Pri spustení sprácu úloh sa "stopne" systém

Zpráva

yterbium · #1 Příspěvek od **yterbium** » 23 úno 2010 20:28

Pričom stačí potom odhlásiť a znova prihísiť a ide to.

Musel som meniť Avira IS za trial Norton 360, mohli by ste mi to skontrolovať prosím ?

Vopred díky

Po tom ako spustím správcu, tak mi akoby sa "zasekne" systém, stačí sa odhlásiť a prihlásiť a všetko funguje.

Musel som dočasne meniť Aviru IS za trial Norton 360, prosím Vás môžete mi to detailne skontrolovať.

Ďakujem

Logfile of random's system information tool 1.06 (written by random/random)
Run by yterbium at 2010-02-23 20:22:56
Microsoft Windows 7 Home Premium Service Pack 2
System drive C: has 27 GB (44%) free of 60 GB
Total RAM: 4063 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:06, on 23. 2. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Launchy\Launchy.exe
C:\Programs\Mir4nda-IM-0.8.8-Pack-v2.7\miranda32.exe
C:\Users\yterbium\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\yterbium.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Launchy.lnk = C:\Program Files (x86)\Launchy\Launchy.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7809 bytes

======Scheduled tasks folder======

C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll [2010-01-21 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.DLL [2010-01-21 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-02-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\coIEPlg.dll [2010-01-21 378736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Launchy.lnk - C:\Program Files (x86)\Launchy\Launchy.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2009-01-19 98304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-02-23 20:22:57 ----D---- C:\Program Files (x86)\trend micro
2010-02-23 20:22:56 ----D---- C:\rsit
2010-02-21 23:47:46 ----D---- C:\ProgramData\Protexis
2010-02-19 15:29:10 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-02-19 14:17:44 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
2010-02-19 13:27:17 ----D---- C:\ProgramData\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2010-02-19 13:26:18 ----D---- C:\ProgramData\Symantec
2010-02-19 13:26:18 ----D---- C:\Program Files (x86)\Norton 360 Premier Edition
2010-02-19 13:26:17 ----D---- C:\ProgramData\Norton
2010-02-19 13:25:59 ----D---- C:\ProgramData\NortonInstaller
2010-02-19 13:25:58 ----D---- C:\Program Files (x86)\NortonInstaller
2010-02-19 13:13:07 ----D---- C:\Users\yterbium\AppData\Roaming\IObit
2010-02-19 13:13:07 ----D---- C:\Program Files (x86)\IObit
2010-02-19 13:07:22 ----A---- C:\ProgramData\mazuki.dll
2010-02-18 15:06:21 ----D---- C:\AppDev
2010-02-18 12:59:27 ----D---- C:\Users\yterbium\AppData\Roaming\Sun
2010-02-17 21:15:13 ----D---- C:\java
2010-02-17 20:45:17 ----D---- C:\Program Files (x86)\NetBeans 6.8
2010-02-17 20:44:29 ----A---- C:\Windows\system32\javaws.exe
2010-02-17 20:44:29 ----A---- C:\Windows\system32\javaw.exe
2010-02-17 20:44:29 ----A---- C:\Windows\system32\java.exe
2010-02-17 20:05:23 ----D---- C:\Program Files (x86)\AVG
2010-02-16 21:12:24 ----D---- C:\wamp
2010-02-15 21:44:49 ----D---- C:\Program Files (x86)\uTorrent
2010-02-15 21:42:55 ----D---- C:\Users\yterbium\AppData\Roaming\uTorrent
2010-02-14 21:14:22 ----D---- C:\Users\yterbium\AppData\Roaming\Launchy
2010-02-14 21:14:17 ----D---- C:\Program Files (x86)\Launchy
2010-02-14 21:02:29 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-02-14 21:02:29 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-02-14 21:02:29 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-02-14 21:02:29 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-02-14 21:02:28 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-02-14 21:02:27 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-02-14 21:02:27 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-02-14 21:02:26 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-02-14 21:02:26 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-02-14 21:02:25 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-02-14 21:02:25 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-02-14 21:02:25 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-02-14 21:02:25 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-02-14 21:02:24 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-02-14 21:02:24 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-02-14 21:02:23 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-02-14 21:02:23 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-02-14 21:02:23 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-02-14 21:02:23 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-02-14 21:02:23 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-02-14 21:02:22 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-02-14 21:02:22 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-02-14 21:02:21 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-02-14 21:02:21 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-02-14 21:02:21 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-02-14 21:02:21 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-02-14 21:02:20 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-02-14 21:02:20 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-02-14 21:02:19 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-02-14 21:02:19 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-02-14 21:02:19 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-02-14 21:02:18 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-02-14 21:02:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-02-14 21:02:17 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-02-14 21:02:17 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-02-14 21:02:17 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-02-14 21:02:16 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-02-14 21:02:15 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-02-14 21:02:15 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-02-14 21:02:14 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-02-14 21:02:14 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-02-14 21:02:14 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-02-14 21:02:13 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-02-14 21:02:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-02-14 21:02:11 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-02-14 21:02:11 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-02-14 21:02:10 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-02-14 21:02:10 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-02-14 21:02:10 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-02-14 21:02:09 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-02-14 21:02:09 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-02-14 21:02:09 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-02-14 21:02:09 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-02-14 21:02:09 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-02-14 21:02:08 ----A---- C:\Windows\system32\xinput1_3.dll
2010-02-14 21:02:08 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-02-14 21:02:07 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-02-14 21:02:07 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-02-14 21:02:07 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-02-14 21:02:07 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-02-14 21:02:06 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-02-14 21:02:05 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-02-14 21:02:05 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-02-14 21:02:05 ----A---- C:\Windows\system32\d3dx10.dll
2010-02-14 21:02:04 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-02-14 21:02:04 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-02-14 21:02:03 ----A---- C:\Windows\system32\xinput1_2.dll
2010-02-14 21:02:03 ----A---- C:\Windows\system32\xinput1_1.dll
2010-02-14 21:02:03 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-02-14 21:02:03 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-02-14 21:02:01 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-02-14 21:01:58 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-02-14 21:01:58 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-02-14 21:01:58 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-02-14 21:01:57 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-02-14 21:01:57 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-02-14 21:01:56 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-02-14 21:01:56 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-02-14 21:01:55 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-02-14 21:01:55 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-02-14 21:00:25 ----D---- C:\Windows\system32\directx
2010-02-14 20:55:25 ----D---- C:\Users\yterbium\AppData\Roaming\Media Player Classic
2010-02-14 20:46:31 ----D---- C:\Users\yterbium\AppData\Roaming\CyberLink
2010-02-14 20:45:06 ----D---- C:\ProgramData\CyberLink
2010-02-14 20:44:44 ----D---- C:\Program Files (x86)\Common Files\CyberLink
2010-02-14 20:43:06 ----A---- C:\Windows\system32\msxml3a.dll
2010-02-14 20:42:12 ----D---- C:\ProgramData\Temp
2010-02-14 12:49:32 ----D---- C:\Program Files (x86)\Rainmeter
2010-02-14 12:42:46 ----D---- C:\Users\yterbium\AppData\Roaming\Rainmeter
2010-02-14 11:51:19 ----D---- C:\Program Files (x86)\Rainlendar2
2010-02-13 11:06:26 ----D---- C:\Users\yterbium\AppData\Roaming\vlc
2010-02-13 11:01:35 ----D---- C:\Program Files (x86)\VideoLAN
2010-02-11 17:24:48 ----D---- C:\Users\yterbium\AppData\Roaming\InstallShield
2010-02-11 16:57:43 ----D---- C:\Program Files (x86)\Microsoft
2010-02-11 16:20:04 ----SHD---- C:\Config.Msi
2010-02-11 16:10:21 ----D---- C:\Program Files (x86)\WPF Toolkit
2010-02-11 16:09:46 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-02-11 16:08:07 ----D---- C:\Program Files (x86)\Microsoft Expression
2010-02-11 10:32:42 ----D---- C:\Users\yterbium\AppData\Roaming\TrueCrypt
2010-02-11 10:31:53 ----D---- C:\ProgramData\TrueCrypt
2010-02-11 10:31:52 ----D---- C:\Program Files (x86)\TrueCrypt
2010-02-10 20:20:08 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-02-10 20:19:22 ----D---- C:\Windows\SQLTools9_KB970892_ENU
2010-02-10 20:18:06 ----D---- C:\Windows\SQL9_KB970892_ENU
2010-02-10 17:23:48 ----D---- C:\Windows\system32\spool
2010-02-10 17:23:26 ----D---- C:\Program Files (x86)\Adobe Media Player
2010-02-10 17:22:07 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2010-02-10 17:10:55 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-02-10 17:10:54 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-02-10 17:10:10 ----D---- C:\Program Files (x86)\Winamp Detect
2010-02-10 17:10:03 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-02-10 17:10:01 ----D---- C:\Users\yterbium\AppData\Roaming\Winamp
2010-02-10 17:10:01 ----D---- C:\Program Files (x86)\Winamp
2010-02-10 16:57:57 ----A---- C:\Windows\system32\uxtuneup.dll
2010-02-10 16:57:57 ----A---- C:\Windows\system32\authuitu.dll
2010-02-10 16:57:46 ----D---- C:\Users\yterbium\AppData\Roaming\TuneUp Software
2010-02-10 16:57:42 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010
2010-02-10 16:57:07 ----D---- C:\ProgramData\TuneUp Software
2010-02-10 16:56:56 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-10 16:54:58 ----D---- C:\Users\yterbium\AppData\Roaming\Ashampoo
2010-02-10 16:54:39 ----D---- C:\ProgramData\ashampoo
2010-02-10 16:54:11 ----D---- C:\Program Files (x86)\Ashampoo
2010-02-10 13:50:55 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2010-02-10 13:49:50 ----D---- C:\ProgramData\FLEXnet
2010-02-10 13:49:50 ----D---- C:\Program Files (x86)\InstallShield
2010-02-10 00:13:17 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 00:13:17 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 00:13:13 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-10 00:13:13 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-10 00:13:13 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-10 00:13:13 ----A---- C:\Windows\system32\secproc.dll
2010-02-10 00:13:13 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-10 00:13:13 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-10 00:13:13 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-10 00:13:13 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-09 22:27:14 ----D---- C:\Users\yterbium\AppData\Roaming\PSpad
2010-02-09 22:27:07 ----D---- C:\Program Files (x86)\PSPad editor
2010-02-09 18:41:49 ----D---- C:\Program Files (x86)\MSDN
2010-02-09 18:37:38 ----A---- C:\Windows\ODBC.INI
2010-02-09 18:37:21 ----D---- C:\Windows\system32\js
2010-02-09 18:37:21 ----D---- C:\Windows\system32\images
2010-02-09 18:37:21 ----D---- C:\Windows\system32\html
2010-02-09 18:37:21 ----D---- C:\Windows\system32\css
2010-02-09 18:37:21 ----D---- C:\Program Files (x86)\Business Objects
2010-02-09 18:36:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-09 18:34:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2010-02-09 18:33:52 ----D---- C:\Program Files (x86)\Microsoft Device Emulator
2010-02-09 18:33:23 ----D---- C:\Program Files (x86)\Windows Mobile 5.0 SDK R2
2010-02-09 18:33:03 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2010-02-09 18:33:03 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-02-09 18:27:44 ----D---- C:\ProgramData\PreEmptive Solutions
2010-02-09 18:25:35 ----D---- C:\Windows\symbols
2010-02-09 18:25:24 ----D---- C:\Windows\system32\1033
2010-02-09 18:24:46 ----D---- C:\Program Files (x86)\Microsoft SDKs
2010-02-09 18:24:46 ----D---- C:\Program Files (x86)\HTML Help Workshop
2010-02-09 18:24:46 ----D---- C:\Program Files (x86)\Common Files\Merge Modules
2010-02-09 18:24:46 ----D---- C:\Program Files (x86)\CE Remote Tools
2010-02-09 18:24:45 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2010-02-09 18:23:13 ----D---- C:\Program Files (x86)\Microsoft Web Designer Tools
2010-02-09 17:27:58 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-02-09 17:07:00 ----D---- C:\Program Files (x86)\JDownloader
2010-02-09 17:00:46 ----D---- C:\Program Files (x86)\Microsoft Works
2010-02-09 17:00:34 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-02-09 17:00:34 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2010-02-09 17:00:15 ----D---- C:\Windows\PCHEALTH
2010-02-09 17:00:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-02-09 16:58:30 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-02-09 16:57:56 ----D---- C:\Program Files (x86)\Microsoft Office
2010-02-09 16:57:55 ----D---- C:\ProgramData\Microsoft Help
2010-02-09 16:56:49 ----RHD---- C:\MSOCache
2010-02-09 16:39:39 ----D---- C:\Program Files (x86)\PowerISO
2010-02-09 16:36:41 ----D---- C:\Users\yterbium\AppData\Roaming\WinRAR
2010-02-09 16:09:45 ----A---- C:\Windows\system32\deploytk.dll
2010-02-09 16:09:37 ----D---- C:\Program Files (x86)\Java
2010-02-09 15:27:27 ----D---- C:\ProgramData\Adobe
2010-02-09 15:27:24 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-02-09 15:27:24 ----D---- C:\Program Files (x86)\Adobe
2010-02-09 15:15:44 ----D---- C:\Programs
2010-02-09 15:12:30 ----D---- C:\Users\yterbium\AppData\Roaming\Thunderbird
2010-02-09 15:10:47 ----D---- C:\Program Files (x86)\MozBackup
2010-02-09 15:10:05 ----D---- C:\Users\yterbium\AppData\Roaming\Mozilla
2010-02-09 15:09:30 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-02-09 15:08:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-02-09 14:11:42 ----D---- C:\Program Files (x86)\CCleaner
2010-02-09 13:50:58 ----D---- C:\Update
2010-02-09 13:42:35 ----A---- C:\Windows\system32\VESWinlogon.dll
2010-02-09 13:11:25 ----D---- C:\Windows\system32\RTCOM
2010-02-09 13:11:10 ----D---- C:\Program Files (x86)\Realtek
2010-02-09 13:11:07 ----HD---- C:\Program Files (x86)\Temp
2010-02-09 13:11:07 ----A---- C:\Windows\RtlExUpd.dll
2010-02-09 13:11:04 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-02-09 13:09:49 ----D---- C:\Users\yterbium\AppData\Roaming\ATI
2010-02-09 13:09:49 ----D---- C:\ProgramData\ATI
2010-02-09 13:07:44 ----D---- C:\Program Files (x86)\ATI Technologies
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atiumdva.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atiumdag.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atipdlxx.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atioglxx.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atimpc32.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atidxx32.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\aticalrt.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\aticaldd.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\aticalcl.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\atiadlxy.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\ati2edxx.dll
2010-02-09 13:07:41 ----A---- C:\Windows\system32\amdpcom32.dll
2010-02-09 13:06:09 ----D---- C:\ProgramData\Sony Corporation
2010-02-09 13:06:09 ----D---- C:\Program Files (x86)\Sony
2010-02-09 13:03:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-02-09 13:03:23 ----D---- C:\Program Files (x86)\Common Files\Sony Shared
2010-02-09 12:25:11 ----D---- C:\ProgramData\Avira
2010-02-09 12:23:52 ----SHD---- C:\Windows\Installer
2010-02-09 12:19:47 ----A---- C:\Windows\system32\tzres.dll
2010-02-09 12:19:16 ----A---- C:\Windows\system32\msv1_0.dll
2010-02-09 12:17:26 ----A---- C:\Windows\system32\wmp.dll
2010-02-09 12:17:25 ----A---- C:\Windows\system32\CertEnroll.dll
2010-02-09 12:17:24 ----A---- C:\Windows\system32\wmploc.DLL
2010-02-09 12:17:18 ----D---- C:\Users\yterbium\AppData\Roaming\Macromedia
2010-02-09 12:17:18 ----D---- C:\Users\yterbium\AppData\Roaming\Adobe
2010-02-09 12:17:17 ----D---- C:\Windows\system32\Macromed
2010-02-09 12:17:00 ----A---- C:\Windows\system32\t2embed.dll
2010-02-09 12:17:00 ----A---- C:\Windows\system32\fontsub.dll
2010-02-09 12:17:00 ----A---- C:\Windows\system32\atmfd.dll
2010-02-09 12:17:00 ----A---- C:\Windows\explorer.exe
2010-02-09 12:16:59 ----A---- C:\Windows\system32\explorer.exe
2010-02-09 12:16:44 ----A---- C:\Windows\system32\msasn1.dll
2010-02-09 12:16:40 ----A---- C:\Windows\system32\mshtml.dll
2010-02-09 12:16:40 ----A---- C:\Windows\system32\ieframe.dll
2010-02-09 12:16:39 ----A---- C:\Windows\system32\wininet.dll
2010-02-09 12:16:39 ----A---- C:\Windows\system32\urlmon.dll
2010-02-09 12:16:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-02-09 12:16:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-02-09 12:12:39 ----D---- C:\Users\yterbium\AppData\Roaming\Identities
2010-02-09 12:12:25 ----SD---- C:\Users\yterbium\AppData\Roaming\Microsoft
2010-02-09 12:12:25 ----D---- C:\Users\yterbium\AppData\Roaming\Media Center Programs
2010-02-09 12:12:09 ----SHD---- C:\Recovery
2010-02-09 12:07:49 ----D---- C:\Windows\SoftwareDistribution
2010-02-09 12:05:10 ----D---- C:\Windows\Prefetch
2010-02-09 12:04:50 ----SHD---- C:\System Volume Information
2010-02-09 12:03:45 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 months======

2010-02-23 20:23:00 ----D---- C:\Windows\Temp
2010-02-23 20:22:57 ----RD---- C:\Program Files (x86)
2010-02-23 19:13:38 ----D---- C:\Windows\System32
2010-02-23 19:13:38 ----D---- C:\Windows\inf
2010-02-23 07:51:39 ----D---- C:\Windows
2010-02-21 23:47:46 ----HD---- C:\ProgramData
2010-02-21 11:45:38 ----D---- C:\Windows\Tasks
2010-02-19 15:29:10 ----D---- C:\Windows\SysWOW64
2010-02-19 14:17:44 ----D---- C:\Program Files (x86)\Common Files
2010-02-19 13:26:59 ----RD---- C:\Program Files
2010-02-19 13:23:52 ----D---- C:\Windows\system32\drivers
2010-02-18 06:10:19 ----D---- C:\Windows\winsxs
2010-02-14 22:13:37 ----D---- C:\Windows\debug
2010-02-14 21:02:01 ----RSD---- C:\Windows\assembly
2010-02-14 21:01:52 ----D---- C:\Windows\Microsoft.NET
2010-02-14 20:41:48 ----A---- C:\Windows\system32\msvcp71.dll
2010-02-14 13:47:34 ----SD---- C:\ProgramData\Microsoft
2010-02-11 19:09:48 ----D---- C:\Windows\registration
2010-02-10 17:25:16 ----RSD---- C:\Windows\Fonts
2010-02-10 17:10:36 ----D---- C:\Windows\Logs
2010-02-10 13:50:05 ----D---- C:\Program Files (x86)\MSBuild
2010-02-10 00:38:47 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-02-09 19:55:34 ----D---- C:\Windows\rescache
2010-02-09 17:00:33 ----D---- C:\Windows\ShellNew
2010-02-09 15:17:47 ----D---- C:\Windows\system
2010-02-09 12:20:22 ----D---- C:\Windows\system32\sk-SK
2010-02-09 12:20:21 ----D---- C:\Windows\ehome
2010-02-09 12:20:21 ----D---- C:\Program Files (x86)\Windows Media Player
2010-02-09 12:20:20 ----D---- C:\Program Files (x86)\Internet Explorer
2010-02-09 12:17:50 ----D---- C:\Windows\AppPatch
2010-02-09 12:17:18 ----D---- C:\Windows\Downloaded Program Files
2010-02-09 12:12:36 ----SHD---- C:\$Recycle.Bin
2010-02-09 12:12:23 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx64;Symantec Heuristics Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\BHDrvx64.sys []
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys []
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\N360x64\0308000.029\ccHPx64.sys []
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys []
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-02-18 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100218.001\IDSvia64.sys [2010-02-10 466992]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys []
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys []
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0308000.029\SRTSPX64.SYS []
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMTDI.SYS []
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys []
R1 truecrypt;truecrypt; C:\Windows\SysWOW64\drivers\truecrypt.sys [2010-02-11 222160]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys []
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys []
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys []
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys []
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys []
R3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys []
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys []
R3 CmBatt;Microsoft AC Adapter Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys []
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-02-18 132656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 monitor;Microsoft Monitor Class Function Driver Service; C:\Windows\system32\DRIVERS\monitor.sys []
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys []
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys []
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys []
R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys []
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100223.004\ENG64.SYS [2010-02-18 116272]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100223.004\EX64.SYS [2010-02-18 1742896]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys []
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0308000.029\SRTSP64.SYS []
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys []
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMFW.SYS []
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys []
R3 umbus;UMBus Enumerator Driver; C:\Windows\system32\DRIVERS\umbus.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\Windows\system32\DRIVERS\usbccgp.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbehci.sys []
R3 usbhub;Microsoft USB Standard Hub Driver; C:\Windows\system32\DRIVERS\usbhub.sys []
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys []
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk62x64.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys []
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys []
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys []
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys []
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys []
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys []
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys []
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys []
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys []
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys []
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys []
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys []
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys []
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys []
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys []
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys []
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys []
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys []
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\Windows\system32\DRIVERS\hidusb.sys []
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys []
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys []
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys []
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys []
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys []
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys []
S3 kbdhid;Keyboard HID Driver; C:\Windows\system32\DRIVERS\kbdhid.sys []
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys []
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys []
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys []
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys []
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []
S3 mouhid;Mouse HID Driver; C:\Windows\system32\DRIVERS\mouhid.sys []
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys []
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys []
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys []
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys []
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys []
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys []
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys []
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys []
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys []
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys []
S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys []
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys []
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys []
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys []
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys []
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys []
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys []
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys []
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys []
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys []
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys []
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys []
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\Windows\system32\DRIVERS\USBSTOR.SYS []
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys []
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys []
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys []
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys []
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys []
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys []
S4 ws2ifsl;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\Windows\system32\drivers\ws2ifsl.sys []

yterbium · #2 Příspěvek od **yterbium** » 23 úno 2010 20:29

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe [2010-01-21 117640]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-02-11 189984]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-02-02 1393480]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2009-01-19 203624]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe []
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe []
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 696832]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 127488]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-02-10 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-10 867080]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42840]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 856384]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe []
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 194048]
S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-10 607048]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe []
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-17 110888]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe []
S3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2009-12-08 1181040]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WSearch;Windows Search; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]

-----------------EOF-----------------

#3 Příspěvek od **motji** » 24 úno 2010 20:02

Dobrý večer

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

yterbium · #4 Příspěvek od **yterbium** » 24 úno 2010 22:26

Dobrý

( nepovažujem sa za takého starého, aby ste mi museli vykať, ale možno to myslíte s opačnej strany

)

Dal som spraviť len "krátky" scan , z dôvodu že ráno ide hokej, a chcem ísť teda pomaly spinkať.

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3786
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

24. 2. 2010 22:21:14
mbam-log-2010-02-24 (22-21-06).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 107221
Uplynutý cas: 3 minute(s), 47 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 1
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

Ak je treba dať "detailný" scan, stačí povedať, urobím ho zajtra, keď prídem domov z intráku (cca 20:00)

#5 Příspěvek od **motji** » 24 úno 2010 22:32

Můžeš smazat a zítra poprosím o uplný sken

Dobrou noc

yterbium · #6 Příspěvek od **yterbium** » 25 úno 2010 21:14

Takže, konečne sa to podarilo, vymazalo sa len to čo bolo pred tým, tu je log:

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3786
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25. 2. 2010 21:08:46
mbam-log-2010-02-25 (21-08-46).txt

Typ kontroly: Úplná (C:\|)
Objektov kontrolovaných: 275696
Uplynutý cas: 56 minute(s), 6 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 1
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

Čo spravíme následne

#7 Příspěvek od **motji** » 25 úno 2010 21:25

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

Předpokládám že se nic nezměnilo. Odky tento problém máte, neinstaloval jste nějaký nový program?

yterbium · #8 Příspěvek od **yterbium** » 25 úno 2010 22:47

CCleaner používavam pravidelne

Začalo to robiť po tom ako som musel odinštalovať Aviru a dať Norton 360.

Ale momneátlne mi to napríklad nerobí, správca ide bez problémov.

Možno to bol len "jednonový výpadok", resp. trebalo "reštartovať" comp, lebo to funguje fajn teraz.

Takže asi to je vyriešené (aj tak prejdem naspať na aviru po nedeli, keď skončí hokej, lebo mi nejako totálne blbo blokuje sap) a snáď sa potom všetko vráti do normálu...

Takže ďakujem pekne za čas strávený mnou

Pekný víkend prajem

#9 Příspěvek od **motji** » 25 úno 2010 22:52

Není zač

Vám také hezký víkend

VIRY.CZ

Pri spustení sprácu úloh sa "stopne" systém

Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém

Re: Pri spustení sprácu úloh sa "stopne" systém