MyCity » Ambulanta -> Arhiva Ambulante » malware na laptopu

malware na laptopu

Napisano na dan: 23.4.2013
1

malware na laptopu
Sledeća strana Pagination

Idi na vrh

Poslao: 23 Apr 2013 20:04
Idi na vrh
offline
  • Pridružio: 27 Mar 2013
  • Poruke: 18

hvala unapred na svim savetima

skoro sam zahvaljujuci vama resio problem sa malwerom na eksterom
mycity.rs/Arhiva-Ambulante/virus-na-eksternom.html

da li bi jos mogla pomoc oko laptopa, isti ovaj problem koji sam ovde imao sam u nekom trenutku sam greskom prebacio na laptop, dok eksterni nije bio popravljen

Problem je sto svaki usb koji ubacim u laptopu automatski bude oznacen kao malwere. Pojavi se onaj fajl desktop.ini koji mcShield (u medjuvremenu sam ga instalirao na laptopu) neutralise a ceo sadrzaj usb se ubaci u novi bezimeni folder.

Na laptopu instaliran je avast i mcshield koji neutralisu malvere svaki put kad se aktivira ali ga ne mogu locirati u okviru sistema. Laptop nije ikad video internet, problem je presao sa eksternog na njega stoga sam se nakacio na ovu temu umesto da otvaram novu.

Operativni sistem na laptopu je windows 7

hvala na pomoci, sjajni ste

Poslao: 23 Apr 2013 20:52
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Prosli put si bio i dostavio si izvestaje, trebace nam isti ponovo

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Poslao: 23 Apr 2013 21:21
Idi na vrh
offline
  • Pridružio: 27 Mar 2013
  • Poruke: 18

izvinjavam se zaboravio sam da attachujem

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by M at 21:19:07 on 2008-04-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.5920.4198 [GMT 2:00]
.
AV: Trend Micro Titanium Internet Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Genius\ioTablet\TabletService.exe
C:\Genius\ioTablet\gTabletTask.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\syswow64\svchost.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files (x86)\WinRoll\winroll.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Genius\ioTablet\gTabTaskBar.exe
C:\Windows\AsScrPro.exe
C:\Genius\ioTablet\gIoTabletFunMgm.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
uRun: [WinRoll] C:\Program Files (x86)\WinRoll\winroll.exe
uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
uRun: [AdobeBridge] <no file>
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [ioTablet] "C:\Genius\ioTablet\gTabTaskBar.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mExplorerRun: [22536] C:\PROGRA~3\LOCALS~1\Temp\msuuva.cmd
StartupFolder: C:\Users\M\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{131153A9-B18D-4560-BDBE-C40EC96115CC} : DHCPNameServer = 192.168.1.1
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-3-20 28992]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-3-20 379520]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-3-20 267480]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-9-29 92800]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-8-2 146592]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-8-2 103584]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-3-20 67664]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-20 2656280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-10-3 129512]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-10-3 394728]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-8-2 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-8-2 330912]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-8-2 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-8-2 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-8-2 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-8-2 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-8-2 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-8-2 511136]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-3-20 143144]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-20 317440]
R3 ioFakDrv;ioVirtual Device;C:\Windows\System32\drivers\ioFakDrv.sys [2012-5-1 23936]
R3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer;C:\Windows\System32\drivers\ioFakMap.sys [2012-5-1 12672]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-3-20 108656]
R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-9-17 241488]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-3-21 1436424]
S3 ioTablet;Tablet Minidriver for ioTablet;C:\Windows\System32\drivers\ioTablet.sys [2012-5-1 40328]
S3 ioTblMap;Mini Mapper for ioCentre;C:\Windows\System32\drivers\ioTblMap.sys [2012-5-1 12680]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-20 1255736]
.
=============== Created Last 30 ================
.
2012-06-11 08:13:31 -------- d-----w- C:\Users\M\AppData\Local\CrashDumps
2012-05-28 18:42:13 -------- d-----w- C:\Program Files (x86)\Amnesia - The Dark Descent
2012-05-15 06:46:57 -------- d-----w- C:\Program Files (x86)\Real Anatomy
2012-05-01 15:17:22 9728 ----a-w- C:\Windows\System32\gTabletTaskDll.dll
2012-05-01 15:17:22 41472 ----a-w- C:\Windows\System32\WinTab32.dll
2012-05-01 15:17:22 35840 ----a-w- C:\Windows\SysWow64\WinTab32.dll
2012-05-01 15:17:21 40328 ----a-w- C:\Windows\System32\drivers\ioTablet.sys
2012-05-01 15:17:21 23936 ----a-w- C:\Windows\System32\drivers\ioFakDrv.sys
2012-05-01 15:17:21 12680 ----a-w- C:\Windows\System32\drivers\ioTblMap.sys
2012-05-01 15:17:21 12672 ----a-w- C:\Windows\System32\drivers\ioFakMap.sys
2012-05-01 15:16:45 -------- d-----w- C:\Genius
2012-04-29 13:35:42 -------- d-----w- C:\Program Files (x86)\Pixologic
2012-04-29 13:32:58 -------- d-----w- C:\Users\M\AppData\Local\Downloaded Installations
2012-04-29 13:28:23 -------- d-----w- C:\Program Files (x86)\The Adventure Company
2012-04-19 14:46:37 -------- d-----w- C:\Autodesk
2012-04-17 10:21:23 -------- d-----w- C:\Users\M\.idlerc
2012-04-17 10:03:09 -------- d-----w- C:\Python27
2012-03-23 14:41:20 -------- d-----w- C:\ProgramData\ASUS
2012-03-21 18:57:18 -------- d-----w- C:\Program Files (x86)\Gadwin Systems
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-03-21 18:54:24 -------- d-----w- C:\Users\M\AppData\Local\Apple
2012-03-21 18:53:44 -------- d-----w- C:\Users\M\AppData\Roaming\CometNetwork
2012-03-21 18:53:44 -------- d-----w- C:\Users\M\AppData\Local\CometNetwork
2012-03-21 18:53:18 -------- d-----w- C:\Program Files (x86)\CometBird
2012-03-21 18:51:27 -------- d-----w- C:\Program Files (x86)\GlobFX
2012-03-21 18:50:26 -------- d-----w- C:\Program Files (x86)\SHProd
2012-03-21 18:48:59 -------- d-----w- C:\Program Files (x86)\ResizeMyPhotosSetup
2012-03-21 17:39:40 -------- d-----w- C:\Users\M\AppData\Local\ElevatedDiagnostics
2012-03-21 07:33:11 -------- d-----w- C:\Program Files (x86)\RandyRants.com
2012-03-21 06:52:44 -------- d-----w- C:\Users\M\Autodesk
2012-03-21 06:47:46 -------- d-----w- C:\Program Files\Common Files\Softimage
2012-03-21 06:47:46 -------- d-----w- C:\Program Files (x86)\Common Files\Softimage
2012-03-21 06:34:22 -------- d-----w- C:\ProgramData\boost_interprocess
2012-03-21 06:34:10 -------- d-----w- C:\Users\M\AppData\Roaming\NVIDIA
2012-03-21 06:00:49 68104 ----a-w- C:\Windows\System32\XAPOFX1_0.dll
2012-03-21 05:54:00 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-03-21 05:53:22 -------- d-----w- C:\Program Files (x86)\WinRoll
2012-03-21 05:27:43 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync
2012-03-21 05:27:12 -------- d-----w- C:\Windows\PCHEALTH
2012-03-21 05:20:09 -------- d-----w- C:\Program Files (x86)\AutoCAD 2007
2012-03-21 05:16:15 -------- d-----w- C:\Users\M\AppData\Local\Adobe
2012-03-21 05:12:56 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-03-21 05:08:45 -------- d-----w- C:\Windows\SysWow64\spool
2012-03-21 05:05:00 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2012-03-21 04:40:11 -------- d-----w- C:\Users\M\AppData\Roaming\Autodesk
2012-03-21 04:32:25 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2012-03-21 04:21:24 -------- d-----w- C:\Windows\Panther
2012-03-21 04:21:06 -------- d-sh--w- C:\Boot
2012-03-21 04:16:25 -------- d-----w- C:\Users\M\AppData\Local\Autodesk
2012-03-21 04:12:30 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
2012-03-21 04:11:49 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared
2012-03-21 04:11:49 -------- d-----w- C:\Program Files (x86)\Common Files\Autodesk Shared
2012-03-21 04:11:02 -------- d-----w- C:\Program Files\Autodesk
2012-03-20 20:52:37 -------- d-----w- C:\Users\M\AppData\Local\Axialis
2012-03-20 20:51:50 -------- d-----w- C:\eSupport
2012-03-20 20:51:34 80512 ----a-w- C:\Windows\AsusScr_K3 Series_ENG Uninstaller.exe
2012-03-20 20:50:58 3058304 ----a-w- C:\Windows\AsScrPro.exe
2012-03-20 20:47:59 105552 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2012-03-20 20:47:30 90704 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-03-20 20:47:30 67664 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-03-20 20:47:30 144464 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-03-20 20:44:33 -------- d-----w- C:\ProgramData\Trend Micro
2012-03-20 20:35:05 -------- d-----w- C:\Program Files\Trend Micro
2012-03-20 20:33:13 220800 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\InstantOn.gadget\InstantOnCOM.dll
2012-03-20 20:33:09 -------- d-----w- C:\Users\M\AppData\Local\ASUS
2012-03-20 20:33:05 -------- d-----w- C:\Program Files (x86)\Common Files\InstantOn
2012-03-20 20:32:47 379520 ----a-w- C:\Windows\System32\FBAgent.exe
2012-03-20 20:32:47 -------- d-----w- C:\Program Files\ASUS
2012-03-20 20:31:33 155648 ----a-w- C:\Windows\SysWow64\ACEngSvr.exe
2012-03-20 20:27:02 196224 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2012-03-20 20:26:58 -------- d-----w- C:\ProgramData\P4G
2012-03-20 20:26:58 -------- d-----w- C:\Program Files\P4G
2012-03-20 20:25:59 -------- d-----w- C:\Users\M\AppData\Local\BMExplorer
2012-03-20 20:25:53 -------- d-----w- C:\ProgramData\Atheros
2012-03-20 20:25:31 -------- d-----w- C:\Windows\SysWow64\NV
2012-03-20 20:25:30 -------- d-----w- C:\Windows\System32\NV
2012-03-20 20:23:15 -------- d-----w- C:\Program Files (x86)\ASUS
2012-03-20 20:23:01 15416 ----a-w- C:\Windows\System32\drivers\kbfiltr.sys
2012-03-20 20:20:33 -------- d-----w- C:\Users\M\AppData\Roaming\Atheros
2012-03-20 20:18:32 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2012-03-20 20:18:11 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2012-03-20 20:16:13 2770944 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-03-20 20:16:13 2770944 ----a-w- C:\Windows\System32\athrx.sys
2012-03-20 20:16:12 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2012-03-20 20:13:25 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2012-03-20 20:13:01 -------- d-----w- C:\ProgramData\SonicFocus
2012-03-20 20:13:00 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-03-20 20:13:00 -------- d-----w- C:\Program Files\Realtek
2012-03-20 20:11:45 -------- d-----w- C:\ProgramData\AmUStor
2012-03-20 20:11:40 -------- d-----w- C:\Program Files (x86)\AmIcoSingLun
2012-03-20 20:10:15 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-03-20 20:10:03 -------- d-sh--w- C:\Windows\Installer
2012-03-20 20:09:31 -------- d-----w- C:\Program Files\Elantech
2012-03-20 20:09:27 5073192 ----a-w- C:\Windows\System32\ETDUI.cpl
2012-03-20 20:09:27 143144 ----a-w- C:\Windows\System32\drivers\ETD.sys
2012-03-20 20:08:26 108656 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2012-03-20 20:08:03 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e
2012-03-20 20:06:53 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-03-20 20:06:40 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-03-20 20:06:26 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-03-20 20:02:44 55616 ----a-r- C:\Windows\System32\nv3dappshextr.dll
2012-03-20 20:02:43 1350464 ----a-r- C:\Windows\System32\nv3dappshext.dll
2012-03-20 20:02:42 540992 ----a-r- C:\Windows\System32\nvhotkey.dll
2012-03-20 20:02:42 137536 ----a-r- C:\Windows\System32\nvshext.dll
2012-03-20 20:02:41 5068608 ----a-r- C:\Windows\System32\nvsvc64.dll
2012-03-20 20:02:40 1985841 ----a-r- C:\Windows\System32\nvcoproc.bin
2012-03-20 20:02:40 1640768 ----a-r- C:\Windows\System32\nvvsvc.exe
2012-03-20 20:02:39 3074368 ----a-r- C:\Windows\System32\nvsvcr.dll
2012-03-20 20:02:39 10407232 ----a-r- C:\Windows\System32\nvcpl.dll
2012-03-20 20:02:38 837952 ----a-r- C:\Windows\System32\easyupdatusapiu64.dll
2012-03-20 20:02:38 222528 ----a-r- C:\Windows\System32\nvmctray.dll
2012-03-20 19:57:37 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-03-20 19:57:34 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-03-20 19:57:20 1533248 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-03-20 19:57:20 1454400 ----a-w- C:\Windows\System32\nvgenco64.dll
2012-03-20 19:49:32 -------- d-----w- C:\Users\M\AppData\Local\Microsoft Games
2012-03-20 19:49:24 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-03-20 19:45:49 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2012-03-20 19:45:20 -------- d-----w- C:\Intel
2012-03-20 19:38:28 -------- d-----w- C:\Users\M\AppData\Local\VirtualStore
2012-03-20 19:35:36 -------- d-----w- C:\Windows\SysWow64\Wat
2012-03-20 19:35:36 -------- d-----w- C:\Windows\System32\Wat
2012-03-20 19:33:57 -------- d-sh--w- C:\Recovery
2011-11-26 11:33:44 644400 ----a-w- C:\Windows\SysWow64\mscomct2.ocx
2011-10-03 17:48:40 394728 ----a-w- C:\Windows\System32\drivers\asmtxhci.sys
2011-10-03 17:48:38 129512 ----a-w- C:\Windows\System32\drivers\asmthub3.sys
2011-08-22 11:44:40 348160 ----a-w- C:\Windows\msvcr71.dll
2011-08-22 11:44:34 434252 ----a-w- C:\Windows\MSVCRTD.DLL
2011-08-02 13:22:52 511136 ----a-w- C:\Windows\System32\drivers\btfilter.sys
2011-08-02 13:22:06 280992 ----a-w- C:\Windows\System32\drivers\btath_rcp.sys
2011-08-02 13:21:50 68256 ----a-w- C:\Windows\System32\drivers\btath_lwflt.sys
2011-08-02 13:21:20 167584 ----a-w- C:\Windows\System32\drivers\btath_hcrp.sys
2011-08-02 13:21:04 36000 ----a-w- C:\Windows\System32\drivers\btath_flt.sys
2011-08-02 13:20:50 30368 ----a-w- C:\Windows\System32\drivers\btath_bus.sys
2011-08-02 13:20:34 110240 ----a-w- C:\Windows\System32\drivers\btath_avdt.sys
2011-08-02 13:20:18 330912 ----a-w- C:\Windows\System32\drivers\btath_a2dp.sys
2011-08-02 13:14:24 307360 ----a-w- C:\Windows\System32\AthCredentialProvider.dll
2011-08-02 12:42:46 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll
2011-08-02 12:38:46 246804 ----a-w- C:\Windows\System32\drivers\AtherosBt.bin
2011-07-05 17:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-07-05 17:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-06-12 13:09:18 2206720 ----a-w- C:\Windows\SysWow64\python27.dll
2011-05-13 20:11:54 641536 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia80.dll
2011-05-13 18:15:54 914944 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\amd64\msdia80.dll
2011-04-07 02:51:50 97613562 ------w- C:\Windows\System32\AsusScr_K3 Series_ENG.scr
2011-02-19 21:51:56 990032 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll
2011-02-18 23:52:32 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2011-02-18 23:40:50 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2010-11-29 14:00:04 16120 ----a-w- C:\Windows\System32\drivers\TurboB.sys
2010-11-21 07:06:51 -------- d-----w- C:\Windows\SysWow64\winrm
2010-11-21 03:27:21 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpengine.dll
2010-11-21 03:27:21 270720 ----a-w- C:\Windows\System32\MpSigStub.exe
2010-11-21 03:24:52 9728 ----a-w- C:\Windows\System32\spwmp.dll
2010-11-21 03:23:59 61440 ----a-w- C:\Windows\SysWow64\tcpmonui.dll
2010-11-10 10:49:36 135568 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2010-06-07 07:40:56 57344 ----a-r- C:\Windows\SysWow64\XSIChooser.exe
2010-03-18 16:23:04 20832 ----a-w- C:\Windows\System32\aspnet_counters.dll
2010-03-18 15:47:22 17760 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2010-03-18 13:27:14 827744 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2010-03-18 12:16:28 771424 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2010-03-05 08:13:40 947472 ----a-w- C:\Windows\SysWow64\msjava.dll
2009-07-14 05:37:46 -------- d-----w- C:\Windows\en-US
2009-07-14 05:37:46 -------- d-----w- C:\Windows\DigitalLocker
2009-07-14 05:12:52 -------- d-----w- C:\Windows\System32\wbem\Performance
2009-07-14 05:08:56 -------- d-sh--we C:\Documents and Settings
2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\good
2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\bad
2009-07-14 04:53:24 -------- d-----w- C:\Windows\System32\wbem\MOF
2009-07-14 04:45:50 -------- d-----w- C:\Windows\Setup
2009-07-14 04:45:47 -------- d-----w- C:\Windows\ServiceProfiles
2009-07-14 04:45:42 -------- d-s---w- C:\Windows\System32\Microsoft
.
==================== Find3M ====================
.
2012-03-20 19:36:23 14848 ----a-w- C:\Windows\System32\slwga.dll
2012-03-20 19:36:23 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2012-03-20 19:36:22 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-03-20 19:36:20 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-03-20 19:36:20 1008640 ----a-w- C:\Windows\System32\user32.dll
2011-10-18 11:53:14 2957544 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-10-18 10:10:30 99432 ----a-w- C:\Windows\System32\RCoInst64.dll
2011-10-18 05:55:50 331880 ----a-w- C:\Windows\System32\RtlCPAPI64.dll
2011-10-18 05:47:22 1914472 ----a-w- C:\Windows\System32\RtkApi64.dll
2011-10-18 03:05:00 2528872 ----a-w- C:\Windows\System32\RtPgEx64.dll
2011-10-17 09:30:38 3213928 ----a-w- C:\Windows\System32\RtkAPO64.dll
2011-10-14 05:43:48 1873920 ----a-w- C:\Windows\System32\RCoRes64.dat
2011-09-02 06:21:40 221024 ----a-w- C:\Windows\System32\SFNHK64.dll
2011-09-02 06:21:38 78688 ----a-w- C:\Windows\System32\SFAPO64.dll
2011-09-02 06:21:36 81248 ----a-w- C:\Windows\System32\SFCOM64.dll
2011-08-31 11:12:00 1698408 ------r- C:\Windows\RtlExUpd.dll
2011-07-28 07:30:12 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-07-28 07:30:06 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-07-28 07:30:02 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-07-28 07:30:00 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-07-28 07:29:58 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-07-28 07:29:54 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-07-28 07:29:50 179992 ----a-w- C:\Windows\System32\difx64.exe
2011-07-27 16:55:14 2604376 ----a-w- C:\Windows\System32\WavesGUILib.dll
2011-07-27 16:55:08 2132824 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll
2011-07-26 20:17:36 287232 ----a-w- C:\Windows\System32\igfxresn.lrc
2011-07-26 08:28:58 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2462.dll
2011-07-26 08:22:48 12288480 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-07-26 08:22:46 8311808 ----a-w- C:\Windows\System32\igdumd64.dll
2011-07-26 08:20:38 963116 ----a-w- C:\Windows\SysWow64\igkrng600.bin
2011-07-26 08:20:38 963116 ----a-w- C:\Windows\System32\igkrng600.bin
2011-07-26 08:20:38 218304 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2011-07-26 08:20:38 218304 ----a-w- C:\Windows\System32\igfcg600m.bin
2011-07-26 08:20:38 145804 ----a-w- C:\Windows\SysWow64\igcompkrng600.bin
2011-07-26 08:20:38 145804 ----a-w- C:\Windows\System32\igcompkrng600.bin
2011-07-26 08:20:34 75776 ----a-w- C:\Windows\System32\igdde64.dll
2011-07-26 08:16:04 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-07-26 08:14:32 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll
2011-07-26 08:12:38 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-07-26 08:09:34 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-07-26 08:03:14 12339712 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-07-26 07:56:58 18640896 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-07-26 07:50:58 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-07-26 07:46:52 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-07-26 07:46:42 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-07-26 07:46:28 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-07-26 07:45:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-07-26 07:45:48 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-07-26 07:45:48 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-07-26 07:45:46 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-07-26 07:45:10 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-07-26 07:45:02 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-07-26 07:45:02 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-07-26 07:41:00 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-07-26 07:40:08 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-07-26 07:37:24 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-07-26 07:37:24 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-07-26 07:37:24 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-07-26 07:37:22 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-07-26 07:37:22 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll
2011-07-26 07:37:22 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-07-26 07:37:22 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-07-22 11:35:22 1247848 ----a-w- C:\Windows\System32\RTCOM64.dll
2011-06-30 08:14:56 1560168 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-05-31 01:42:06 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2011-05-31 01:42:06 693352 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL64.dll
2011-05-31 01:42:06 491112 ----a-w- C:\Windows\System32\DTSNeoPCDLL64.dll
2011-05-31 01:42:06 432744 ----a-w- C:\Windows\System32\DTSLimiterDLL64.dll
2011-05-31 01:42:06 428648 ----a-w- C:\Windows\System32\DTSGainCompensatorDLL64.dll
2011-05-31 01:42:06 242792 ----a-w- C:\Windows\System32\DTSLFXAPO64.dll
2011-05-31 01:42:06 242792 ----a-w- C:\Windows\System32\DTSGFXAPO64.dll
2011-05-31 01:42:06 1756264 ----a-w- C:\Windows\System32\DTSS2SpeakerDLL64.dll
2011-05-31 01:42:06 1568360 ----a-w- C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2011-05-31 01:42:06 1486952 ----a-w- C:\Windows\System32\DTSBoostDLL64.dll
2011-05-05 07:24:02 2085440 ----a-w- C:\Windows\System32\FMAPO64.dll
2011-02-19 21:51:56 93008 ----a-w- C:\Windows\System32\mfcm100u.dll
2010-11-21 07:06:23 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\qwavedrv.sys.mui
2010-11-21 07:06:21 25600 ----a-w- C:\Windows\SysWow64\drivers\en-US\bfe.dll.mui
2010-11-21 07:06:21 15360 ----a-w- C:\Windows\SysWow64\drivers\en-US\pacer.sys.mui
2010-11-21 07:06:17 5632 ----a-w- C:\Windows\SysWow64\drivers\en-US\ndiscap.sys.mui
2010-11-21 07:06:17 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\scfilter.sys.mui
2010-11-21 07:06:15 44032 ----a-w- C:\Windows\SysWow64\drivers\en-US\tcpip.sys.mui
2010-11-21 03:26:54 175616 ----a-w- C:\Windows\System32\msclmd.dll
2010-11-21 03:26:54 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2010-11-21 03:24:52 95232 ----a-w- C:\Windows\SysWow64\logagent.exe
2010-11-21 03:23:59 519680 ----a-w- C:\Windows\System32\netcfgx.dll
2010-11-07 23:31:30 375128 ----a-w- C:\Windows\System32\RTEEP64A.dll
2010-11-07 23:31:30 101208 ----a-w- C:\Windows\System32\RTEEL64A.dll
2010-11-07 23:31:28 78680 ----a-w- C:\Windows\System32\RTEEG64A.dll
2010-11-07 23:31:28 310104 ----a-w- C:\Windows\System32\RP3DHT64.dll
2010-11-07 23:31:28 310104 ----a-w- C:\Windows\System32\RP3DAA64.dll
2010-11-07 23:31:28 204120 ----a-w- C:\Windows\System32\RTEED64A.dll
2010-11-03 10:30:40 149608 ----a-w- C:\Windows\System32\RtkCfg64.dll
2010-10-14 17:28:16 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2010-10-14 17:27:56 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll
2010-09-27 01:34:30 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2010-07-22 08:48:26 74064 ----a-w- C:\Windows\SysWow64\SFCOM.dll
2010-07-22 08:37:14 200800 ----a-w- C:\Windows\System32\AERTAC64.dll
2010-07-11 13:28:24 180048 ----a-w- C:\Windows\System32\SFProc64.dll
2010-07-11 13:28:18 82768 ----a-w- C:\Windows\System32\SFDAPO64.dll
.
============= FINISH: 21:19:58,52 ===============



mycity.rs/must-login.png

Poslao: 23 Apr 2013 21:49
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Preuzmi program GMER sa donjeg linka na Desktop:


GMER download
Klikni dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.


Dvoklikom pokrenite GMER.
Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No;

klikni Scan i sačekaj da skeniranje bude završeno;

klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1);

klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan;

po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2);

klikni taster >>> i odaberi Autostart karticu;

po završetku kratkotrajnog skeniranja, klikni Copy;

otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Poslao: 23 Apr 2013 22:31
Idi na vrh
offline
  • Pridružio: 27 Mar 2013
  • Poruke: 18

Gmer rezultati

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 23 Apr 2013 23:23
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Korak 1.

Preuzmi program OTM na Desktop.

Dvoklikom pokreni OTM.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:
:reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"22536"=-

:files
C:\PROGRA~3\LOCALS~1\Temp\msuuva.cmd

:commands
[emptytemp]
Klikni MoveIt!
Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?

kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.




Korak 2.


Arrow Ponovo pokreni DDS i dostavi svez DDS.txt izvestaj




Korak 3.


Nakon prvog koraka na C particiji ce se nalaziti _OTM folder koji je potrebno da arhiviras i posaljes na sledeci link

http://www.mycity.rs/ambulanta-upload.php

Poslao: 23 Apr 2013 23:36
Idi na vrh
offline
  • Pridružio: 27 Mar 2013
  • Poruke: 18

zipovani folder _OTM je uploadovan

rezultati posle reboota

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run\\22536 deleted successfully.
========== FILES ==========
File move failed. C:\PROGRA~3\LOCALS~1\Temp\msuuva.cmd scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: M
->Temp folder emptied: 2508384906 bytes
->Temporary Internet Files folder emptied: 1794684 bytes
->Flash cache emptied: 427 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 54801387 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.446,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04222008_232826

Files moved on Reboot...
C:\PROGRA~3\LOCALS~1\Temp\msuuva.cmd moved successfully.
C:\Users\M\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...



mycity.rs/must-login.png

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by M at 23:33:00 on 2008-04-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.5920.4583 [GMT 2:00]
.
AV: Trend Micro Titanium Internet Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Genius\ioTablet\TabletService.exe
C:\Genius\ioTablet\gTabletTask.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files (x86)\WinRoll\winroll.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files (x86)\MCShield\MCShieldRTM.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Genius\ioTablet\gTabTaskBar.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Genius\ioTablet\gIoTabletFunMgm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
uRun: [WinRoll] C:\Program Files (x86)\WinRoll\winroll.exe
uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
uRun: [AdobeBridge] <no file>
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [ioTablet] "C:\Genius\ioTablet\gTabTaskBar.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
StartupFolder: C:\Users\M\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{131153A9-B18D-4560-BDBE-C40EC96115CC} : DHCPNameServer = 192.168.1.1
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-3-20 28992]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-3-20 379520]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-3-20 267480]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-9-29 92800]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-8-2 146592]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-8-2 103584]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2012-3-20 67664]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-10-3 129512]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-10-3 394728]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-8-2 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-8-2 330912]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-8-2 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-8-2 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-8-2 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-8-2 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-8-2 280992]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-8-2 511136]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-3-20 143144]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-20 317440]
R3 ioFakDrv;ioVirtual Device;C:\Windows\System32\drivers\ioFakDrv.sys [2012-5-1 23936]
R3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer;C:\Windows\System32\drivers\ioFakMap.sys [2012-5-1 12672]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-3-20 108656]
R3 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-9-17 241488]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-20 2656280]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-3-21 1436424]
S3 ioTablet;Tablet Minidriver for ioTablet;C:\Windows\System32\drivers\ioTablet.sys [2012-5-1 40328]
S3 ioTblMap;Mini Mapper for ioCentre;C:\Windows\System32\drivers\ioTblMap.sys [2012-5-1 12680]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-20 1255736]
.
=============== Created Last 30 ================
.
2012-06-11 08:13:31 -------- d-----w- C:\Users\M\AppData\Local\CrashDumps
2012-05-28 18:42:13 -------- d-----w- C:\Program Files (x86)\Amnesia - The Dark Descent
2012-05-15 06:46:57 -------- d-----w- C:\Program Files (x86)\Real Anatomy
2012-05-01 15:17:22 9728 ----a-w- C:\Windows\System32\gTabletTaskDll.dll
2012-05-01 15:17:22 41472 ----a-w- C:\Windows\System32\WinTab32.dll
2012-05-01 15:17:22 35840 ----a-w- C:\Windows\SysWow64\WinTab32.dll
2012-05-01 15:17:21 40328 ----a-w- C:\Windows\System32\drivers\ioTablet.sys
2012-05-01 15:17:21 23936 ----a-w- C:\Windows\System32\drivers\ioFakDrv.sys
2012-05-01 15:17:21 12680 ----a-w- C:\Windows\System32\drivers\ioTblMap.sys
2012-05-01 15:17:21 12672 ----a-w- C:\Windows\System32\drivers\ioFakMap.sys
2012-05-01 15:16:45 -------- d-----w- C:\Genius
2012-04-29 13:35:42 -------- d-----w- C:\Program Files (x86)\Pixologic
2012-04-29 13:32:58 -------- d-----w- C:\Users\M\AppData\Local\Downloaded Installations
2012-04-29 13:28:23 -------- d-----w- C:\Program Files (x86)\The Adventure Company
2012-04-19 14:46:37 -------- d-----w- C:\Autodesk
2012-04-17 10:21:23 -------- d-----w- C:\Users\M\.idlerc
2012-04-17 10:03:09 -------- d-----w- C:\Python27
2012-03-23 14:41:20 -------- d-----w- C:\ProgramData\ASUS
2012-03-21 18:57:18 -------- d-----w- C:\Program Files (x86)\Gadwin Systems
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-03-21 18:56:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-03-21 18:54:24 -------- d-----w- C:\Users\M\AppData\Local\Apple
2012-03-21 18:53:44 -------- d-----w- C:\Users\M\AppData\Roaming\CometNetwork
2012-03-21 18:53:44 -------- d-----w- C:\Users\M\AppData\Local\CometNetwork
2012-03-21 18:53:18 -------- d-----w- C:\Program Files (x86)\CometBird
2012-03-21 18:51:27 -------- d-----w- C:\Program Files (x86)\GlobFX
2012-03-21 18:50:26 -------- d-----w- C:\Program Files (x86)\SHProd
2012-03-21 18:48:59 -------- d-----w- C:\Program Files (x86)\ResizeMyPhotosSetup
2012-03-21 17:39:40 -------- d-----w- C:\Users\M\AppData\Local\ElevatedDiagnostics
2012-03-21 07:33:11 -------- d-----w- C:\Program Files (x86)\RandyRants.com
2012-03-21 06:52:44 -------- d-----w- C:\Users\M\Autodesk
2012-03-21 06:47:46 -------- d-----w- C:\Program Files\Common Files\Softimage
2012-03-21 06:47:46 -------- d-----w- C:\Program Files (x86)\Common Files\Softimage
2012-03-21 06:34:22 -------- d-----w- C:\ProgramData\boost_interprocess
2012-03-21 06:34:10 -------- d-----w- C:\Users\M\AppData\Roaming\NVIDIA
2012-03-21 06:00:49 68104 ----a-w- C:\Windows\System32\XAPOFX1_0.dll
2012-03-21 05:54:00 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-03-21 05:53:22 -------- d-----w- C:\Program Files (x86)\WinRoll
2012-03-21 05:27:43 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync
2012-03-21 05:27:12 -------- d-----w- C:\Windows\PCHEALTH
2012-03-21 05:20:09 -------- d-----w- C:\Program Files (x86)\AutoCAD 2007
2012-03-21 05:16:15 -------- d-----w- C:\Users\M\AppData\Local\Adobe
2012-03-21 05:12:56 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-03-21 05:08:45 -------- d-----w- C:\Windows\SysWow64\spool
2012-03-21 05:05:00 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2012-03-21 04:40:11 -------- d-----w- C:\Users\M\AppData\Roaming\Autodesk
2012-03-21 04:32:25 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2012-03-21 04:21:24 -------- d-----w- C:\Windows\Panther
2012-03-21 04:21:06 -------- d-sh--w- C:\Boot
2012-03-21 04:16:25 -------- d-----w- C:\Users\M\AppData\Local\Autodesk
2012-03-21 04:12:30 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
2012-03-21 04:11:49 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared
2012-03-21 04:11:49 -------- d-----w- C:\Program Files (x86)\Common Files\Autodesk Shared
2012-03-21 04:11:02 -------- d-----w- C:\Program Files\Autodesk
2012-03-20 20:52:37 -------- d-----w- C:\Users\M\AppData\Local\Axialis
2012-03-20 20:51:50 -------- d-----w- C:\eSupport
2012-03-20 20:51:34 80512 ----a-w- C:\Windows\AsusScr_K3 Series_ENG Uninstaller.exe
2012-03-20 20:50:58 3058304 ----a-w- C:\Windows\AsScrPro.exe
2012-03-20 20:47:59 105552 ----a-w- C:\Windows\System32\drivers\tmtdi.sys
2012-03-20 20:47:30 90704 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-03-20 20:47:30 67664 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-03-20 20:47:30 144464 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-03-20 20:44:33 -------- d-----w- C:\ProgramData\Trend Micro
2012-03-20 20:35:05 -------- d-----w- C:\Program Files\Trend Micro
2012-03-20 20:33:13 220800 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\InstantOn.gadget\InstantOnCOM.dll
2012-03-20 20:33:09 -------- d-----w- C:\Users\M\AppData\Local\ASUS
2012-03-20 20:33:05 -------- d-----w- C:\Program Files (x86)\Common Files\InstantOn
2012-03-20 20:32:47 379520 ----a-w- C:\Windows\System32\FBAgent.exe
2012-03-20 20:32:47 -------- d-----w- C:\Program Files\ASUS
2012-03-20 20:31:33 155648 ----a-w- C:\Windows\SysWow64\ACEngSvr.exe
2012-03-20 20:27:02 196224 ----a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2012-03-20 20:26:58 -------- d-----w- C:\ProgramData\P4G
2012-03-20 20:26:58 -------- d-----w- C:\Program Files\P4G
2012-03-20 20:25:59 -------- d-----w- C:\Users\M\AppData\Local\BMExplorer
2012-03-20 20:25:53 -------- d-----w- C:\ProgramData\Atheros
2012-03-20 20:25:31 -------- d-----w- C:\Windows\SysWow64\NV
2012-03-20 20:25:30 -------- d-----w- C:\Windows\System32\NV
2012-03-20 20:23:15 -------- d-----w- C:\Program Files (x86)\ASUS
2012-03-20 20:23:01 15416 ----a-w- C:\Windows\System32\drivers\kbfiltr.sys
2012-03-20 20:20:33 -------- d-----w- C:\Users\M\AppData\Roaming\Atheros
2012-03-20 20:18:32 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2012-03-20 20:18:11 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2012-03-20 20:16:13 2770944 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-03-20 20:16:13 2770944 ----a-w- C:\Windows\System32\athrx.sys
2012-03-20 20:16:12 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2012-03-20 20:13:25 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2012-03-20 20:13:01 -------- d-----w- C:\ProgramData\SonicFocus
2012-03-20 20:13:00 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-03-20 20:13:00 -------- d-----w- C:\Program Files\Realtek
2012-03-20 20:11:45 -------- d-----w- C:\ProgramData\AmUStor
2012-03-20 20:11:40 -------- d-----w- C:\Program Files (x86)\AmIcoSingLun
2012-03-20 20:10:15 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-03-20 20:10:03 -------- d-sh--w- C:\Windows\Installer
2012-03-20 20:09:31 -------- d-----w- C:\Program Files\Elantech
2012-03-20 20:09:27 5073192 ----a-w- C:\Windows\System32\ETDUI.cpl
2012-03-20 20:09:27 143144 ----a-w- C:\Windows\System32\drivers\ETD.sys
2012-03-20 20:08:26 108656 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2012-03-20 20:08:03 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e
2012-03-20 20:06:53 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-03-20 20:06:40 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-03-20 20:06:26 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-03-20 20:02:44 55616 ----a-r- C:\Windows\System32\nv3dappshextr.dll
2012-03-20 20:02:43 1350464 ----a-r- C:\Windows\System32\nv3dappshext.dll
2012-03-20 20:02:42 540992 ----a-r- C:\Windows\System32\nvhotkey.dll
2012-03-20 20:02:42 137536 ----a-r- C:\Windows\System32\nvshext.dll
2012-03-20 20:02:41 5068608 ----a-r- C:\Windows\System32\nvsvc64.dll
2012-03-20 20:02:40 1985841 ----a-r- C:\Windows\System32\nvcoproc.bin
2012-03-20 20:02:40 1640768 ----a-r- C:\Windows\System32\nvvsvc.exe
2012-03-20 20:02:39 3074368 ----a-r- C:\Windows\System32\nvsvcr.dll
2012-03-20 20:02:39 10407232 ----a-r- C:\Windows\System32\nvcpl.dll
2012-03-20 20:02:38 837952 ----a-r- C:\Windows\System32\easyupdatusapiu64.dll
2012-03-20 20:02:38 222528 ----a-r- C:\Windows\System32\nvmctray.dll
2012-03-20 19:57:37 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-03-20 19:57:34 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-03-20 19:57:20 1533248 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-03-20 19:57:20 1454400 ----a-w- C:\Windows\System32\nvgenco64.dll
2012-03-20 19:49:32 -------- d-----w- C:\Users\M\AppData\Local\Microsoft Games
2012-03-20 19:49:24 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-03-20 19:45:49 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2012-03-20 19:45:20 -------- d-----w- C:\Intel
2012-03-20 19:38:28 -------- d-----w- C:\Users\M\AppData\Local\VirtualStore
2012-03-20 19:35:36 -------- d-----w- C:\Windows\SysWow64\Wat
2012-03-20 19:35:36 -------- d-----w- C:\Windows\System32\Wat
2012-03-20 19:33:57 -------- d-sh--w- C:\Recovery
2011-11-26 11:33:44 644400 ----a-w- C:\Windows\SysWow64\mscomct2.ocx
2011-10-03 17:48:40 394728 ----a-w- C:\Windows\System32\drivers\asmtxhci.sys
2011-10-03 17:48:38 129512 ----a-w- C:\Windows\System32\drivers\asmthub3.sys
2011-08-22 11:44:40 348160 ----a-w- C:\Windows\msvcr71.dll
2011-08-22 11:44:34 434252 ----a-w- C:\Windows\MSVCRTD.DLL
2011-08-02 13:22:52 511136 ----a-w- C:\Windows\System32\drivers\btfilter.sys
2011-08-02 13:22:06 280992 ----a-w- C:\Windows\System32\drivers\btath_rcp.sys
2011-08-02 13:21:50 68256 ----a-w- C:\Windows\System32\drivers\btath_lwflt.sys
2011-08-02 13:21:20 167584 ----a-w- C:\Windows\System32\drivers\btath_hcrp.sys
2011-08-02 13:21:04 36000 ----a-w- C:\Windows\System32\drivers\btath_flt.sys
2011-08-02 13:20:50 30368 ----a-w- C:\Windows\System32\drivers\btath_bus.sys
2011-08-02 13:20:34 110240 ----a-w- C:\Windows\System32\drivers\btath_avdt.sys
2011-08-02 13:20:18 330912 ----a-w- C:\Windows\System32\drivers\btath_a2dp.sys
2011-08-02 13:14:24 307360 ----a-w- C:\Windows\System32\AthCredentialProvider.dll
2011-08-02 12:42:46 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll
2011-08-02 12:38:46 246804 ----a-w- C:\Windows\System32\drivers\AtherosBt.bin
2011-07-05 17:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-07-05 17:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-06-12 13:09:18 2206720 ----a-w- C:\Windows\SysWow64\python27.dll
2011-05-13 20:11:54 641536 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\msdia80.dll
2011-05-13 18:15:54 914944 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VC\amd64\msdia80.dll
2011-04-07 02:51:50 97613562 ------w- C:\Windows\System32\AsusScr_K3 Series_ENG.scr
2011-02-19 21:51:56 990032 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll
2011-02-18 23:52:32 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2011-02-18 23:40:50 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2010-11-29 14:00:04 16120 ----a-w- C:\Windows\System32\drivers\TurboB.sys
2010-11-21 07:06:51 -------- d-----w- C:\Windows\SysWow64\winrm
2010-11-21 03:27:21 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D2B0B133-42ED-44D3-809A-46EBB62BA863}\mpengine.dll
2010-11-21 03:27:21 270720 ----a-w- C:\Windows\System32\MpSigStub.exe
2010-11-21 03:24:52 9728 ----a-w- C:\Windows\System32\spwmp.dll
2010-11-21 03:23:59 61440 ----a-w- C:\Windows\SysWow64\tcpmonui.dll
2010-11-10 10:49:36 135568 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2010-06-07 07:40:56 57344 ----a-r- C:\Windows\SysWow64\XSIChooser.exe
2010-03-18 16:23:04 20832 ----a-w- C:\Windows\System32\aspnet_counters.dll
2010-03-18 15:47:22 17760 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2010-03-18 13:27:14 827744 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2010-03-18 12:16:28 771424 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2010-03-05 08:13:40 947472 ----a-w- C:\Windows\SysWow64\msjava.dll
2009-07-14 05:37:46 -------- d-----w- C:\Windows\en-US
2009-07-14 05:37:46 -------- d-----w- C:\Windows\DigitalLocker
2009-07-14 05:12:52 -------- d-----w- C:\Windows\System32\wbem\Performance
2009-07-14 05:08:56 -------- d-sh--we C:\Documents and Settings
2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\good
2009-07-14 05:08:52 -------- d-----w- C:\Windows\System32\wbem\MOF\bad
2009-07-14 04:53:24 -------- d-----w- C:\Windows\System32\wbem\MOF
2009-07-14 04:45:50 -------- d-----w- C:\Windows\Setup
2009-07-14 04:45:47 -------- d-----w- C:\Windows\ServiceProfiles
2009-07-14 04:45:42 -------- d-s---w- C:\Windows\System32\Microsoft
.
==================== Find3M ====================
.
2012-03-20 19:36:23 14848 ----a-w- C:\Windows\System32\slwga.dll
2012-03-20 19:36:23 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2012-03-20 19:36:22 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-03-20 19:36:20 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-03-20 19:36:20 1008640 ----a-w- C:\Windows\System32\user32.dll
2011-10-18 11:53:14 2957544 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-10-18 10:10:30 99432 ----a-w- C:\Windows\System32\RCoInst64.dll
2011-10-18 05:55:50 331880 ----a-w- C:\Windows\System32\RtlCPAPI64.dll
2011-10-18 05:47:22 1914472 ----a-w- C:\Windows\System32\RtkApi64.dll
2011-10-18 03:05:00 2528872 ----a-w- C:\Windows\System32\RtPgEx64.dll
2011-10-17 09:30:38 3213928 ----a-w- C:\Windows\System32\RtkAPO64.dll
2011-10-14 05:43:48 1873920 ----a-w- C:\Windows\System32\RCoRes64.dat
2011-09-02 06:21:40 221024 ----a-w- C:\Windows\System32\SFNHK64.dll
2011-09-02 06:21:38 78688 ----a-w- C:\Windows\System32\SFAPO64.dll
2011-09-02 06:21:36 81248 ----a-w- C:\Windows\System32\SFCOM64.dll
2011-08-31 11:12:00 1698408 ------r- C:\Windows\RtlExUpd.dll
2011-07-28 07:30:12 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-07-28 07:30:06 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-07-28 07:30:02 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-07-28 07:30:00 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-07-28 07:29:58 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-07-28 07:29:54 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-07-28 07:29:50 179992 ----a-w- C:\Windows\System32\difx64.exe
2011-07-27 16:55:14 2604376 ----a-w- C:\Windows\System32\WavesGUILib.dll
2011-07-27 16:55:08 2132824 ----a-w- C:\Windows\System32\MaxxAudioEQ.dll
2011-07-26 20:17:36 287232 ----a-w- C:\Windows\System32\igfxresn.lrc
2011-07-26 08:28:58 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2462.dll
2011-07-26 08:22:48 12288480 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-07-26 08:22:46 8311808 ----a-w- C:\Windows\System32\igdumd64.dll
2011-07-26 08:20:38 963116 ----a-w- C:\Windows\SysWow64\igkrng600.bin
2011-07-26 08:20:38 963116 ----a-w- C:\Windows\System32\igkrng600.bin
2011-07-26 08:20:38 218304 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2011-07-26 08:20:38 218304 ----a-w- C:\Windows\System32\igfcg600m.bin
2011-07-26 08:20:38 145804 ----a-w- C:\Windows\SysWow64\igcompkrng600.bin
2011-07-26 08:20:38 145804 ----a-w- C:\Windows\System32\igcompkrng600.bin
2011-07-26 08:20:34 75776 ----a-w- C:\Windows\System32\igdde64.dll
2011-07-26 08:16:04 6322688 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-07-26 08:14:32 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll
2011-07-26 08:12:38 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-07-26 08:09:34 14598656 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-07-26 08:03:14 12339712 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-07-26 07:56:58 18640896 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-07-26 07:50:58 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-07-26 07:46:52 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-07-26 07:46:42 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-07-26 07:46:28 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-07-26 07:45:58 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-07-26 07:45:48 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-07-26 07:45:48 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-07-26 07:45:46 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-07-26 07:45:10 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-07-26 07:45:02 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-07-26 07:45:02 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-07-26 07:41:00 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-07-26 07:40:08 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-07-26 07:37:24 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-07-26 07:37:24 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-07-26 07:37:24 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-07-26 07:37:22 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-07-26 07:37:22 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll
2011-07-26 07:37:22 162816 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-07-26 07:37:22 140288 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-07-22 11:35:22 1247848 ----a-w- C:\Windows\System32\RTCOM64.dll
2011-06-30 08:14:56 1560168 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-05-31 01:42:06 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2011-05-31 01:42:06 693352 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL64.dll
2011-05-31 01:42:06 491112 ----a-w- C:\Windows\System32\DTSNeoPCDLL64.dll
2011-05-31 01:42:06 432744 ----a-w- C:\Windows\System32\DTSLimiterDLL64.dll
2011-05-31 01:42:06 428648 ----a-w- C:\Windows\System32\DTSGainCompensatorDLL64.dll
2011-05-31 01:42:06 242792 ----a-w- C:\Windows\System32\DTSLFXAPO64.dll
2011-05-31 01:42:06 242792 ----a-w- C:\Windows\System32\DTSGFXAPO64.dll
2011-05-31 01:42:06 1756264 ----a-w- C:\Windows\System32\DTSS2SpeakerDLL64.dll
2011-05-31 01:42:06 1568360 ----a-w- C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2011-05-31 01:42:06 1486952 ----a-w- C:\Windows\System32\DTSBoostDLL64.dll
2011-05-05 07:24:02 2085440 ----a-w- C:\Windows\System32\FMAPO64.dll
2011-02-19 21:51:56 93008 ----a-w- C:\Windows\System32\mfcm100u.dll
2010-11-21 07:06:23 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\qwavedrv.sys.mui
2010-11-21 07:06:21 25600 ----a-w- C:\Windows\SysWow64\drivers\en-US\bfe.dll.mui
2010-11-21 07:06:21 15360 ----a-w- C:\Windows\SysWow64\drivers\en-US\pacer.sys.mui
2010-11-21 07:06:17 5632 ----a-w- C:\Windows\SysWow64\drivers\en-US\ndiscap.sys.mui
2010-11-21 07:06:17 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\scfilter.sys.mui
2010-11-21 07:06:15 44032 ----a-w- C:\Windows\SysWow64\drivers\en-US\tcpip.sys.mui
2010-11-21 03:26:54 175616 ----a-w- C:\Windows\System32\msclmd.dll
2010-11-21 03:26:54 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2010-11-21 03:24:52 95232 ----a-w- C:\Windows\SysWow64\logagent.exe
2010-11-21 03:23:59 519680 ----a-w- C:\Windows\System32\netcfgx.dll
2010-11-07 23:31:30 375128 ----a-w- C:\Windows\System32\RTEEP64A.dll
2010-11-07 23:31:30 101208 ----a-w- C:\Windows\System32\RTEEL64A.dll
2010-11-07 23:31:28 78680 ----a-w- C:\Windows\System32\RTEEG64A.dll
2010-11-07 23:31:28 310104 ----a-w- C:\Windows\System32\RP3DHT64.dll
2010-11-07 23:31:28 310104 ----a-w- C:\Windows\System32\RP3DAA64.dll
2010-11-07 23:31:28 204120 ----a-w- C:\Windows\System32\RTEED64A.dll
2010-11-03 10:30:40 149608 ----a-w- C:\Windows\System32\RtkCfg64.dll
2010-10-14 17:28:16 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2010-10-14 17:27:56 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll
2010-09-27 01:34:30 318808 ----a-w- C:\Windows\System32\MaxxAudioAPO20.dll
2010-07-22 08:48:26 74064 ----a-w- C:\Windows\SysWow64\SFCOM.dll
2010-07-22 08:37:14 200800 ----a-w- C:\Windows\System32\AERTAC64.dll
2010-07-11 13:28:24 180048 ----a-w- C:\Windows\System32\SFProc64.dll
2010-07-11 13:28:18 82768 ----a-w- C:\Windows\System32\SFDAPO64.dll
.
============= FINISH: 23:35:23,79 ===============

Poslao: 24 Apr 2013 07:23
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Arrow Malware sa sistema je uklonjen, ajde sada ubaci fles i sacekaj da MCShield skenira.

Nakon toga pokreni Start -> Run, a zatim kopiraj sledece:

%programdata%\MCShield

Videces fajl AllScans.txt. Kopiraj ga na Desktop, a zatim ga prikaci ovde.

Poslao: 24 Apr 2013 09:44
Idi na vrh
offline
  • Pridružio: 27 Mar 2013
  • Poruke: 18

super, hvala
nema vise malware, sve je ok

iz nekog razloga windows 7 ne izvrsava run komande kako treba, barem iz mog iskustva. Prijavljuje mi da ne zna koji je to folder i da proverim ime.

ranije sam slao ovaj fajl, tu je istorija od nekih mesec dana koriscenja, nisam je brisao

mycity.rs/must-login.png

sjajni ste, svaka cast

Poslao: 24 Apr 2013 10:46
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Arrow To bi bilo to...



Arrow Ponovo pokreni OTM i klikni na CleanUp. SacŤekaj da se deinstalacija završi.



Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html




TwinHeadedEagle (AMF Tim)

MyCity » Ambulanta -> Arhiva Ambulante » malware na laptopu

Ko je trenutno na forumu
 

Ukupno su 1613 korisnika na forumu :: 53 registrovanih, 10 sakrivenih i 1550 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, Areal84, babaroga, bobomicek, Bobrock1, Brana01, bufanje, ccoogg123, cinoeye, DejanSt, Denaya, Dimitrise93, Djokkinen, DonRumataEstorski, dragoljub11987, Dukelander, dzoni19, flash12, Georgius, gomago, GORDI, goxin, Karla, kikisp, Koridor, Krvava Devetka, Kubovac, kunktator, kybonacci, ljuba, Mercury, Mi lao shu, MiG-29M2, MikeHammer, milenko crazy north, Mixelotti, Nemanja.M, nemkea71, ObelixSRB, oganj123, pein, rasok, repac, Ripanjac, ruso, Sirius, Srle993, theNedjeljko, vathra, Viceroy, VJ, Vladko, 1107