 15:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2010-01-30 15:28 . 2010-01-30 15:28 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2010-01-30 15:24 . 2010-01-30 15:24 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 2897920 c:\windows\system32\xpsp2res.dll
+ 2004-08-03 22:56 . 2008-10-16 01:00 1499136 c:\windows\system32\shdocvw.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 1708032 c:\windows\system32\netshell.dll
+ 2004-08-03 22:56 . 2008-12-12 17:01 3067904 c:\windows\system32\mshtml.dll
+ 2009-02-01 20:34 . 2010-01-30 22:18 2625080 c:\windows\system32\FNTCACHE.DAT
+ 2010-01-30 10:51 . 2008-10-16 01:00 1778688 c:\windows\system32\dllcache\shdocvw.dll
+ 2010-01-30 10:51 . 2008-12-12 17:01 3508224 c:\windows\system32\dllcache\mshtml.dll
+ 2004-08-03 22:56 . 2004-08-03 22:56 1032192 c:\windows\explorer.exe
+ 2010-01-30 15:27 . 2010-01-30 15:27 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f431bc9e7c51a50035c19abea4cbcaa2\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bf704776939a6c4d0fac5ad70099300b\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7e735c4d2b299eb78cf8cb2c70865978\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2010-01-30 15:30 . 2010-01-30 15:30 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll
+ 2010-01-30 15:25 . 2010-01-30 15:25 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2010-01-30 15:24 . 2010-01-30 15:24 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
- 2010-01-30 11:23 . 2010-01-30 11:23 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\ffa1018e8022964eb51025c2c6d8727a\System.Data.OracleClient.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2010-01-30 15:29 . 2010-01-30 15:29 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-01-30 15:27 . 2010-01-30 15:27 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
+ 2010-01-30 15:26 . 2010-01-30 15:26 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
+ 2010-01-30 15:25 . 2010-01-30 15:25 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-01-12 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Hong^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Hong\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Hong^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\Hong\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Hong^Start Menu^Programs^Startup^WinFlip.lnk]
path=c:\documents and settings\Hong\Start Menu\Programs\Startup\WinFlip.lnk
backup=c:\windows\pss\WinFlip.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
~ [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-28 00:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-09-24 16:57 133104 ----atw- c:\documents and settings\Hong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 19:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-11-20 19:32 12669544 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
2007-09-04 18:25 81920 ----a-w- c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-11-20 19:32 110184 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-19 10:57 1217808 ----a-w- c:\program files\Valve\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-02-14 22:12 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"idsvc"=3 (0x3)
"ICQ Service"=2 (0x2)
"WZCSVC"=2 (0x2)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"NetTcpPortSharing"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"gusvc"=2 (0x2)
"gupdate1c9aca3419ed106"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"MDM"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"ServiceLayer"=3 (0x3)
"IDriverT"=3 (0x3)
"fsssvc"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"nvsvc"=2 (0x2)
"nTuneService"=2 (0x2)
"CachemanXPService"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader
"5353:TCP"= 5353:TCP:Adobe CSI CS4

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-09-25 721904]
R4 CachemanXPService;CachemanXP;c:\documents and settings\Hong\Desktop\Hong\CachemanXP.exe [x]
R4 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
R4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]

.
Contents of the 'Scheduled Tasks' folder

2009-08-22 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8242688076.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 07:52]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-839522115-1617979688-1003Core.job
- c:\documents and settings\Hong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-24 16:57]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-789336058-839522115-1617979688-1003UA.job
- c:\documents and settings\Hong\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-24 16:57]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.games-fusion.net
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Hong\Application Data\Mozilla\Firefox\Profiles\gb2ngkbk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - prefs.js: network.proxy.type - 2
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-ICQ - c:\program files\ICQ6.5\ICQ.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-31 12:54
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Completion time: 2010-01-31 12:56:03
ComboFix-quarantined-files.txt 2010-01-31 11:55
ComboFix2.txt 2010-01-30 14:31

Pre-Run: 51 174 805 504 bytes free
Post-Run: 51 143 585 792 bytes free

- - End Of File - - E9DD42964739F05DFDD0F5FA10EBD598

Log vypadá OK. Zkuste vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .

to uz som skusal ccleaner pouzivam dost dlho a cistim si to pravidelne...

OK. Dejte log z MBAM: http://www.malwarebytes.org/mbam.php . Předem nic nemažte.

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3667
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

31.1.2010 15:15:26
mbam-log-2010-01-31 (15-15-20).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 119761
Uplynulý čas: 10 minute(s), 10 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 1
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\Documents and Settings\Hong\Start Menu\Programs\AV AntiSpyware (Rogue.AVAntiSpyware) -> No action taken.

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Položku smažte.

no nepoohlo to jenak vyrazne PC je v pohode uz ide ako ma...len ten net stale tie vypadky

Zkuste o tom informovat providera. Problém může být i na jeho straně.

skusim skusim...

provider bol umna doma ja som doma nebol bola sestra...prisiel som zo skoly a povedala ze len nejake stranky pootvaral pouzil merac pingu cez "cmd" a ze nic viac ze vsetko je ok...no ale vsetko islo fajn boli u nas v piatok a od soboty 13.00 priblizne to zacalo zase padat...neviem kde moze byt problem...mearl som si ping cez to "cmd" a su tam vypadky...stale ked mi to blbne si to meram a stracam packety alebo nvm noo...

Tak to ofoťte a pošlete mu to.

VIRY.CZ

15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu

Re: 15sekundove vypadky netu + pomaly PC prosim o kontrolu logu