Zmrza mi PC

[Milanco]

Dobry den, zamrza mi PC. Stava sa to napriklad ked sa chcem dostat k nastaveniam obrazovky a este pred tym nez nabehne setric obrazovky. Dalej mi hlasi chybu pri aktualizacii Microsoft .NET Framework 3.5 Service Pack 1. PC som precistil ccleanerom, defragmentoval defragglerom, spustil som rychlu kontrolu programov Spyware terminator a MBAM, ktore nic neodhalili, taktiez som spustil chkdsk so zvazkom f. Problemy zostali. Posielam log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Milan at 2010-02-15 10:19:03
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 143 GB (94%) free of 153 GB
Total RAM: 511 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:26, on 15.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ssstars.scr
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Milan\Desktop\RSIT.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5995980937
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8324 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-01-29 1230184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2010-01-29 1230184]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-05-18 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-05-17 69632]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-02-12 2166784]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-02-12 1800464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-02-12 3037696]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Milan\Start Menu\Programs\Startup
Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-02-15 10:19:08 ----D---- C:\Program Files\trend micro
2010-02-15 10:19:03 ----D---- C:\rsit
2010-02-15 09:00:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-02-15 08:59:22 ----D---- C:\Program Files\Common Files\Adobe
2010-02-15 08:59:22 ----D---- C:\Program Files\Adobe
2010-02-14 15:15:01 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-02-14 15:15:01 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-02-14 15:15:00 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-02-14 15:15:00 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-02-14 15:15:00 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-02-14 15:14:59 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-02-14 15:14:58 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-02-14 15:14:57 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-02-14 15:14:56 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-02-14 15:14:54 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-02-14 15:14:53 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-02-14 15:14:50 ----N---- C:\WINDOWS\system32\px.dll
2010-02-14 15:11:33 ----D---- C:\Program Files\Common Files\DivX Shared
2010-02-14 15:03:36 ----D---- C:\WINDOWS\SxsCaPendDel
2010-02-14 12:53:22 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-02-14 12:46:17 ----D---- C:\Documents and Settings\Milan\Application Data\DivX
2010-02-14 12:42:21 ----D---- C:\Program Files\Mozilla Firefox
2010-02-14 12:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-02-14 12:28:05 ----D---- C:\Documents and Settings\Milan\Application Data\Windows Search
2010-02-14 11:51:20 ----D---- C:\Program Files\Microsoft Silverlight
2010-02-14 11:51:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-14 11:50:22 ----D---- C:\Program Files\Microsoft Sync Framework
2010-02-14 11:49:20 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-02-14 11:49:12 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-02-14 11:48:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$
2010-02-14 11:47:20 ----D---- C:\Program Files\Microsoft
2010-02-14 11:46:56 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-14 11:46:24 ----D---- C:\Program Files\Windows Live
2010-02-14 11:34:48 ----D---- C:\Program Files\Common Files\Windows Live
2010-02-14 11:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-02-14 11:31:13 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-02-14 11:31:12 ----D---- C:\Documents and Settings\Milan\Application Data\Windows Desktop Search
2010-02-14 11:30:09 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-02-14 11:30:09 ----D---- C:\Program Files\Windows Desktop Search
2010-02-14 11:29:52 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-02-14 11:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-02-14 11:21:17 ----D---- C:\Documents and Settings\Milan\Application Data\skypePM
2010-02-14 11:19:08 ----D---- C:\Documents and Settings\Milan\Application Data\Skype
2010-02-14 11:18:16 ----D---- C:\Program Files\Common Files\Skype
2010-02-14 11:18:15 ----D---- C:\Documents and Settings\Milan\Application Data\Malwarebytes
2010-02-14 11:17:48 ----RD---- C:\Program Files\Skype
2010-02-14 11:17:48 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-02-14 11:17:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 11:17:26 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-02-14 11:16:58 ----D---- C:\Program Files\Defraggler
2010-02-14 11:16:42 ----D---- C:\Program Files\Secunia
2010-02-14 11:16:36 ----D---- C:\Program Files\Common Files\Real
2010-02-14 11:16:21 ----D---- C:\Program Files\DivX
2010-02-14 11:16:13 ----D---- C:\Program Files\Haihaisoft Universal Player
2010-02-13 20:20:27 ----D---- C:\Program Files\ICQ6Toolbar
2010-02-13 20:20:19 ----D---- C:\Documents and Settings\Milan\Application Data\Mozilla
2010-02-13 20:20:19 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2010-02-13 20:17:29 ----D---- C:\Documents and Settings\Milan\Application Data\ICQ
2010-02-13 20:16:40 ----D---- C:\Program Files\ICQ7.0
2010-02-13 18:46:40 ----D---- C:\Program Files\MSBuild
2010-02-13 18:46:39 ----D---- C:\Program Files\Reference Assemblies
2010-02-13 18:23:38 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-02-13 18:23:38 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-02-13 18:23:38 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-02-13 18:23:37 ----D---- C:\ebcc69ad31c138363c387884
2010-02-13 18:19:02 ----D---- C:\3b64bb15cbfb2473a4834028
2010-02-13 18:18:50 ----D---- C:\e04ac37e916730c792
2010-02-13 18:17:04 ----RSD---- C:\WINDOWS\assembly
2010-02-13 18:17:03 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-13 18:16:55 ----D---- C:\WINDOWS\system32\URTTemp
2010-02-13 18:03:34 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-02-13 18:03:20 ----D---- C:\Program Files\NVIDIA Corporation
2010-02-13 17:12:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-02-13 17:12:13 ----D---- C:\WINDOWS\system32\sk-SK
2010-02-13 17:10:14 ----D---- C:\WINDOWS\ie7updates
2010-02-13 17:08:15 ----D---- C:\WINDOWS\WBEM
2010-02-13 17:06:44 ----HDC---- C:\WINDOWS\ie7
2010-02-13 17:06:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-02-13 17:05:53 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2010-02-13 16:57:54 ----N---- C:\WINDOWS\system32\WinFXDocObj.exe
2010-02-13 16:57:53 ----N---- C:\WINDOWS\system32\msfeedssync.exe
2010-02-13 16:57:53 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-02-13 16:57:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-02-13 16:57:52 ----N---- C:\WINDOWS\system32\ieui.dll
2010-02-13 16:57:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-02-13 16:57:52 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-02-13 16:57:52 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-02-13 16:57:51 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-02-13 16:57:51 ----A---- C:\WINDOWS\system32\icardie.dll
2010-02-13 16:57:50 ----N---- C:\WINDOWS\system32\advpack.dll.mui
2010-02-13 16:57:35 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2010-02-13 16:22:42 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-13 16:22:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-13 16:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-13 16:21:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-13 16:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-13 16:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-02-13 16:04:30 ----D---- C:\Program Files\Crawler
2010-02-13 15:58:30 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-02-13 15:58:30 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-02-12 19:57:07 ----D---- C:\WINDOWS\Prefetch
2010-02-12 19:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-12 19:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-12 19:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-12 19:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-12 19:51:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-12 19:51:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-12 19:51:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-12 19:51:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-12 19:51:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-12 19:50:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-12 19:50:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-12 19:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-12 19:50:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-12 19:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-12 19:49:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-12 19:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-12 19:49:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-12 19:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-12 19:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-12 19:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-12 19:48:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-12 19:48:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-12 19:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-12 19:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-12 19:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-12 19:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-12 19:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-12 19:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-12 19:47:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-12 19:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-12 19:46:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-12 19:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-12 19:46:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-12 19:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-12 19:46:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-12 19:45:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-12 19:45:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-12 19:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-12 19:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-02-12 19:42:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-12 19:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-12 19:42:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-12 19:42:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-12 19:42:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-12 19:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-12 19:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-12 19:41:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-12 19:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-12 19:40:57 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-12 19:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-12 19:31:28 ----D---- C:\WINDOWS\system32\en-us
2010-02-12 19:31:22 ----D---- C:\WINDOWS\system32\scripting
2010-02-12 19:31:21 ----D---- C:\WINDOWS\l2schemas
2010-02-12 19:31:19 ----D---- C:\WINDOWS\system32\en
2010-02-12 19:31:18 ----D---- C:\WINDOWS\system32\bits
2010-02-12 19:24:05 ----D---- C:\WINDOWS\network diagnostic
2010-02-12 19:13:43 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-02-12 19:13:35 ----D---- C:\WINDOWS\EHome
2010-02-12 19:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-12 19:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-02-12 19:00:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-02-12 19:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-02-12 19:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-02-12 19:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-02-12 19:00:06 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-02-12 18:59:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-02-12 18:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978207_0$
2010-02-12 18:59:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-12 18:59:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-12 18:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-12 18:58:10 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-12 18:57:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-02-12 18:57:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-02-12 18:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-02-12 18:57:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-02-12 18:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-02-12 18:57:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-02-12 18:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-02-12 18:56:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-02-12 18:56:32 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-02-12 18:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-02-12 18:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-02-12 18:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-02-12 18:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-02-12 18:55:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-12 18:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-12 18:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978251_0$
2010-02-12 18:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-02-12 18:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-02-12 18:54:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-02-12 18:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-02-12 18:53:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-02-12 18:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-02-12 18:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-02-12 18:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-02-12 18:52:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-02-12 18:52:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-02-12 18:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-02-12 18:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-12 18:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-02-12 18:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-02-12 18:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-02-12 18:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-02-12 18:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-02-12 18:50:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-02-12 18:50:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-12 18:50:22 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-02-12 18:50:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$
2010-02-12 18:49:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-02-12 18:49:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-02-12 18:49:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-02-12 18:49:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-02-12 18:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-02-12 18:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-02-12 18:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-02-12 18:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-02-12 18:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-02-12 18:48:28 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-02-12 18:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-02-12 18:47:47 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-02-12 18:47:27 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2010-02-12 18:43:30 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-02-12 17:27:19 ----SHD---- C:\RECYCLER
2010-02-12 17:26:56 ----D---- C:\Program Files\CCleaner
2010-02-12 17:17:40 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-02-12 17:08:15 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-02-12 16:55:48 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-02-12 16:55:25 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-12 16:55:25 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-12 16:55:25 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-12 16:55:23 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-12 16:53:20 ----D---- C:\Documents and Settings\Milan\Application Data\Macromedia
2010-02-12 16:53:20 ----D---- C:\Documents and Settings\Milan\Application Data\Adobe
2010-02-12 16:48:07 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2010-02-12 16:48:03 ----A---- C:\WINDOWS\system32\guard32.dll
2010-02-12 16:47:59 ----D---- C:\Program Files\COMODO
2010-02-12 16:42:54 ----A---- C:\WINDOWS\system32\h323log.txt
2010-02-12 16:41:55 ----D---- C:\Program Files\Google
2010-02-12 16:41:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-02-12 16:41:21 ----D---- C:\Program Files\Alwil Software
2010-02-12 16:41:21 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-12 16:39:16 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-02-12 16:39:16 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-12 16:38:25 ----A---- C:\WINDOWS\system32\usbui.dll
2010-02-12 16:37:24 ----SHD---- C:\WINDOWS\Installer
2010-02-12 16:37:24 ----D---- C:\Program Files\Common Files\ODBC
2010-02-12 16:37:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-12 16:37:24 ----A---- C:\WINDOWS\ODBCINST.INI
2010-02-12 16:37:21 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-02-12 16:37:20 ----RD---- C:\Program Files
2010-02-12 16:37:20 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-12 16:37:20 ----D---- C:\Program Files\Common Files
2010-02-12 16:37:17 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-02-12 16:37:17 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-02-12 16:37:17 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-02-12 16:37:15 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-02-12 16:37:15 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-02-12 16:37:15 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-02-12 16:37:14 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-02-12 16:37:12 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-02-12 16:37:12 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-02-12 16:37:12 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-02-12 16:37:12 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-02-12 16:37:12 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-02-12 16:37:12 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-02-12 16:37:11 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-02-12 16:37:10 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-02-12 16:37:10 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-02-12 16:37:10 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-02-12 16:37:10 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-02-12 16:37:10 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-02-12 16:37:07 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-02-12 16:37:04 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-02-12 16:37:04 ----A---- C:\WINDOWS\system32\irclass.dll
2010-02-12 16:37:04 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-02-12 16:37:04 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-02-12 16:37:03 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-02-12 16:37:01 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-02-12 16:37:01 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-02-12 16:37:00 ----A---- C:\WINDOWS\system32\batt.dll
2010-02-12 16:37:00 ----A---- C:\WINDOWS\notepad.exe
2010-02-12 16:36:59 ----A---- C:\WINDOWS\system32\storprop.dll
2010-02-12 16:36:52 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-02-12 16:36:51 ----RA---- C:\WINDOWS\SET25.tmp
2010-02-12 16:36:47 ----RA---- C:\WINDOWS\SET8.tmp
2010-02-12 16:36:44 ----RA---- C:\WINDOWS\SET4.tmp
2010-02-12 16:36:43 ----RA---- C:\WINDOWS\SET3.tmp
2010-02-12 16:36:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-12 16:36:38 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-12 16:36:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-02-12 16:36:10 ----D---- C:\Documents and Settings
2010-02-12 16:36:09 ----SHD---- C:\System Volume Information
2010-02-12 16:35:28 ----SH---- C:\boot.ini
2010-02-12 16:34:54 ----D---- C:\Documents and Settings\Milan\Application Data\Spyware Terminator
2010-02-12 16:34:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-02-12 16:34:51 ----D---- C:\Program Files\Spyware Terminator
2010-02-12 16:29:45 ----D---- C:\WINDOWS\system32\IME
2010-02-12 16:29:45 ----D---- C:\WINDOWS\system32\3com_dmi
2010-02-12 16:29:45 ----D---- C:\WINDOWS\pchealth
2010-02-12 16:29:45 ----D---- C:\WINDOWS\PeerNet
2010-02-12 16:29:45 ----D---- C:\WINDOWS\ime
2010-02-12 16:29:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-12 16:29:44 ----RSD---- C:\WINDOWS\Fonts
2010-02-12 16:29:44 ----RD---- C:\WINDOWS\Web
2010-02-12 16:29:44 ----HD---- C:\WINDOWS\inf
2010-02-12 16:29:44 ----D---- C:\WINDOWS\WinSxS
2010-02-12 16:29:44 ----D---- C:\WINDOWS\twain_32
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Temp
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\wins
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\wbem
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\usmt
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\spool
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\ShellExt
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\Setup
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\ras
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\oobe
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\npp
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\mui
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\icsxml
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\ias
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\export
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\drivers
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\dhcp
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\config
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\3076
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\2052
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1054
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1042
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1041
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1037
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1033
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1031
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1028
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32\1025
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system32
2010-02-12 16:29:44 ----D---- C:\WINDOWS\system
2010-02-12 16:29:44 ----D---- C:\WINDOWS\security
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Resources
2010-02-12 16:29:44 ----D---- C:\WINDOWS\repair
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Provisioning
2010-02-12 16:29:44 ----D---- C:\WINDOWS\mui
2010-02-12 16:29:44 ----D---- C:\WINDOWS\msapps
2010-02-12 16:29:44 ----D---- C:\WINDOWS\msagent
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Media
2010-02-12 16:29:44 ----D---- C:\WINDOWS\java
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Help
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Driver Cache
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Debug
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Cursors
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Connection Wizard
2010-02-12 16:29:44 ----D---- C:\WINDOWS\Config
2010-02-12 16:29:44 ----D---- C:\WINDOWS\AppPatch
2010-02-12 16:29:44 ----D---- C:\WINDOWS\addins
2010-02-12 16:29:44 ----D---- C:\WINDOWS
2010-02-12 16:23:07 ----D---- C:\Documents and Settings\Milan\Application Data\Opera
2010-02-12 16:23:00 ----D---- C:\Program Files\Opera
2010-02-12 16:22:13 ----A---- C:\WINDOWS\system32\wpa.bak
2010-02-12 16:20:55 ----A---- C:\WINDOWS\msicpl.ini
2010-02-12 16:18:40 ----A---- C:\WINDOWS\mHotkey.exe
2010-02-12 16:18:40 ----A---- C:\WINDOWS\Instit.ini
2010-02-12 16:18:40 ----A---- C:\WINDOWS\InstIt.exe
2010-02-12 16:18:40 ----A---- C:\WINDOWS\HKNTDLL.dll
2010-02-12 16:16:09 ----D---- C:\WINDOWS\nview
2010-02-12 16:16:09 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-02-12 16:16:07 ----RA---- C:\WINDOWS\system32\sysinfo.dll
2010-02-12 16:16:05 ----RA---- C:\WINDOWS\system32\sw24.exe
2010-02-12 16:16:05 ----RA---- C:\WINDOWS\system32\sw20.exe
2010-02-12 16:16:04 ----RA---- C:\WINDOWS\system32\Nvgpio.dll
2010-02-12 16:16:04 ----RA---- C:\WINDOWS\system32\msicpl.dll
2010-02-12 16:15:45 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-02-12 16:12:28 ----A---- C:\WINDOWS\system32\Audio3D.dll
2010-02-12 16:12:27 ----A---- C:\WINDOWS\system32\a3d.dll
2010-02-12 16:12:25 ----A---- C:\WINDOWS\system32\udaprop.dll
2010-02-12 16:12:25 ----A---- C:\WINDOWS\system32\cmudax.dll
2010-02-12 16:12:25 ----A---- C:\WINDOWS\system32\cmirmdrv.exe
2010-02-12 16:12:25 ----A---- C:\WINDOWS\system32\cmirmdrv.dll
2010-02-12 16:12:18 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-12 16:11:58 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2010-02-12 16:11:09 ----D---- C:\Program Files\Intel
2010-02-12 16:10:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-12 16:10:31 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-12 16:10:20 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-12 16:06:00 ----D---- C:\WINDOWS\system32\1051
2010-02-12 16:04:38 ----D---- C:\Documents and Settings\Milan\Application Data\Identities
2010-02-12 16:04:36 ----HD---- C:\Program Files\Uninstall Information
2010-02-12 16:04:30 ----SD---- C:\Documents and Settings\Milan\Application Data\Microsoft
2010-02-12 16:04:30 ----ASH---- C:\Documents and Settings\Milan\Application Data\desktop.ini
2010-02-12 16:03:49 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-12 16:03:48 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-12 16:03:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-12 15:54:02 ----D---- C:\WINDOWS\system32\xircom
2010-02-12 15:54:02 ----D---- C:\Program Files\xerox
2010-02-12 15:54:02 ----D---- C:\Program Files\microsoft frontpage
2010-02-12 15:53:57 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-12 15:53:55 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-02-12 15:53:47 ----A---- C:\WINDOWS\control.ini
2010-02-12 15:53:47 ----A---- C:\AUTOEXEC.BAT
2010-02-12 15:53:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-02-12 15:52:56 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-12 15:52:56 ----RD---- C:\WINDOWS\Offline Web Pages
2010-02-12 15:52:56 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-02-12 15:52:51 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-02-12 15:52:47 ----HD---- C:\Program Files\WindowsUpdate
2010-02-12 15:52:28 ----D---- C:\WINDOWS\system32\DirectX
2010-02-12 15:52:04 ----A---- C:\WINDOWS\system32\atrace.dll
2010-02-12 15:52:02 ----A---- C:\WINDOWS\system32\desktop.ini
2010-02-12 15:52:01 ----A---- C:\WINDOWS\desktop.ini
2010-02-12 15:51:54 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-02-12 15:51:53 ----A---- C:\WINDOWS\system32\acctres.dll
2010-02-12 15:51:52 ----D---- C:\Program Files\Common Files\Services
2010-02-12 15:51:49 ----SD---- C:\WINDOWS\Tasks
2010-02-12 15:51:49 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-02-12 15:51:48 ----D---- C:\Program Files\Common Files\MSSoap
2010-02-12 15:51:43 ----D---- C:\WINDOWS\system32\Macromed
2010-02-12 15:51:43 ----D---- C:\WINDOWS\srchasst
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wups.dll
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-02-12 15:51:39 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-02-12 15:51:38 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-02-12 15:51:38 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-02-12 15:51:38 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-02-12 15:51:38 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-02-12 15:51:38 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-02-12 15:51:38 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-02-12 15:51:34 ----D---- C:\Program Files\Movie Maker
2010-02-12 15:51:29 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-02-12 15:51:29 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-02-12 15:51:29 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-02-12 15:51:28 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-02-12 15:51:25 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-02-12 15:51:25 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-02-12 15:51:24 ----D---- C:\WINDOWS\system32\Restore
2010-02-12 15:51:24 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-02-12 15:51:24 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-02-12 15:51:24 ----A---- C:\WINDOWS\system32\srclient.dll
2010-02-12 15:51:23 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-02-12 15:51:23 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-02-12 15:51:23 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-02-12 15:51:23 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-02-12 15:51:23 ----A---- C:\WINDOWS\system32\ils.dll
2010-02-12 15:51:22 ----A---- C:\WINDOWS\system32\msconf.dll
2010-02-12 15:51:19 ----D---- C:\Program Files\NetMeeting
2010-02-12 15:51:19 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-02-12 15:51:19 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-02-12 15:51:18 ----A---- C:\WINDOWS\system32\inetres.dll
2010-02-12 15:51:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-02-12 15:51:16 ----D---- C:\Program Files\Outlook Express
2010-02-12 15:51:16 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-02-12 15:51:15 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-02-12 15:51:15 ----A---- C:\WINDOWS\system32\mstask.dll
2010-02-12 15:51:15 ----A---- C:\WINDOWS\system32\isign32.dll
2010-02-12 15:51:15 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-02-12 15:51:15 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-02-12 15:51:15 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-02-12 15:51:08 ----D---- C:\Program Files\Common Files\System
2010-02-12 15:51:07 ----D---- C:\Program Files\Internet Explorer
2010-02-12 15:50:59 ----D---- C:\Program Files\ComPlus Applications
2010-02-12 15:50:57 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-12 15:50:57 ----A---- C:\WINDOWS\vb.ini
2010-02-12 15:50:54 ----D---- C:\WINDOWS\Registration
2010-02-12 15:50:32 ----D---- C:\Program Files\Online Services
2010-02-12 15:50:31 ----D---- C:\Program Files\Windows Media Player
2010-02-12 15:50:28 ----D---- C:\Program Files\Messenger
2010-02-12 15:50:23 ----D---- C:\Program Files\MSN Gaming Zone
2010-02-12 15:50:23 ----A---- C:\WINDOWS\system32\write.exe
2010-02-12 15:50:12 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-02-12 15:50:12 ----A---- C:\WINDOWS\system32\hticons.dll
2010-02-12 15:50:12 ----A---- C:\WINDOWS\system32\avwav.dll
2010-02-12 15:50:11 ----A---- C:\WINDOWS\system32\winchat.exe
2010-02-12 15:50:11 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-02-12 15:50:11 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-02-12 15:50:03 ----A---- C:\WINDOWS\system32\charmap.exe
2010-02-12 15:50:03 ----A---- C:\WINDOWS\system32\getuname.dll
2010-02-12 15:50:03 ----A---- C:\WINDOWS\system32\calc.exe
2010-02-12 15:50:02 ----A---- C:\WINDOWS\system32\winmine.exe
2010-02-12 15:50:02 ----A---- C:\WINDOWS\system32\sol.exe
2010-02-12 15:50:02 ----A---- C:\WINDOWS\system32\reset.exe
2010-02-12 15:50:02 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-02-12 15:50:02 ----A---- C:\WINDOWS\system32\freecell.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\tskill.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\tscon.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\shadow.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\regini.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-02-12 15:50:01 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-02-12 15:50:00 ----A---- C:\WINDOWS\system32\msg.exe
2010-02-12 15:50:00 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-02-12 15:50:00 ----A---- C:\WINDOWS\system32\logoff.exe
2010-02-12 15:50:00 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\stclient.dll
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-02-12 15:49:59 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-02-12 15:49:58 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-02-12 15:49:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-02-12 15:49:42 ----D---- C:\Program Files\MSN
2010-02-12 15:49:41 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-02-12 15:49:41 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-02-12 15:49:40 ----D---- C:\Program Files\Windows NT
2010-02-12 15:49:40 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-02-12 15:49:40 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-02-12 15:49:40 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-02-12 15:49:39 ----A---- C:\WINDOWS\system32\spider.exe
2010-02-12 15:49:39 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-02-12 15:49:38 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-02-12 15:49:38 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-02-12 15:49:38 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-02-12 15:49:38 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-02-12 15:49:38 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-02-12 15:49:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-02-12 15:49:37 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-02-12 15:49:36 ----D---- C:\WINDOWS\system32\MsDtc
2010-02-12 15:49:36 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-02-12 15:49:36 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-02-12 15:49:36 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-02-12 15:49:36 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-02-12 15:49:36 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-02-12 15:49:35 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-02-12 15:49:35 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-02-12 15:49:35 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-02-12 15:49:35 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-02-12 15:49:34 ----D---- C:\WINDOWS\system32\Com
2010-02-12 15:49:34 ----A---- C:\WINDOWS\system32\colbact.dll
2010-02-12 15:49:34 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-02-12 15:49:34 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-02-12 15:49:33 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-02-12 15:49:33 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-02-12 15:49:33 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-02-12 15:49:32 ----A---- C:\WINDOWS\system32\comuid.dll
2010-02-12 15:49:32 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-02-12 15:49:26 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-02-12 15:49:26 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-02-12 15:49:26 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-02-12 15:49:26 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-02-12 16:08:11 ----A---- C:\WINDOWS\system.ini
2010-02-12 15:53:47 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-02-11 162512]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-02-11 46672]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-02-12 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-02-12 25160]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-02-11 100432]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-02-11 23376]
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2006-02-15 1301568]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-12-06 285952]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-02-12 723632]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-12 488960]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

-----------------EOF-----------------

[Milanco]

chcem sa ospravedlnit za zbytocny spam, ked sa tento prispevok zobrazil az styry krat, ale nejak mi to tu mrzlo

[motji]

Dobrý večer
Odkdy se Vám tohle děje? Neinstaloval jste nějaký nový program?

[Milanco]

no ja som PC reinstaloval, no reinstalujem ho uz asi tyzden. V piatok sa mi konecne podarilo dobre nainstalovat windows, islo to dobre, nemrzlo to. Potom tam bol aj nejaky spyware, ale snad som ich odstranil vcas, problemy nastaly v nedelu

[motji]

Podívejte se do správce zařízení, jestli tam nemáte nějaké žluté otazníky.

[Milanco]

nie, neni su tam

[motji]

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe



- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[Milanco]

ComboFix 10-02-16.02 - Milan 17.02.2010 10:28:29.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.511.200 [GMT 1:00]
Running from: c:\documents and settings\Milan\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((( Files Created from 2010-01-17 to 2010-02-17 )))))))))))))))))))))))))))))))
.

2010-02-15 09:19 . 2010-02-15 09:19 -------- d-----w- c:\program files\trend micro
2010-02-15 09:19 . 2010-02-15 09:19 -------- d-----w- C:\rsit
2010-02-15 08:08 . 2010-02-15 08:08 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2010-02-15 08:08 . 2010-02-15 08:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Adobe
2010-02-15 07:59 . 2010-02-15 08:00 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-14 14:15 . 2009-11-14 00:49 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-02-14 14:15 . 2009-11-14 00:49 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-02-14 14:15 . 2009-11-14 00:49 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-02-14 14:15 . 2009-11-14 00:49 120056 ------w- c:\windows\system32\pxcpyi64.exe
2010-02-14 14:15 . 2009-11-14 00:49 118520 ------w- c:\windows\system32\pxinsi64.exe
2010-02-14 14:14 . 2009-11-14 00:49 129784 ------w- c:\windows\system32\pxafs.dll
2010-02-14 14:11 . 2010-02-14 14:11 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-02-14 14:03 . 2010-02-14 14:06 -------- d-----w- c:\windows\SxsCaPendDel
2010-02-14 11:46 . 2010-02-14 11:46 -------- d-----w- c:\documents and settings\Milan\Application Data\DivX
2010-02-14 11:42 . 2010-02-14 11:42 0 ----a-w- c:\windows\nsreg.dat
2010-02-14 11:42 . 2010-02-14 11:42 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Mozilla
2010-02-14 11:28 . 2010-02-14 11:28 -------- d-----w- c:\documents and settings\Milan\Application Data\Windows Search
2010-02-14 11:00 . 2010-02-14 11:00 -------- d-----w- c:\documents and settings\Milan\Tracing
2010-02-14 10:51 . 2010-02-14 11:02 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-14 10:51 . 2010-02-14 10:51 -------- dc----w- c:\windows\system32\DRVSTORE
2010-02-14 10:51 . 2009-08-05 21:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2010-02-14 10:50 . 2010-02-14 10:50 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-02-14 10:49 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-02-14 10:49 . 2010-02-14 10:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-02-14 10:47 . 2010-02-14 10:47 -------- d-----w- c:\program files\Microsoft
2010-02-14 10:46 . 2010-02-14 10:46 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-02-14 10:46 . 2010-02-14 10:51 -------- d-----w- c:\program files\Windows Live
2010-02-14 10:34 . 2010-02-14 10:34 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-14 10:34 . 2010-02-14 10:59 13688 ----a-w- c:\documents and settings\Milan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-14 10:31 . 2010-02-14 10:31 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Identities
2010-02-14 10:31 . 2010-02-14 10:31 -------- d-----w- c:\documents and settings\Milan\Application Data\Windows Desktop Search
2010-02-14 10:30 . 2010-02-14 10:34 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-14 10:30 . 2010-02-14 10:30 -------- d-----w- c:\windows\system32\GroupPolicy
2010-02-14 10:29 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-02-14 10:29 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-02-14 10:29 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-02-14 10:21 . 2010-02-14 10:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-14 10:21 . 2010-02-14 18:20 -------- d-----w- c:\documents and settings\Milan\Application Data\skypePM
2010-02-14 10:19 . 2010-02-14 10:19 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-14 10:19 . 2010-02-14 19:11 -------- d-----w- c:\documents and settings\Milan\Application Data\Skype
2010-02-14 10:18 . 2010-02-14 10:18 -------- d-----w- c:\program files\Common Files\Skype
2010-02-14 10:18 . 2010-02-14 10:18 -------- d-----w- c:\documents and settings\Milan\Application Data\Malwarebytes
2010-02-14 10:17 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-14 10:17 . 2010-02-14 10:18 -------- d-----r- c:\program files\Skype
2010-02-14 10:17 . 2010-02-14 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-14 10:17 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-14 10:17 . 2010-02-14 10:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-14 10:17 . 2010-02-14 10:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-02-14 10:16 . 2010-02-14 10:17 -------- d-----w- c:\program files\Defraggler
2010-02-14 10:16 . 2010-02-14 10:16 -------- d-----w- c:\program files\Secunia
2010-02-14 10:16 . 2010-02-14 10:16 -------- d-----w- c:\program files\Common Files\Real
2010-02-14 10:16 . 2010-02-14 14:16 -------- d-----w- c:\program files\DivX
2010-02-14 10:16 . 2010-02-14 10:16 -------- d-----w- c:\program files\Haihaisoft Universal Player
2010-02-13 19:44 . 2010-02-13 19:44 128 ----a-w- c:\documents and settings\Milan\Local Settings\Application Data\fusioncache.dat
2010-02-13 19:44 . 2010-02-14 09:56 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\ApplicationHistory
2010-02-13 19:20 . 2010-02-13 19:20 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-13 19:20 . 2010-02-13 19:20 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2010-02-13 19:17 . 2010-02-14 16:44 -------- d-----w- c:\documents and settings\Milan\Application Data\ICQ
2010-02-13 19:17 . 2010-02-13 19:17 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\AOL
2010-02-13 19:16 . 2010-02-14 12:24 -------- d-----w- c:\program files\ICQ7.0
2010-02-13 17:59 . 2010-02-13 17:59 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\PCHealth
2010-02-13 17:46 . 2010-02-13 17:46 -------- d-----w- c:\program files\MSBuild
2010-02-13 17:46 . 2010-02-13 17:46 -------- d-----w- c:\program files\Reference Assemblies
2010-02-13 17:24 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-13 17:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-13 17:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-13 17:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-13 17:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-13 17:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-13 17:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-13 17:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-13 17:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-13 17:23 . 2010-02-13 17:24 -------- d-----w- C:\ebcc69ad31c138363c387884
2010-02-13 17:19 . 2010-02-13 17:19 -------- d-----w- C:\3b64bb15cbfb2473a4834028
2010-02-13 17:18 . 2010-02-13 17:18 -------- d-----w- C:\e04ac37e916730c792
2010-02-13 17:16 . 2010-02-13 17:18 -------- d-----w- c:\windows\system32\URTTemp
2010-02-13 17:03 . 2010-02-13 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-02-13 17:03 . 2010-02-13 17:04 -------- d-----w- c:\program files\NVIDIA Corporation
2010-02-13 16:12 . 2010-02-13 16:12 -------- d-----w- c:\windows\system32\sk-SK
2010-02-13 16:09 . 2010-01-05 10:00 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-13 16:09 . 2010-01-05 10:00 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-13 16:09 . 2010-01-05 10:00 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-13 16:09 . 2009-12-31 15:33 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-02-13 16:09 . 2010-01-05 10:00 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-13 16:09 . 2010-01-05 10:00 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-02-13 16:09 . 2010-01-05 10:00 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-02-13 16:09 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-02-13 15:04 . 2010-02-15 09:17 -------- d-----w- c:\program files\Crawler
2010-02-13 14:58 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-12 18:31 . 2010-02-12 18:31 -------- d-----w- c:\windows\system32\scripting
2010-02-12 18:31 . 2010-02-12 18:31 -------- d-----w- c:\windows\l2schemas
2010-02-12 18:31 . 2010-02-12 18:31 -------- d-----w- c:\windows\system32\en
2010-02-12 18:31 . 2010-02-12 18:31 -------- d-----w- c:\windows\system32\bits
2010-02-12 18:13 . 2010-02-12 18:13 -------- d-----w- c:\windows\EHome
2010-02-12 17:49 . 2010-02-12 18:28 -------- d-----w- c:\windows\ServicePackFiles
2010-02-12 17:29 . 2004-08-03 21:29 63488 ------w- c:\windows\system32\drivers\atinxsxx.sys
2010-02-12 17:09 . 2010-02-12 17:09 -------- d-sh--w- c:\documents and settings\Milan\UserData
2010-02-12 16:26 . 2010-02-12 16:27 -------- d-----w- c:\program files\CCleaner
2010-02-12 16:25 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-12 16:18 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-02-12 16:13 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-02-12 16:13 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-12 16:13 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-12 16:08 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-02-12 16:08 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-12 16:04 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-12 16:04 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-12 16:00 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 09:25 . 2010-02-12 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-02-17 09:12 . 2010-02-17 09:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search
2010-02-17 09:12 . 2010-02-17 09:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Desktop Search
2010-02-17 09:08 . 2010-02-12 15:41 -------- d-----w- c:\program files\Google
2010-02-16 11:46 . 2010-02-12 15:34 -------- d-----w- c:\documents and settings\Milan\Application Data\Spyware Terminator
2010-02-14 14:16 . 2010-02-12 15:34 -------- d-----w- c:\program files\Spyware Terminator
2010-02-13 19:20 . 2010-02-12 15:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-12 18:39 . 2010-02-12 14:53 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-12 18:39 . 2010-02-12 14:53 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-12 15:51 . 2010-02-12 15:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2010-02-12 15:51 . 2010-02-12 15:51 272 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-02-12 15:47 . 2010-02-12 15:47 -------- d-----w- c:\program files\COMODO
2010-02-12 15:47 . 2010-02-12 15:48 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-02-12 15:47 . 2010-02-12 15:48 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-02-12 15:47 . 2010-02-12 15:48 171552 ----a-w- c:\windows\system32\guard32.dll
2010-02-12 15:47 . 2010-02-12 15:48 134344 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-01-12 11:03 . 2010-02-12 15:16 592488 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-11 21:17 . 2010-01-11 21:17 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-01-11 21:17 . 2010-01-11 21:17 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-01-11 21:17 . 2010-01-11 21:17 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-01-11 21:17 . 2010-01-11 21:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 21:17 . 2010-01-11 21:17 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 21:17 . 2010-01-11 21:17 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-01-05 10:00 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2006-02-28 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2006-02-28 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-16 18:43 . 2010-02-12 14:49 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2006-02-28 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:26 . 2006-02-28 12:00 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2004-08-03 22:59 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 09:07 . 2009-12-08 09:07 445440 ----a-w- c:\windows\system32\AGL.dll
2009-12-04 18:22 . 2006-02-28 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-03 09:56 . 2009-12-03 09:56 2816 ----a-w- c:\windows\system32\drivers\ProcView.sys
2009-11-27 17:11 . 2006-02-28 12:00 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:11 . 2004-08-04 00:56 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2006-02-28 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2006-02-28 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2006-02-28 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2004-08-04 00:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-12 3037696]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 61952]
"SW20"="c:\windows\system32\sw20.exe" [2006-05-18 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"CHotkey"="mHotkey.exe" [2002-07-23 477184]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-12 2166784]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-02-12 1800464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Milan\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12.2.2010 16:41 162512]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [12.2.2010 16:48 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [12.2.2010 16:48 25160]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [12.2.2010 16:34 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12.2.2010 16:41 19024]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [14.2.2010 11:51 54752]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [13.2.2010 20:20 246520]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [12.2.2010 16:12 1301568]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [17.2.2010 10:02 135664]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [5.8.2009 22:48 704864]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 09:02]

2010-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 09:02]
.
.
------- Supplementary Scan -------
.
IE: Crawler Search - tbr:iemenu
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\Milan\Application Data\Mozilla\Firefox\Profiles\gzxl0o41.default\
FF - component: c:\progra~1\Crawler\firefox\components\xcomm.dll
FF - component: c:\progra~1\Crawler\firefox\components\xshared.dll
FF - component: c:\progra~1\Crawler\firefox\components\xsupport.dll
FF - component: c:\progra~1\Crawler\firefox\components\xwsg.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-17 10:32
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(768)
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(3080)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2010-02-17 10:34:32
ComboFix-quarantined-files.txt 2010-02-17 09:34

Pre-Run: 149 374 619 648 bytes free
Post-Run: 149 387 100 160 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 8F206AEE3B80CDBCF621D6CD81F28292

[motji]

Jak to vypadá s počítačem teď?

[Milanco]

spatne, problemy tu su stale tie iste

[motji]

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

[Milanco]

GMER 1.:


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-18 13:41:08
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Milan\LOCALS~1\Temp\pwkoapob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----





GMER 2.:


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-18 15:13:39
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Milan\LOCALS~1\Temp\pwkoapob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xF4A78BDA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF47ABC5A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xF4A781B8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xF4A78840]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF47ABB16]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0xF4A7809A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xF4A7A06A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xF4A7A302]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xF4A77C60]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xF47AC0CA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF47ABFF4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF47AB6EC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xF4A79CEC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xF4A7843C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xF4A78A1C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF47ABBF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF47AB62C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xF4A786CC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF47AB690]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF47ABD10]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xF47AC198]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0xF4A7A648]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF47ABCD0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0xF4A79A88]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xF4A78DC0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xF4A79E9A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF47ABE50]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xF4A783D6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xF4A785C0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0xF4A77F64]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xF4A77E32]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF75EE380, 0x550AF5, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1176] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 0040FD50 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 0050E060 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
.text C:\WINDOWS\system32\SearchIndexer.exe[2740] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F8476740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F8476780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F84766E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F84767B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[760] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[760] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!DeleteObject] [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [00617FB0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [006176D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!RegisterClassW] [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [00617330] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!FillRect] [006180C0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawFrameControl] [00618130] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DrawEdge] [00618110] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SystemParametersInfoW] [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetScrollInfo] [00617520] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!CallWindowProcW] [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetScrollInfo] [00617410] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!DeleteObject] [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [006176D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassA] [00617C00] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!RegisterClassW] [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SystemParametersInfoW] [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcW] [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!CallWindowProcA] [00617630] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [GDI32.dll!DeleteObject] [006172F0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SystemParametersInfoW] [00617EA0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetSysColor] [006172A0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!CallWindowProcW] [00617590] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!RegisterClassW] [00617CC0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] [00617760] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [006181D0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00618210] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00618260] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [00617B70] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [006182B0] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\CRYPT32.dll [USER32.dll!GetSystemMetrics] [00617D80] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00618190] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)
IAT C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[1936] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00618340] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\WINDOWS\system32\guard32.dll

---- EOF - GMER 1.0.15 ----

[motji]

Od comoda máte zapnutý pouze firewall?

Otestujte na http://www.virustotal.com
C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky

Zkuste vypnout Spyware Terminátora, jestli to mrznutí nezpůsobuje on

[Milanco]

pri comode mam zapnute zabezpecenie brany firewall a programu defense, antivirus pri nom nemam zapnuty

http://www.virustotal.com/reanalisis.ht ... 1266517881

do nastaveni rozlisenia sa uz mozem dostat, takze to je v poriadku. ST mi blokuje ten setric obrazovky, pred tym nez nabehne setric, tak PC zamrzne.

stale sa neda aktualizovat Microsoft .NET Framework 3.5 Service Pack 1

na panely s nastrojmi sa mi stale po zapnuti objavuje a zostava tam HOTKEY KEYBOARD

[motji]

prosím Vás na virustotalupotvrdte tlačítko Reanalyse file now, aby byl otestován ten Váš soubor