Prosím o pomoc (nejde udělat log HiJack)

Zpráva

kotsi · #1 Příspěvek od **kotsi** » 02 říj 2011 08:35

Nejde me udelat log kdyz spustim Hijack tak me hned spadne to same se deje z programem Mwav.
Jeste jsem zjistil podezrely program ve spravci uloh 3702982127.284837923.exe nejde ukoncit ani KIllboxem.Pocitac se chova zvlastne
vyskakuje hlaska "V zajmu ochrany pocitace brana firewall zablokovala nektere funkce tohoto programu"
Prosim o radu dik.

kotsi · #2 Příspěvek od **kotsi** » 02 říj 2011 10:05

Po spusteni Comba to chtelo nainstalovat Konzolu pro zotaveni dal jsem NE potom to detekovalo pritomnost aktivity rootkitu a vyzadovalo restart pak log

ComboFix 11-09-30.03 - Pepa 02.10.2011 10:44:10.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.556 [GMT 2:00]
Spuštěný z: c:\docume~1\Pepa\LOCALS~1\Temp\Rar$DI00.462\turbina.com
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\xmlUpdater.exe
c:\documents and settings\Default User\xmlUpdater.exe
c:\documents and settings\Pepa\WINDOWS
c:\documents and settings\Pepa\xmlUpdater.exe
c:\program files\Lion Skin DB Toolbar\tbHElper.dll
c:\windows\$NtUninstallKB42790$
c:\windows\$NtUninstallKB42790$\1578252092
c:\windows\$NtUninstallKB42790$\4010129372\@
c:\windows\$NtUninstallKB42790$\4010129372\click.tlb
c:\windows\$NtUninstallKB42790$\4010129372\L\rgzieovo
c:\windows\$NtUninstallKB42790$\4010129372\loader(2).tlb
c:\windows\$NtUninstallKB42790$\4010129372\loader.tlb
c:\windows\$NtUninstallKB42790$\4010129372\U\@00000001
c:\windows\$NtUninstallKB42790$\4010129372\U\@000000c0
c:\windows\$NtUninstallKB42790$\4010129372\U\@000000cb
c:\windows\$NtUninstallKB42790$\4010129372\U\@000000cf
c:\windows\$NtUninstallKB42790$\4010129372\U\@80000000
c:\windows\$NtUninstallKB42790$\4010129372\U\@800000c0
c:\windows\$NtUninstallKB42790$\4010129372\U\@800000cb
c:\windows\$NtUninstallKB42790$\4010129372\U\@800000cf
c:\windows\system32\
c:\windows\system32\config\systemprofile\xmlUpdater.exe
c:\windows\system32\TZLog.log
.
Nakažená kopie c:\windows\system32\drivers\cdrom.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015202.sys
.
Nakažená kopie c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015365.exe
.
Nakažená kopie c:\program files\iPod\bin\iPodService.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015369.exe
.
Nakažená kopie c:\program files\Java\jre6\bin\jqs.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015366.exe
.
Nakažená kopie c:\windows\system32\nvsvc32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\ReinstallBackups\0000\DriverFiles\nvsvc32.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ef05b7dc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-02 do 2011-10-02 )))))))))))))))))))))))))))))))
.
.
2011-10-02 08:29 . 2011-10-02 08:35 -------- d-----w- C:\turbina
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2008-04-14 08:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2008-04-14 00:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-08 14:02 . 2008-04-14 00:27 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-28 12:37 . 2011-09-20 17:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-07-30 08:09 . A825F4181AEC077D8DCA1053DC015265 . 1542656 . . [2001.12.4414.700] . . c:\windows\Lion Skin Pack\Backup\comres.dll
[-] 2008-07-30 08:09 . 7FD161A3A3E881A66A6464D332C62F6C . 1670656 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-07-30 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\Lion Skin Pack\Backup\comctl32.dll
[-] 2010-08-23 . C16F4AB56B332A57869094DD8825824D . 697344 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . C16F4AB56B332A57869094DD8825824D . 697344 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-07-30 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-07-30 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\Lion Skin Pack\Backup\user32.dll
[-] 2008-07-30 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-07-30 . 8C480B7563206D6DC1B9809D64C9DF7F . 2999296 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-07-30 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512] . . c:\windows\Lion Skin Pack\Backup\explorer.exe
.
[-] 2008-04-14 . 857D90FBC73735695A90B3C62BAB019D . 795648 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . c:\windows\Lion Skin Pack\Backup\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\Lion Skin Pack\Backup\ole32.dll
[-] 2010-07-16 . 17A9CF5C22732B9BE6404500965E57F4 . 1349632 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 17A9CF5C22732B9BE6404500965E57F4 . 1349632 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
.
[-] 2008-08-01 . 4904E891E6C814DE9225400C8DAD494D . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-07-30 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinRoll"="c:\windows\Lion Skin Pack\Winroll\winroll.exe" [2006-01-01 15872]
"RocketDock"="c:\windows\Lion Skin Pack\RocketDock\RocketDock.exe" [2007-09-01 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-01-28 1228800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-07-30 40960]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\MediaMonkey\\MediaMonkey (non-skinned).exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
"c:\\WINDOWS\\system32\\WgaTray.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
S1 MpKsl7efec08c;MpKsl7efec08c; [x]
S1 MpKsla3b0f976;MpKsla3b0f976;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EF3F76A4-93D8-460B-9556-4300DE35A2F6}\MpKsla3b0f976.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EF3F76A4-93D8-460B-9556-4300DE35A2F6}\MpKsla3b0f976.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [20.9.2011 8:30 27064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\jvwvpo9x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 10:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(520)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(576)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(2464)
c:\windows\system32\SHDOCVW.dll
c:\windows\Lion Skin Pack\RocketDock\RocketDock.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\Lion Skin Pack\Winroll\winroll.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\stobject.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\Mixer.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2011-10-02 11:00:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-02 09:00
.
Před spuštěním: Volných bajtů: 32 337 408 000
Po spuštění: Volných bajtů: 32 588 611 584
.
- - End Of File - - 9FFE57109DE1B7714CC27B5626B0A41B

kotsi · #3 Příspěvek od **kotsi** » 02 říj 2011 10:47

Dik za trpelivost nejsem v tomto moc znalej
Logy
ComboFix 11-10-01.03 - Pepa 02.10.2011 11:26:58.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.490 [GMT 2:00]
Spuštěný z: c:\documents and settings\Pepa\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-02 do 2011-10-02 )))))))))))))))))))))))))))))))
.
.
2011-10-02 08:29 . 2011-10-02 08:35 -------- d-----w- C:\turbina
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2008-04-14 08:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2008-04-14 00:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-12 09:20 . 2011-07-12 09:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-08 14:02 . 2008-04-14 00:27 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-28 12:37 . 2011-09-20 17:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-07-30 08:09 . A825F4181AEC077D8DCA1053DC015265 . 1542656 . . [2001.12.4414.700] . . c:\windows\Lion Skin Pack\Backup\comres.dll
[-] 2008-07-30 08:09 . 7FD161A3A3E881A66A6464D332C62F6C . 1670656 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-07-30 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\Lion Skin Pack\Backup\comctl32.dll
[-] 2010-08-23 . C16F4AB56B332A57869094DD8825824D . 697344 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . C16F4AB56B332A57869094DD8825824D . 697344 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-07-30 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-07-30 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\Lion Skin Pack\Backup\user32.dll
[-] 2008-07-30 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-07-30 . 8C480B7563206D6DC1B9809D64C9DF7F . 2999296 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-07-30 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512] . . c:\windows\Lion Skin Pack\Backup\explorer.exe
.
[-] 2008-04-14 . 857D90FBC73735695A90B3C62BAB019D . 795648 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . c:\windows\Lion Skin Pack\Backup\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\Lion Skin Pack\Backup\ole32.dll
[-] 2010-07-16 . 17A9CF5C22732B9BE6404500965E57F4 . 1349632 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 17A9CF5C22732B9BE6404500965E57F4 . 1349632 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
.
[-] 2008-08-01 . 4904E891E6C814DE9225400C8DAD494D . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-07-30 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinRoll"="c:\windows\Lion Skin Pack\Winroll\winroll.exe" [2006-01-01 15872]
"RocketDock"="c:\windows\Lion Skin Pack\RocketDock\RocketDock.exe" [2007-09-01 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-01-28 1228800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-07-30 40960]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\MediaMonkey\\MediaMonkey (non-skinned).exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
"c:\\WINDOWS\\system32\\WgaTray.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
S1 MpKsl7efec08c;MpKsl7efec08c; [x]
S1 MpKsla3b0f976;MpKsla3b0f976;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EF3F76A4-93D8-460B-9556-4300DE35A2F6}\MpKsla3b0f976.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EF3F76A4-93D8-460B-9556-4300DE35A2F6}\MpKsla3b0f976.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [20.9.2011 8:30 27064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\jvwvpo9x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 11:34
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(520)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(576)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(860)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\stobject.dll
c:\windows\system32\portabledeviceapi.dll
.
Celkový čas: 2011-10-02 11:36:40
ComboFix-quarantined-files.txt 2011-10-02 09:36
ComboFix2.txt 2011-10-02 09:00
.
Před spuštěním: Volných bajtů: 32 583 544 832
Po spuštění: Volných bajtů: 32 573 464 576
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F664B190AED3B85A0C24289E0B66ABA0

11:41:04.0365 1800 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
11:41:04.0465 1800 ============================================================
11:41:04.0465 1800 Current date / time: 2011/10/02 11:41:04.0465
11:41:04.0465 1800 SystemInfo:
11:41:04.0465 1800
11:41:04.0465 1800 OS Version: 5.1.2600 ServicePack: 3.0
11:41:04.0465 1800 Product type: Workstation
11:41:04.0465 1800 ComputerName: PEPA-097E9FD5A8
11:41:04.0465 1800 UserName: Pepa
11:41:04.0465 1800 Windows directory: C:\WINDOWS
11:41:04.0465 1800 System windows directory: C:\WINDOWS
11:41:04.0465 1800 Processor architecture: Intel x86
11:41:04.0465 1800 Number of processors: 1
11:41:04.0465 1800 Page size: 0x1000
11:41:04.0465 1800 Boot type: Normal boot
11:41:04.0465 1800 ============================================================
11:41:05.0517 1800 Initialize success
11:41:54.0157 3228 ============================================================
11:41:54.0157 3228 Scan started
11:41:54.0157 3228 Mode: Manual; SigCheck; TDLFS;
11:41:54.0157 3228 ============================================================
11:41:54.0477 3228 Abiosdsk - ok
11:41:54.0537 3228 abp480n5 - ok
11:41:54.0627 3228 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:41:55.0028 3228 ACPI - ok
11:41:55.0108 3228 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:41:55.0348 3228 ACPIEC - ok
11:41:55.0429 3228 adpu160m - ok
11:41:55.0519 3228 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:41:55.0799 3228 aec - ok
11:41:55.0889 3228 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
11:41:55.0959 3228 AFD - ok
11:41:56.0039 3228 Aha154x - ok
11:41:56.0089 3228 aic78u2 - ok
11:41:56.0140 3228 aic78xx - ok
11:41:56.0370 3228 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
11:41:56.0811 3228 ALCXWDM - ok
11:41:56.0921 3228 AliIde - ok
11:41:57.0021 3228 AmdK7 (3980814f8027d27ea003e2e3d9d4f604) C:\WINDOWS\system32\DRIVERS\amdk7.sys
11:41:57.0311 3228 AmdK7 - ok
11:41:57.0401 3228 amsint - ok
11:41:57.0492 3228 asc - ok
11:41:57.0552 3228 asc3350p - ok
11:41:57.0622 3228 asc3550 - ok
11:41:57.0752 3228 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:41:58.0042 3228 AsyncMac - ok
11:41:58.0122 3228 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:41:58.0463 3228 atapi - ok
11:41:58.0533 3228 Atdisk - ok
11:41:58.0613 3228 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:41:58.0914 3228 Atmarpc - ok
11:41:59.0014 3228 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:41:59.0314 3228 audstub - ok
11:41:59.0434 3228 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:41:59.0725 3228 Beep - ok
11:41:59.0805 3228 catchme - ok
11:41:59.0915 3228 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:42:00.0225 3228 cbidf2k - ok
11:42:00.0316 3228 cd20xrnt - ok
11:42:00.0406 3228 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:42:00.0746 3228 Cdaudio - ok
11:42:00.0836 3228 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:42:01.0147 3228 Cdfs - ok
11:42:01.0267 3228 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:42:01.0567 3228 Cdrom - ok
11:42:01.0647 3228 Changer - ok
11:42:01.0748 3228 CmdIde - ok
11:42:01.0858 3228 cmpci (21d32a883613739d206166ec1ae561f1) C:\WINDOWS\system32\drivers\cmaudio.sys
11:42:01.0918 3228 cmpci ( UnsignedFile.Multi.Generic ) - warning
11:42:01.0918 3228 cmpci - detected UnsignedFile.Multi.Generic (1)
11:42:02.0078 3228 cmuda3 (a0f7d6b070f15ead9f4231b51b246e4c) C:\WINDOWS\system32\drivers\cmudax3.sys
11:42:02.0218 3228 cmuda3 - ok
11:42:02.0328 3228 Cpqarray - ok
11:42:02.0419 3228 dac2w2k - ok
11:42:02.0469 3228 dac960nt - ok
11:42:02.0579 3228 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:42:02.0889 3228 Disk - ok
11:42:03.0009 3228 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:42:03.0380 3228 dmboot - ok
11:42:03.0460 3228 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:42:03.0771 3228 dmio - ok
11:42:03.0861 3228 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:42:04.0181 3228 dmload - ok
11:42:04.0271 3228 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:42:04.0582 3228 DMusic - ok
11:42:04.0682 3228 dpti2o - ok
11:42:04.0762 3228 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:42:05.0042 3228 drmkaud - ok
11:42:05.0193 3228 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:42:05.0493 3228 Fastfat - ok
11:42:05.0613 3228 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:42:05.0904 3228 Fdc - ok
11:42:06.0004 3228 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:42:06.0294 3228 Fips - ok
11:42:06.0394 3228 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:42:06.0675 3228 Flpydisk - ok
11:42:06.0755 3228 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:42:07.0055 3228 FltMgr - ok
11:42:07.0165 3228 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:42:07.0456 3228 Fs_Rec - ok
11:42:07.0556 3228 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:42:07.0826 3228 Ftdisk - ok
11:42:07.0937 3228 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
11:42:08.0227 3228 gameenum - ok
11:42:08.0317 3228 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:42:08.0337 3228 GEARAspiWDM - ok
11:42:08.0417 3228 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:42:08.0698 3228 Gpc - ok
11:42:08.0808 3228 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:42:09.0068 3228 hidusb - ok
11:42:09.0168 3228 hpn - ok
11:42:09.0278 3228 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:42:09.0359 3228 HTTP - ok
11:42:09.0459 3228 i2omgmt - ok
11:42:09.0529 3228 i2omp - ok
11:42:09.0629 3228 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:42:09.0959 3228 i8042prt - ok
11:42:10.0060 3228 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:42:10.0340 3228 Imapi - ok
11:42:10.0440 3228 ini910u - ok
11:42:10.0520 3228 IntelIde - ok
11:42:10.0590 3228 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:42:10.0891 3228 Ip6Fw - ok
11:42:10.0981 3228 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:42:11.0231 3228 IpFilterDriver - ok
11:42:11.0331 3228 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:42:11.0602 3228 IpInIp - ok
11:42:11.0692 3228 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:42:11.0942 3228 IpNat - ok
11:42:12.0042 3228 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:42:12.0373 3228 IPSec - ok
11:42:12.0493 3228 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:42:12.0613 3228 IRENUM - ok
11:42:12.0723 3228 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:42:12.0974 3228 isapnp - ok
11:42:13.0074 3228 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:42:13.0334 3228 Kbdclass - ok
11:42:13.0454 3228 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:42:13.0725 3228 kmixer - ok
11:42:13.0815 3228 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:42:13.0895 3228 KSecDD - ok
11:42:13.0995 3228 lbrtfdc - ok
11:42:14.0165 3228 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:42:14.0456 3228 mnmdd - ok
11:42:14.0566 3228 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:42:14.0846 3228 Modem - ok
11:42:14.0947 3228 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:42:15.0227 3228 Mouclass - ok
11:42:15.0347 3228 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:42:15.0598 3228 mouhid - ok
11:42:15.0738 3228 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:42:16.0028 3228 MountMgr - ok
11:42:16.0289 3228 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:42:16.0319 3228 MpFilter - ok
11:42:16.0549 3228 MpKsl7efec08c - ok
11:42:16.0679 3228 MpKsla3b0f976 - ok
11:42:16.0919 3228 mraid35x - ok
11:42:17.0220 3228 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:42:17.0480 3228 MRxDAV - ok
11:42:17.0821 3228 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:42:17.0931 3228 MRxSmb - ok
11:42:18.0291 3228 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:42:18.0552 3228 Msfs - ok
11:42:18.0792 3228 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:42:19.0053 3228 MSKSSRV - ok
11:42:19.0363 3228 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:42:19.0603 3228 MSPCLOCK - ok
11:42:19.0894 3228 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:42:20.0144 3228 MSPQM - ok
11:42:20.0414 3228 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:42:20.0655 3228 mssmbios - ok
11:42:20.0775 3228 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:42:20.0825 3228 Mup - ok
11:42:20.0955 3228 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:42:21.0206 3228 NDIS - ok
11:42:21.0296 3228 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:42:21.0346 3228 NdisTapi - ok
11:42:21.0446 3228 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:42:21.0686 3228 Ndisuio - ok
11:42:21.0786 3228 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:42:22.0037 3228 NdisWan - ok
11:42:22.0137 3228 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:42:22.0187 3228 NDProxy - ok
11:42:22.0287 3228 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:42:22.0497 3228 NetBIOS - ok
11:42:22.0588 3228 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:42:22.0808 3228 NetBT - ok
11:42:23.0008 3228 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:42:23.0249 3228 Npfs - ok
11:42:23.0399 3228 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:42:23.0679 3228 Ntfs - ok
11:42:23.0799 3228 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:42:24.0020 3228 Null - ok
11:42:24.0390 3228 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:42:24.0791 3228 nv - ok
11:42:24.0891 3228 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:42:25.0121 3228 NwlnkFlt - ok
11:42:25.0231 3228 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:42:25.0432 3228 NwlnkFwd - ok
11:42:25.0572 3228 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:42:25.0792 3228 Parport - ok
11:42:25.0872 3228 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:42:26.0053 3228 PartMgr - ok
11:42:26.0123 3228 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:42:26.0343 3228 ParVdm - ok
11:42:26.0433 3228 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:42:26.0623 3228 PCI - ok
11:42:26.0683 3228 PCIDump - ok
11:42:26.0764 3228 PCIIde - ok
11:42:26.0864 3228 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:42:27.0084 3228 Pcmcia - ok
11:42:27.0164 3228 PDCOMP - ok
11:42:27.0244 3228 PDFRAME - ok
11:42:27.0284 3228 PDRELI - ok
11:42:27.0344 3228 PDRFRAME - ok
11:42:27.0395 3228 perc2 - ok
11:42:27.0465 3228 perc2hib - ok
11:42:27.0615 3228 Point32 (60a044879c4fa76314494f5fddc43b93) C:\WINDOWS\system32\DRIVERS\point32.sys
11:42:27.0635 3228 Point32 - ok
11:42:27.0755 3228 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:42:27.0985 3228 PptpMiniport - ok
11:42:28.0116 3228 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:42:28.0346 3228 PSched - ok
11:42:28.0426 3228 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:42:28.0646 3228 Ptilink - ok
11:42:28.0736 3228 ql1080 - ok
11:42:28.0817 3228 Ql10wnt - ok
11:42:28.0887 3228 ql12160 - ok
11:42:28.0947 3228 ql1240 - ok
11:42:29.0027 3228 ql1280 - ok
11:42:29.0127 3228 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:42:29.0337 3228 RasAcd - ok
11:42:29.0447 3228 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:42:29.0678 3228 Rasl2tp - ok
11:42:29.0778 3228 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:42:29.0988 3228 RasPppoe - ok
11:42:30.0078 3228 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:42:30.0319 3228 Raspti - ok
11:42:30.0419 3228 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:42:30.0649 3228 Rdbss - ok
11:42:30.0719 3228 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:42:30.0940 3228 RDPCDD - ok
11:42:31.0050 3228 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:42:31.0270 3228 rdpdr - ok
11:42:31.0400 3228 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:42:31.0450 3228 RDPWD - ok
11:42:31.0560 3228 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:42:31.0801 3228 redbook - ok
11:42:31.0901 3228 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
11:42:31.0971 3228 Revoflt - ok
11:42:32.0091 3228 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:42:32.0312 3228 rtl8139 - ok
11:42:32.0472 3228 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:42:32.0582 3228 Secdrv - ok
11:42:32.0712 3228 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:42:32.0912 3228 serenum - ok
11:42:33.0013 3228 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:42:33.0203 3228 Serial - ok
11:42:33.0313 3228 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:42:33.0523 3228 Sfloppy - ok
11:42:33.0643 3228 Simbad - ok
11:42:33.0734 3228 Sparrow - ok
11:42:33.0794 3228 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:42:33.0994 3228 splitter - ok
11:42:34.0094 3228 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:42:34.0214 3228 sr - ok
11:42:34.0345 3228 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:42:34.0415 3228 Srv - ok
11:42:34.0545 3228 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:42:34.0745 3228 swenum - ok
11:42:34.0825 3228 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:42:35.0025 3228 swmidi - ok
11:42:35.0096 3228 symc810 - ok
11:42:35.0166 3228 symc8xx - ok
11:42:35.0226 3228 sym_hi - ok
11:42:35.0286 3228 sym_u3 - ok
11:42:35.0366 3228 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:42:35.0586 3228 sysaudio - ok
11:42:35.0737 3228 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:42:35.0797 3228 Tcpip - ok
11:42:35.0907 3228 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:42:36.0107 3228 TDPIPE - ok
11:42:36.0207 3228 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:42:36.0407 3228 TDTCP - ok
11:42:36.0488 3228 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:42:36.0708 3228 TermDD - ok
11:42:36.0818 3228 TosIde - ok
11:42:36.0978 3228 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:42:37.0159 3228 Udfs - ok
11:42:37.0229 3228 ultra - ok
11:42:37.0309 3228 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:42:37.0549 3228 Update - ok
11:42:37.0679 3228 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:42:37.0749 3228 USBAAPL - ok
11:42:37.0840 3228 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:42:38.0050 3228 usbehci - ok
11:42:38.0130 3228 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:42:38.0360 3228 usbhub - ok
11:42:38.0470 3228 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:42:38.0681 3228 usbprint - ok
11:42:38.0791 3228 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:42:38.0981 3228 usbscan - ok
11:42:39.0081 3228 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:42:39.0272 3228 USBSTOR - ok
11:42:39.0342 3228 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:42:39.0542 3228 usbuhci - ok
11:42:39.0642 3228 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:42:39.0872 3228 VgaSave - ok
11:42:39.0983 3228 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:42:40.0173 3228 viaagp - ok
11:42:40.0273 3228 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
11:42:40.0323 3228 viaagp1 - ok
11:42:40.0413 3228 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:42:40.0593 3228 ViaIde - ok
11:42:40.0704 3228 videX32 (c147afa614b9925479d47cd173329789) C:\WINDOWS\system32\DRIVERS\videX32.sys
11:42:40.0754 3228 videX32 - ok
11:42:40.0864 3228 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:42:41.0084 3228 VolSnap - ok
11:42:41.0214 3228 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:42:41.0425 3228 Wanarp - ok
11:42:41.0535 3228 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
11:42:41.0565 3228 Wdf01000 - ok
11:42:41.0665 3228 WDICA - ok
11:42:41.0775 3228 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:42:41.0975 3228 wdmaud - ok
11:42:42.0316 3228 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:42:42.0376 3228 WudfPf - ok
11:42:42.0496 3228 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:42:42.0526 3228 WudfRd - ok
11:42:42.0646 3228 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:42:42.0877 3228 \Device\Harddisk0\DR0 - ok
11:42:42.0927 3228 Boot (0x1200) (ae5b9874d0c9036ce7208a5dfeca9b6c) \Device\Harddisk0\DR0\Partition0
11:42:42.0927 3228 \Device\Harddisk0\DR0\Partition0 - ok
11:42:42.0947 3228 ============================================================
11:42:42.0947 3228 Scan finished
11:42:42.0947 3228 ============================================================
11:42:43.0097 3252 Detected object count: 1
11:42:43.0097 3252 Actual detected object count: 1
11:43:25.0708 3252 cmpci ( UnsignedFile.Multi.Generic ) - skipped by user
11:43:25.0708 3252 cmpci ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:43:34.0241 1564 Deinitialize success

kotsi · #4 Příspěvek od **kotsi** » 02 říj 2011 13:02

Uf to je fuska ten soubor c:\windows\Lion Skin Pack mam nainstalovanej a asi to bude delat on,asi pred mesicem se me tohle stalo tak jsem to resil preinstalovanim Win aopet se to stalo.

c:\windows\system32\crypt32.dll
http://www.virustotal.com/file-scan/rep ... 1315947164
c:\windows\system32\comres.dll
http://www.virustotal.com/file-scan/rep ... 1317554397
c:\windows\system32\winlogon.exe
http://www.virustotal.com/file-scan/rep ... 1317554682
c:\windows\system32\sfcfiles.dll
http://www.virustotal.com/file-scan/rep ... 1317554908
c:\windows\system32\ctfmon.exe
http://www.virustotal.com/file-scan/rep ... 1317555528
c:\windows\system32\cscui.dll
http://www.virustotal.com/file-scan/rep ... 1317555246
c:\windows\system32\setupapi.dll
http://www.virustotal.com/file-scan/rep ... 1317555842
c:\windows\system32\advpack.dll
http://www.virustotal.com/file-scan/rep ... 1317556003
C:\WINDOWS\system32\drivers\cmaudio.sys
http://www.virustotal.com/file-scan/rep ... 1317556143

kotsi · #5 Příspěvek od **kotsi** » 02 říj 2011 14:01

Je toho na me moc nevim jesti to je dobre
c:\windows\system32\crypt32.dll
http://www.virustotal.com/file-scan/rep ... 1317558378

11:41:04.0365 1800 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
11:41:04.0465 1800 ============================================================
11:41:04.0465 1800 Current date / time: 2011/10/02 11:41:04.0465
11:41:04.0465 1800 SystemInfo:
11:41:04.0465 1800
11:41:04.0465 1800 OS Version: 5.1.2600 ServicePack: 3.0
11:41:04.0465 1800 Product type: Workstation
11:41:04.0465 1800 ComputerName: PEPA-097E9FD5A8
11:41:04.0465 1800 UserName: Pepa
11:41:04.0465 1800 Windows directory: C:\WINDOWS
11:41:04.0465 1800 System windows directory: C:\WINDOWS
11:41:04.0465 1800 Processor architecture: Intel x86
11:41:04.0465 1800 Number of processors: 1
11:41:04.0465 1800 Page size: 0x1000
11:41:04.0465 1800 Boot type: Normal boot
11:41:04.0465 1800 ============================================================
11:41:05.0517 1800 Initialize success
11:41:54.0157 3228 ============================================================
11:41:54.0157 3228 Scan started
11:41:54.0157 3228 Mode: Manual; SigCheck; TDLFS;
11:41:54.0157 3228 ============================================================
11:41:54.0477 3228 Abiosdsk - ok
11:41:54.0537 3228 abp480n5 - ok
11:41:54.0627 3228 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:41:55.0028 3228 ACPI - ok
11:41:55.0108 3228 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:41:55.0348 3228 ACPIEC - ok
11:41:55.0429 3228 adpu160m - ok
11:41:55.0519 3228 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:41:55.0799 3228 aec - ok
11:41:55.0889 3228 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
11:41:55.0959 3228 AFD - ok
11:41:56.0039 3228 Aha154x - ok
11:41:56.0089 3228 aic78u2 - ok
11:41:56.0140 3228 aic78xx - ok
11:41:56.0370 3228 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
11:41:56.0811 3228 ALCXWDM - ok
11:41:56.0921 3228 AliIde - ok
11:41:57.0021 3228 AmdK7 (3980814f8027d27ea003e2e3d9d4f604) C:\WINDOWS\system32\DRIVERS\amdk7.sys
11:41:57.0311 3228 AmdK7 - ok
11:41:57.0401 3228 amsint - ok
11:41:57.0492 3228 asc - ok
11:41:57.0552 3228 asc3350p - ok
11:41:57.0622 3228 asc3550 - ok
11:41:57.0752 3228 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:41:58.0042 3228 AsyncMac - ok
11:41:58.0122 3228 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:41:58.0463 3228 atapi - ok
11:41:58.0533 3228 Atdisk - ok
11:41:58.0613 3228 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:41:58.0914 3228 Atmarpc - ok
11:41:59.0014 3228 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:41:59.0314 3228 audstub - ok
11:41:59.0434 3228 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:41:59.0725 3228 Beep - ok
11:41:59.0805 3228 catchme - ok
11:41:59.0915 3228 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:42:00.0225 3228 cbidf2k - ok
11:42:00.0316 3228 cd20xrnt - ok
11:42:00.0406 3228 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:42:00.0746 3228 Cdaudio - ok
11:42:00.0836 3228 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:42:01.0147 3228 Cdfs - ok
11:42:01.0267 3228 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:42:01.0567 3228 Cdrom - ok
11:42:01.0647 3228 Changer - ok
11:42:01.0748 3228 CmdIde - ok
11:42:01.0858 3228 cmpci (21d32a883613739d206166ec1ae561f1) C:\WINDOWS\system32\drivers\cmaudio.sys
11:42:01.0918 3228 cmpci ( UnsignedFile.Multi.Generic ) - warning
11:42:01.0918 3228 cmpci - detected UnsignedFile.Multi.Generic (1)
11:42:02.0078 3228 cmuda3 (a0f7d6b070f15ead9f4231b51b246e4c) C:\WINDOWS\system32\drivers\cmudax3.sys
11:42:02.0218 3228 cmuda3 - ok
11:42:02.0328 3228 Cpqarray - ok
11:42:02.0419 3228 dac2w2k - ok
11:42:02.0469 3228 dac960nt - ok
11:42:02.0579 3228 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:42:02.0889 3228 Disk - ok
11:42:03.0009 3228 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:42:03.0380 3228 dmboot - ok
11:42:03.0460 3228 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:42:03.0771 3228 dmio - ok
11:42:03.0861 3228 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:42:04.0181 3228 dmload - ok
11:42:04.0271 3228 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:42:04.0582 3228 DMusic - ok
11:42:04.0682 3228 dpti2o - ok
11:42:04.0762 3228 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:42:05.0042 3228 drmkaud - ok
11:42:05.0193 3228 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:42:05.0493 3228 Fastfat - ok
11:42:05.0613 3228 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:42:05.0904 3228 Fdc - ok
11:42:06.0004 3228 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:42:06.0294 3228 Fips - ok
11:42:06.0394 3228 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:42:06.0675 3228 Flpydisk - ok
11:42:06.0755 3228 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:42:07.0055 3228 FltMgr - ok
11:42:07.0165 3228 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:42:07.0456 3228 Fs_Rec - ok
11:42:07.0556 3228 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:42:07.0826 3228 Ftdisk - ok
11:42:07.0937 3228 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
11:42:08.0227 3228 gameenum - ok
11:42:08.0317 3228 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:42:08.0337 3228 GEARAspiWDM - ok
11:42:08.0417 3228 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:42:08.0698 3228 Gpc - ok
11:42:08.0808 3228 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:42:09.0068 3228 hidusb - ok
11:42:09.0168 3228 hpn - ok
11:42:09.0278 3228 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:42:09.0359 3228 HTTP - ok
11:42:09.0459 3228 i2omgmt - ok
11:42:09.0529 3228 i2omp - ok
11:42:09.0629 3228 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:42:09.0959 3228 i8042prt - ok
11:42:10.0060 3228 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:42:10.0340 3228 Imapi - ok
11:42:10.0440 3228 ini910u - ok
11:42:10.0520 3228 IntelIde - ok
11:42:10.0590 3228 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:42:10.0891 3228 Ip6Fw - ok
11:42:10.0981 3228 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:42:11.0231 3228 IpFilterDriver - ok
11:42:11.0331 3228 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:42:11.0602 3228 IpInIp - ok
11:42:11.0692 3228 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:42:11.0942 3228 IpNat - ok
11:42:12.0042 3228 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:42:12.0373 3228 IPSec - ok
11:42:12.0493 3228 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:42:12.0613 3228 IRENUM - ok
11:42:12.0723 3228 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:42:12.0974 3228 isapnp - ok
11:42:13.0074 3228 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:42:13.0334 3228 Kbdclass - ok
11:42:13.0454 3228 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:42:13.0725 3228 kmixer - ok
11:42:13.0815 3228 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:42:13.0895 3228 KSecDD - ok
11:42:13.0995 3228 lbrtfdc - ok
11:42:14.0165 3228 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:42:14.0456 3228 mnmdd - ok
11:42:14.0566 3228 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:42:14.0846 3228 Modem - ok
11:42:14.0947 3228 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:42:15.0227 3228 Mouclass - ok
11:42:15.0347 3228 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:42:15.0598 3228 mouhid - ok
11:42:15.0738 3228 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:42:16.0028 3228 MountMgr - ok
11:42:16.0289 3228 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:42:16.0319 3228 MpFilter - ok
11:42:16.0549 3228 MpKsl7efec08c - ok
11:42:16.0679 3228 MpKsla3b0f976 - ok
11:42:16.0919 3228 mraid35x - ok
11:42:17.0220 3228 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:42:17.0480 3228 MRxDAV - ok
11:42:17.0821 3228 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:42:17.0931 3228 MRxSmb - ok
11:42:18.0291 3228 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:42:18.0552 3228 Msfs - ok
11:42:18.0792 3228 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:42:19.0053 3228 MSKSSRV - ok
11:42:19.0363 3228 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:42:19.0603 3228 MSPCLOCK - ok
11:42:19.0894 3228 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:42:20.0144 3228 MSPQM - ok
11:42:20.0414 3228 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:42:20.0655 3228 mssmbios - ok
11:42:20.0775 3228 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:42:20.0825 3228 Mup - ok
11:42:20.0955 3228 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:42:21.0206 3228 NDIS - ok
11:42:21.0296 3228 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:42:21.0346 3228 NdisTapi - ok
11:42:21.0446 3228 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:42:21.0686 3228 Ndisuio - ok
11:42:21.0786 3228 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:42:22.0037 3228 NdisWan - ok
11:42:22.0137 3228 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:42:22.0187 3228 NDProxy - ok
11:42:22.0287 3228 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:42:22.0497 3228 NetBIOS - ok
11:42:22.0588 3228 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:42:22.0808 3228 NetBT - ok
11:42:23.0008 3228 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:42:23.0249 3228 Npfs - ok
11:42:23.0399 3228 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:42:23.0679 3228 Ntfs - ok
11:42:23.0799 3228 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:42:24.0020 3228 Null - ok
11:42:24.0390 3228 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:42:24.0791 3228 nv - ok
11:42:24.0891 3228 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:42:25.0121 3228 NwlnkFlt - ok
11:42:25.0231 3228 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:42:25.0432 3228 NwlnkFwd - ok
11:42:25.0572 3228 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:42:25.0792 3228 Parport - ok
11:42:25.0872 3228 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:42:26.0053 3228 PartMgr - ok
11:42:26.0123 3228 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:42:26.0343 3228 ParVdm - ok
11:42:26.0433 3228 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:42:26.0623 3228 PCI - ok
11:42:26.0683 3228 PCIDump - ok
11:42:26.0764 3228 PCIIde - ok
11:42:26.0864 3228 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:42:27.0084 3228 Pcmcia - ok
11:42:27.0164 3228 PDCOMP - ok
11:42:27.0244 3228 PDFRAME - ok
11:42:27.0284 3228 PDRELI - ok
11:42:27.0344 3228 PDRFRAME - ok
11:42:27.0395 3228 perc2 - ok
11:42:27.0465 3228 perc2hib - ok
11:42:27.0615 3228 Point32 (60a044879c4fa76314494f5fddc43b93) C:\WINDOWS\system32\DRIVERS\point32.sys
11:42:27.0635 3228 Point32 - ok
11:42:27.0755 3228 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:42:27.0985 3228 PptpMiniport - ok
11:42:28.0116 3228 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:42:28.0346 3228 PSched - ok
11:42:28.0426 3228 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:42:28.0646 3228 Ptilink - ok
11:42:28.0736 3228 ql1080 - ok
11:42:28.0817 3228 Ql10wnt - ok
11:42:28.0887 3228 ql12160 - ok
11:42:28.0947 3228 ql1240 - ok
11:42:29.0027 3228 ql1280 - ok
11:42:29.0127 3228 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:42:29.0337 3228 RasAcd - ok
11:42:29.0447 3228 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:42:29.0678 3228 Rasl2tp - ok
11:42:29.0778 3228 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:42:29.0988 3228 RasPppoe - ok
11:42:30.0078 3228 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:42:30.0319 3228 Raspti - ok
11:42:30.0419 3228 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:42:30.0649 3228 Rdbss - ok
11:42:30.0719 3228 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:42:30.0940 3228 RDPCDD - ok
11:42:31.0050 3228 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:42:31.0270 3228 rdpdr - ok
11:42:31.0400 3228 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:42:31.0450 3228 RDPWD - ok
11:42:31.0560 3228 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:42:31.0801 3228 redbook - ok
11:42:31.0901 3228 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
11:42:31.0971 3228 Revoflt - ok
11:42:32.0091 3228 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:42:32.0312 3228 rtl8139 - ok
11:42:32.0472 3228 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:42:32.0582 3228 Secdrv - ok
11:42:32.0712 3228 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:42:32.0912 3228 serenum - ok
11:42:33.0013 3228 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:42:33.0203 3228 Serial - ok
11:42:33.0313 3228 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:42:33.0523 3228 Sfloppy - ok
11:42:33.0643 3228 Simbad - ok
11:42:33.0734 3228 Sparrow - ok
11:42:33.0794 3228 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:42:33.0994 3228 splitter - ok
11:42:34.0094 3228 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:42:34.0214 3228 sr - ok
11:42:34.0345 3228 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:42:34.0415 3228 Srv - ok
11:42:34.0545 3228 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:42:34.0745 3228 swenum - ok
11:42:34.0825 3228 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:42:35.0025 3228 swmidi - ok
11:42:35.0096 3228 symc810 - ok
11:42:35.0166 3228 symc8xx - ok
11:42:35.0226 3228 sym_hi - ok
11:42:35.0286 3228 sym_u3 - ok
11:42:35.0366 3228 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:42:35.0586 3228 sysaudio - ok
11:42:35.0737 3228 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:42:35.0797 3228 Tcpip - ok
11:42:35.0907 3228 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:42:36.0107 3228 TDPIPE - ok
11:42:36.0207 3228 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:42:36.0407 3228 TDTCP - ok
11:42:36.0488 3228 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:42:36.0708 3228 TermDD - ok
11:42:36.0818 3228 TosIde - ok
11:42:36.0978 3228 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:42:37.0159 3228 Udfs - ok
11:42:37.0229 3228 ultra - ok
11:42:37.0309 3228 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:42:37.0549 3228 Update - ok
11:42:37.0679 3228 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:42:37.0749 3228 USBAAPL - ok
11:42:37.0840 3228 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:42:38.0050 3228 usbehci - ok
11:42:38.0130 3228 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:42:38.0360 3228 usbhub - ok
11:42:38.0470 3228 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:42:38.0681 3228 usbprint - ok
11:42:38.0791 3228 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:42:38.0981 3228 usbscan - ok
11:42:39.0081 3228 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:42:39.0272 3228 USBSTOR - ok
11:42:39.0342 3228 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:42:39.0542 3228 usbuhci - ok
11:42:39.0642 3228 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:42:39.0872 3228 VgaSave - ok
11:42:39.0983 3228 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:42:40.0173 3228 viaagp - ok
11:42:40.0273 3228 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
11:42:40.0323 3228 viaagp1 - ok
11:42:40.0413 3228 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:42:40.0593 3228 ViaIde - ok
11:42:40.0704 3228 videX32 (c147afa614b9925479d47cd173329789) C:\WINDOWS\system32\DRIVERS\videX32.sys
11:42:40.0754 3228 videX32 - ok
11:42:40.0864 3228 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:42:41.0084 3228 VolSnap - ok
11:42:41.0214 3228 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:42:41.0425 3228 Wanarp - ok
11:42:41.0535 3228 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
11:42:41.0565 3228 Wdf01000 - ok
11:42:41.0665 3228 WDICA - ok
11:42:41.0775 3228 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:42:41.0975 3228 wdmaud - ok
11:42:42.0316 3228 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:42:42.0376 3228 WudfPf - ok
11:42:42.0496 3228 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:42:42.0526 3228 WudfRd - ok
11:42:42.0646 3228 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:42:42.0877 3228 \Device\Harddisk0\DR0 - ok
11:42:42.0927 3228 Boot (0x1200) (ae5b9874d0c9036ce7208a5dfeca9b6c) \Device\Harddisk0\DR0\Partition0
11:42:42.0927 3228 \Device\Harddisk0\DR0\Partition0 - ok
11:42:42.0947 3228 ============================================================
11:42:42.0947 3228 Scan finished
11:42:42.0947 3228 ============================================================
11:42:43.0097 3252 Detected object count: 1
11:42:43.0097 3252 Actual detected object count: 1
11:43:25.0708 3252 cmpci ( UnsignedFile.Multi.Generic ) - skipped by user
11:43:25.0708 3252 cmpci ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:43:34.0241 1564 Deinitialize success

kotsi · #6 Příspěvek od **kotsi** » 02 říj 2011 17:36

Tak to mam
Status: Detected (events: 1)
2.10.2011 15:59:09 Detected adware not-a-virus:AdWare.Win32.Craagle.b C:\Documents and Settings\Pepa\Dokumenty\Dokumenty 2\Aplikace\Cragle\cragle..rar//cragle/Craagle v3.0.exe Medium
Status: Quarantined (events: 2)
2.10.2011 16:04:13 Quarantined unknown threat UDS:DangerousObject.Multi.Generic c:\WINDOWS\system32\clipsrv.exe High
2.10.2011 17:13:57 Quarantined unknown threat UDS:DangerousObject.Multi.Generic C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0016018.exe High
Status: Disinfected (events: 13)
2.10.2011 16:31:42 Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe.vir High
2.10.2011 16:31:43 Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\Java\jre6\bin\jqs.exe.vir High
2.10.2011 16:31:45 Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\Program Files\iPod\bin\iPodService.exe.vir High
2.10.2011 16:31:46 Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\WINDOWS\system32\nvsvc32.exe.vir High
2.10.2011 17:12:04 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015276.exe High
2.10.2011 17:12:09 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015357.exe High
2.10.2011 17:12:09 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015356.exe High
2.10.2011 17:12:11 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015355.exe High
2.10.2011 17:12:28 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015469.exe High
2.10.2011 17:13:24 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015791.exe High
2.10.2011 17:13:25 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015793.exe High
2.10.2011 17:13:26 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015792.exe High
2.10.2011 17:13:26 Disinfected Trojan program Trojan.Win32.Patched.mf C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015794.exe High
Status: Deleted (events: 13)
2.10.2011 17:11:27 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014824.ini High
2.10.2011 17:11:28 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014841.ini High
2.10.2011 17:11:29 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014851.ini High
2.10.2011 17:11:30 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014858.ini High
2.10.2011 17:11:30 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014867.ini High
2.10.2011 17:11:32 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014877.ini High
2.10.2011 17:11:33 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP84\A0014883.ini High
2.10.2011 17:12:17 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP85\A0015384.ini High
2.10.2011 17:13:11 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015499.ini High
2.10.2011 17:13:12 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015526.ini High
2.10.2011 17:13:14 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\System Volume Information\_restore{9D8A0DBE-BEE8-4BB9-8417-274319956D4A}\RP87\A0015612.ini High
2.10.2011 17:19:03 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini High
2.10.2011 17:19:04 Deleted Trojan program Backdoor.Win32.ZAccess.ang C:\WINDOWS\assembly\GAC_MSIL\Desktop(2).ini High

kotsi · #7 Příspěvek od **kotsi** » 02 říj 2011 18:06

Uz je toho na me moc a zacinam se v tom motat promin ale nejsem odbornik pres Pc a nektere tve pokyny moc nechapu ten soubor se uz nenachazi na dicku me oznamyl VirusTotal a nevim kde je karantena AVPtools abych ho mohl zkopirovat zpet

kotsi · #8 Příspěvek od **kotsi** » 02 říj 2011 19:08

Soubor jsem prekopiroval taky zdravim ahoj zitra
Logfile of random's system information tool 1.09 (written by random/random)
Run by Pepa at 2011-10-02 20:03:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 31 GB (40%) free of 76 GB
Total RAM: 767 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:20, on 2.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pepa\Plocha\setup_11.0.0.1245.x01_2011_10_02_15_17.exe
C:\DOCUME~1\Pepa\LOCALS~1\Temp\RarSFX0\8118003.exe
C:\DOCUME~1\Pepa\LOCALS~1\Temp\8079779\8118003.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Pepa\Plocha\RSIT.exe
C:\Program Files\trend micro\Pepa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Lion Skin DB Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [WinRoll] "C:\WINDOWS\Lion Skin Pack\Winroll\winroll.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\Lion Skin Pack\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: _uninst_60002596.lnk = C:\Documents and Settings\Pepa\Local Settings\temp\_uninst_60002596.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6470204602
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6382 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\jvwvpo9x.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 9
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\jvwvpo9x.default\searchplugins\
google-torrent-search.xml
isohunt---bittorrent.xml
scrapetorrentcom.xml
sfd.xml
titulkycom.xml
uloto.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-05-20 736360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-19 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-19 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\Lion Skin DB Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"=Mixer.exe /startup []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinRoll"=C:\WINDOWS\Lion Skin Pack\Winroll\winroll.exe [2006-01-02 15872]
"RocketDock"=C:\WINDOWS\Lion Skin Pack\RocketDock\RocketDock.exe [2007-09-02 495616]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-07-30 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]

C:\Documents and Settings\Pepa\Nabídka Start\Programy\Po spuštění
_uninst_60002596.lnk - C:\Documents and Settings\Pepa\Local Settings\temp\_uninst_60002596.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\MediaMonkey\MediaMonkey (non-skinned).exe"="C:\Program Files\MediaMonkey\MediaMonkey (non-skinned).exe:*:Disabled:MediaMonkey"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE"="C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE:*:Enabled:Microsoft Application Error Reporting"
"C:\WINDOWS\system32\WgaTray.exe"="C:\WINDOWS\system32\WgaTray.exe:*:Enabled:Windows Genuine Advantage Notifications"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-10-02 20:03:12 ----D---- C:\Program Files\trend micro
2011-10-02 20:03:09 ----D---- C:\rsit
2011-10-02 19:57:59 ----A---- C:\WINDOWS\system32\clipsrv.exe
2011-10-02 15:41:04 ----A---- C:\WINDOWS\system32\drivers\60002596.sys
2011-10-02 14:37:45 ----D---- C:\WINDOWS\LastGood
2011-10-02 12:58:59 ----SHD---- C:\RECYCLER
2011-10-02 11:41:04 ----A---- C:\TDSSKiller.2.6.2.0_02.10.2011_11.41.04_log.txt
2011-10-02 11:36:40 ----A---- C:\ComboFix.txt
2011-10-02 11:25:25 ----A---- C:\Boot.bak
2011-10-02 11:25:18 ----RASHD---- C:\cmdcons
2011-10-02 10:30:33 ----ASH---- C:\hiberfil.sys
2011-10-02 10:29:18 ----D---- C:\turbina
2011-10-02 10:22:32 ----A---- C:\WINDOWS\zip.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\SWSC.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\SWREG.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\sed.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\PEV.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\NIRCMD.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\MBR.exe
2011-10-02 10:22:32 ----A---- C:\WINDOWS\grep.exe
2011-10-02 10:22:18 ----D---- C:\WINDOWS\ERDNT
2011-10-02 10:20:28 ----D---- C:\Qoobox
2011-10-02 10:11:25 ----SHD---- C:\WINDOWS\CSC
2011-10-02 09:51:30 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-10-02 09:51:20 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Malwarebytes
2011-10-02 09:50:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-10-02 09:50:19 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-10-02 09:50:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-10-01 23:55:33 ----A---- C:\WINDOWS\ODBC.INI
2011-10-01 23:55:05 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-10-01 23:54:58 ----A---- C:\WINDOWS\system32\AVASTSS.scr
2011-10-01 23:54:58 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-10-01 23:54:56 ----D---- C:\Program Files\Alwil Software
2011-10-01 23:21:04 ----AD---- C:\WINDOWS\VDLL.DLL
2011-10-01 23:21:04 ----AD---- C:\WINDOWS\system32\runouce.exe
2011-10-01 23:21:04 ----AD---- C:\WINDOWS\rundll16.exe
2011-10-01 23:21:04 ----AD---- C:\WINDOWS\RUNDL132.EXE
2011-10-01 23:21:04 ----AD---- C:\WINDOWS\logo1_.exe
2011-10-01 23:21:04 ----AD---- C:\WINDOWS\logo_1.exe
2011-10-01 23:13:50 ----A---- C:\WINDOWS\system32\msvcr80.dll
2011-10-01 23:13:49 ----A---- C:\WINDOWS\system32\msvcp80.dll
2011-10-01 23:13:47 ----A---- C:\WINDOWS\system32\eEmpty.exe
2011-10-01 23:13:45 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2011-10-01 23:13:45 ----A---- C:\WINDOWS\system32\T.COM
2011-10-01 23:13:45 ----A---- C:\WINDOWS\REGEDIT.COM
2011-10-01 23:13:45 ----A---- C:\WINDOWS\R.COM
2011-10-01 23:13:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2011-10-01 22:45:25 ----D---- C:\Documents and Settings\Pepa\Data aplikací\SeriousBit
2011-10-01 22:20:04 ----A---- C:\WINDOWS\system32\tmp.txt
2011-10-01 22:19:50 ----A---- C:\rapport.txt
2011-09-30 16:04:53 ----A---- C:\WINDOWS\system32\AVERM.dll
2011-09-30 16:04:52 ----A---- C:\WINDOWS\system32\AVEQT.dll
2011-09-30 16:04:47 ----D---- C:\Program Files\Ultra Video Converter
2011-09-29 16:34:13 ----A---- C:\WINDOWS\WINCMD.INI
2011-09-29 16:15:19 ----A---- C:\Documents and Settings\Pepa\Data aplikací\RadioStreamPlayer.dat
2011-09-29 16:15:07 ----D---- C:\Documents and Settings\Pepa\Data aplikací\www.TheXSoft.com
2011-09-28 17:27:47 ----D---- C:\Documents and Settings\Pepa\Data aplikací\.kde
2011-09-27 19:26:05 ----A---- C:\WINDOWS\system32\MFC71.DLL
2011-09-26 18:58:03 ----D---- C:\Program Files\MediaMonkey
2011-09-25 21:28:07 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2011-09-25 21:28:07 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2011-09-25 21:26:52 ----D---- C:\Program Files\iPod
2011-09-25 21:26:40 ----D---- C:\Program Files\iTunes
2011-09-25 13:34:51 ----D---- C:\Documents and Settings\Pepa\Data aplikací\vlc
2011-09-25 13:33:49 ----D---- C:\Program Files\VideoLAN
2011-09-25 12:37:14 ----AH---- C:\WINDOWS\system32\mlfcache.dat
2011-09-25 12:05:54 ----D---- C:\Program Files\QuickTime
2011-09-24 11:55:22 ----D---- C:\Program Files\Webteh
2011-09-23 23:07:39 ----D---- C:\Program Files\CDBurnerXP
2011-09-23 12:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-09-23 11:52:38 ----D---- C:\Config.Msi
2011-09-23 09:05:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\MediaMonkey
2011-09-23 09:05:38 ----D---- C:\Documents and Settings\Pepa\Data aplikací\MediaMonkey
2011-09-22 21:01:35 ----D---- C:\Documents and Settings\Pepa\Data aplikací\IrfanView
2011-09-22 17:31:56 ----D---- C:\Program Files\uTorrent
2011-09-22 17:31:13 ----D---- C:\Documents and Settings\Pepa\Data aplikací\uTorrent
2011-09-22 15:08:53 ----D---- C:\Program Files\AveIconifier2
2011-09-21 22:19:41 ----D---- C:\WINDOWS\Sun
2011-09-21 21:52:13 ----D---- C:\Documents and Settings\Pepa\Data aplikací\DivX
2011-09-21 21:52:11 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Media Player Classic
2011-09-21 16:39:46 ----D---- C:\Documents and Settings\Pepa\Data aplikací\myBoard
2011-09-21 15:36:05 ----D---- C:\Documents and Settings\Pepa\Data aplikací\BSplayer PRO
2011-09-21 14:04:03 ----D---- C:\Program Files\Ant Movie Catalog
2011-09-21 13:35:47 ----D---- C:\Documents and Settings\Pepa\Data aplikací\AIMP3
2011-09-21 13:35:38 ----D---- C:\Program Files\AIMP3
2011-09-20 20:56:41 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-09-20 20:56:35 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-09-20 20:56:34 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-09-20 19:10:14 ----A---- C:\WINDOWS\nsreg.dat
2011-09-20 19:10:06 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Mozilla
2011-09-20 19:09:44 ----D---- C:\Program Files\Mozilla Firefox
2011-09-20 18:49:16 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Macromedia
2011-09-20 18:11:59 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Apple Computer
2011-09-20 18:09:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-09-20 18:07:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-09-20 18:06:39 ----D---- C:\Program Files\Apple Software Update
2011-09-20 18:06:25 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2011-09-20 18:06:25 ----A---- C:\WINDOWS\system32\drivers\usbaapl.sys
2011-09-20 18:05:53 ----D---- C:\Program Files\Bonjour
2011-09-20 18:05:35 ----D---- C:\Program Files\Common Files\Apple
2011-09-20 18:05:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-09-20 16:55:56 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-09-20 16:43:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-09-20 16:41:50 ----D---- C:\WINDOWS\ie8updates
2011-09-20 16:34:19 ----HDC---- C:\WINDOWS\ie8
2011-09-20 15:21:27 ----D---- C:\Program Files\Skin Pack
2011-09-20 15:20:04 ----HD---- C:\WINDOWS\Lion Skin Pack
2011-09-20 15:16:42 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Toolbar4
2011-09-20 15:16:34 ----D---- C:\Program Files\Lion Skin DB Toolbar
2011-09-20 12:51:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-09-20 12:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-09-20 12:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-09-20 11:49:40 ----D---- C:\Documents and Settings\Pepa\Data aplikací\ChemTable Software
2011-09-20 11:49:20 ----D---- C:\Program Files\Reg Organizer
2011-09-20 11:30:40 ----D---- C:\Program Files\zabkat
2011-09-20 11:26:50 ----A---- C:\WINDOWS\avisplitter.INI
2011-09-20 11:23:53 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-09-20 11:17:08 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Google
2011-09-20 11:13:43 ----D---- C:\Program Files\CCleaner
2011-09-20 11:12:47 ----D---- C:\Program Files\Google
2011-09-20 10:19:20 ----D---- C:\Program Files\Realtek AC97
2011-09-20 09:42:31 ----D---- C:\Documents and Settings\Pepa\Data aplikací\MiniDm
2011-09-20 09:26:04 ----N---- C:\WINDOWS\system32\difxapi.dll
2011-09-20 09:26:04 ----D---- C:\Program Files\VIA
2011-09-20 09:22:48 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-09-20 09:22:42 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-09-20 09:22:32 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-09-20 09:22:32 ----A---- C:\WINDOWS\system32\drivers\point32.sys
2011-09-20 09:22:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-09-20 09:22:24 ----D---- C:\Program Files\Microsoft IntelliPoint
2011-09-20 09:14:14 ----A---- C:\WINDOWS\system32\ChCfg.exe
2011-09-20 09:14:03 ----RA---- C:\WINDOWS\system32\drivers\alcxwdm.sys
2011-09-20 09:13:48 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2011-09-20 09:13:45 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2011-09-20 09:13:45 ----A---- C:\WINDOWS\soundman.exe
2011-09-20 09:13:44 ----HD---- C:\Program Files\InstallShield Installation Information
2011-09-20 09:13:44 ----A---- C:\WINDOWS\alcupd.exe
2011-09-20 09:13:44 ----A---- C:\WINDOWS\Alcrmv.exe
2011-09-20 09:09:27 ----A---- C:\WINDOWS\system32\CMRMDRV3.exe
2011-09-20 09:07:59 ----A---- C:\WINDOWS\CmiPCIUninstall.exe
2011-09-20 09:07:51 ----A---- C:\WINDOWS\cmudax3.ini
2011-09-20 09:06:59 ----D---- C:\Program Files\C-Media PCI Audio Device
2011-09-20 09:06:59 ----A---- C:\WINDOWS\system32\drivers\cmudax3.sys
2011-09-20 09:06:59 ----A---- C:\WINDOWS\system32\cmudax3.DLL
2011-09-20 08:59:36 ----D---- C:\WINDOWS\nview
2011-09-20 08:59:36 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-09-20 08:59:15 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-09-20 08:58:54 ----D---- C:\Program Files\NVIDIA
2011-09-20 08:30:16 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2011-09-20 08:30:14 ----D---- C:\Program Files\VS Revo Group
2011-09-20 08:29:44 ----D---- C:\Documents and Settings\Pepa\Data aplikací\WinRAR
2011-09-20 08:18:07 ----A---- C:\WINDOWS\mixerdef.ini
2011-09-20 08:16:56 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-09-20 08:16:44 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-09-20 08:16:32 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-09-20 08:16:23 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-09-20 08:16:11 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-09-20 08:16:04 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-09-20 08:15:56 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-09-20 08:15:43 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-09-20 08:15:35 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-09-20 08:15:24 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-09-20 08:15:14 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-09-20 08:14:59 ----A---- C:\WINDOWS\system32\drivers\gameenum.sys
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\system32\drivers\cmaudio.sys
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\system32\cmnprop.dll
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\system32\Audio3D.dll
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\system32\a3d.dll
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\mixer.exe
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\cmuninst.exe
2011-09-20 08:13:04 ----RA---- C:\WINDOWS\cmuninst.dat
2011-09-20 08:13:03 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-09-20 08:13:02 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-09-20 08:12:57 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-09-20 08:12:39 ----N---- C:\WINDOWS\CMAUDIO.INI
2011-09-20 08:12:38 ----D---- C:\Program Files\C-Media
2011-09-20 08:12:30 ----A---- C:\WINDOWS\CMISETUP.INI
2011-09-20 08:12:30 ----A---- C:\WINDOWS\CMCDPLAY.INI
2011-09-20 08:01:26 ----A---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2011-09-20 08:01:23 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-09-20 08:01:00 ----A---- C:\WINDOWS\IsUninst.exe
2011-09-20 07:57:29 ----D---- C:\WINDOWS\system32\Tools
2011-09-20 07:57:21 ----D---- C:\Program Files\Common Files\InstallShield
2011-09-20 00:50:06 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-20 00:42:59 ----D---- C:\WINDOWS\system32\appmgmt
2011-09-20 00:38:28 ----D---- C:\WINDOWS\pss
2011-09-20 00:02:39 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Adobe
2011-09-19 23:56:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-09-19 23:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-09-19 23:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-09-19 23:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-09-19 23:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-09-19 23:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-09-19 23:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-09-19 23:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-09-19 23:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-09-19 23:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-09-19 23:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-09-19 23:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-09-19 23:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-09-19 23:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-09-19 23:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-09-19 23:54:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-09-19 23:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-09-19 23:54:23 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-09-19 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-09-19 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-09-19 23:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-09-19 23:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-09-19 23:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-09-19 23:53:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-09-19 23:53:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-09-19 23:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-09-19 23:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-09-19 23:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-09-19 23:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-09-19 23:52:33 ----D---- C:\WINDOWS\ie7updates
2011-09-19 23:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-09-19 23:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-09-19 23:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676-v2$
2011-09-19 23:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-09-19 23:51:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-09-19 23:51:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-09-19 23:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-09-19 23:51:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-09-19 23:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-09-19 23:51:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-09-19 23:50:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-09-19 23:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-09-19 23:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-09-19 23:50:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-09-19 23:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-09-19 23:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-09-19 23:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-09-19 23:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-09-19 23:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-09-19 23:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-09-19 23:49:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-09-19 23:49:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-09-19 23:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-09-19 23:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-09-19 23:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-09-19 23:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-09-19 23:48:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-09-19 23:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-09-19 23:48:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-19 23:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-09-19 23:48:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-09-19 23:48:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-09-19 23:48:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-09-19 23:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-09-19 23:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-09-19 23:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-09-19 23:47:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-09-19 23:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-09-19 23:47:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-09-19 23:47:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-09-19 23:47:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-09-19 23:47:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-09-19 23:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-09-19 23:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-09-19 23:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-09-19 23:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-09-19 23:46:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-09-19 23:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-09-19 23:46:13 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-09-19 23:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-09-19 23:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-09-19 23:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-09-19 23:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-09-19 23:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-09-19 23:45:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-09-19 23:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-09-19 23:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-09-19 23:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-09-19 23:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2011-09-19 23:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-09-19 23:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-09-19 23:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-09-19 23:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-09-19 23:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-09-19 23:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-09-19 23:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-09-19 23:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-09-19 23:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-09-19 23:43:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-09-19 23:43:12 ----A---- C:\WINDOWS\system32\h323log.txt
2011-09-19 23:42:21 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-09-19 23:42:16 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-09-19 23:42:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2011-09-19 23:42:00 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-09-19 23:41:55 ----A---- C:\WINDOWS\system32\drivers\VIAAGP.SYS
2011-09-19 23:41:38 ----A---- C:\WINDOWS\system32\drivers\RTL8139.sys
2011-09-19 23:41:26 ----A---- C:\WINDOWS\system32\usbui.dll
2011-09-19 23:40:12 ----SHD---- C:\WINDOWS\Installer
2011-09-19 23:40:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-19 23:40:11 ----D---- C:\Program Files\Common Files\ODBC
2011-09-19 23:40:11 ----A---- C:\WINDOWS\ODBCINST.INI
2011-09-19 23:40:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-09-19 23:40:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-09-19 23:40:05 ----RD---- C:\Program Files
2011-09-19 23:40:05 ----D---- C:\Program Files\Common Files
2011-09-19 23:39:54 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2011-09-19 23:39:54 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2011-09-19 23:39:53 ----A---- C:\WINDOWS\system32\irclass.dll
2011-09-19 23:39:53 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-09-19 23:39:53 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-09-19 23:39:52 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-09-19 23:39:52 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-09-19 23:39:49 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-09-19 23:39:49 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-09-19 23:39:49 ----A---- C:\WINDOWS\system32\batt.dll
2011-09-19 23:39:48 ----A---- C:\WINDOWS\system32\storprop.dll
2011-09-19 23:39:48 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-09-19 23:39:39 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-09-19 23:39:34 ----RA---- C:\WINDOWS\SET8.tmp
2011-09-19 23:39:32 ----RA---- C:\WINDOWS\SET4.tmp
2011-09-19 23:39:30 ----RA---- C:\WINDOWS\SET3.tmp
2011-09-19 23:39:25 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-19 23:39:25 ----D---- C:\WINDOWS\system32\CatRoot
2011-09-19 23:39:20 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-19 23:38:46 ----SHD---- C:\System Volume Information
2011-09-19 23:38:46 ----D---- C:\Documents and Settings
2011-09-19 23:38:45 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2011-09-19 23:37:51 ----RASH---- C:\boot.ini
2011-09-19 23:34:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-09-19 23:34:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-19 23:34:33 ----RSD---- C:\WINDOWS\Fonts
2011-09-19 23:34:33 ----RD---- C:\WINDOWS\Web
2011-09-19 23:34:33 ----HD---- C:\WINDOWS\inf
2011-09-19 23:34:33 ----D---- C:\WINDOWS\WinSxS
2011-09-19 23:34:33 ----D---- C:\WINDOWS\WBEM
2011-09-19 23:34:33 ----D---- C:\WINDOWS\twain_32
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Temp
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\wins
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\wbem
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\usmt
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\spool
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\ShellExt
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\Setup
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\ras
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\oobe
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\npp
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\mui
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\inetsrv
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\IME
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\icsxml
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\ias
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\export
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\drivers
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\dhcp
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\cs-cz
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\cs
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\config
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\3com_dmi
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\3076
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\2052
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1054
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1042
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1041
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1037
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1033
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1031
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1029
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1028
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32\1025
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system32
2011-09-19 23:34:33 ----D---- C:\WINDOWS\system
2011-09-19 23:34:33 ----D---- C:\WINDOWS\security
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Resources
2011-09-19 23:34:33 ----D---- C:\WINDOWS\repair
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Provisioning
2011-09-19 23:34:33 ----D---- C:\WINDOWS\pchealth
2011-09-19 23:34:33 ----D---- C:\WINDOWS\PeerNet
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Offline Web Pages
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Network Diagnostic
2011-09-19 23:34:33 ----D---- C:\WINDOWS\mui
2011-09-19 23:34:33 ----D---- C:\WINDOWS\msapps
2011-09-19 23:34:33 ----D---- C:\WINDOWS\msagent
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Media
2011-09-19 23:34:33 ----D---- C:\WINDOWS\L2Schemas
2011-09-19 23:34:33 ----D---- C:\WINDOWS\java
2011-09-19 23:34:33 ----D---- C:\WINDOWS\ime
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Help
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Driver Cache
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Debug
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Cursors
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Connection Wizard
2011-09-19 23:34:33 ----D---- C:\WINDOWS\Config
2011-09-19 23:34:33 ----D---- C:\WINDOWS\AppPatch
2011-09-19 23:34:33 ----D---- C:\WINDOWS\addins
2011-09-19 23:34:33 ----D---- C:\WINDOWS
2011-09-19 23:34:33 ----ASH---- C:\pagefile.sys
2011-09-19 23:20:32 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-09-19 23:11:45 ----D---- C:\Documents and Settings\Pepa\Data aplikací\IEPro
2011-09-19 23:05:36 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-09-19 23:04:13 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-09-19 22:51:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2011-09-19 22:50:35 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-09-19 22:50:34 ----A---- C:\WINDOWS\system32\javaws.exe
2011-09-19 22:50:34 ----A---- C:\WINDOWS\system32\javaw.exe
2011-09-19 22:50:34 ----A---- C:\WINDOWS\system32\java.exe
2011-09-19 22:46:40 ----D---- C:\WINDOWS\system32\PreInstall
2011-09-19 22:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-09-19 22:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-09-19 22:45:37 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-19 22:41:56 ----A---- C:\WINDOWS\system32\wmpns.dll
2011-09-19 22:41:54 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Identities
2011-09-19 22:38:36 ----D---- C:\Documents and Settings\Pepa\Data aplikací\ESET
2011-09-19 22:37:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-09-19 22:37:28 ----N---- C:\WINDOWS\system32\Xpize.scr
2011-09-19 22:37:28 ----N---- C:\WINDOWS\system32\Vista Media.scr
2011-09-19 22:37:28 ----N---- C:\WINDOWS\system32\SolarWinds.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Skyrocket.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\ribbons.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Plasma.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\OpenAL32.dll
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Mystify.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Lattice.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\HypnogenicRain.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Helios.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Flux.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Flocks.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\FieldLines.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Euphoria.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\Cyclone.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\bubbles.scr
2011-09-19 22:37:27 ----N---- C:\WINDOWS\system32\aurora.scr
2011-09-19 22:37:08 ----D---- C:\Program Files\Vista Components
2011-09-19 22:30:41 ----D---- C:\Program Files\MSECache
2011-09-19 22:23:31 ----A---- C:\WINDOWS\system32\msonpmon.dll
2011-09-19 22:21:59 ----D---- C:\Program Files\Microsoft Works
2011-09-19 22:21:14 ----D---- C:\Program Files\Microsoft Visual Studio
2011-09-19 22:21:14 ----D---- C:\Program Files\Common Files\DESIGNER
2011-09-19 22:20:23 ----D---- C:\Program Files\Microsoft.NET
2011-09-19 22:18:24 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-09-19 22:17:36 ----D---- C:\WINDOWS\SHELLNEW
2011-09-19 22:17:09 ----D---- C:\Program Files\Microsoft Office
2011-09-19 22:17:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-09-19 22:16:22 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-09-19 22:16:21 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-09-19 22:16:21 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-09-19 22:16:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-09-19 22:16:20 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-09-19 22:16:20 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-09-19 22:16:20 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-09-19 22:16:19 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-09-19 22:16:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-09-19 22:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-09-19 22:16:18 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-09-19 22:16:18 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-09-19 22:16:18 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-09-19 22:16:17 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-09-19 22:16:17 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-09-19 22:16:17 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-09-19 22:16:17 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-09-19 22:16:17 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-09-19 22:16:16 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-09-19 22:16:16 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-09-19 22:16:15 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-09-19 22:16:14 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-09-19 22:16:14 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-09-19 22:16:12 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-09-19 22:16:11 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-09-19 22:16:11 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-09-19 22:16:11 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-09-19 22:16:10 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-09-19 22:16:10 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-09-19 22:16:10 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-09-19 22:16:10 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-09-19 22:16:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-09-19 22:16:09 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-09-19 22:16:09 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-09-19 22:16:09 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-09-19 22:16:00 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-09-19 22:15:59 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-09-19 22:15:59 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-09-19 22:15:59 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-09-19 22:15:58 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-09-19 22:15:58 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-09-19 22:15:58 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-09-19 22:15:57 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-09-19 22:15:57 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-09-19 22:15:56 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-09-19 22:15:39 ----D---- C:\Program Files\IEPro
2011-09-19 22:15:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-09-19 22:15:11 ----D---- C:\Program Files\WinRAR
2011-09-19 22:14:58 ----D---- C:\Program Files\Windows Defender
2011-09-19 22:14:40 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-09-19 22:12:58 ----D---- C:\Program Files\MSBuild
2011-09-19 22:12:53 ----D---- C:\WINDOWS\system32\XPSViewer
2011-09-19 22:12:47 ----D---- C:\WINDOWS\system32\en-us
2011-09-19 22:12:46 ----D---- C:\Program Files\Reference Assemblies
2011-09-19 22:12:24 ----N---- C:\WINDOWS\system32\spmsg2.dll
2011-09-19 22:11:46 ----RSD---- C:\WINDOWS\assembly
2011-09-19 22:11:16 ----D---- C:\WINDOWS\Microsoft.NET
2011-09-19 22:08:51 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-09-19 22:07:55 ----ASH---- C:\Documents and Settings\Pepa\Data aplikací\desktop.ini
2011-09-19 22:07:54 ----SD---- C:\Documents and Settings\Pepa\Data aplikací\Microsoft
2011-09-19 22:07:54 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Sun
2011-09-19 22:07:54 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Real
2011-09-19 22:07:54 ----D---- C:\Documents and Settings\Pepa\Data aplikací\Notepad++
2011-09-19 22:07:41 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-09-19 22:05:57 ----D---- C:\WINDOWS\SoftwareDistribution
2011-09-19 22:05:46 ----SD---- C:\WINDOWS\system32\Microsoft
2011-09-19 22:05:46 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-09-19 22:05:46 ----D---- C:\WINDOWS\Prefetch
2011-09-19 22:04:18 ----AS---- C:\WINDOWS\bootstat.dat
2011-09-19 22:01:51 ----D---- C:\WINDOWS\system32\xircom
2011-09-19 22:01:51 ----D---- C:\Program Files\xerox
2011-09-19 22:01:51 ----D---- C:\Program Files\microsoft frontpage
2011-09-19 22:01:28 ----D---- C:\Program Files\Total Commander
2011-09-19 22:01:07 ----A---- C:\WINDOWS\system32\unrar.dll
2011-09-19 22:01:07 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2011-09-19 22:01:07 ----A---- C:\WINDOWS\system32\pndx5032.dll
2011-09-19 22:01:07 ----A---- C:\WINDOWS\system32\pndx5016.dll
2011-09-19 22:01:07 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-09-19 22:01:05 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2011-09-19 22:01:05 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-09-19 22:01:05 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-09-19 22:01:04 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2011-09-19 22:01:04 ----A---- C:\WINDOWS\system32\dpl100.dll
2011-09-19 22:01:04 ----A---- C:\WINDOWS\system32\divx.dll
2011-09-19 22:01:03 ----D---- C:\Program Files\K-Lite Codec Pack
2011-09-19 22:01:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2011-09-19 22:01:03 ----A---- C:\WINDOWS\system32\msvcr71.dll
2011-09-19 22:01:03 ----A---- C:\WINDOWS\system32\msvcp71.dll
2011-09-19 21:58:25 ----D---- C:\Program Files\Java
2011-09-19 21:58:24 ----D---- C:\Program Files\Common Files\Java
2011-09-19 21:57:52 ----D---- C:\Program Files\IrfanView
2011-09-19 21:56:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-09-19 21:56:54 ----D---- C:\Program Files\Common Files\Adobe
2011-09-19 21:56:54 ----D---- C:\Program Files\Adobe
2011-09-19 21:55:34 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-09-19 21:55:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2011-09-19 21:55:20 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-09-19 21:55:10 ----RASH---- C:\MSDOS.SYS
2011-09-19 21:55:10 ----RASH---- C:\IO.SYS
2011-09-19 21:55:10 ----A---- C:\WINDOWS\control.ini
2011-09-19 21:54:51 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-09-19 21:53:21 ----HD---- C:\Program Files\WindowsUpdate
2011-09-19 21:53:17 ----D---- C:\Program Files\Online Services
2011-09-19 21:52:49 ----D---- C:\WINDOWS\system32\DirectX
2011-09-19 21:52:39 ----A---- C:\WINDOWS\system32\atrace.dll
2011-09-19 21:52:37 ----A---- C:\WINDOWS\system32\desktop.ini
2011-09-19 21:52:37 ----A---- C:\WINDOWS\desktop.ini
2011-09-19 21:52:29 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-09-19 21:52:27 ----A---- C:\WINDOWS\system32\acctres.dll
2011-09-19 21:52:26 ----D---- C:\Program Files\Common Files\Services
2011-09-19 21:52:22 ----SD---- C:\WINDOWS\Tasks
2011-09-19 21:52:22 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-09-19 21:52:21 ----D---- C:\Program Files\Common Files\MSSoap
2011-09-19 21:52:16 ----D---- C:\WINDOWS\srchasst
2011-09-19 21:52:15 ----D---- C:\WINDOWS\system32\Macromed
2011-09-19 21:52:13 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-09-19 21:52:13 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-09-19 21:52:13 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-09-19 21:52:12 ----A---- C:\WINDOWS\system32\wups.dll
2011-09-19 21:52:12 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-09-19 21:52:12 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-09-19 21:52:12 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-09-19 21:52:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-09-19 21:52:11 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-09-19 21:52:11 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-09-19 21:52:11 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-09-19 21:52:11 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-09-19 21:52:11 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-09-19 21:52:11 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-09-19 21:52:06 ----D---- C:\Program Files\Movie Maker
2011-09-19 21:51:39 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-09-19 21:51:39 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-09-19 21:51:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-09-19 21:51:38 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-09-19 21:51:34 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-09-19 21:51:34 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-09-19 21:51:34 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-09-19 21:51:33 ----D---- C:\WINDOWS\system32\Restore
2011-09-19 21:51:33 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-09-19 21:51:33 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-09-19 21:51:33 ----A---- C:\WINDOWS\system32\srclient.dll
2011-09-19 21:51:33 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-09-19 21:51:32 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-09-19 21:51:32 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-09-19 21:51:32 ----A---- C:\WINDOWS\system32\ils.dll
2011-09-19 21:51:31 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-09-19 21:51:31 ----A---- C:\WINDOWS\system32\msconf.dll
2011-09-19 21:51:31 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-09-19 21:51:28 ----D---- C:\Program Files\NetMeeting
2011-09-19 21:51:28 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-09-19 21:51:28 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-09-19 21:51:26 ----A---- C:\WINDOWS\system32\inetres.dll
2011-09-19 21:51:26 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-09-19 21:51:24 ----D---- C:\Program Files\Outlook Express
2011-09-19 21:51:24 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-09-19 21:51:23 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-09-19 21:51:23 ----A---- C:\WINDOWS\system32\mstask.dll
2011-09-19 21:51:23 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-09-19 21:51:22 ----A---- C:\WINDOWS\system32\isign32.dll
2011-09-19 21:51:22 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-09-19 21:51:22 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-09-19 21:51:14 ----D---- C:\Program Files\Common Files\System
2011-09-19 21:51:11 ----D---- C:\Program Files\Internet Explorer
2011-09-19 21:50:32 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2011-09-19 21:50:22 ----A---- C:\WINDOWS\vbaddin.ini
2011-09-19 21:50:22 ----A---- C:\WINDOWS\vb.ini
2011-09-19 21:50:17 ----D---- C:\WINDOWS\Registration
2011-09-19 21:48:08 ----D---- C:\Program Files\VistaExperience.org
2011-09-19 21:46:17 ----D---- C:\Program Files\Windows Sidebar
2011-09-19 21:46:11 ----D---- C:\Program Files\Windows Media Connect 2
2011-09-19 21:46:10 ----D---- C:\Program Files\Windows Media Player
2011-09-19 21:46:06 ----D---- C:\Program Files\MSN Gaming Zone
2011-09-19 21:46:06 ----A---- C:\WINDOWS\system32\write.exe
2011-09-19 21:45:48 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-09-19 21:45:48 ----A---- C:\WINDOWS\system32\hticons.dll
2011-09-19 21:45:47 ----A---- C:\WINDOWS\system32\avwav.dll
2011-09-19 21:45:47 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-09-19 21:45:47 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-09-19 21:45:46 ----A---- C:\WINDOWS\system32\winchat.exe
2011-09-19 21:45:35 ----A---- C:\WINDOWS\system32\getuname.dll
2011-09-19 21:45:34 ----A---- C:\WINDOWS\system32\charmap.exe
2011-09-19 21:45:34 ----A---- C:\WINDOWS\system32\calc.exe
2011-09-19 21:45:32 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-09-19 21:45:32 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-09-19 21:45:32 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-09-19 21:45:32 ----A---- C:\WINDOWS\system32\tskill.exe
2011-09-19 21:45:32 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-09-19 21:45:32 ----A---- C:\WINDOWS\system32\reset.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\tscon.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\shadow.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\regini.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\msg.exe
2011-09-19 21:45:31 ----A---- C:\WINDOWS\system32\logoff.exe
2011-09-19 21:45:30 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-09-19 21:45:30 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-09-19 21:45:21 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-09-19 21:45:20 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-09-19 21:45:20 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-09-19 21:45:19 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-09-19 21:45:19 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-09-19 21:45:18 ----D---- C:\Program Files\Windows NT
2011-09-19 21:45:18 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-09-19 21:45:18 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-09-19 21:45:16 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-09-19 21:45:16 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-09-19 21:45:16 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-09-19 21:45:16 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-09-19 21:45:16 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-09-19 21:45:16 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-09-19 21:45:15 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-09-19 21:45:15 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-09-19 21:45:14 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-09-19 21:45:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-09-19 21:45:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-09-19 21:45:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-09-19 21:45:14 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-09-19 21:45:14 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-09-19 21:45:13 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-09-19 21:45:12 ----D---- C:\WINDOWS\system32\MsDtc
2011-09-19 21:45:12 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-09-19 21:45:12 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-09-19 21:45:12 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-09-19 21:45:11 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-09-19 21:45:11 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-09-19 21:45:11 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-09-19 21:45:11 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-09-19 21:45:10 ----D---- C:\WINDOWS\system32\Com
2011-09-19 21:45:10 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-09-19 21:45:10 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-09-19 21:45:10 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-09-19 21:45:10 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-09-19 21:45:09 ----A---- C:\WINDOWS\system32\stclient.dll
2011-09-19 21:45:09 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-09-19 21:45:09 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-09-19 21:45:09 ----A---- C:\WINDOWS\system32\colbact.dll
2011-09-19 21:45:09 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-09-19 21:45:09 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-09-19 21:45:08 ----A---- C:\WINDOWS\system32\comuid.dll
2011-09-19 21:45:08 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-09-19 21:45:08 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-09-19 21:45:08 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-09-19 21:45:07 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-09-19 21:45:07 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-09-19 21:44:59 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-09-19 21:44:59 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-09-19 21:44:59 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-09-19 21:44:58 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-09-19 21:44:56 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-09-19 21:44:56 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2011-10-02 11:34:18 ----A---- C:\WINDOWS\system.ini
2011-09-20 19:45:22 ----A---- C:\WINDOWS\win.ini
2011-09-19 21:54:34 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 60002596;60002596; C:\WINDOWS\system32\DRIVERS\60002596.sys [2011-10-02 133208]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-02-11 13976]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R3 catchme;catchme; \??\C:\turbina7954t\catchme.sys []
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-03-18 1512960]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2010-07-21 40848]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 MpKsl7efec08c;MpKsl7efec08c; C:\WINDOWS\system32\drivers\MpKsl7efec08c.sys []
S1 MpKsla3b0f976;MpKsla3b0f976; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EF3F76A4-93D8-460B-9556-4300DE35A2F6}\MpKsla3b0f976.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-01-29 370382]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-09-19 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe []
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

kotsi · #9 Příspěvek od **kotsi** » 03 říj 2011 09:26

Dobre rano tak jsem pripraven na dalsi zatim vypada komp v pohode.

kotsi · #10 Příspěvek od **kotsi** » 03 říj 2011 14:40

Tak mockrat dekuji.

VIRY.CZ

Prosím o pomoc (nejde udělat log HiJack)

Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)

Re: Prosím o pomoc (nejde udělat log HiJack)