Prosim o kontrolu - nejde rozhodit sitovka

[SPKM]

Dostal jsem PC, kde delsi dobu nebyl aktualni antivir a take schazel SP3 u XP
Pri pokusu o aktualizaci na SP3 system hlasil, ze ndis.sys je pouzivany
Po provedeni aktualizace antiviru (avast) tento soubor byl umisten do virove truhly - Virus- Win32:Cutwail-AP(Rtk)
Pak jiz aktualizace na SP3 probehla, ale je problem se sitovkou, ktera nejde nainstalovat, ve spravci zarizeni jsou vsechny sitove adaptery s vykricnikem (zkousel jsem i WiFi sitovku) a v sitovych pripojenich neni zadny adapter
Prikladam log z RSIT
Predem dekuji za pomoc - pokud by to slo co nejdrive budu moc rad, dnes kolem treti hodiny mam pocitac vratit - pokud mozno funkcni

info.txt logfile of random's system information tool 1.09 2012-10-26 08:42:32

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
ABBYY FineReader 7.0 Professional Edition-->MsiExec.exe /I{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Acrobat 7.0 Professional - Czech, Polish, Greek-->msiexec /I {AC76BA86-1033-C740-7760-100000000002}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -maintain plugin
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Ashampoo WinOptimizer Platinum 3-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer Platinum 3\Uninstall\WOP3_Uninstall.exe"
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
AutoCAD 2008 - Český-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-0405-0002-0060B0CE6BBA} /M ACAD
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Bridge Construction Set Demo-->"C:\Program Files\Bridge Construction Set Demo\uninstall.exe"
Canon MP Navigator EX 2.0-->"C:\Program Files\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 2.0\uninst.ini
Canon MP540 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series /L0x0005
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Česká kuchařka-->C:\WINDOWS\IsUn0405.exe -f"e:\jitka programy\recepty\Uninst.isu"
DLL Suite 3.0-->"C:\Program Files\DLLSuite\3.0\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
ICQ7.4-->"C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Lantek Expert-->C:\Program Files\InstallShield Installation Information\{D1C8FB9F-260E-4440-8064-19F7EBE010CE}\setup.exe -runfromtemp -l0x0405
Malwarebytes Anti-Malware verze 1.65.1.1000-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0405-0000-0000000FF1CE}
Microsoft SQL Server 2005 Express Edition-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox 16.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Nero 7 Demo-->MsiExec.exe /I{C75DCDD3-16CB-610E-E121-DEB798A61029}
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)-->"C:\Program Files\ESET\ESET NOD32 Antivirus\unins000.exe"
Oprava Hotfix systému Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RtkXPDashClientInstaller-->MsiExec.exe /I{1AFB6FFA-4696-46B6-A74E-F54F2B22FACA}
Sentinel System Driver-->C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Softarová utilita ATI - Odinstalovat-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
VLC media player 1.1.10-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vypínač na dobrou noc verze 2.0-->"C:\Program Files\Vypínač na dobrou noc\unins000.exe"
WIBU-KEY Setup (WIBU-KEY Remove)-->C:\Program Files\WIBUKEY\Setup\Setup32.exe /R:{00060000-0000-1004-8002-0000C06B5161}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: JITULINKA
Event Code: 62486
Message: Invalid parameters

Record Number: 114476
Source Name: ati2mtag
Time Written: 20121017162616.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 62486
Message: Invalid parameters

Record Number: 114475
Source Name: ati2mtag
Time Written: 20121017162616.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 62486
Message: Invalid parameters

Record Number: 114474
Source Name: ati2mtag
Time Written: 20121017162616.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 62486
Message: Invalid parameters

Record Number: 114473
Source Name: ati2mtag
Time Written: 20121017162616.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 62486
Message: Invalid parameters

Record Number: 114472
Source Name: ati2mtag
Time Written: 20121017162616.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: JITULINKA
Event Code: 17101
Message: (c) 2005 Microsoft Corporation.

Record Number: 51807
Source Name: MSSQLSERVER
Time Written: 20120921161822.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 17069
Message: Microsoft SQL Server 2005 - 9.00.3042.00 (Intel X86)
Feb 9 2007 22:47:07
Copyright (c) 1988-2005 Microsoft Corporation
Express Edition on Windows NT 5.1 (Build 2600: Service Pack 2)


Record Number: 51806
Source Name: MSSQLSERVER
Time Written: 20120921161822.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 105
Message: The service was started.

Record Number: 51805
Source Name: ATI Smart
Time Written: 20120921161818.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 17147
Message: SQL Server is terminating because of a system shutdown. This is an informational message only. No user action is required.

Record Number: 51804
Source Name: MSSQLSERVER
Time Written: 20120919215655.000000+120
Event Type: Informace
User:

Computer Name: JITULINKA
Event Code: 1517
Message: Systém Windows uložil registr uživatele JITULINKA\bobesovci, ale některá z aplikací nebo služeb během odhlášení registr nadále používala. Paměť používaná registrem uživatele nebyla uvolněna. Registr bude uvolněn, jakmile již nebude používán.


To je často způsobeno tím, že jsou služby spuštěny pomocí uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo síťové služby.

Record Number: 51803
Source Name: Userenv
Time Written: 20120919215654.000000+120
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\ESTsoft\ALZip\;C:\Program Files\QuickTime\QTSystem\;C:\SQLEXPRESS\90\Tools\binn\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

[JaRon]

na zaciatok vloz log z TDSSKiller

[SPKM]

09:07:31.0734 2308 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
09:07:31.0781 2308 ============================================================
09:07:31.0781 2308 Current date / time: 2012/10/26 09:07:31.0781
09:07:31.0781 2308 SystemInfo:
09:07:31.0781 2308
09:07:31.0781 2308 OS Version: 5.1.2600 ServicePack: 3.0
09:07:31.0781 2308 Product type: Workstation
09:07:31.0781 2308 ComputerName: JITULINKA
09:07:31.0781 2308 UserName: bobesovci
09:07:31.0781 2308 Windows directory: C:\WINDOWS
09:07:31.0781 2308 System windows directory: C:\WINDOWS
09:07:31.0781 2308 Processor architecture: Intel x86
09:07:31.0781 2308 Number of processors: 2
09:07:31.0781 2308 Page size: 0x1000
09:07:31.0781 2308 Boot type: Normal boot
09:07:31.0781 2308 ============================================================
09:07:32.0718 2308 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:07:32.0734 2308 Drive \Device\Harddisk1\DR5 - Size: 0x1DAC00000 (7.42 Gb), SectorSize: 0x200, Cylinders: 0x3C8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:07:32.0734 2308 ============================================================
09:07:32.0734 2308 \Device\Harddisk0\DR0:
09:07:32.0734 2308 MBR partitions:
09:07:32.0734 2308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
09:07:32.0750 2308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x341D93DB
09:07:32.0750 2308 \Device\Harddisk1\DR5:
09:07:32.0750 2308 MBR partitions:
09:07:32.0750 2308 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xED5800
09:07:32.0750 2308 ============================================================
09:07:32.0781 2308 C: <-> \Device\Harddisk0\DR0\Partition1
09:07:32.0828 2308 E: <-> \Device\Harddisk0\DR0\Partition2
09:07:32.0828 2308 ============================================================
09:07:32.0828 2308 Initialize success
09:07:32.0828 2308 ============================================================
09:07:35.0125 2324 ============================================================
09:07:35.0125 2324 Scan started
09:07:35.0125 2324 Mode: Manual;
09:07:35.0125 2324 ============================================================
09:07:35.0687 2324 ================ Scan system memory ========================
09:07:35.0687 2324 System memory - ok
09:07:35.0687 2324 ================ Scan services =============================
09:07:35.0859 2324 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
09:07:35.0859 2324 Aavmker4 - ok
09:07:35.0859 2324 Abiosdsk - ok
09:07:35.0875 2324 abp480n5 - ok
09:07:35.0906 2324 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:07:35.0906 2324 ACPI - ok
09:07:35.0937 2324 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:07:35.0937 2324 ACPIEC - ok
09:07:35.0984 2324 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:07:35.0984 2324 AdobeFlashPlayerUpdateSvc - ok
09:07:36.0000 2324 adpu160m - ok
09:07:36.0031 2324 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:07:36.0031 2324 aec - ok
09:07:36.0046 2324 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:07:36.0062 2324 AFD - ok
09:07:36.0062 2324 Aha154x - ok
09:07:36.0062 2324 aic78u2 - ok
09:07:36.0062 2324 aic78xx - ok
09:07:36.0093 2324 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:07:36.0093 2324 Alerter - ok
09:07:36.0109 2324 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
09:07:36.0109 2324 ALG - ok
09:07:36.0109 2324 AliIde - ok
09:07:36.0171 2324 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
09:07:36.0203 2324 Ambfilt - ok
09:07:36.0203 2324 amsint - ok
09:07:36.0234 2324 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:07:36.0234 2324 AppMgmt - ok
09:07:36.0250 2324 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:07:36.0250 2324 Arp1394 - ok
09:07:36.0265 2324 asc - ok
09:07:36.0265 2324 asc3350p - ok
09:07:36.0265 2324 asc3550 - ok
09:07:36.0296 2324 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:07:36.0296 2324 aspnet_state - ok
09:07:36.0312 2324 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:07:36.0312 2324 aswFsBlk - ok
09:07:36.0343 2324 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
09:07:36.0343 2324 aswMon2 - ok
09:07:36.0359 2324 [ 982E275D1C5801042FE94209FB0160FB ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
09:07:36.0359 2324 AswRdr - ok
09:07:36.0390 2324 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
09:07:36.0390 2324 aswSnx - ok
09:07:36.0406 2324 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
09:07:36.0421 2324 aswSP - ok
09:07:36.0421 2324 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
09:07:36.0421 2324 aswTdi - ok
09:07:36.0453 2324 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:07:36.0453 2324 AsyncMac - ok
09:07:36.0468 2324 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:07:36.0468 2324 atapi - ok
09:07:36.0468 2324 Atdisk - ok
09:07:36.0500 2324 [ 3E47191DDAFFCDD9B28CBC50FB6499B5 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
09:07:36.0515 2324 Ati HotKey Poller - ok
09:07:36.0531 2324 [ 096C9955485F2B3F910F4C503C318D74 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
09:07:36.0546 2324 ATI Smart - ok
09:07:36.0609 2324 [ E51AA5ADF535C847072C0AED3E642912 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:07:36.0625 2324 ati2mtag - ok
09:07:36.0656 2324 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:07:36.0656 2324 Atmarpc - ok
09:07:36.0687 2324 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:07:36.0687 2324 AudioSrv - ok
09:07:36.0687 2324 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:07:36.0687 2324 audstub - ok
09:07:36.0750 2324 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
09:07:36.0750 2324 Autodesk Licensing Service - ok
09:07:36.0812 2324 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:07:36.0812 2324 avast! Antivirus - ok
09:07:36.0828 2324 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:07:36.0828 2324 Beep - ok
09:07:36.0890 2324 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
09:07:36.0906 2324 BITS - ok
09:07:36.0921 2324 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser C:\WINDOWS\System32\browser.dll
09:07:36.0937 2324 Browser - ok
09:07:36.0937 2324 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:07:36.0953 2324 cbidf2k - ok
09:07:36.0953 2324 cd20xrnt - ok
09:07:36.0968 2324 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:07:36.0968 2324 Cdaudio - ok
09:07:36.0984 2324 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:07:36.0984 2324 Cdfs - ok
09:07:37.0015 2324 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:07:37.0015 2324 Cdrom - ok
09:07:37.0015 2324 Changer - ok
09:07:37.0046 2324 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:07:37.0046 2324 CiSvc - ok
09:07:37.0078 2324 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:07:37.0078 2324 ClipSrv - ok
09:07:37.0093 2324 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:07:37.0125 2324 clr_optimization_v2.0.50727_32 - ok
09:07:37.0125 2324 CmdIde - ok
09:07:37.0125 2324 COMSysApp - ok
09:07:37.0140 2324 Cpqarray - ok
09:07:37.0171 2324 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:07:37.0171 2324 CryptSvc - ok
09:07:37.0171 2324 CrystalSysInfo - ok
09:07:37.0187 2324 dac2w2k - ok
09:07:37.0187 2324 dac960nt - ok
09:07:37.0218 2324 [ C868F3AE15CF71A93F2AA3A32856D839 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:07:37.0250 2324 DcomLaunch - ok
09:07:37.0265 2324 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:07:37.0281 2324 Dhcp - ok
09:07:37.0296 2324 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:07:37.0296 2324 Disk - ok
09:07:37.0296 2324 dmadmin - ok
09:07:37.0359 2324 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:07:37.0390 2324 dmboot - ok
09:07:37.0468 2324 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:07:37.0484 2324 dmio - ok
09:07:37.0500 2324 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:07:37.0500 2324 dmload - ok
09:07:37.0531 2324 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:07:37.0531 2324 dmserver - ok
09:07:37.0562 2324 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:07:37.0562 2324 DMusic - ok
09:07:37.0640 2324 [ 0634B791684B84F4A331F3D3536FEEF8 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:07:37.0656 2324 Dnscache - ok
09:07:37.0703 2324 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:07:37.0750 2324 Dot3svc - ok
09:07:37.0750 2324 dpti2o - ok
09:07:37.0765 2324 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:07:37.0765 2324 drmkaud - ok
09:07:37.0812 2324 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:07:37.0828 2324 EapHost - ok
09:07:37.0859 2324 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:07:37.0859 2324 ERSvc - ok
09:07:37.0859 2324 [ 0C79689B4840EF8EC522598343F26849 ] eusk2par C:\WINDOWS\system32\Drivers\eusk2par.sys
09:07:37.0875 2324 eusk2par - ok
09:07:37.0906 2324 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] Eventlog C:\WINDOWS\system32\services.exe
09:07:37.0921 2324 Eventlog - ok
09:07:37.0953 2324 [ 260C69FD67687B0DC062FC3D31655857 ] EventSystem C:\WINDOWS\system32\es.dll
09:07:37.0968 2324 EventSystem - ok
09:07:38.0000 2324 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:07:38.0000 2324 Fastfat - ok
09:07:38.0046 2324 [ B927443008910B412BEC72FC41C1BAD0 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:07:38.0046 2324 FastUserSwitchingCompatibility - ok
09:07:38.0078 2324 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:07:38.0078 2324 Fdc - ok
09:07:38.0109 2324 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:07:38.0109 2324 Fips - ok
09:07:38.0125 2324 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:07:38.0125 2324 Flpydisk - ok
09:07:38.0171 2324 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:07:38.0171 2324 FltMgr - ok
09:07:38.0203 2324 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:07:38.0203 2324 Fs_Rec - ok
09:07:38.0218 2324 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:07:38.0218 2324 Ftdisk - ok
09:07:38.0218 2324 getPlusHelper - ok
09:07:38.0218 2324 GMSIPCI - ok
09:07:38.0250 2324 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:07:38.0250 2324 Gpc - ok
09:07:38.0281 2324 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:07:38.0296 2324 gusvc - ok
09:07:38.0312 2324 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
09:07:38.0312 2324 HdAudAddService - ok
09:07:38.0343 2324 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:07:38.0343 2324 HDAudBus - ok
09:07:38.0406 2324 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:07:38.0406 2324 helpsvc - ok
09:07:38.0421 2324 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:07:38.0421 2324 HidServ - ok
09:07:38.0437 2324 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:07:38.0437 2324 hidusb - ok
09:07:38.0468 2324 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:07:38.0468 2324 hkmsvc - ok
09:07:38.0468 2324 hpn - ok
09:07:38.0515 2324 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:07:38.0531 2324 HTTP - ok
09:07:38.0546 2324 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:07:38.0562 2324 HTTPFilter - ok
09:07:38.0562 2324 i2omgmt - ok
09:07:38.0562 2324 i2omp - ok
09:07:38.0593 2324 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
09:07:38.0593 2324 i8042prt - ok
09:07:38.0609 2324 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:07:38.0609 2324 Imapi - ok
09:07:38.0656 2324 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:07:38.0656 2324 ImapiService - ok
09:07:38.0671 2324 ini910u - ok
09:07:38.0781 2324 [ EB136D3B2883512DFF677C2FA98309BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:07:38.0828 2324 IntcAzAudAddService - ok
09:07:38.0828 2324 IntelIde - ok
09:07:38.0843 2324 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:07:38.0843 2324 intelppm - ok
09:07:38.0859 2324 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:07:38.0859 2324 Ip6Fw - ok
09:07:38.0875 2324 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:07:38.0875 2324 IpFilterDriver - ok
09:07:38.0890 2324 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:07:38.0890 2324 IpInIp - ok
09:07:38.0921 2324 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:07:38.0937 2324 IpNat - ok
09:07:38.0953 2324 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:07:38.0953 2324 IPSec - ok
09:07:38.0953 2324 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:07:38.0953 2324 IRENUM - ok
09:07:38.0984 2324 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:07:38.0984 2324 isapnp - ok
09:07:39.0031 2324 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
09:07:39.0031 2324 JavaQuickStarterService - ok
09:07:39.0046 2324 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:07:39.0046 2324 Kbdclass - ok
09:07:39.0062 2324 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:07:39.0062 2324 kbdhid - ok
09:07:39.0078 2324 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:07:39.0078 2324 kmixer - ok
09:07:39.0093 2324 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:07:39.0109 2324 KSecDD - ok
09:07:39.0109 2324 laiqbayoilc2os - ok
09:07:39.0140 2324 [ 21920AC69594AB021237054FA728FE46 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:07:39.0156 2324 lanmanserver - ok
09:07:39.0187 2324 [ 5190783F51A2D7A8495202C664D7C963 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:07:39.0203 2324 lanmanworkstation - ok
09:07:39.0203 2324 lbrtfdc - ok
09:07:39.0234 2324 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:07:39.0234 2324 LmHosts - ok
09:07:39.0296 2324 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
09:07:39.0296 2324 McComponentHostService - ok
09:07:39.0312 2324 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:07:39.0328 2324 Messenger - ok
09:07:39.0343 2324 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:07:39.0343 2324 mnmdd - ok
09:07:39.0375 2324 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:07:39.0375 2324 mnmsrvc - ok
09:07:39.0406 2324 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:07:39.0406 2324 Modem - ok
09:07:39.0437 2324 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
09:07:39.0468 2324 Monfilt - ok
09:07:39.0468 2324 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:07:39.0468 2324 Mouclass - ok
09:07:39.0484 2324 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:07:39.0484 2324 mouhid - ok
09:07:39.0515 2324 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:07:39.0515 2324 MountMgr - ok
09:07:39.0531 2324 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:07:39.0531 2324 MozillaMaintenance - ok
09:07:39.0546 2324 mraid35x - ok
09:07:39.0578 2324 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:07:39.0593 2324 MRxDAV - ok
09:07:39.0640 2324 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:07:39.0656 2324 MRxSmb - ok
09:07:39.0671 2324 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:07:39.0671 2324 MSDTC - ok
09:07:39.0687 2324 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:07:39.0687 2324 Msfs - ok
09:07:39.0687 2324 MSIServer - ok
09:07:39.0718 2324 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:07:39.0718 2324 MSKSSRV - ok
09:07:39.0734 2324 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:07:39.0734 2324 MSPCLOCK - ok
09:07:39.0734 2324 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:07:39.0734 2324 MSPQM - ok
09:07:39.0765 2324 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:07:39.0765 2324 mssmbios - ok
09:07:39.0781 2324 MSSQLSERVER - ok
09:07:39.0812 2324 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
09:07:39.0812 2324 MSSQLServerADHelper - ok
09:07:39.0843 2324 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:07:39.0843 2324 Mup - ok
09:07:39.0875 2324 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:07:39.0890 2324 napagent - ok
09:07:39.0890 2324 NDIS - ok
09:07:39.0921 2324 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:07:39.0921 2324 NdisTapi - ok
09:07:39.0953 2324 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:07:39.0953 2324 Ndisuio - ok
09:07:39.0984 2324 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:07:39.0984 2324 NdisWan - ok
09:07:40.0000 2324 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:07:40.0015 2324 NDProxy - ok
09:07:40.0031 2324 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:07:40.0031 2324 NetBIOS - ok
09:07:40.0046 2324 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:07:40.0062 2324 NetBT - ok
09:07:40.0093 2324 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
09:07:40.0109 2324 NetDDE - ok
09:07:40.0109 2324 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:07:40.0109 2324 NetDDEdsdm - ok
09:07:40.0125 2324 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:07:40.0125 2324 Netlogon - ok
09:07:40.0156 2324 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
09:07:40.0171 2324 Netman - ok
09:07:40.0187 2324 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:07:40.0187 2324 NIC1394 - ok
09:07:40.0218 2324 [ AAC97DAB5F8A0573CF10E0EAC42A7724 ] Nla C:\WINDOWS\System32\mswsock.dll
09:07:40.0234 2324 Nla - ok
09:07:40.0234 2324 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:07:40.0250 2324 Npfs - ok
09:07:40.0265 2324 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:07:40.0281 2324 Ntfs - ok
09:07:40.0281 2324 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:07:40.0281 2324 NtLmSsp - ok
09:07:40.0328 2324 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:07:40.0343 2324 NtmsSvc - ok
09:07:40.0359 2324 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:07:40.0359 2324 Null - ok
09:07:40.0375 2324 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:07:40.0390 2324 NwlnkFlt - ok
09:07:40.0390 2324 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:07:40.0390 2324 NwlnkFwd - ok
09:07:40.0406 2324 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:07:40.0406 2324 ohci1394 - ok
09:07:40.0437 2324 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
09:07:40.0437 2324 Parport - ok
09:07:40.0453 2324 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:07:40.0453 2324 PartMgr - ok
09:07:40.0468 2324 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:07:40.0468 2324 ParVdm - ok
09:07:40.0484 2324 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:07:40.0484 2324 PCI - ok
09:07:40.0500 2324 PCIDump - ok
09:07:40.0515 2324 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:07:40.0515 2324 PCIIde - ok
09:07:40.0546 2324 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:07:40.0546 2324 Pcmcia - ok
09:07:40.0546 2324 PDCOMP - ok
09:07:40.0562 2324 PDFRAME - ok
09:07:40.0562 2324 PDRELI - ok
09:07:40.0562 2324 PDRFRAME - ok
09:07:40.0578 2324 perc2 - ok
09:07:40.0578 2324 perc2hib - ok
09:07:40.0609 2324 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] PlugPlay C:\WINDOWS\system32\services.exe
09:07:40.0625 2324 PlugPlay - ok
09:07:40.0625 2324 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:07:40.0625 2324 PolicyAgent - ok
09:07:40.0656 2324 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:07:40.0656 2324 PptpMiniport - ok
09:07:40.0656 2324 Prdntlb - ok
09:07:40.0687 2324 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
09:07:40.0687 2324 prodrv06 - ok
09:07:40.0703 2324 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
09:07:40.0703 2324 prohlp02 - ok
09:07:40.0703 2324 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
09:07:40.0703 2324 prosync1 - ok
09:07:40.0703 2324 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:07:40.0718 2324 ProtectedStorage - ok
09:07:40.0734 2324 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:07:40.0734 2324 PSched - ok
09:07:40.0750 2324 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:07:40.0750 2324 Ptilink - ok
09:07:40.0781 2324 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:07:40.0781 2324 PxHelp20 - ok
09:07:40.0781 2324 ql1080 - ok
09:07:40.0781 2324 Ql10wnt - ok
09:07:40.0796 2324 ql12160 - ok
09:07:40.0796 2324 ql1240 - ok
09:07:40.0796 2324 ql1280 - ok
09:07:40.0812 2324 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:07:40.0812 2324 RasAcd - ok
09:07:40.0843 2324 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:07:40.0859 2324 RasAuto - ok
09:07:40.0875 2324 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:07:40.0875 2324 Rasl2tp - ok
09:07:40.0921 2324 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:07:40.0921 2324 RasMan - ok
09:07:40.0937 2324 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:07:40.0937 2324 RasPppoe - ok
09:07:40.0953 2324 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:07:40.0953 2324 Raspti - ok
09:07:40.0984 2324 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:07:41.0000 2324 Rdbss - ok
09:07:41.0000 2324 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:07:41.0015 2324 RDPCDD - ok
09:07:41.0046 2324 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:07:41.0046 2324 rdpdr - ok
09:07:41.0078 2324 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:07:41.0078 2324 RDPWD - ok
09:07:41.0109 2324 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:07:41.0125 2324 RDSessMgr - ok
09:07:41.0156 2324 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:07:41.0156 2324 redbook - ok
09:07:41.0171 2324 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:07:41.0187 2324 RemoteAccess - ok
09:07:41.0203 2324 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:07:41.0203 2324 RemoteRegistry - ok
09:07:41.0234 2324 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:07:41.0234 2324 RpcLocator - ok
09:07:41.0281 2324 [ C868F3AE15CF71A93F2AA3A32856D839 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:07:41.0296 2324 RpcSs - ok
09:07:41.0312 2324 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:07:41.0328 2324 RSVP - ok
09:07:41.0343 2324 [ C1DD41F6B136D5E50B0C2EB988B8C60B ] RtDash5x C:\WINDOWS\system32\DRIVERS\RtDash5x.sys
09:07:41.0343 2324 RtDash5x - ok
09:07:41.0390 2324 [ A44DC35CCB506F0321CD0976692BC261 ] RTL8192cu C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys
09:07:41.0421 2324 RTL8192cu - ok
09:07:41.0453 2324 [ D41DAB8CBB9F4269D831170B1F193936 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:07:41.0453 2324 RTLE8023xp - ok
09:07:41.0453 2324 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
09:07:41.0468 2324 SamSs - ok
09:07:41.0484 2324 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:07:41.0500 2324 SCardSvr - ok
09:07:41.0531 2324 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:07:41.0546 2324 Schedule - ok
09:07:41.0578 2324 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:07:41.0578 2324 Secdrv - ok
09:07:41.0593 2324 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:07:41.0609 2324 seclogon - ok
09:07:41.0625 2324 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
09:07:41.0625 2324 SENS - ok
09:07:41.0656 2324 [ AEBBA7428A6C40CCE3C5ABDE45190B24 ] Sentinel C:\WINDOWS\System32\Drivers\SENTINEL.SYS
09:07:41.0656 2324 Sentinel - ok
09:07:41.0671 2324 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:07:41.0671 2324 serenum - ok
09:07:41.0703 2324 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:07:41.0703 2324 Serial - ok
09:07:41.0718 2324 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
09:07:41.0718 2324 sfhlp01 - ok
09:07:41.0734 2324 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:07:41.0734 2324 Sfloppy - ok
09:07:41.0781 2324 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:07:41.0796 2324 SharedAccess - ok
09:07:41.0828 2324 [ B927443008910B412BEC72FC41C1BAD0 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:07:41.0843 2324 ShellHWDetection - ok
09:07:41.0843 2324 Simbad - ok
09:07:41.0843 2324 Sparrow - ok
09:07:41.0875 2324 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:07:41.0875 2324 splitter - ok
09:07:41.0906 2324 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:07:41.0921 2324 Spooler - ok
09:07:41.0937 2324 [ 7F1B7C4D446CD3F926AF45B8C48BD593 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
09:07:41.0937 2324 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7F1B7C4D446CD3F926AF45B8C48BD593
09:07:41.0937 2324 sptd ( LockedFile.Multi.Generic ) - warning
09:07:41.0937 2324 sptd - detected LockedFile.Multi.Generic (1)
09:07:41.0984 2324 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:07:41.0984 2324 SQLBrowser - ok
09:07:42.0015 2324 [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:07:42.0015 2324 SQLWriter - ok
09:07:42.0031 2324 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:07:42.0031 2324 sr - ok
09:07:42.0046 2324 srescan - ok
09:07:42.0078 2324 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
09:07:42.0109 2324 srservice - ok
09:07:42.0140 2324 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:07:42.0140 2324 Srv - ok
09:07:42.0156 2324 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:07:42.0171 2324 SSDPSRV - ok
09:07:42.0203 2324 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
09:07:42.0203 2324 StarWindServiceAE - ok
09:07:42.0250 2324 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:07:42.0265 2324 stisvc - ok
09:07:42.0296 2324 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:07:42.0296 2324 swenum - ok
09:07:42.0328 2324 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:07:42.0328 2324 swmidi - ok
09:07:42.0328 2324 SwPrv - ok
09:07:42.0343 2324 symc810 - ok
09:07:42.0343 2324 symc8xx - ok
09:07:42.0343 2324 sym_hi - ok
09:07:42.0343 2324 sym_u3 - ok
09:07:42.0375 2324 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:07:42.0390 2324 sysaudio - ok
09:07:42.0421 2324 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:07:42.0437 2324 SysmonLog - ok
09:07:42.0484 2324 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:07:42.0500 2324 TapiSrv - ok
09:07:42.0546 2324 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:07:42.0562 2324 Tcpip - ok
09:07:42.0578 2324 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:07:42.0578 2324 TDPIPE - ok
09:07:42.0593 2324 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:07:42.0593 2324 TDTCP - ok
09:07:42.0640 2324 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:07:42.0640 2324 TermDD - ok
09:07:42.0687 2324 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
09:07:42.0703 2324 TermService - ok
09:07:42.0718 2324 [ B927443008910B412BEC72FC41C1BAD0 ] Themes C:\WINDOWS\System32\shsvcs.dll
09:07:42.0734 2324 Themes - ok
09:07:42.0765 2324 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:07:42.0765 2324 TlntSvr - ok
09:07:42.0781 2324 TosIde - ok
09:07:42.0796 2324 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:07:42.0812 2324 TrkWks - ok
09:07:42.0828 2324 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:07:42.0828 2324 Udfs - ok
09:07:42.0843 2324 ultra - ok
09:07:42.0890 2324 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:07:42.0890 2324 Update - ok
09:07:42.0953 2324 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
09:07:42.0968 2324 upnphost - ok
09:07:42.0968 2324 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
09:07:42.0984 2324 UPS - ok
09:07:43.0000 2324 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:07:43.0000 2324 usbccgp - ok
09:07:43.0015 2324 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:07:43.0031 2324 usbehci - ok
09:07:43.0046 2324 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:07:43.0046 2324 usbhub - ok
09:07:43.0062 2324 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:07:43.0062 2324 usbprint - ok
09:07:43.0078 2324 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:07:43.0078 2324 usbscan - ok
09:07:43.0093 2324 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:07:43.0093 2324 USBSTOR - ok
09:07:43.0109 2324 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:07:43.0109 2324 usbuhci - ok
09:07:43.0125 2324 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:07:43.0125 2324 VgaSave - ok
09:07:43.0140 2324 ViaIde - ok
09:07:43.0156 2324 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:07:43.0156 2324 VolSnap - ok
09:07:43.0203 2324 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
09:07:43.0218 2324 VSS - ok
09:07:43.0234 2324 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
09:07:43.0265 2324 W32Time - ok
09:07:43.0281 2324 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:07:43.0281 2324 Wanarp - ok
09:07:43.0296 2324 [ DC7F91B2ED24A738C807EA07F298928C ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
09:07:43.0296 2324 wceusbsh - ok
09:07:43.0312 2324 WDC_SAM - ok
09:07:43.0312 2324 WDICA - ok
09:07:43.0328 2324 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:07:43.0328 2324 wdmaud - ok
09:07:43.0359 2324 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:07:43.0390 2324 WebClient - ok
09:07:43.0406 2324 [ AFCEA7939925378F867DDE6AF76F3924 ] WIBUKEY C:\WINDOWS\system32\DRIVERS\WibuKey.sys
09:07:43.0406 2324 WIBUKEY - ok
09:07:43.0453 2324 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:07:43.0468 2324 winmgmt - ok
09:07:43.0500 2324 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
09:07:43.0515 2324 WmdmPmSN - ok
09:07:43.0593 2324 [ 6538D6BDE04B56737FE743C24D4CE83D ] Wmi C:\WINDOWS\System32\advapi32.dll
09:07:43.0625 2324 Wmi - ok
09:07:43.0640 2324 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:07:43.0640 2324 WmiApSrv - ok
09:07:43.0671 2324 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:07:43.0687 2324 wscsvc - ok
09:07:43.0718 2324 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:07:43.0734 2324 wuauserv - ok
09:07:43.0765 2324 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:07:43.0796 2324 WZCSVC - ok
09:07:43.0812 2324 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:07:43.0828 2324 xmlprov - ok
09:07:43.0843 2324 ================ Scan global ===============================
09:07:43.0843 2324 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
09:07:43.0890 2324 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] C:\WINDOWS\system32\winsrv.dll
09:07:43.0921 2324 [ 77A41C497ADB0C96D1E8DF6F71D843C0 ] C:\WINDOWS\system32\winsrv.dll
09:07:43.0968 2324 [ F0D2AE69035092BF22DAD6B50FAB85C2 ] C:\WINDOWS\system32\services.exe
09:07:43.0968 2324 [Global] - ok
09:07:43.0968 2324 ================ Scan MBR ==================================
09:07:43.0984 2324 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
09:07:44.0125 2324 \Device\Harddisk0\DR0 - ok
09:07:44.0125 2324 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR5
09:08:34.0078 2324 \Device\Harddisk1\DR5 - ok
09:08:34.0078 2324 ================ Scan VBR ==================================
09:08:34.0093 2324 [ 9678BCC4D98DE181D6B2088B13CCD64B ] \Device\Harddisk0\DR0\Partition1
09:08:34.0093 2324 \Device\Harddisk0\DR0\Partition1 - ok
09:08:34.0109 2324 [ 7E00B402E5F6A5BF6C66C112EE5EC6CC ] \Device\Harddisk0\DR0\Partition2
09:08:34.0109 2324 \Device\Harddisk0\DR0\Partition2 - ok
09:08:34.0109 2324 [ 5A15FA99C866024E0991319711B15663 ] \Device\Harddisk1\DR5\Partition1
09:08:34.0109 2324 \Device\Harddisk1\DR5\Partition1 - ok
09:08:34.0109 2324 ============================================================
09:08:34.0109 2324 Scan finished
09:08:34.0109 2324 ============================================================
09:08:34.0125 2316 Detected object count: 1
09:08:34.0125 2316 Actual detected object count: 1
09:09:16.0703 2316 sptd ( LockedFile.Multi.Generic ) - skipped by user
09:09:16.0703 2316 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

[JaRon]

toto je OK - vloz log RSIT, ten opacny

[SPKM]

Nerozumim dobre jak "opacny"
RSIT mi udelal jen jeden

Logfile of random's system information tool 1.09 (written by random/random)
Run by bobesovci at 2012-10-26 09:41:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (39%) free of 50 GB
Total RAM: 2047 MB (76% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\bobesovci\Data aplikací\Mozilla\Firefox\Profiles\bhu6xsks.default

prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=panda ... 2_0yatb&p="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\bobesovci\Data aplikací\Mozilla\Firefox\Profiles\bhu6xsks.default\extensions\
2020Player_IKEA@2020Technologies.com
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Documents and Settings\bobesovci\Data aplikací\Mozilla\Firefox\Profiles\bhu6xsks.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2012-06-06 20065936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-04-21 4608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe [2003-08-20 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GroupManager]
C:\Program Files\AVG Anti Virus\groupmanager.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_NT]
C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtkDashClient.exe]
C:\Program Files\Realtek\RtkXPDashClientInstaller\RtkDashClient.exe [2010-12-02 437248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\30982A~1.207\SSSCHE~1.EXE [2011-06-17 272528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^bobesovci^Nabídka Start^Programy^Po spuštění^KvetinkaProzeny.lnk]
C:\Program Files\KvetinkaProzeny\KvetinkaProzeny\KvetinkaProzeny.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-21 122880]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\owzlikti.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\owzlikti.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\konnimym.exe"="C:\WINDOWS\system32\konnimym.exe:*:Enabled:totoo64"
"C:\WINDOWS\system32\tijouwu.exe"="C:\WINDOWS\system32\tijouwu.exe:*:Enabled:totoo64"
"C:\WINDOWS\system32\gagooj.exe"="C:\WINDOWS\system32\gagooj.exe:*:Enabled:totoo64"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\DC++\StrongDC.exe"="C:\Program Files\DC++\StrongDC.exe:*:Disabled:StrongDC++"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSACM.CEGSM"=mobilev.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"SENTINEL"=snti386.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-10-26 09:07:31 ----A---- C:\TDSSKiller.2.8.13.0_26.10.2012_09.07.31_log.txt
2012-10-26 08:53:02 ----D---- C:\WINDOWS\LastGood
2012-10-26 08:42:28 ----D---- C:\rsit
2012-10-26 08:42:28 ----D---- C:\Program Files\trend micro
2012-10-26 08:34:04 ----A---- C:\WINDOWS\system32\ndis.sys
2012-10-26 08:30:53 ----RA---- C:\WINDOWS\system32\RtkCoLDRXP.dll
2012-10-26 08:30:53 ----RA---- C:\WINDOWS\system32\RtkCoInstIIXP.dll
2012-10-26 08:30:53 ----RA---- C:\WINDOWS\system32\drivers\Monfilt.sys
2012-10-26 08:30:53 ----RA---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2012-10-26 08:30:53 ----RA---- C:\WINDOWS\RtlUpd.exe
2012-10-26 08:30:52 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2012-10-26 08:30:52 ----RA---- C:\WINDOWS\ALCMTR.EXE
2012-10-26 08:30:51 ----RA---- C:\WINDOWS\vncutil.exe
2012-10-26 08:30:51 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2012-10-26 08:30:51 ----RA---- C:\WINDOWS\RTLCPL.EXE
2012-10-26 08:30:51 ----RA---- C:\WINDOWS\RtkAudioService.exe
2012-10-26 08:30:50 ----RA---- C:\WINDOWS\SkyTel.exe
2012-10-26 08:30:50 ----RA---- C:\WINDOWS\MicCal.exe
2012-10-26 08:30:49 ----RA---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2012-10-26 08:30:49 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2012-10-26 08:30:48 ----RA---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2012-10-26 07:56:50 ----A---- C:\WINDOWS\system32\drivers\ndis_xp.sys
2012-10-26 07:43:31 ----D---- C:\Program Files\DLLSuite
2012-10-26 07:39:17 ----RA---- C:\WINDOWS\system32\drivers\RTL8192cu.sys
2012-10-26 07:24:30 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys
2012-10-26 07:23:18 ----A---- C:\WINDOWS\OEWABLog.txt
2012-10-26 07:21:55 ----D---- C:\WINDOWS\Prefetch
2012-10-26 07:18:15 ----A---- C:\WINDOWS\setuplog.txt
2012-10-26 07:17:32 ----N---- C:\WINDOWS\system32\smtpapi.dll
2012-10-26 07:17:32 ----N---- C:\WINDOWS\system32\rwnh.dll
2012-10-26 07:17:32 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2012-10-26 07:17:32 ----N---- C:\WINDOWS\system32\comsdupd.exe
2012-10-26 07:17:31 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2012-10-26 07:17:31 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2012-10-26 07:17:31 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2012-10-26 07:17:31 ----N---- C:\WINDOWS\system32\aaclient.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dot3svc.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dot3msm.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dot3api.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dimsroam.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\credssp.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2012-10-26 07:17:30 ----N---- C:\WINDOWS\system32\azroles.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eapsvc.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eapqec.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eappprxy.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eapphost.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eappgnui.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eappcfg.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\eapolqec.dll
2012-10-26 07:17:29 ----N---- C:\WINDOWS\system32\dot3ui.dll
2012-10-26 07:17:28 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2012-10-26 07:17:27 ----N---- C:\WINDOWS\system32\kmsvc.dll
2012-10-26 07:17:27 ----N---- C:\WINDOWS\system32\kbdpash.dll
2012-10-26 07:17:27 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2012-10-26 07:17:27 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2012-10-26 07:17:27 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\napmontr.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\napipsec.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\mssha.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\mmcperf.exe
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\mmcex.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2012-10-26 07:17:26 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2012-10-26 07:17:25 ----N---- C:\WINDOWS\system32\napstat.exe
2012-10-26 07:17:24 ----N---- C:\WINDOWS\system32\qagent.dll
2012-10-26 07:17:24 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2012-10-26 07:17:24 ----N---- C:\WINDOWS\system32\onex.dll
2012-10-26 07:17:24 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\slserv.exe
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\slrundll.exe
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\slgen.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\slextspk.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\slcoinst.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\setupn.exe
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\s3gnb.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\rasqec.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\qutil.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\qcliprov.dll
2012-10-26 07:17:23 ----N---- C:\WINDOWS\system32\qagentrt.dll
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\verclsid.exe
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\tzchange.exe
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\tspkg.dll
2012-10-26 07:17:22 ----N---- C:\WINDOWS\system32\tsgqec.dll
2012-10-26 07:17:21 ----N---- C:\WINDOWS\system32\wmphoto.dll
2012-10-26 07:17:21 ----N---- C:\WINDOWS\system32\wlanapi.dll
2012-10-26 07:17:20 ----N---- C:\WINDOWS\slrundll.exe
2012-10-26 07:15:02 ----D---- C:\WINDOWS\ServicePackFiles
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2012-10-26 07:12:38 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2012-10-26 07:12:37 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2012-10-26 07:12:36 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2012-10-26 07:12:35 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2012-10-26 07:12:34 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2012-10-26 07:12:34 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2012-10-26 07:12:34 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2012-10-26 07:12:34 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2012-10-26 07:12:33 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2012-10-26 07:12:32 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2012-10-26 07:12:31 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2012-10-26 07:11:09 ----A---- C:\WINDOWS\002705_.tmp
2012-10-26 07:06:57 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2012-10-25 15:29:40 ----A---- C:\WINDOWS\system32\RTNUninst32.dll
2012-10-25 15:29:40 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2012-10-25 15:10:01 ----A---- C:\WINDOWS\RtDash5x.sys
2012-10-25 13:32:59 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-10-25 13:32:58 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-10-25 13:32:57 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-10-25 13:32:35 ----A---- C:\WINDOWS\avastSS.scr
2012-10-25 13:32:15 ----D---- C:\Program Files\AVAST Software
2012-10-25 13:32:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-10-25 13:18:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2012-10-25 12:51:42 ----D---- C:\WINDOWS\system32\cs-cz
2012-10-25 12:51:41 ----D---- C:\WINDOWS\system32\cs
2012-10-25 12:51:41 ----D---- C:\WINDOWS\system32\bits
2012-10-25 12:51:41 ----D---- C:\WINDOWS\l2schemas
2012-10-25 12:48:03 ----D---- C:\WINDOWS\network diagnostic
2012-10-25 12:46:45 ----A---- C:\WINDOWS\002704_.tmp
2012-10-25 12:46:44 ----A---- C:\WINDOWS\imsins.BAK
2012-10-25 12:45:46 ----A---- C:\WINDOWS\system32\msxml6r.dll
2012-10-25 12:45:46 ----A---- C:\WINDOWS\system32\msxml6.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\xpob2res.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\xmllite.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmpasf.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmp.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmidx.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\wmerror.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\ir50_32.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2012-10-25 12:45:45 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2012-10-25 12:45:43 ----A---- C:\WINDOWS\system32\drivers\mssmbios.sys
2012-10-25 12:45:43 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2012-10-25 12:45:43 ----A---- C:\WINDOWS\system32\drivers\http.sys
2012-10-25 12:45:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\wups.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\spiisupd.exe
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\secedit.exe
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\pidgen.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\kbdukx.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\extmgr.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\encdec.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\dsprpres.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\drivers\tunmp.sys
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\drivers\amdk7.sys
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\dpcdll.dll
2012-10-25 12:45:42 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\wshbth.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\wscntfy.exe
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\w3ssl.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\smbinst.exe
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\sbeio.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\sbe.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\p2psvc.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\msftedit.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\msdadiag.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\iuengine.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\ieencode.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\httpapi.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\hccoin.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\fwcfg.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\drivers\ip6fw.sys
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\d3d9.dll
2012-10-25 12:45:41 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\xmlprov.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\wscsvc.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\winshfhc.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\winhttp.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\winbrand.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\twext.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\systeminfo.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\strmfilt.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\spnpinst.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\schtasks.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\powercfg.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\p2p.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\openfiles.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\mssap.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdno1.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdinben.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\gpresult.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\fsquirt.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\fltmc.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\eventcreate.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\encapi.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\drivers\sffp_sd.sys
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\drivers\sffdisk.sys
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\driverquery.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\cdm.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\btpanui.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\bthserv.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\bthci.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\blastcln.exe
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-10-25 12:45:40 ----A---- C:\WINDOWS\system32\auditusr.exe
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\gptext.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\gpedit.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\getmac.exe
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\fdeploy.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\fde.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\efsadu.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\cipher.exe
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\bootcfg.exe
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\appmgr.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\appmgmts.dll
2012-10-25 12:45:39 ----A---- C:\WINDOWS\system32\adsnw.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\wsecedit.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\tracerpt.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\tlntsess.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\tasklist.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\taskkill.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\rsnotify.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\proxycfg.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\nwwks.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\nwapi32.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\ntbackup.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqutil.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqtrig.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqsvc.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqsnap.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqsec.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqrt.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqqm.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqoa.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqise.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqdscli.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqbkup.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\mqad.dll
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\logman.exe
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\drivers\nwrdr.sys
2012-10-25 12:45:38 ----A---- C:\WINDOWS\system32\drivers\mqac.sys
2012-10-25 12:45:32 ----A---- C:\WINDOWS\winhlp32.exe
2012-10-25 12:45:32 ----A---- C:\WINDOWS\twain_32.dll
2012-10-25 12:45:32 ----A---- C:\WINDOWS\regedit.exe
2012-10-25 12:45:32 ----A---- C:\WINDOWS\hh.exe
2012-10-25 12:45:32 ----A---- C:\WINDOWS\explorer.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\browser.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\browselc.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\blackbox.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\bidispl.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\batt.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\batmeter.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\basesrv.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\avifil32.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\autolfn.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\autofmt.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\authz.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\audiosrv.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\attrib.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\atmlib.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\atmfd.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\atmadm.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\atl.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\at.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\asycfilt.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\asferror.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\apphelp.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\amstream.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\alrsvc.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\alg.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\ahui.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\advpack.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\adsnt.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\adsmsext.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\adsldpc.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\adsldp.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\admparse.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\actxprxy.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\actmovie.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\activeds.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\aclui.dll
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-10-25 12:45:31 ----A---- C:\WINDOWS\system32\6to4svc.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\cewmdm.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\certmgr.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\certcli.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\cdosys.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\cdfview.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\capesnpn.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\camocx.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\cabview.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\cabinet.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\browsewm.dll
2012-10-25 12:45:30 ----A---- C:\WINDOWS\system32\browseui.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\ctfmon.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\csrss.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cscui.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cscript.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cscdll.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cryptui.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cryptnet.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cryptext.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cryptdll.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\crypt32.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\credui.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\corpol.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\conime.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\confmsp.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\comuid.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\comres.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\compstui.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\compatui.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\colbact.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmutil.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmstp.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmmon32.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmdl32.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmdial32.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\clusapi.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\clipsrv.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cliconfg.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cliconfg.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cisvc.exe
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\ciodm.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cic.dll
2012-10-25 12:45:29 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\filemgmt.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\feclient.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\faultrep.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\exts.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\extrac32.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\expsrv.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\eventlog.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\eudcedit.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\esent.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\es.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\ersvc.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\els.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dxmasf.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dxdiag.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dx8vb.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dx7vb.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dwwin.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\duser.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dumprep.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dswave.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsuiext.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dssenh.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dssec.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsquery.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsprop.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsound3d.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsound.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dskquoui.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dskquota.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dsdmo.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\ds32gt.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\drprov.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\drmstor.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\drmclien.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpvvox.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpvoice.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpvacm.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpnet.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dplayx.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\docprop2.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dnsapi.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmutil.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmusic.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmsynth.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmstyle.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmserver.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmscript.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmremote.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmloader.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmime.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmcompos.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmband.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dmadmin.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dllhost.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dispex.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\diskpart.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\diskcopy.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dinput8.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dinput.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\digest.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\diantz.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dgnet.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dfrgui.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\devmgr.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\devenum.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\defrag.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\ddrawex.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\ddraw.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\ddeshare.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dciman32.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dbghelp.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\davclnt.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\datime.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\dataclen.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\danim.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\d3dim700.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2012-10-25 12:45:28 ----A---- C:\WINDOWS\system32\d3d8.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\msconf.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mscms.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\msasn1.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\msapsspc.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\msafd.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\msacm32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mprdim.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mprapi.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mpr.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\moricons.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\more.com
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\modemui.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mobsync.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mobsync.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mmcshext.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mmcbase.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mmc.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mlang.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mimefilt.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\miglibnt.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\midimap.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mfc42u.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mfc42.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mfc40u.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mf3216.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mdminst.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mciwave.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mciseq.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mciavi32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\mcastmib.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\makecab.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\magnify.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\lsass.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\lprhelp.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\lpk.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\logonui.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\logon.scr
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\logagent.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\localui.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\localsec.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\loadperf.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\lmrt.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\linkinfo.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\licmgr10.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\licdll.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\laprxy.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\keymgr.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\kerberos.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\kd1394.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\kbdnec.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\jsproxy.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\jscript.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\jgpl400.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\jgdw400.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ixsso.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\itss.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\itircl.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\isign32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipxwan.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipxroute.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipv6.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ippromon.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipmontr.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ipconfig.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inseng.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\input.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\initpki.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inetres.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inetppui.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inetpp.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inetmib1.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\imm32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\imgutil.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\imeshare.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\imapi.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ils.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ifmon.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iexpress.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iesetup.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iernonce.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iepeers.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ieaksie.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ieakeng.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\idq.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\icmp.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\icm32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iccvid.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\iasrad.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\htui.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hotplug.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hlink.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hid.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\hhsetup.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\help.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\h323msp.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\grpconv.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\glu32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\gdi32.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\framebuf.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\forcedos.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\fontview.exe
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\fontsub.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\fontext.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2012-10-25 12:45:27 ----A---- C:\WINDOWS\system32\findstr.exe
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msvcp60.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msvcirt.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msutb.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mstime.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mstext40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mstask.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msscp.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msrle32.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msrepl40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msrating.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msprivs.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mspmsp.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mspbde40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mspatcha.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msorcl32.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msorc32r.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msnsspc.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msnetobj.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msltus40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mslbui.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msjtes40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msjter40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msjint40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msjet40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msimtf.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msimg32.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msieftp.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msidle.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msident.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mshtmler.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\mshta.exe
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msgina.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msexch40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msexcl40.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdmo.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msdart.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msctfp.dll
2012-10-25 12:45:26 ----A---- C:\WINDOWS\system32\msctf.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\qasf.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pstorec.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\psbase.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\psapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\proquota.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\progman.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\profmap.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\powrprof.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\polstore.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pngfilt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pjlmon.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ping.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pid.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\photowiz.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\perfproc.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\perfos.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\perfnet.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\perfmon.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\perfdisk.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pdh.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\pautoenr.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\packager.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\osuninst.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\osk.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\opengl32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\olepro32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\oleprn.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\oledlg.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\olecli32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ole32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\offfilt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odtext32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odpdx32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odfox32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odexl32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\oddbse32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbctrac.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcji32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcint.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbccu32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbccr32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbccp32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcconf.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcconf.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbcad32.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\odbc32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ocmanage.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\occache.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\objsel.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\oakley.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntshrui.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntmarta.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntlanman.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\npptools.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\notepad.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nlhtml.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\newdev.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netui1.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netui0.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netstat.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netshell.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netsh.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netsetup.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netrap.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netplwiz.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netman.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netid.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netdde.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netcfgx.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netapi32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\net1.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\net.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nddenb32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nddeapir.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nddeapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\narrator.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mydocs.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxclu.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msyuv.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxml3.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxml2.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxml.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxbde40.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswstr10.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswsock.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswmdm.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswdat10.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msw3prt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvidctl.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvfw32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvcrt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\notepad.exe

[SPKM]

Cele se to nevlezlo, posilam zbytek
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\notepad.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nlhtml.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\newdev.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netui1.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netui0.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netstat.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netshell.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netsh.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netsetup.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netrap.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netplwiz.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netman.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netid.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netdde.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netcfgx.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\netapi32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\net1.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\net.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nddenb32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nddeapir.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\nddeapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\narrator.exe
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mydocs.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mtxclu.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msyuv.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxml3.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxml2.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxml.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msxbde40.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswstr10.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswsock.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswmdm.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\mswdat10.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msw3prt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvidctl.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvfw32.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\system32\msvcrt.dll
2012-10-25 12:45:25 ----A---- C:\WINDOWS\notepad.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\spoolsv.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\spoolss.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\spider.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sort.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\snmpapi.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\slbiop.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\slayerxp.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\skeys.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sigverif.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sigtab.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shutdown.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shsvcs.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shscrap.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shrpubw.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shmgrate.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shmedia.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shlwapi.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shimgvw.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shimeng.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shgina.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shfolder.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shell32.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shdocvw.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\shdoclc.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sfc_os.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sfc.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\setup.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sethc.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sensapi.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sens.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sendmail.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\security.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\secur32.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\seclogon.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sdbinst.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\scrrun.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\scrobj.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\scrnsave.scr
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\scesrv.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\scecli.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\sccsccp.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\scarddlg.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\runonce.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rundll32.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rtutils.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rtcshare.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rsmps.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rsh.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rsaenh.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rpcss.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\riched20.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rexec.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\resutils.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\regwizc.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\regsvr32.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\regsvc.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\regapi.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\reg.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdpdd.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rcp.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rcimlby.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rastls.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rassapi.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rasppp.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rasphone.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rasmans.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\raschap.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\query.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\quartz.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qedwipes.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qedit.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qdvd.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qdv.dll
2012-10-25 12:45:24 ----A---- C:\WINDOWS\system32\qcap.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wmasf.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wmadmod.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wlnotify.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wldap32.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winver.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wintrust.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winsta.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winsrv.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winscard.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winrnr.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winntbbu.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winmm.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winlogon.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\winipsec.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wininet.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiavideo.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiashext.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiaservc.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiascr.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiadss.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiadefui.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wextract.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\webvw.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\webcheck.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\webclnt.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wdigest.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\wavemsp.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\watchdog.sys
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\w32time.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\vssvc.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\vssapi.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\version.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\verifier.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\vdmredir.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\vbajet32.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\uxtheme.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\utilman.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\usp10.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\userenv.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\user32.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\usbui.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\usbmon.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\url.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ups.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\upnpui.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\upnphost.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\upnpcont.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\upnp.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\uniplat.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\unimdmat.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\umandlg.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\udhisapi.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\txflog.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tsddd.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\trkwks.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tree.com
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tracert.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tourstart.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\themeui.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\termmgr.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\telnet.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tcpmon.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tcpmib.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\taskmgr.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tapisrv.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tapi32.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\tapi3.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\t2embed.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\syncui.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\synceng.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sxs.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\svchost.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\strmdll.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\storprop.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\stobject.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\stimon.exe
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sti_ci.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sti.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\stclient.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sstext3d.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssstars.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sspipes.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssmyst.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssmypics.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssmarque.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssflwbox.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ssbezier.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\ss3dfo.scr
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\srclient.dll
2012-10-25 12:45:23 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\zipfldr.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\xcopy.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\xactsrv.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wstdecod.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wsock32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wshrm.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wship6.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wshext.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wshcon.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wscript.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ws2help.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ws2_32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wpabaln.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wow32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmvcore.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmstream.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmpui.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmpshell.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmploc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmpcore.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmpcd.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmnetmgr.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmi.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wmdmps.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\wkssvc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\win32spl.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\win32k.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\userinit.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\untfs.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ulib.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\syssetup.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\srvsvc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\smss.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\schannel.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\setupapi.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\services.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\scardsvr.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\savedump.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\samsrv.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\samlib.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\rshx32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\rastapi.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\rasman.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\rasdlg.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\rasauto.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\rasapi32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\printui.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\perfctrs.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\olecnv32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\oleaut32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\nwprovau.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ntvdm.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ntprint.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ntdll.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\nslookup.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\msv1_0.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\locator.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\localspl.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\kernel32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\ftp.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\format.com
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\p3.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ohci1394.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\modem.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\mf.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\imapi.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\fips.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\fdc.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\dxg.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\crusoe.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\amdk6.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\drivers\1394bus.sys
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\comctl32.dll
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\cmd.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\cacls.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\autochk.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2012-10-25 12:45:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\HAL.DLL
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\vga.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\update.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\tdi.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\tape.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\swenum.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\stream.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\psched.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2012-10-25 12:45:21 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2012-10-25 12:23:11 ----A---- C:\WINDOWS\ntbtlog.txt
2012-10-25 11:52:20 ----D---- C:\Documents and Settings\bobesovci\Data aplikací\Malwarebytes
2012-10-25 11:51:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-10-25 11:51:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-10-25 11:51:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-10-25 11:22:43 ----D---- C:\WINDOWS\pss
2012-10-25 10:59:09 ----D---- C:\WINDOWS\system32\NtmsData
2012-10-24 17:09:09 ----D---- C:\Documents and Settings\bobesovci\Data aplikací\TeamViewer
2012-10-22 23:23:51 ----D---- C:\Program Files\Mozilla Firefox
2012-10-09 18:41:56 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2012-10-09 18:41:44 ----D---- C:\Program Files\pdfsam

======List of files/folders modified in the last 1 month======

2012-10-26 09:41:34 ----A---- C:\WINDOWS\wincmd.ini
2012-10-26 09:07:32 ----D---- C:\WINDOWS\system32\drivers
2012-10-26 08:53:02 ----D---- C:\WINDOWS
2012-10-26 08:53:02 ----AD---- C:\WINDOWS\Temp
2012-10-26 08:52:55 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-26 08:52:53 ----D---- C:\Program Files\Realtek
2012-10-26 08:52:48 ----HD---- C:\Program Files\InstallShield Installation Information
2012-10-26 08:42:28 ----RD---- C:\Program Files
2012-10-26 08:34:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-10-26 08:34:04 ----D---- C:\WINDOWS\system32
2012-10-26 08:32:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-10-26 08:30:53 ----D---- C:\WINDOWS\system32\RTCOM
2012-10-26 08:30:45 ----HD---- C:\WINDOWS\inf
2012-10-26 07:26:16 ----D---- C:\WINDOWS\system32\CatRoot
2012-10-26 07:23:24 ----SHD---- C:\WINDOWS\Installer
2012-10-26 07:23:06 ----D---- C:\WINDOWS\Debug
2012-10-26 07:21:23 ----D---- C:\WINDOWS\system32\Setup
2012-10-26 07:21:23 ----D---- C:\WINDOWS\AppPatch
2012-10-26 07:21:22 ----D---- C:\WINDOWS\system32\wbem
2012-10-26 07:21:21 ----RSD---- C:\WINDOWS\Fonts
2012-10-26 07:20:31 ----D---- C:\WINDOWS\security
2012-10-26 07:17:51 ----D---- C:\WINDOWS\WinSxS
2012-10-26 07:17:47 ----D---- C:\Program Files\Messenger
2012-10-26 07:17:45 ----D---- C:\Program Files\Windows Media Player
2012-10-26 07:17:43 ----D---- C:\WINDOWS\Help
2012-10-26 07:17:33 ----D---- C:\WINDOWS\ehome
2012-10-26 07:17:32 ----D---- C:\WINDOWS\system32\inetsrv
2012-10-26 07:17:32 ----D---- C:\WINDOWS\ime
2012-10-26 07:17:20 ----D---- C:\WINDOWS\system32\usmt
2012-10-26 07:17:19 ----D---- C:\WINDOWS\PeerNet
2012-10-26 07:17:19 ----D---- C:\Program Files\Internet Explorer
2012-10-26 07:17:18 ----D---- C:\Program Files\Movie Maker
2012-10-26 07:14:51 ----D---- C:\WINDOWS\system32\Restore
2012-10-26 07:14:51 ----D---- C:\WINDOWS\system32\npp
2012-10-26 07:14:50 ----D---- C:\WINDOWS\msagent
2012-10-26 07:14:48 ----D---- C:\WINDOWS\srchasst
2012-10-26 07:14:47 ----D---- C:\Program Files\NetMeeting
2012-10-26 07:14:45 ----D---- C:\WINDOWS\system32\Com
2012-10-26 07:14:42 ----D---- C:\Program Files\Windows NT
2012-10-26 07:14:42 ----D---- C:\Program Files\Outlook Express
2012-10-26 07:14:39 ----D---- C:\Program Files\Common Files\System
2012-10-26 07:14:18 ----D---- C:\WINDOWS\system32\oobe
2012-10-26 07:14:17 ----D---- C:\WINDOWS\system
2012-10-26 07:11:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-10-25 13:32:56 ----SD---- C:\WINDOWS\Tasks
2012-10-25 13:05:46 ----D---- C:\Documents and Settings
2012-10-25 12:10:48 ----RD---- C:\WINDOWS\Offline Web Pages
2012-10-25 12:03:41 ----D---- C:\Program Files\Common Files
2012-10-25 11:21:20 ----D---- C:\Documents and Settings\bobesovci\Data aplikací\Winamp
2012-10-25 11:21:17 ----D---- C:\Documents and Settings\bobesovci\Data aplikací\uTorrent
2012-10-25 11:21:17 ----D---- C:\Documents and Settings\bobesovci\Data aplikací\Skype
2012-10-25 11:19:43 ----D---- C:\WINDOWS\Minidump
2012-10-25 11:01:40 ----D---- C:\WINDOWS\repair
2012-10-25 11:01:36 ----D---- C:\WINDOWS\Registration
2012-10-23 22:51:21 ----A---- C:\WINDOWS\NeroDigital.ini
2012-10-23 17:17:35 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-10-09 18:30:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-21 716272]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 eusk2par;Aladdin SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2008-05-15 72704]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-21 2843136]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2012-06-12 6138512]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys []
S1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-07-03 35928]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
S2 RtDash5x;Realtek NDIS Protocol Driver for Dash; C:\WINDOWS\system32\DRIVERS\RtDash5x.sys [2010-05-24 22528]
S2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2008-05-15 76288]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aqwfww7w;aqwfww7w; C:\WINDOWS\system32\drivers\aqwfww7w.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192cu.sys [2010-08-06 907496]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2012-10-04 369552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-12-22 104064]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S4 Prdntlb;Prdntlb; C:\WINDOWS\system32\drivers\Prdntlb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-21 512000]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-12-20 593920]
S2 laiqbayoilc2os;SmartLinkService; C:\WINDOWS\system32\rourycawak.exe []
S2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\SQLEXPRESS\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-05-15 29178224]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-03-20 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-22 115168]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-05-15 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-05-15 242544]

-----------------EOF-----------------

[JaRon]

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
laiqbayoilc2os

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[SPKM]

Nyni se dostanu pouze do nouzoveho rezimu
Na 99% je to zpusobeni tim, ze se obnovil soubor ndis.sys (uz jsem to zokusel drive i rucne - po jeho smaznuti pak okna najedou i normalne...)

ComboFix 12-10-25.02 - bobesovci 26.10.2012 10:10:36.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1424 [GMT 2:00]
Spuštěný z: c:\documents and settings\bobesovci\Plocha\ComboFix.exe
Použité ovládací přepínače :: g:\avir\Combo\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
c:\windows\system32\drivers\ndis.sys chyběl.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\ndis.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_LAIQBAYOILC2OS
-------\Service_laiqbayoilc2os
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-26 do 2012-10-26 )))))))))))))))))))))))))))))))
.
.
2012-10-26 08:14 . 2008-04-13 22:50 182656 -c--a-w- c:\windows\system32\dllcache\ndis.sys
2012-10-26 06:53 . 2012-10-26 06:53 -------- d-----w- c:\windows\LastGood.Tmp
2012-10-26 06:42 . 2012-10-26 06:42 -------- d-----w- C:\rsit
2012-10-26 06:42 . 2012-10-26 06:42 -------- d-----w- c:\program files\trend micro
2012-10-26 06:34 . 2012-10-26 06:32 211072 ----a-w- c:\windows\system32\ndis.sys
2012-10-26 05:56 . 2008-04-13 22:50 182656 ----a-w- c:\windows\system32\drivers\ndis_xp.sys
2012-10-26 05:43 . 2012-10-26 05:43 -------- d-----w- c:\program files\DLLSuite
2012-10-26 05:39 . 2010-08-06 06:45 907496 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys
2012-10-26 05:24 . 2012-10-04 19:16 369552 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
2012-10-26 05:14 . 2008-04-14 06:52 294912 ------w- c:\program files\Windows Media Player\dlimport.exe
2012-10-26 05:14 . 2008-04-14 06:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2012-10-26 05:11 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002705_.tmp
2012-10-25 13:29 . 2011-12-12 15:06 80488 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-10-25 13:29 . 2010-09-23 13:46 102416 ----a-w- c:\windows\system32\RTNUninst32.dll
2012-10-25 13:10 . 2010-05-24 12:16 22528 ----a-w- c:\windows\RtDash5x.sys
2012-10-25 11:32 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-25 11:32 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-25 11:32 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-25 11:32 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-10-25 11:32 . 2012-10-25 11:32 -------- d-----w- c:\program files\AVAST Software
2012-10-25 11:32 . 2012-10-25 11:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-10-25 11:18 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-10-25 11:05 . 2012-10-25 11:05 -------- d-----w- c:\documents and settings\Administrator
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\system32\cs-cz
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\system32\cs
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\system32\bits
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\l2schemas
2012-10-25 10:46 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002704_.tmp
2012-10-25 09:52 . 2012-10-25 09:52 -------- d-----w- c:\documents and settings\bobesovci\Data aplikací\Malwarebytes
2012-10-25 09:51 . 2012-10-25 09:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-10-25 09:51 . 2012-10-25 10:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-25 09:51 . 2012-09-29 17:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-25 08:59 . 2012-10-25 08:59 -------- d-----w- c:\windows\system32\NtmsData
2012-10-24 15:09 . 2012-10-24 15:09 -------- d-----w- c:\documents and settings\bobesovci\temp
2012-10-24 15:09 . 2012-10-24 15:09 -------- d-----w- c:\documents and settings\bobesovci\Data aplikací\TeamViewer
2012-10-09 16:44 . 2012-10-09 16:44 -------- d-----w- c:\documents and settings\bobesovci\.pdfsam
2012-10-09 16:41 . 2012-10-09 16:41 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2012-10-09 16:41 . 2012-10-09 16:41 -------- d-----w- c:\program files\pdfsam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 16:30 . 2012-06-27 04:31 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 16:30 . 2011-06-30 17:08 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 21:24 . 2012-10-22 21:23 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^bobesovci^Nabídka Start^Programy^Po spuštění^KvetinkaProzeny.lnk]
path=c:\documents and settings\bobesovci\Nabídka Start\Programy\Po spuštění\KvetinkaProzeny.lnk
backup=c:\windows\pss\KvetinkaProzeny.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2008-04-21 18:28 4608 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-03-01 17:43 90112 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
2003-08-19 23:22 278528 ----a-w- c:\program files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 13:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtkDashClient.exe]
2010-12-02 13:48 437248 ------w- c:\program files\Realtek\RtkXPDashClientInstaller\RtkDashClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\DC++\\StrongDC.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.4.2008 20:24 716272]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.10.2012 13:32 721000]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.10.2012 13:32 353688]
S1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [24.10.2011 17:42 25680]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2012 13:32 21256]
S2 RtDash5x;Realtek NDIS Protocol Driver for Dash;c:\windows\system32\drivers\RtDash5x.sys [24.5.2010 14:16 22528]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27.6.2012 6:31 250808]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.10.2012 8:30 1691480]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17.6.2011 19:33 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [16.5.2012 18:00 115168]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [26.10.2012 7:39 907496]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]
S4 Prdntlb;Prdntlb; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 16:30]
.
2012-10-26 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-25 16:21]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.93.234
FF - ProfilePath - c:\documents and settings\bobesovci\Data aplikací\Mozilla\Firefox\Profiles\bhu6xsks.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=panda2_0yatb&p=
FF - ExtSQL: 2012-10-25 13:32; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2008-07-09 16:47; {800b5000-a755-47e1-992b-48a1c1357f07}; c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-owzlikti.sys
MSConfigStartUp-GroupManager - c:\program files\AVG Anti Virus\groupmanager.exe
MSConfigStartUp-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe
AddRemove-{E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\program files\NOS\bin\getPlus_Helper.dll
AddRemove-Česká kuchařka - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-26 10:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(256)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1976)
c:\windows\system32\msi.dll
c:\program files\WIBU-SYSTEMS\System\WibuShellExt.dll
c:\program files\Common Files\Ahead\Lib\NeroDigitalExt.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
c:\progra~1\MICROS~2\Office10\MCPS.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2012-10-26 10:22:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-26 08:22
.
Před spuštěním: Volných bajtů: 20 483 588 096
Po spuštění: Volných bajtů: 20 654 039 040
.
- - End Of File - - FF250ACBBDF6B81A6E61E16CBF8EA955

[JaRon]

citat:
Stahnete SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu
• Do okna vlozte skript nize
• Kód:
:filefind
ndis.sys

• Kliknete na Look
• Tlacitko Look se zmeni na Scanning a zsedne
• Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
• Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

[SPKM]

SystemLook 30.07.11 by jpshortstuff
Log created at 10:46 on 26/10/2012 by Administrator
Administrator - Elevation successful

========== filefind ==========

Searching for "ndis.sys"
C:\WINDOWS\erdnt\cache\ndis.sys --a---- 182656 bytes [08:21 26/10/2012] [22:50 13/04/2008] 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\ServicePackFiles\i386\ndis.sys ------- 182656 bytes [05:16 26/10/2012] [22:50 13/04/2008] 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\system32\ndis.sys --a---- 211072 bytes [06:34 26/10/2012] [06:32 26/10/2012] 4A41ED2DE803BC0BC7ED98F2F139B367
C:\WINDOWS\system32\dllcache\ndis.sys --a--c- 182656 bytes [08:14 26/10/2012] [22:50 13/04/2008] 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\system32\drivers\ndis.sys --a---- 182656 bytes [08:14 26/10/2012] [22:50 13/04/2008] 1DF7F42665C94B825322FAE71721130D

-= EOF =-

[JaRon]

zopakuj akciu s ComboFix-om - novy CFScript:

Kód: Vybrat vše

File::
C:\WINDOWS\system32\ndis.sys 
c:\windows\002705_.tmp
c:\windows\002704_.tmp

[SPKM]

ComboFix 12-10-25.02 - Administrator 26.10.2012 11:11:56.2.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1644 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\002704_.tmp"
"c:\windows\002705_.tmp"
"c:\windows\system32\ndis.sys"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-26 do 2012-10-26 )))))))))))))))))))))))))))))))
.
.
2012-10-26 08:14 . 2008-04-13 22:50 182656 -c--a-w- c:\windows\system32\dllcache\ndis.sys
2012-10-26 08:14 . 2008-04-13 22:50 182656 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-26 06:53 . 2012-10-26 06:53 -------- d-----w- c:\windows\LastGood.Tmp
2012-10-26 06:42 . 2012-10-26 06:42 -------- d-----w- C:\rsit
2012-10-26 06:42 . 2012-10-26 06:42 -------- d-----w- c:\program files\trend micro
2012-10-26 06:34 . 2012-10-26 06:32 211072 ----a-w- c:\windows\system32\ndis.sys
2012-10-26 05:56 . 2008-04-13 22:50 182656 ----a-w- c:\windows\system32\drivers\ndis_xp.sys
2012-10-26 05:43 . 2012-10-26 05:43 -------- d-----w- c:\program files\DLLSuite
2012-10-26 05:39 . 2010-08-06 06:45 907496 ----a-r- c:\windows\system32\drivers\RTL8192cu.sys
2012-10-26 05:24 . 2012-10-04 19:16 369552 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
2012-10-26 05:14 . 2008-04-14 06:52 294912 ------w- c:\program files\Windows Media Player\dlimport.exe
2012-10-26 05:14 . 2008-04-14 06:52 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2012-10-26 05:11 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002705_.tmp
2012-10-25 13:29 . 2011-12-12 15:06 80488 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-10-25 13:29 . 2010-09-23 13:46 102416 ----a-w- c:\windows\system32\RTNUninst32.dll
2012-10-25 13:10 . 2010-05-24 12:16 22528 ----a-w- c:\windows\RtDash5x.sys
2012-10-25 11:32 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-25 11:32 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-25 11:32 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-25 11:32 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-10-25 11:32 . 2012-10-25 11:32 -------- d-----w- c:\program files\AVAST Software
2012-10-25 11:32 . 2012-10-25 11:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-10-25 11:18 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-10-25 11:05 . 2012-10-26 08:46 -------- d-----w- c:\documents and settings\Administrator
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\system32\cs-cz
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\system32\cs
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\system32\bits
2012-10-25 10:51 . 2012-10-26 05:17 -------- d-----w- c:\windows\l2schemas
2012-10-25 10:46 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002704_.tmp
2012-10-25 09:52 . 2012-10-25 09:52 -------- d-----w- c:\documents and settings\bobesovci\Data aplikací\Malwarebytes
2012-10-25 09:51 . 2012-10-25 09:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-10-25 09:51 . 2012-10-25 10:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-25 09:51 . 2012-09-29 17:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-25 08:59 . 2012-10-25 08:59 -------- d-----w- c:\windows\system32\NtmsData
2012-10-24 15:09 . 2012-10-24 15:09 -------- d-----w- c:\documents and settings\bobesovci\temp
2012-10-24 15:09 . 2012-10-24 15:09 -------- d-----w- c:\documents and settings\bobesovci\Data aplikací\TeamViewer
2012-10-09 16:44 . 2012-10-09 16:44 -------- d-----w- c:\documents and settings\bobesovci\.pdfsam
2012-10-09 16:41 . 2012-10-09 16:41 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2012-10-09 16:41 . 2012-10-09 16:41 -------- d-----w- c:\program files\pdfsam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 16:30 . 2012-06-27 04:31 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 16:30 . 2011-06-30 17:08 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 21:24 . 2012-10-22 21:23 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^bobesovci^Nabídka Start^Programy^Po spuštění^KvetinkaProzeny.lnk]
path=c:\documents and settings\bobesovci\Nabídka Start\Programy\Po spuštění\KvetinkaProzeny.lnk
backup=c:\windows\pss\KvetinkaProzeny.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2008-04-21 18:28 4608 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-03-01 17:43 90112 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FineReader7NewsReaderPro]
2003-08-19 23:22 278528 ----a-w- c:\program files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 13:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtkDashClient.exe]
2010-12-02 13:48 437248 ------w- c:\program files\Realtek\RtkXPDashClientInstaller\RtkDashClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\DC++\\StrongDC.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.4.2008 20:24 716272]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.10.2012 13:32 721000]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.10.2012 13:32 353688]
S1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [24.10.2011 17:42 25680]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2012 13:32 21256]
S2 RtDash5x;Realtek NDIS Protocol Driver for Dash;c:\windows\system32\drivers\RtDash5x.sys [24.5.2010 14:16 22528]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27.6.2012 6:31 250808]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26.10.2012 8:30 1691480]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17.6.2011 19:33 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [16.5.2012 18:00 115168]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [26.10.2012 7:39 907496]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys --> c:\windows\system32\DRIVERS\wdcsam.sys [?]
S4 Prdntlb;Prdntlb; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 16:30]
.
2012-10-26 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-25 16:21]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.93.234
FF - ProfilePath -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-26 11:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(256)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1428)
c:\windows\system32\msi.dll
c:\progra~1\MICROS~2\Office10\MCPS.DLL
.
Celkový čas: 2012-10-26 11:18:00
ComboFix-quarantined-files.txt 2012-10-26 09:17
.
Před spuštěním: Volných bajtů: 20 659 937 280
Po spuštění: Volných bajtů: 20 646 338 560
.
- - End Of File - - 4E73A0C2E00BB4A9A47CCF968D379B62

[JaRon]

fajn, pokusne odinstaluj AVAST a restartuj masinu do normal modu

[SPKM]

Normal mod se stale nechyta (okna najizdi, ale po chvili se provede restart)
Nejede ani Nouzovy rezim se siti, dostanu se pouze do obycejneho Nouzoveho rezimu

[JaRon]

nevadi - odinstaluj AVAST a skontroluj PC s MBAM - rychly scan (v nudzovom rezime)