Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Zpráva
Autor
raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#1 Příspěvek od raxxx »

Pokračovani tematu padu Winu
vypis z RSIT http://rapidshare.com/files/301037627/logRSIT.rar

po častečne odinstalaci Calatystu (zatuhnuti při odinstalovani) a vypnuti ICQ a SKYPE drži Winy už asi 10min takže vypis z combofix (předtim max 5min)

http://rapidshare.com/files/301039179/ComboFix.rar

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#2 Příspěvek od stell »

zdravim
1:log RSIT vlozis sem,a nie rapidshare.com,,ok
dakujem,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#3 Příspěvek od raxxx »

omlouvam se
Logfile of random's system information tool 1.06 (written by random/random)
Run by raxxx at 2009-11-01 19:47:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (73%) free of 50 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:21, on 1.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ICQ6.5\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\raxxx\Plocha\RSIT.exe
C:\Program Files\trend micro\raxxx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6554 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-10-28 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-28 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-28 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-18 843776]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-05-18 729088]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-10-28 2025752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-28 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\PROGRA~1\ICQ6.5\ICQ.exe [2009-03-01 172792]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-10-28 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-08 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=55924053

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"E:\HRY-INSTAL\Wolfenstein-instal\MP\Wolf2MP.exe"="E:\HRY-INSTAL\Wolfenstein-instal\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM)"
"E:\HRY-INSTAL\Wolfenstein-instal\MP\Wolf2MPLite.exe"="E:\HRY-INSTAL\Wolfenstein-instal\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-11-01 19:20:53 ----A---- C:\Boot.bak
2009-11-01 19:20:50 ----RASHD---- C:\cmdcons
2009-11-01 19:20:01 ----D---- C:\ComboFix
2009-11-01 19:17:14 ----A---- C:\WINDOWS\zip.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\SWSC.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\SWREG.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\sed.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\PEV.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\NIRCMD.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\MBR.exe
2009-11-01 19:17:14 ----A---- C:\WINDOWS\grep.exe
2009-11-01 19:17:11 ----D---- C:\WINDOWS\ERDNT
2009-11-01 19:15:44 ----D---- C:\Qoobox
2009-11-01 19:06:31 ----D---- C:\Config.Msi
2009-11-01 19:05:03 ----A---- C:\WINDOWS\ATICIM.INI
2009-10-31 14:41:30 ----A---- C:\WINDOWS\system32\A7BD00D6.exe
2009-10-31 14:26:16 ----D---- C:\WINDOWS\Minidump
2009-10-31 14:22:14 ----D---- C:\Fraps
2009-10-31 12:38:51 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-31 12:38:48 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-31 12:36:58 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-31 12:36:54 ----D---- C:\Program Files\MSBuild
2009-10-31 12:36:53 ----D---- C:\WINDOWS\system32\en-US
2009-10-31 12:36:48 ----D---- C:\Program Files\Reference Assemblies
2009-10-31 12:36:22 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-10-31 12:36:18 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-10-31 12:36:17 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-10-31 12:36:17 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-10-31 11:39:56 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Nero
2009-10-31 11:24:27 ----A---- C:\WINDOWS\Irremote.ini
2009-10-31 11:12:57 ----D---- C:\Program Files\Nero
2009-10-31 11:12:31 ----D---- C:\Program Files\Common Files\Nero
2009-10-31 11:12:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2009-10-29 18:59:00 ----D---- C:\rsit
2009-10-29 18:59:00 ----D---- C:\Program Files\trend micro
2009-10-29 18:32:48 ----D---- C:\Program Files\CCleaner
2009-10-29 17:26:50 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Google
2009-10-29 17:24:51 ----D---- C:\Program Files\Google
2009-10-29 17:13:33 ----D---- C:\Program Files\GamePark
2009-10-29 15:21:09 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-10-29 15:21:09 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-10-29 15:21:08 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-10-29 15:21:08 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-10-29 15:21:08 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-10-29 15:21:07 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-10-29 15:21:07 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-10-29 15:21:06 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-10-29 15:21:06 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-10-29 15:21:06 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-10-29 15:21:06 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-10-29 15:21:06 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-10-29 15:21:05 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-10-29 15:21:05 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-10-29 15:21:04 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-10-29 15:21:04 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-10-29 15:21:04 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-10-29 15:21:04 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-10-29 15:21:04 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-10-29 15:21:03 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-10-29 15:21:03 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-10-29 15:21:03 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-10-29 15:21:03 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-10-29 15:21:02 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-10-29 15:21:02 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-10-29 15:21:02 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-10-29 15:21:02 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-10-29 15:21:01 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-10-29 15:21:01 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-10-29 15:21:00 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-10-29 15:21:00 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-10-29 15:21:00 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-10-29 15:21:00 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-10-29 15:20:59 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-10-29 15:20:59 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-10-29 15:20:59 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-10-29 15:20:58 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-10-29 15:20:58 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-10-29 15:20:57 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-10-29 15:20:57 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-10-29 15:20:57 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-10-29 15:20:56 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-10-29 15:20:56 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-10-29 15:20:56 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-10-29 15:20:56 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-10-29 15:20:56 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-10-29 15:20:55 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-10-29 15:20:55 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-10-29 15:20:54 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-10-29 15:20:54 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-10-29 15:20:53 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-10-29 15:20:53 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-10-29 15:20:52 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-10-29 15:20:52 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-10-29 15:20:51 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-10-29 15:20:51 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-10-29 15:20:51 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-10-29 15:20:51 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-10-29 15:20:51 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-10-29 15:20:50 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-10-29 15:20:50 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-10-29 15:20:50 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-10-29 15:20:45 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-10-29 15:20:44 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-10-29 15:20:44 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-10-29 15:20:44 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-10-29 15:20:44 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-10-29 15:20:43 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-10-29 15:20:43 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-10-29 15:20:43 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-10-29 15:20:42 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-10-29 15:20:41 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-10-29 15:20:33 ----D---- C:\WINDOWS\Logs
2009-10-29 15:04:16 ----D---- C:\WINDOWS\system32\LogFiles
2009-10-29 15:04:16 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-10-29 15:04:16 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-10-29 15:04:16 ----A---- C:\WINDOWS\system32\pbsvc.exe
2009-10-29 14:32:12 ----A---- C:\WINDOWS\game.ini
2009-10-29 14:24:00 ----D---- C:\Program Files\Activision
2009-10-29 14:21:30 ----SHD---- C:\WINDOWS\ftpcache
2009-10-29 14:03:00 ----D---- C:\Program Files\MustBeRandomlyNamed
2009-10-29 13:55:13 ----D---- C:\Program Files\uTorrent
2009-10-29 13:55:13 ----D---- C:\Documents and Settings\raxxx\Data aplikací\uTorrent
2009-10-28 19:57:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2009-10-28 19:57:04 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-10-28 19:57:03 ----D---- C:\Program Files\DAEMON Tools Lite
2009-10-28 19:54:12 ----D---- C:\Documents and Settings\raxxx\Data aplikací\DAEMON Tools Lite
2009-10-28 19:48:50 ----D---- C:\Program Files\Adobe
2009-10-28 19:12:56 ----D---- C:\Program Files\Lavalys
2009-10-28 19:10:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-10-28 19:10:12 ----D---- C:\Program Files\Common Files\Adobe
2009-10-28 18:52:55 ----D---- C:\$AVG8.VAULT$
2009-10-28 17:25:39 ----A---- C:\WINDOWS\ODBC.INI
2009-10-28 17:25:02 ----D---- C:\Program Files\Microsoft Visual Studio
2009-10-28 17:24:57 ----D---- C:\Program Files\Common Files\Designer
2009-10-28 17:23:49 ----D---- C:\WINDOWS\ShellNew
2009-10-28 17:21:46 ----D---- C:\Program Files\Microsoft Office
2009-10-28 17:21:46 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Microsoft Web Folders
2009-10-28 17:02:16 ----D---- C:\Program Files\JDownloader 0.8
2009-10-28 17:01:35 ----A---- C:\WINDOWS\system32\javaws.exe
2009-10-28 17:01:35 ----A---- C:\WINDOWS\system32\javaw.exe
2009-10-28 17:01:35 ----A---- C:\WINDOWS\system32\java.exe
2009-10-28 17:01:35 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-10-28 17:01:29 ----D---- C:\Program Files\Java
2009-10-28 17:00:50 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Sun
2009-10-28 16:48:29 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-10-28 16:48:29 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-10-28 16:48:29 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-10-28 16:48:28 ----N---- C:\WINDOWS\system32\px.dll
2009-10-28 16:48:26 ----D---- C:\Program Files\Winamp
2009-10-28 16:48:26 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Winamp
2009-10-28 16:33:35 ----D---- C:\Program Files\AC3Filter
2009-10-28 16:31:47 ----D---- C:\Documents and Settings\raxxx\Data aplikací\ACD Systems
2009-10-28 16:30:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
2009-10-28 16:30:06 ----D---- C:\Program Files\Common Files\ACD Systems
2009-10-28 16:30:06 ----D---- C:\Program Files\ACD Systems
2009-10-28 16:29:30 ----D---- C:\WINDOWS\Downloaded Installations
2009-10-28 16:27:39 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Media Player Classic
2009-10-28 16:24:39 ----D---- C:\Program Files\Webteh
2009-10-28 16:24:39 ----D---- C:\Documents and Settings\raxxx\Data aplikací\BSplayer PRO
2009-10-28 16:24:06 ----A---- C:\WINDOWS\system32\unrar.dll
2009-10-28 16:24:06 ----A---- C:\WINDOWS\avisplitter.ini
2009-10-28 16:24:05 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-10-28 16:24:05 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-10-28 16:24:05 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-10-28 16:24:04 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-10-28 16:24:04 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-10-28 16:24:03 ----D---- C:\Program Files\K-Lite Codec Pack
2009-10-28 16:16:11 ----D---- C:\Documents and Settings\raxxx\Data aplikací\skypePM
2009-10-28 16:15:09 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Skype
2009-10-28 16:14:47 ----D---- C:\Program Files\Common Files\Skype
2009-10-28 16:14:46 ----RD---- C:\Program Files\Skype
2009-10-28 16:14:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-10-28 16:11:31 ----D---- C:\RECYCLER
2009-10-28 16:09:02 ----D---- C:\Documents and Settings\raxxx\Data aplikací\ICQ
2009-10-28 16:08:44 ----D---- C:\Program Files\ICQ6.5
2009-10-28 16:00:23 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Macromedia
2009-10-28 16:00:23 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Adobe
2009-10-28 15:54:22 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Mozilla
2009-10-28 15:54:18 ----D---- C:\Program Files\Mozilla Firefox
2009-10-28 15:15:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-10-28 15:14:53 ----D---- C:\Program Files\AVG
2009-10-28 15:14:53 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2009-10-28 15:14:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2009-10-28 15:13:07 ----D---- C:\Documents and Settings\raxxx\Data aplikací\WinRAR
2009-10-28 15:12:23 ----D---- C:\Program Files\WinRAR
2009-10-28 11:41:44 ----D---- C:\Documents and Settings\raxxx\Data aplikací\ATI
2009-10-28 11:40:01 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-10-28 11:39:48 ----D---- C:\Program Files\ATI Technologies
2009-10-28 11:39:21 ----D---- C:\ATI
2009-10-28 11:36:44 ----RSD---- C:\WINDOWS\assembly
2009-10-28 11:36:31 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-28 11:31:52 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-10-28 11:31:47 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-10-28 11:31:47 ----N---- C:\WINDOWS\system32\SMMedia.dll
2009-10-28 11:31:47 ----N---- C:\WINDOWS\system32\DSndUp.exe
2009-10-28 11:31:47 ----N---- C:\WINDOWS\system32\CleanUp.exe
2009-10-28 11:31:47 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-28 11:31:47 ----D---- C:\Program Files\Analog Devices
2009-10-28 09:56:48 ----A---- C:\WINDOWS\system32\h323log.txt
2009-10-28 09:53:36 ----A---- C:\WINDOWS\system32\usbui.dll
2009-10-28 09:52:37 ----SHD---- C:\WINDOWS\Installer
2009-10-28 09:52:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-28 09:52:36 ----D---- C:\Program Files\Common Files\ODBC
2009-10-28 09:52:36 ----A---- C:\WINDOWS\ODBCINST.INI
2009-10-28 09:52:33 ----RD---- C:\Program Files
2009-10-28 09:52:33 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-10-28 09:52:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-10-28 09:52:33 ----D---- C:\Program Files\Common Files
2009-10-28 09:52:22 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-10-28 09:52:22 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-10-28 09:52:22 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-10-28 09:52:20 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-10-28 09:52:19 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-10-28 09:52:16 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-10-28 09:52:14 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-10-28 09:52:14 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-10-28 09:52:14 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-10-28 09:52:14 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-10-28 09:52:14 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-10-28 09:52:06 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-10-28 09:52:03 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-10-28 09:52:03 ----A---- C:\WINDOWS\system32\irclass.dll
2009-10-28 09:52:03 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-10-28 09:52:03 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-10-28 09:52:03 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-10-28 09:52:00 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-10-28 09:52:00 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-10-28 09:51:59 ----A---- C:\WINDOWS\system32\batt.dll
2009-10-28 09:51:59 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-10-28 09:51:58 ----A---- C:\WINDOWS\system32\storprop.dll
2009-10-28 09:51:53 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-10-28 09:50:10 ----RA---- C:\WINDOWS\SET8.tmp
2009-10-28 09:50:08 ----RA---- C:\WINDOWS\SET4.tmp
2009-10-28 09:50:07 ----RA---- C:\WINDOWS\SET3.tmp
2009-10-28 09:50:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-28 09:50:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-28 09:49:57 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-10-28 09:49:35 ----SHD---- C:\System Volume Information
2009-10-28 09:49:35 ----D---- C:\Documents and Settings
2009-10-28 09:48:44 ----RASH---- C:\boot.ini
2009-10-28 09:45:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-28 09:45:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-28 09:45:26 ----RSD---- C:\WINDOWS\Fonts
2009-10-28 09:45:26 ----RD---- C:\WINDOWS\Web
2009-10-28 09:45:26 ----HD---- C:\WINDOWS\inf
2009-10-28 09:45:26 ----D---- C:\WINDOWS\WinSxS
2009-10-28 09:45:26 ----D---- C:\WINDOWS\WBEM
2009-10-28 09:45:26 ----D---- C:\WINDOWS\twain_32
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Temp
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\wins
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\wbem
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\usmt
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\spool
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\ShellExt
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\Setup
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\ras
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\oobe
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\npp
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\mui
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\inetsrv
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\IME
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\icsxml
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\ias
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\export
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\drivers
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\dhcp
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\cs-cz
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\cs
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\config
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\3com_dmi
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\3076
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\2052
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1054
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1042
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1041
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1037
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1033
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1031
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1029
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1028
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32\1025
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system32
2009-10-28 09:45:26 ----D---- C:\WINDOWS\system
2009-10-28 09:45:26 ----D---- C:\WINDOWS\security
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Resources
2009-10-28 09:45:26 ----D---- C:\WINDOWS\repair
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Provisioning
2009-10-28 09:45:26 ----D---- C:\WINDOWS\pchealth
2009-10-28 09:45:26 ----D---- C:\WINDOWS\PeerNet
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Offline Web Pages
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Network Diagnostic
2009-10-28 09:45:26 ----D---- C:\WINDOWS\mui
2009-10-28 09:45:26 ----D---- C:\WINDOWS\msapps
2009-10-28 09:45:26 ----D---- C:\WINDOWS\msagent
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Media
2009-10-28 09:45:26 ----D---- C:\WINDOWS\L2Schemas
2009-10-28 09:45:26 ----D---- C:\WINDOWS\java
2009-10-28 09:45:26 ----D---- C:\WINDOWS\ime
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Help
2009-10-28 09:45:26 ----D---- C:\WINDOWS\ehome
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Driver Cache
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Debug
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Cursors
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Connection Wizard
2009-10-28 09:45:26 ----D---- C:\WINDOWS\Config
2009-10-28 09:45:26 ----D---- C:\WINDOWS\AppPatch
2009-10-28 09:45:26 ----D---- C:\WINDOWS\addins
2009-10-28 09:45:26 ----D---- C:\WINDOWS
2009-10-28 09:14:29 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2009-10-28 09:14:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-10-28 09:14:01 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2009-10-28 09:14:00 ----RA---- C:\WINDOWS\system32\fdco1.dll
2009-10-28 09:13:59 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-10-28 09:13:58 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-10-28 09:13:58 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-10-28 09:13:58 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-10-28 09:13:43 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-10-28 09:13:33 ----D---- C:\Program Files\Common Files\InstallShield
2009-10-28 09:13:00 ----RA---- C:\WINDOWS\system32\raidmgmt.ini
2009-10-28 09:13:00 ----RA---- C:\WINDOWS\system32\AsusSetup.ini
2009-10-28 09:12:59 ----RA---- C:\WINDOWS\system32\AsusSetup.exe
2009-10-28 09:12:58 ----A---- C:\WINDOWS\AS_Debug.txt
2009-10-28 09:12:32 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-10-28 09:06:16 ----D---- C:\Documents and Settings\raxxx\Data aplikací\Identities
2009-10-28 09:06:14 ----HD---- C:\Program Files\Uninstall Information
2009-10-28 09:06:06 ----SD---- C:\Documents and Settings\raxxx\Data aplikací\Microsoft
2009-10-28 09:06:06 ----ASH---- C:\Documents and Settings\raxxx\Data aplikací\desktop.ini
2009-10-28 09:05:23 ----D---- C:\WINDOWS\SoftwareDistribution
2009-10-28 09:05:21 ----SD---- C:\WINDOWS\system32\Microsoft
2009-10-28 09:05:21 ----D---- C:\WINDOWS\Prefetch
2009-10-28 09:05:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-28 09:02:57 ----D---- C:\WINDOWS\system32\xircom
2009-10-28 09:02:57 ----D---- C:\Program Files\xerox
2009-10-28 09:02:57 ----D---- C:\Program Files\microsoft frontpage
2009-10-28 09:02:43 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-28 09:02:42 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-28 09:02:34 ----A---- C:\WINDOWS\control.ini
2009-10-28 09:02:34 ----A---- C:\AUTOEXEC.BAT
2009-10-28 09:02:22 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-10-28 09:01:49 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-10-28 09:01:47 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-10-28 09:01:44 ----HD---- C:\Program Files\WindowsUpdate
2009-10-28 09:01:41 ----D---- C:\Program Files\Online Services
2009-10-28 09:01:25 ----D---- C:\WINDOWS\system32\DirectX
2009-10-28 09:01:16 ----A---- C:\WINDOWS\system32\atrace.dll
2009-10-28 09:01:14 ----A---- C:\WINDOWS\system32\desktop.ini
2009-10-28 09:01:14 ----A---- C:\WINDOWS\desktop.ini
2009-10-28 09:01:06 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-10-28 09:01:04 ----D---- C:\Program Files\Common Files\Services
2009-10-28 09:01:04 ----A---- C:\WINDOWS\system32\acctres.dll
2009-10-28 09:01:00 ----SD---- C:\WINDOWS\Tasks
2009-10-28 09:01:00 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-10-28 09:00:59 ----D---- C:\Program Files\Common Files\MSSoap
2009-10-28 09:00:55 ----D---- C:\WINDOWS\srchasst
2009-10-28 09:00:54 ----D---- C:\WINDOWS\system32\Macromed
2009-10-28 09:00:52 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-10-28 09:00:52 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-10-28 09:00:52 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-10-28 09:00:52 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\wups.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-10-28 09:00:51 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-10-28 09:00:50 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-28 09:00:47 ----D---- C:\Program Files\Movie Maker
2009-10-28 09:00:26 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-10-28 09:00:25 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-10-28 09:00:25 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-10-28 09:00:25 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-10-28 09:00:22 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-10-28 09:00:21 ----D---- C:\WINDOWS\system32\Restore
2009-10-28 09:00:21 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-10-28 09:00:21 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-10-28 09:00:21 ----A---- C:\WINDOWS\system32\srclient.dll
2009-10-28 09:00:21 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-10-28 09:00:20 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-10-28 09:00:20 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-10-28 09:00:20 ----A---- C:\WINDOWS\system32\ils.dll
2009-10-28 09:00:19 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-10-28 09:00:19 ----A---- C:\WINDOWS\system32\msconf.dll
2009-10-28 09:00:19 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-10-28 09:00:16 ----D---- C:\Program Files\NetMeeting
2009-10-28 09:00:16 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-10-28 09:00:16 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-10-28 09:00:14 ----A---- C:\WINDOWS\system32\inetres.dll
2009-10-28 09:00:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-10-28 09:00:12 ----D---- C:\Program Files\Outlook Express
2009-10-28 09:00:12 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-10-28 09:00:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-10-28 09:00:12 ----A---- C:\WINDOWS\system32\mstask.dll
2009-10-28 09:00:11 ----A---- C:\WINDOWS\system32\isign32.dll
2009-10-28 09:00:11 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-10-28 09:00:11 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-10-28 09:00:11 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-10-28 09:00:05 ----D---- C:\Program Files\Common Files\System
2009-10-28 09:00:03 ----D---- C:\Program Files\Internet Explorer
2009-10-28 08:59:33 ----D---- C:\Program Files\ComPlus Applications
2009-10-28 08:59:32 ----A---- C:\WINDOWS\vbaddin.ini
2009-10-28 08:59:32 ----A---- C:\WINDOWS\vb.ini
2009-10-28 08:59:29 ----D---- C:\WINDOWS\Registration
2009-10-28 08:59:16 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-28 08:59:15 ----D---- C:\Program Files\Windows Media Player
2009-10-28 08:59:13 ----D---- C:\Program Files\Messenger
2009-10-28 08:59:09 ----D---- C:\Program Files\MSN Gaming Zone
2009-10-28 08:59:09 ----A---- C:\WINDOWS\system32\write.exe
2009-10-28 08:58:58 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-10-28 08:58:57 ----A---- C:\WINDOWS\system32\hticons.dll
2009-10-28 08:58:57 ----A---- C:\WINDOWS\system32\avwav.dll
2009-10-28 08:58:57 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-10-28 08:58:57 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-10-28 08:58:56 ----A---- C:\WINDOWS\system32\winchat.exe
2009-10-28 08:58:47 ----A---- C:\WINDOWS\system32\charmap.exe
2009-10-28 08:58:47 ----A---- C:\WINDOWS\system32\getuname.dll
2009-10-28 08:58:47 ----A---- C:\WINDOWS\system32\calc.exe
2009-10-28 08:58:46 ----A---- C:\WINDOWS\system32\winmine.exe
2009-10-28 08:58:46 ----A---- C:\WINDOWS\system32\sol.exe
2009-10-28 08:58:46 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-10-28 08:58:46 ----A---- C:\WINDOWS\system32\freecell.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\tskill.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\tscon.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\shadow.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\reset.exe
2009-10-28 08:58:45 ----A---- C:\WINDOWS\system32\regini.exe
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\msg.exe
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\logoff.exe
2009-10-28 08:58:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-10-28 08:58:37 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-10-28 08:58:36 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-10-28 08:58:36 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-10-28 08:58:36 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-10-28 08:58:35 ----D---- C:\Program Files\Windows NT
2009-10-28 08:58:35 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-10-28 08:58:35 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-10-28 08:58:34 ----A---- C:\WINDOWS\system32\spider.exe
2009-10-28 08:58:34 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-10-28 08:58:33 ----A---- C:\WINDOWS\system32\tsgqec.dll
2009-10-28 08:58:33 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-10-28 08:58:33 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2009-10-28 08:58:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-10-28 08:58:32 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-10-28 08:58:32 ----A---- C:\WINDOWS\system32\aaclient.dll
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-10-28 08:58:31 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-10-28 08:58:30 ----D---- C:\WINDOWS\system32\MsDtc
2009-10-28 08:58:30 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-10-28 08:58:30 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-10-28 08:58:30 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-10-28 08:58:30 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-10-28 08:58:30 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-10-28 08:58:29 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-10-28 08:58:29 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-10-28 08:58:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-10-28 08:58:29 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-10-28 08:58:29 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-10-28 08:58:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-10-28 08:58:28 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-10-28 08:58:28 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-10-28 08:58:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-10-28 08:58:27 ----D---- C:\WINDOWS\system32\Com
2009-10-28 08:58:27 ----A---- C:\WINDOWS\system32\stclient.dll
2009-10-28 08:58:27 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-10-28 08:58:27 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-10-28 08:58:27 ----A---- C:\WINDOWS\system32\colbact.dll
2009-10-28 08:58:27 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-10-28 08:58:27 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-10-28 08:58:26 ----A---- C:\WINDOWS\system32\comuid.dll
2009-10-28 08:58:26 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-10-28 08:58:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-10-28 08:58:26 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-10-28 08:58:25 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-10-28 08:58:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-10-28 08:58:17 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-10-28 08:58:17 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-10-28 08:58:17 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-10-28 08:58:17 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-11-01 19:23:56 ----A---- C:\WINDOWS\system.ini
2009-10-28 17:25:26 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-10-28 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-10-28 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-10-28 108552]
R3 ADIDTSFiltService;ADI DTS Filter Service; C:\WINDOWS\system32\drivers\adidts.sys [2006-06-15 142464]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-10-28 29208]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-10-28 29208]
S3 catchme;catchme; \??\C:\DOCUME~1\raxxx\LOCALS~1\Temp\catchme.sys []
S3 svenbowm;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\svenbowm.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-08 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-10-28 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-10-28 297752]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-10-28 1370488]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-28 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-10-29 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-10-31 191304]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-29 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#4 Příspěvek od stell »

:arrow:
otestujte na VIRUSTOTALu
C:\WINDOWS\system32\A7BD00D6.exe
(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledek sem vlozte)
:arrow:
:arrow:
táhněte MBR - http://www2.gmer.net/mbr/mbr.exe ulož ho na plochu>spust > vytvoří se log mbr.log, vložte ho celý sem.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#5 Příspěvek od raxxx »

Soubor A7BD00D6.exe přijatý 2009.11.01 19:37:51 (UTC)
Současný stav: Dokončeno
Výsledek: 22/41 (53.66%)
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.41 2009.11.01 Trojan-Spy.Agent.NJP!IK
AhnLab-V3 5.0.0.2 2009.10.30 Win-Trojan/Agent.6656.FJ
AntiVir 7.9.1.53 2009.10.30 -
Antiy-AVL 2.0.3.7 2009.10.30 Trojan/Win32.OnLineGames.gen
Authentium 5.1.2.4 2009.11.01 W32/Trojan2.IRFH
Avast 4.8.1351.0 2009.11.01 -
AVG 8.5.0.423 2009.11.01 -
BitDefender 7.2 2009.11.01 -
CAT-QuickHeal 10.00 2009.10.31 Trojan.Agent.IRC
ClamAV 0.94.1 2009.11.01 Trojan.Spy-44942
Comodo 2806 2009.11.01 TrojWare.Win32.Agent.~GAJ
DrWeb 5.0.0.12182 2009.11.01 -
eSafe 7.0.17.0 2009.11.01 -
eTrust-Vet 35.1.7094 2009.10.30 Win32/PcClient.FW
F-Prot 4.5.1.85 2009.11.01 W32/Trojan2.IRFH
F-Secure 9.0.15370.0 2009.10.30 Trojan:W32/Agent.IKS
Fortinet 3.120.0.0 2009.11.01 W32/Agent.1EA9!tr
GData 19 2009.11.01 -
Ikarus T3.1.1.72.0 2009.11.01 Trojan-Spy.Agent.NJP
Jiangmin 11.0.800 2009.11.01 TrojanSpy.Agent.dja
K7AntiVirus 7.10.885 2009.10.31 Trojan-Spy.Win32.Agent.NJP
Kaspersky 7.0.0.125 2009.11.01 -
McAfee 5789 2009.11.01 Generic PWS.y
McAfee+Artemis 5789 2009.11.01 Generic PWS.y
McAfee-GW-Edition 6.8.5 2009.11.01 -
Microsoft 1.5202 2009.11.01 -
NOD32 4563 2009.11.01 -
Norman 6.03.02 2009.11.01 W32/Agent.MJJN
nProtect 2009.1.8.0 2009.11.01 Trojan-Spy/W32.Agent.6656.C
Panda 10.0.2.2 2009.11.01 Trj/Agent.KFY
PCTools 7.0.3.5 2009.10.30 -
Prevx 3.0 2009.11.01 -
Rising 21.53.62.00 2009.11.01 -
Sophos 4.47.0 2009.11.01 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.11.01 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.11.01 -
TheHacker 6.5.0.2.058 2009.10.31 Trojan/Agent.gen
TrendMicro 8.950.0.1094 2009.11.01 -
VBA32 3.12.10.11 2009.10.30 -
ViRobot 2009.10.31.2015 2009.10.31 -
VirusBuster 4.6.5.0 2009.10.31 -
Rozšiřující informace
File size: 6656 bytes
MD5 : 2d2cfd52b636a3acdd036b74e55b9a7a
SHA1 : df8b83e169053cf8f806a02ef35b9d19b6cf3ba9
SHA256: 61c4b83ca42cd72e90ac46557547994c1aa4a49412e7b1190c610d1837ef8819
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1C1D
timedatestamp.....: 0x4649D618 (Tue May 15 17:47:36 2007)
machinetype.......: 0x14C (Intel I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0xC2C 0xE00 5.70 3dd073383b20c611a463431861c16973
DATA 0x2000 0x8 0x200 0.04 532dd4aa9cd9b1a3dad1f0b610d1d6cc
BSS 0x3000 0xA22F5 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0xA6000 0x2D8 0x400 3.57 1ca6e665e111aa0d5ca04c130721765d
.reloc 0xA7000 0x10C 0x200 3.99 ce7e4bf50b046fae2ca28edba741b101

( 3 imports )

> advapi32.dll: StartServiceCtrlDispatcherW, SetServiceStatus, RegisterServiceCtrlHandlerW
> kernel32.dll: VirtualProtectEx, Sleep, SetErrorMode, OutputDebugStringW, LocalUnlock, LocalReAlloc, LocalLock, LocalFree, LocalAlloc, HeapFree, HeapAlloc, GetVolumeInformationW, GetProcessHeap, GetCurrentProcess, GetCommandLineW, FindFirstFileExW, FindClose, ExitProcess
> ntdll.dll: ZwQueryInformationFile, ZwCreateFile, ZwClose, RtlInitUnicodeString

( 0 exports )
TrID : File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
ThreatExpert: http://www.threatexpert.com/report.aspx ... 74e55b9a7a
ssdeep: 48:OEPDnVTXagwDAk70wmXAp4byWHgs8SHpG89HWBFdLTmtcQ9wkIZMHBYnO3O7E1J:nPDnFXApTsL889aFhicCPGO3Og1
PEiD : -
CWSandbox: http://research.sunbelt-software.com/pa ... 74e55b9a7a
RDS : NSRL Reference Data Set
-

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit quick scan 2009-11-01 21:12:15
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\raxxx\LOCALS~1\Temp\ufliqpow.sys


---- System - GMER 1.0.15 ----

Code \??\C:\DOCUME~1\raxxx\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----



GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-11-01 21:04:54
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\raxxx\LOCALS~1\Temp\ufliqpow.sys


---- System - GMER 1.0.15 ----

Code \??\C:\DOCUME~1\raxxx\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\raxxx\LOCALS~1\Temp\catchme.sys Systém nemůže nalézt uvedený soubor. !
? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS Systém nemůže nalézt uvedený soubor. !
? C:\WINDOWS\system32\drivers\CLASSPNP_2.sys Systém nemůže nalézt uvedený soubor. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x04 0x2C 0xA9 0x56 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x39 0xA9 0x69 0x0A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0x66 0x30 0x04 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x04 0x2C 0xA9 0x56 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x39 0xA9 0x69 0x0A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0x66 0x30 0x04 ...

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\temp\1a335809-4881-43c6-b31c-c7c4801e009a.tmp 0 bytes
File C:\WINDOWS\temp\71867de2-0616-4043-8377-f324d17d0d94.tmp 0 bytes
File C:\WINDOWS\temp\741c2f86-c374-4641-bad2-b380b868c220.tmp 0 bytes

---- EOF - GMER 1.0.15 ----


Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK


doufam že se to povedlo :)

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#6 Příspěvek od stell »

mas smolu,,,mas to tam zavirene,,ja dnes koncim,,..
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#7 Příspěvek od raxxx »

hmm pech :wink: ,reinstal

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#8 Příspěvek od stell »

cc,,ziadny reinstal,,mas tam zopar smedjov ktore treba vyrezat,,takze vydrz,,ok, :wink:
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#9 Příspěvek od raxxx »

OK :) (je zajimavé že zpoloodinstalovanym ovladačem grafiky už system nevytuhne do 5minunut :wink: ) a drži už cca 3h

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#10 Příspěvek od stell »

:evil: MiliNess
nechcem tu vidiet vase HW <<>>??experimenty,ok,,,,
enter,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#11 Příspěvek od stell »

takze kludne pokracuj a (ospravodlnujem sa za spam) :D
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
File::
C:\WINDOWS\system32\A7BD00D6.exe
Rootkit::
C:\WINDOWS\temp\1a335809-4881-43c6-b31c-c7c4801e009a.tmp
C:\WINDOWS\temp\71867de2-0616-4043-8377-f324d17d0d94.tmp
C:\WINDOWS\temp\741c2f86-c374-4641-bad2-b380b868c220.tmp
FixCSet::
Reboot::
Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#12 Příspěvek od raxxx »

ComboFix 09-10-30.01 - raxxx 02.11.2009 15:13.3.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1471 [GMT 1:00]
Spuštěný z: c:\documents and settings\raxxx\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\raxxx\Plocha\CFScript.txt
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

FILE ::
"c:\windows\system32\A7BD00D6.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\A7BD00D6.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-10-02 do 2009-11-02 )))))))))))))))))))))))))))))))
.

2009-10-31 13:22 . 2009-11-01 22:00 -------- d-----w- C:\Fraps
2009-10-31 11:38 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-10-31 11:36 . 2009-10-31 11:36 -------- d-----w- c:\windows\system32\XPSViewer
2009-10-31 11:36 . 2009-10-31 11:36 -------- d-----w- c:\program files\MSBuild
2009-10-31 11:36 . 2009-10-31 11:36 -------- d-----w- c:\program files\Reference Assemblies
2009-10-31 11:36 . 2007-11-30 11:18 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-10-31 11:36 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-31 11:36 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-31 11:36 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-31 11:36 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-31 11:36 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-31 11:36 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-31 11:36 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-31 10:12 . 2009-10-31 11:51 -------- d-----w- c:\program files\Nero
2009-10-31 10:12 . 2009-10-31 11:56 -------- d-----w- c:\program files\Common Files\Nero
2009-10-29 17:59 . 2009-11-01 18:47 -------- d-----w- c:\program files\trend micro
2009-10-29 17:59 . 2009-10-29 17:59 -------- d-----w- C:\rsit
2009-10-29 17:32 . 2009-10-29 17:32 -------- d-----w- c:\program files\CCleaner
2009-10-29 16:24 . 2009-10-29 16:26 -------- d-----w- c:\program files\Google
2009-10-29 16:13 . 2009-10-29 16:13 -------- d-----w- c:\program files\GamePark
2009-10-29 14:20 . 2007-10-22 02:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2009-10-29 14:05 . 2009-10-31 13:21 138352 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-29 14:04 . 2009-11-01 18:19 -------- d-----w- c:\windows\system32\LogFiles
2009-10-29 14:04 . 2009-10-31 13:20 191304 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-29 14:04 . 2009-10-29 14:04 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-29 14:04 . 2009-10-29 14:04 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-29 13:24 . 2009-10-29 13:24 -------- d-----w- c:\program files\Activision
2009-10-29 13:21 . 2009-10-29 13:21 -------- d-sh--w- c:\windows\ftpcache
2009-10-29 13:03 . 2009-10-29 13:03 -------- d-----w- c:\program files\MustBeRandomlyNamed
2009-10-29 12:55 . 2009-10-29 12:55 -------- d-----w- c:\program files\uTorrent
2009-10-28 18:57 . 2009-10-28 18:57 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-10-28 18:57 . 2009-10-28 19:04 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-10-28 18:54 . 2009-10-28 18:54 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-28 18:12 . 2009-10-28 18:12 -------- d-----w- c:\program files\Lavalys
2009-10-28 18:10 . 2009-10-28 18:48 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-28 17:52 . 2009-10-28 17:52 -------- d-----w- C:\$AVG8.VAULT$
2009-10-28 16:23 . 2009-10-28 16:23 -------- d-----w- c:\windows\ShellNew
2009-10-28 16:02 . 2009-11-01 21:22 -------- d-----w- c:\program files\JDownloader 0.8
2009-10-28 16:01 . 2009-10-28 16:01 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-28 16:01 . 2009-10-28 16:01 -------- d-----w- c:\program files\Java
2009-10-28 15:33 . 2009-10-28 15:33 -------- d-----w- c:\program files\AC3Filter
2009-10-28 15:30 . 2009-10-28 15:30 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-10-28 15:30 . 2009-10-28 15:30 -------- d-----w- c:\program files\ACD Systems
2009-10-28 15:29 . 2009-10-28 15:29 -------- d-----w- c:\windows\Downloaded Installations
2009-10-28 15:24 . 2009-10-28 15:24 -------- d-----w- c:\program files\Webteh
2009-10-28 15:24 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-10-28 15:24 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-10-28 15:24 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-10-28 15:24 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-10-28 15:24 . 2009-10-27 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-28 15:24 . 2009-10-28 15:28 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-28 15:16 . 2009-10-28 15:16 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-10-28 15:14 . 2009-10-28 15:14 -------- d-----w- c:\program files\Common Files\Skype
2009-10-28 15:14 . 2009-10-28 15:15 -------- d-----r- c:\program files\Skype
2009-10-28 15:08 . 2009-10-28 15:10 -------- d-----w- c:\program files\ICQ6.5
2009-10-28 14:54 . 2009-10-28 14:54 0 ----a-w- c:\windows\nsreg.dat
2009-10-28 14:15 . 2009-10-28 14:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-10-28 14:15 . 2009-10-28 14:57 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-10-28 14:15 . 2009-10-28 14:57 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-10-28 14:15 . 2009-10-28 14:57 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-10-28 14:15 . 2009-10-28 14:57 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-10-28 14:15 . 2009-11-02 13:46 -------- d-----w- c:\windows\system32\drivers\Avg
2009-10-28 14:14 . 2009-10-28 14:57 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2009-10-28 14:14 . 2009-10-28 14:57 29208 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2009-10-28 14:14 . 2009-10-28 14:14 -------- d-----w- c:\program files\AVG
2009-10-28 14:11 . 2008-04-13 23:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-10-28 10:41 . 2009-10-28 10:41 0 ----a-w- c:\windows\ativpsrm.bin
2009-10-28 10:40 . 2009-09-25 15:35 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-10-28 10:39 . 2009-11-01 18:06 -------- d-----w- c:\program files\ATI Technologies
2009-10-28 10:39 . 2009-10-28 10:39 -------- d-----w- C:\ATI
2009-10-28 10:31 . 2008-04-14 07:51 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2009-10-28 10:31 . 2008-04-14 07:51 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-10-28 10:31 . 2008-04-13 23:49 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2009-10-28 10:31 . 2008-04-13 23:49 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-10-28 10:31 . 2008-04-13 23:15 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2009-10-28 10:31 . 2008-04-13 23:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-10-28 10:31 . 2009-10-29 16:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-28 10:31 . 2009-10-28 10:31 -------- d-----w- c:\program files\Analog Devices
2009-10-28 10:31 . 2005-09-26 15:20 49152 ------w- c:\windows\system32\DSndUp.exe
2009-10-28 10:31 . 2005-05-04 08:20 53248 ------w- c:\windows\system32\wdmioctl.dll
2009-10-28 10:31 . 2002-04-17 14:05 45056 ------w- c:\windows\system32\CleanUp.exe
2009-10-28 10:31 . 2001-09-11 14:20 1285632 ------w- c:\windows\system32\SMMedia.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-31 11:37 . 2001-10-25 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2009-10-31 11:37 . 2001-10-25 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2009-10-29 13:22 . 2009-10-28 08:13 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-28 16:21 . 2009-10-28 08:02 -------- d-----w- c:\program files\microsoft frontpage
2009-10-28 15:48 . 2009-10-28 15:48 -------- d-----w- c:\program files\Winamp
2009-10-28 07:59 . 2009-10-28 07:59 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-28 07:59 . 2009-10-28 07:59 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-23 22:59 . 2009-07-15 04:20 4481024 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-09-23 22:39 . 2009-07-15 02:29 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-23 22:38 . 2009-07-15 02:27 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2009-09-23 22:21 . 2009-07-15 02:10 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-23 22:21 . 2009-07-15 02:10 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-23 22:21 . 2009-07-15 02:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-23 22:20 . 2009-07-15 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-23 22:20 . 2009-07-15 02:09 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-23 22:19 . 2009-07-15 02:08 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-23 22:17 . 2009-07-15 02:06 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-23 22:11 . 2009-07-15 02:00 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-23 22:09 . 2009-07-15 01:58 3506080 ----a-w- c:\windows\system32\ati3duag.dll
2009-09-23 21:58 . 2009-07-15 01:48 12644352 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-23 21:53 . 2009-07-15 01:44 2096384 ----a-w- c:\windows\system32\ativvaxx.dll
2009-09-23 21:36 . 2009-07-15 01:27 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-09-23 21:36 . 2009-07-15 01:27 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-23 21:32 . 2009-07-15 01:23 561152 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-23 21:31 . 2009-07-15 01:22 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-23 21:31 . 2009-07-15 01:22 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-23 21:30 . 2009-07-15 01:21 167936 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-23 21:29 . 2009-07-15 01:20 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-23 21:29 . 2009-07-15 01:20 3489792 ----a-w- c:\windows\system32\aticaldd.dll
2009-09-23 21:28 . 2009-07-15 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-23 21:27 . 2009-07-15 01:18 401408 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-23 21:23 . 2009-07-15 01:14 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-09-01 19:55 . 2009-06-10 16:54 195855 ----a-w- c:\windows\system32\atiicdxx.dat
2009-08-29 05:09 . 2009-08-29 05:09 86016 ----a-w- c:\windows\system32\frapsvid.dll
.

------- Sigcheck -------

[-] 2008-05-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-11-01_18.53.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-02 14:24 . 2009-11-02 14:24 16384 c:\windows\temp\Perflib_Perfdata_590.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\progra~1\ICQ6.5\ICQ.exe" [2009-03-01 172792]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-18 843776]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-02 2028312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-28 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-10-28 14:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\HRY-INSTAL\\Wolfenstein-instal\\MP\\Wolf2MP.exe"=
"e:\\HRY-INSTAL\\Wolfenstein-instal\\MP\\Wolf2MPLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [28.10.2009 15:15 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28.10.2009 15:15 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28.10.2009 15:15 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28.10.2009 15:57 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28.10.2009 15:57 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [28.10.2009 15:57 1370488]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [28.10.2009 15:14 29208]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.10.2009 17:25 133104]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [28.10.2009 15:14 29208]
S3 svenbowm;Rootkit Unhooker Driver; [x]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - CLASSPNP_2
*Deregistered* - mbr
.
Obsah adresáře 'Naplánované úlohy'

2009-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-29 16:24]

2009-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-29 16:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
FF - ProfilePath - c:\documents and settings\raxxx\Data aplikací\Mozilla\Firefox\Profiles\4yc6bwtf.default\
FF - prefs.js: browser.startup.homepage - http:/www.seznam.cz
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-02 15:24
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1300)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2260)
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\progra~1\AVG\AVG8\avgam.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2009-11-02 15:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-11-02 14:25
ComboFix2.txt 2009-11-01 18:54

Před spuštěním: Volných bajtů: 38 323 281 920
Po spuštění: Volných bajtů: 38 294 372 352

- - End Of File - - 7CB39BA3D093D8AA9D0CEC90C22B051D

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#13 Příspěvek od stell »

ok,
ako sa chova pc??
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

raxxx
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 12 říj 2009 21:28

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#14 Příspěvek od raxxx »

Při spuštěni Win "zamrzne" načitaci obrazovka windows xp,takže win spustim jen v režimu "ladění" po najezdu
se zobrazi
Obrázek
Nefungujou hry asi kvuli neodinstalovanemé ovladači (zamrzly winy),po spuštěni skype do 5min winy zamrznou,ICQ funguje normalně a dalši programy taky.

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: Win XP SP3 -IRQL_NOT_LESS_OR_EQUAL

#15 Příspěvek od stell »

Odinstaluj progrm C:\Program Files\DAEMON Tools Lite
http://www.duplexsecure.com/en/downloads
:arrow: Stahni dle ze stranek SPTD http://www.duplexsecure.com/en/downloads verzi dle sveho operacniho systemu. SPTD for Windows (32 bit) nebo (64b) na plochu
- spust
- zvol moznost Uninstall
- restart PC
odskusat,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

Odpovědět