Zdravim, pred par dnami mi AVG začal pri kazdom zapnuti PC vyhadzovat, ze mam v PC trojana nmklo.dll a po presunuti do virusoveho trezora sa tento subor objavi znova pri kazdom zapnuti/restarte... Len za posledne 2 dni naslo tuto haved ( http://img411.imageshack.us/f/avgg.jpg/ )...
log RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel Lorinc at 2010-08-18 15:27:34
Systém Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 54 GB (71%) free of 76 GB
Total RAM: 1406 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:49, on 18.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Pavel Lorinc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Documents and Settings\Pavel Lorinc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\31.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Documents and Settings\Pavel Lorinc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pavel Lorinc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pavel Lorinc\Desktop\RSIT.exe
C:\Program Files\trend micro\Pavel Lorinc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6623758656
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://195.65.142.237/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 10639 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-08-18 1619296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-28 110652]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-10-26 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-11 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-18 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2008-02-14 1555480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-10-26 2403392]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2008-02-14 1555480]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-28 122940]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"Spamihilator"=C:\Program Files\Spamihilator\spamihilator.exe [2008-01-06 1003520]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-18 2065760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-09-09 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-08-18 12536]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Spamihilator\dccproc.exe"="C:\Program Files\Spamihilator\dccproc.exe:*:Enabled:dccproc"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\DOCUME~1\PAVELL~1\LOCALS~1\Temp\NS302.tmp"="C:\DOCUME~1\PAVELL~1\LOCALS~1\Temp\NS302.tmp:*:Enabled:Microsoft Office"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\TEMP\NS13.tmp"="C:\WINDOWS\TEMP\NS13.tmp:*:Enabled:Microsoft Office"
"C:\WINDOWS\TEMP\NS10.tmp"="C:\WINDOWS\TEMP\NS10.tmp:*:Enabled:Microsoft Office"
"C:\WINDOWS\TEMP\NS11.tmp"="C:\WINDOWS\TEMP\NS11.tmp:*:Enabled:Microsoft Office"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\WINDOWS\TEMP\NS3.tmp"="C:\WINDOWS\TEMP\NS3.tmp:*:Enabled:Microsoft Office"
"C:\WINDOWS\TEMP\NS12.tmp"="C:\WINDOWS\TEMP\NS12.tmp:*:Enabled:Microsoft Office"
"C:\WINDOWS\TEMP\NS33.tmp"="C:\WINDOWS\TEMP\NS33.tmp:*:Enabled:Microsoft Office"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-08-18 15:27:34 ----D---- C:\rsit
2010-08-18 15:21:03 ----A---- C:\WINDOWS\system32\drivers\31.exe
2010-08-18 14:37:25 ----D---- C:\WINDOWS\Prefetch
2010-08-18 13:00:33 ----A---- C:\WINDOWS\SEC11EE.tmp
2010-08-18 12:50:39 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2010-08-18 12:50:39 ----A---- C:\WINDOWS\system32\wmpasf.dll
2010-08-18 12:50:39 ----A---- C:\WINDOWS\system32\wmp.dll
2010-08-18 12:50:39 ----A---- C:\WINDOWS\system32\wmerror.dll
2010-08-18 12:50:39 ----A---- C:\WINDOWS\system32\msxml6r.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\ir50_32.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\hccoin.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\fsquirt.exe
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\bthserv.dll
2010-08-18 12:50:38 ----A---- C:\WINDOWS\system32\bthci.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\xmllite.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\wshbth.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\wmphoto.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\verclsid.exe
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2010-08-18 12:50:37 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\tunmp.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\sffp_sd.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\sffdisk.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\mssmbios.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2010-08-18 12:50:36 ----A---- C:\WINDOWS\system32\drivers\amdk7.sys
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\pidgen.dll
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\logman.exe
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\kbdukx.dll
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\encdec.dll
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-08-18 12:50:34 ----A---- C:\WINDOWS\system32\dpcdll.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\wscntfy.exe
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\w3ssl.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\smbinst.exe
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\sbeio.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\sbe.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\p2psvc.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\msftedit.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\msdadiag.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\iuengine.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\httpapi.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\fwcfg.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\dsprpres.dll
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\drivers\ip6fw.sys
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\drivers\http.sys
2010-08-18 12:50:33 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\xmlprov.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\wscsvc.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\winshfhc.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\winhttp.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\winbrand.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\twext.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\spnpinst.exe
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\proxycfg.exe
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\powercfg.exe
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\mssap.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\d3d9.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\btpanui.dll
2010-08-18 12:50:32 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\xpob2res.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\strmfilt.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\p2p.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\kbdno1.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\kbdinben.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\encapi.dll
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\blastcln.exe
2010-08-18 12:50:31 ----A---- C:\WINDOWS\system32\auditusr.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\winhlp32.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\twain_32.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\atmlib.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\atmadm.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\at.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\asycfilt.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\asferror.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\apphelp.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\amstream.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\alrsvc.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\alg.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\ahui.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\adsnt.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\adsmsext.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\adsldpc.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\adsldp.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\actmovie.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\activeds.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\aclui.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\system32\6to4svc.dll
2010-08-18 12:50:22 ----A---- C:\WINDOWS\regedit.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\hh.exe
2010-08-18 12:50:22 ----A---- C:\WINDOWS\explorer.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cryptnet.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cryptext.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cryptdll.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\crypt32.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\credui.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\conime.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\confmsp.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\comuid.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\comres.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\compstui.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\compatui.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\colbact.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmutil.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmstp.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmmon32.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmdl32.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmdial32.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\clusapi.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\clipsrv.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cliconfg.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cliconfg.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cisvc.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\ciodm.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cic.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\certmgr.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\certcli.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cdosys.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cdfview.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\capesnpn.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\camocx.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cabview.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\cabinet.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\browsewm.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\browseui.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\browser.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\browselc.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\bidispl.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\batt.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\batmeter.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\basesrv.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\avifil32.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\autolfn.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\autofmt.exe
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\authz.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\audiosrv.dll
2010-08-18 12:50:21 ----A---- C:\WINDOWS\system32\attrib.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\faultrep.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\exts.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\extrac32.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\expsrv.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\eventlog.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\eudcedit.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\esent.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\es.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\ersvc.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\els.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dxmasf.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dxdiag.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dx8vb.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dx7vb.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dwwin.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\duser.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dumprep.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dswave.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsuiext.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dssenh.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dssec.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsquery.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsprop.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsound3d.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsound.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dskquoui.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dskquota.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dsdmo.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\ds32gt.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\drprov.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpvvox.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpvoice.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpvacm.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpnet.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dplayx.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\docprop2.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dnsapi.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmutil.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmusic.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmsynth.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmstyle.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmserver.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmscript.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmremote.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmloader.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmime.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmcompos.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmband.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dmadmin.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dllhost.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dispex.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\diskpart.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\diskcopy.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dinput8.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dinput.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\digest.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\diantz.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dgnet.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dfrgui.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\devmgr.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\devenum.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\defrag.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\ddrawex.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\ddraw.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\ddeshare.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dciman32.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dbghelp.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\davclnt.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\datime.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\dataclen.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\danim.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\d3dim700.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\d3d8.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\ctfmon.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\csrss.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\cscui.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\cscript.exe
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\cscdll.dll
2010-08-18 12:50:20 ----A---- C:\WINDOWS\system32\cryptui.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\imeshare.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\imapi.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\ils.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\ifmon.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\iexpress.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\idq.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\icmp.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\icm32.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\iccvid.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\iasrad.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\htui.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hotplug.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hlink.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hid.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\hhsetup.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\help.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\h323msp.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\grpconv.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\glu32.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\gdi32.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\framebuf.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\forcedos.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\fontview.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\fontsub.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\fontext.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\findstr.exe
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\filemgmt.dll
2010-08-18 12:50:19 ----A---- C:\WINDOWS\system32\feclient.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\moricons.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\more.com
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\modemui.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mobsync.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mobsync.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mmcshext.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mmcbase.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mmc.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mlang.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mimefilt.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\miglibnt.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\midimap.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mfc42.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mfc40u.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mf3216.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mdminst.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mciwave.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mciseq.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mciavi32.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\mcastmib.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\makecab.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\magnify.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\lsass.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\lprhelp.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\lpk.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\logonui.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\localui.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\localsec.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\loadperf.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\lmrt.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\linkinfo.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\licdll.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\keymgr.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\kerberos.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\kd1394.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\kbdnec.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\kbd106.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\jgpl400.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\jgdw400.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ixsso.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\itss.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\itircl.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\isign32.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipxwan.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipxroute.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipv6.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ippromon.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipmontr.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\ipconfig.exe
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\input.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\initpki.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\inetres.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\inetppui.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\inetpp.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\inetmib1.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-08-18 12:50:18 ----A---- C:\WINDOWS\system32\imm32.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mstask.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msrle32.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msprivs.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mspatcha.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msorcl32.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msorc32r.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msnsspc.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mslbui.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msjint40.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msisip.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msimtf.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msimsg.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msimg32.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msihnd.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msiexec.exe
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msieftp.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msidle.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msident.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msi.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msgina.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdmo.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msdart.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msctfp.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msctf.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msconf.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mscms.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msasn1.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msapsspc.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msafd.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\msacm32.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mprdim.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mprapi.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mpr.dll
2010-08-18 12:50:17 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\nddeapi.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\narrator.exe
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mydocs.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mtxclu.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msyuv.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msxml2.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msxml.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mswsock.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msw3prt.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvidctl.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvfw32.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvcrt.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvcp60.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvcirt.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\msutb.dll
2010-08-18 12:50:16 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\powrprof.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\polstore.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\pjlmon.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ping.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\pid.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\photowiz.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\perfproc.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\perfos.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\perfnet.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\perfmon.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\perfdisk.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\pdh.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\pautoenr.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\packager.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\osuninst.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\osk.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\opengl32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\olepro32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\oleprn.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\oledlg.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\olecli32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ole32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\offfilt.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odtext32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odpdx32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odfox32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odexl32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\oddbse32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbctrac.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcji32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcint.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbccu32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbccr32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbccp32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcconf.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcconf.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbcad32.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\odbc32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ocmanage.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\objsel.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\oakley.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntshrui.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntmsapi.dll
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntmarta.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntlanman.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\npptools.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\notepad.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nlhtml.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\newdev.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netui1.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netui0.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netstat.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netshell.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netsh.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netsetup.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netrap.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netplwiz.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netman.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netlogon.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netid.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netdde.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netcfgx.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netapi32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\net1.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\net.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nddenb32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nddeapir.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\notepad.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\shdoclc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sfc_os.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sfc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\setup.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sethc.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sensapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sens.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sendmail.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\security.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\secur32.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\seclogon.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sdbinst.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scrrun.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scrobj.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scesrv.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scecli.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sccsccp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scarddlg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\runonce.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rundll32.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rtutils.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rtcshare.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsmps.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsh.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsaenh.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rpcss.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\riched20.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rexec.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\resutils.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regwizc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regsvr32.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regsvc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\reg.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpdd.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rcp.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rcimlby.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rastls.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rassapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasppp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasphone.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasmans.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\raschap.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\query.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\quartz.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qedwipes.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qedit.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qdvd.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qdv.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qcap.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\pstorec.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\psbase.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\psapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\proquota.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\progman.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\profmap.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\upnp.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\uniplat.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\unimdmat.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\umandlg.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\udhisapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\txflog.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tsddd.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\trkwks.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tree.com
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tracert.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tourstart.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\themeui.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\termmgr.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\telnet.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tcpmon.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tcpmib.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\taskmgr.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tapisrv.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tapi32.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tapi3.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\t2embed.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\syncui.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\synceng.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sxs.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\svchost.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\storprop.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\stobject.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\stimon.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sti_ci.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sti.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\stclient.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\srclient.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\spoolss.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\spider.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sort.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\snmpapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\slbiop.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\slayerxp.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\skeys.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sigverif.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sigtab.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shutdown.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shsvcs.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shscrap.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shrpubw.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shmgrate.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shmedia.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shlwapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shimgvw.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shimeng.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shgina.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shfolder.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shell32.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winrnr.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winntbbu.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winmm.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winlogon.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winipsec.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiavideo.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiashext.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiaservc.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiascr.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiadss.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiadefui.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wextract.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\webvw.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\webclnt.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wdigest.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wavemsp.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\watchdog.sys
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\w32time.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vssvc.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vssapi.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\version.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\verifier.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vdmredir.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vbajet32.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\utilman.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\usp10.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\userenv.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\user32.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\usbui.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\usbmon.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\ups.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\upnpui.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\upnphost.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\upnpcont.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\zipfldr.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\xcopy.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\xactsrv.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wstdecod.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wsock32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshrm.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wship6.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshext.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshcon.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wscript.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\ws2help.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\ws2_32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wpabaln.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wow32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmstream.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpui.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpshell.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmploc.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpcore.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpcd.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmi.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wlnotify.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wldap32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winver.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wintrust.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winsta.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winsrv.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winscard.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\wkssvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\win32k.sys
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\userinit.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\untfs.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ulib.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\syssetup.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\srvsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\smss.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\schannel.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\setupapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\services.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\scardsvr.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\savedump.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\samsrv.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\samlib.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rshx32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rastapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasman.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasdlg.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasauto.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasapi32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\printui.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\perfctrs.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\olecnv32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\oleaut32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\nwprovau.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntvdm.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntprint.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\nslookup.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\msv1_0.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\msgsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\locator.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\localspl.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\kernel32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\imagehlp.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ftp.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\format.com
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\csrsrv.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\comdlg32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\comctl32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\cmd.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\cacls.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\autochk.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\autoconv.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\advapi32.dll
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\hal.dll
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\vga.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbaudio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\update.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tdi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tape.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\swenum.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\stream.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\psched.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\p3.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\modem.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mf.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\imapi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\fips.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\fdc.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dxg.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\crusoe.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\amdk6.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2010-08-18 10:31:00 ----HD---- C:\$AVG
2010-08-18 10:30:20 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-08-18 10:09:17 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-18 09:20:28 ----D---- C:\Program Files\Enigma Software Group
2010-08-18 09:20:03 ----D---- C:\WINDOWS\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-08-18 09:20:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-16 13:16:31 ----A---- C:\WINDOWS\SEC13F7.tmp
2010-08-16 13:14:06 ----A---- C:\WINDOWS\setuplog.txt
2010-08-16 13:12:36 ----D---- C:\WINDOWS\system32\scripting
2010-08-16 13:12:36 ----D---- C:\WINDOWS\l2schemas
2010-08-16 13:12:35 ----D---- C:\WINDOWS\system32\en
2010-08-16 13:12:35 ----D---- C:\WINDOWS\system32\bits
2010-08-16 13:07:54 ----D---- C:\WINDOWS\network diagnostic
2010-08-16 13:07:29 ----A---- C:\WINDOWS\system32\sprecovr.exe
2010-08-16 13:03:13 ----D---- C:\WINDOWS\EHome
2010-08-12 11:37:38 ----D---- C:\Program Files\Samsung
2010-08-12 11:37:25 ----D---- C:\Program Files\Common Files\Samsung
2010-07-27 11:49:24 ----D---- C:\Program Files\iPod
======List of files/folders modified in the last 1 months======
2010-08-18 15:27:49 ----D---- C:\Program Files\Trend Micro
2010-08-18 15:27:28 ----D---- C:\WINDOWS\Temp
2010-08-18 15:21:17 ----D---- C:\WINDOWS\system32
2010-08-18 15:21:03 ----D---- C:\WINDOWS\system32\drivers
2010-08-18 15:14:55 ----D---- C:\WINDOWS
2010-08-18 15:10:49 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\Spamihilator
2010-08-18 14:44:44 ----HD---- C:\WINDOWS\inf
2010-08-18 14:41:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-18 14:37:24 ----SD---- C:\WINDOWS\Tasks
2010-08-18 14:32:53 ----D---- C:\WINDOWS\system32\wbem
2010-08-18 14:32:53 ----D---- C:\WINDOWS\system32\Setup
2010-08-18 14:32:53 ----D---- C:\WINDOWS\AppPatch
2010-08-18 14:32:50 ----RSD---- C:\WINDOWS\Fonts
2010-08-18 14:31:45 ----D---- C:\WINDOWS\security
2010-08-18 14:30:56 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-18 14:30:51 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-18 14:28:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-18 14:28:10 ----D---- C:\WINDOWS\system32\usmt
2010-08-18 14:28:08 ----D---- C:\WINDOWS\system32\Restore
2010-08-18 14:28:08 ----D---- C:\WINDOWS\system32\oobe
2010-08-18 14:28:08 ----D---- C:\WINDOWS\system32\npp
2010-08-18 14:27:05 ----D---- C:\WINDOWS\system32\Com
2010-08-18 14:25:54 ----D---- C:\WINDOWS\system
2010-08-18 14:25:54 ----D---- C:\WINDOWS\srchasst
2010-08-18 14:25:53 ----D---- C:\WINDOWS\PeerNet
2010-08-18 14:25:52 ----D---- C:\WINDOWS\mui
2010-08-18 14:25:51 ----D---- C:\WINDOWS\msagent
2010-08-18 14:25:46 ----D---- C:\WINDOWS\ime
2010-08-18 14:25:46 ----D---- C:\WINDOWS\Help
2010-08-18 14:25:42 ----D---- C:\Program Files\Windows NT
2010-08-18 14:25:42 ----D---- C:\Program Files\Windows Media Player
2010-08-18 14:25:41 ----D---- C:\Program Files\Outlook Express
2010-08-18 14:25:39 ----D---- C:\Program Files\NetMeeting
2010-08-18 14:25:38 ----D---- C:\Program Files\Movie Maker
2010-08-18 14:25:37 ----D---- C:\Program Files\Messenger
2010-08-18 14:25:32 ----D---- C:\Program Files\Common Files\System
2010-08-18 13:49:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-18 13:00:32 ----A---- C:\WINDOWS\imsins.BAK
2010-08-18 12:58:27 ----D---- C:\WINDOWS\WinSxS
2010-08-18 12:58:03 ----D---- C:\WINDOWS\system32\en-US
2010-08-18 12:52:10 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-18 12:45:51 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-08-18 12:45:05 ----SHD---- C:\WINDOWS\Installer
2010-08-18 12:45:05 ----HD---- C:\Config.Msi
2010-08-18 12:09:31 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-18 10:30:33 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2010-08-18 10:30:33 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-08-18 10:30:20 ----D---- C:\Program Files\AVG
2010-08-18 09:20:28 ----RD---- C:\Program Files
2010-08-18 09:20:02 ----D---- C:\Program Files\Common Files
2010-08-18 08:47:06 ----D---- C:\Program Files\XTB-Trader 4
2010-08-18 08:39:53 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 08:39:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-17 15:42:53 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\Skype
2010-08-17 08:53:07 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\skypePM
2010-08-16 15:28:16 ----D---- C:\WINDOWS\Minidump
2010-08-12 16:02:30 ----D---- C:\Downloads
2010-08-12 14:37:42 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\uTorrent
2010-08-12 09:52:08 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\Free Download Manager
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-27 11:50:07 ----D---- C:\Program Files\iTunes
2010-07-27 11:49:20 ----D---- C:\Program Files\Common Files\Apple
2010-07-21 10:45:47 ----A---- C:\WINDOWS\WORDPAD.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2010-08-18 52872]
R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-07-28 88704]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-16 721904]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-08-18 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-08-18 29584]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-08-18 243024]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-07-07 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-07-07 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-28 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-28 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-28 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-28 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-28 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-28 87004]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-28 92700]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-07-07 40544]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-09-09 1754624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-02-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-02-28 26496]
R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-10-13 1966000]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-12-06 21568]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-07-13 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-07-13 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-07-13 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-07-13 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-07-13 86368]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1; C:\WINDOWS\system32\drivers\libusb0.sys [2007-03-20 28672]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-09-09 425984]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-08-18 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-18 308136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 anlpublyq;System Task; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 bcaqtdkxg;Shell Driver; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 bhiylgwpv;rxcse; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 btbbguo;Monitor Config; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 bvflekud;Update Driver; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 dehjhxsq;Helper Shell; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 dyxudpg;Monitor Boot; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 dzuylrsvo;Task Update; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 eayemk;Driver Shell; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 fyjlohgow;Microsoft Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 gfozl;System Network; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 gmamyepgl;Time Network; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 guxbp;Time Manager; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 hmecat;Universal Microsoft; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 ivfwo;Center Monitor; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 kecrr;Driver Manager; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 ktakx;glurz; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 lhozoqx;Helper Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 mzpll;Shell Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 nccluok;Monitor Time; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 nfbya;Server Windows; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 oftwyu;Config Image; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 ovyhxqqyv;fovrdf; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 pycyla;Windows Config; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 rbdpft;Monitor Config; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 trarziq;Shell Server; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 vgcwuujbi;Network Image; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 wazadd;Update System; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 wtfgmuaij;Task Manager; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 xaelr;Config Windows; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 xsbwrnama;Universal Server; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 xtgjwekfi;Microsoft Security; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 yzmudlvh;Microsoft Driver; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 zedfpyuq;Config System; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 zhgsrg;Helper Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 zkexsztj;gtrfsenr; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-06-30 431432]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-26 138168]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-05 435016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Vopred dakujem !
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntlanman.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\npptools.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\notepad.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nlhtml.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\newdev.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netui1.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netui0.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netstat.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netshell.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netsh.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netsetup.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netrap.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netplwiz.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netman.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netlogon.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netid.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netdde.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netcfgx.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\netapi32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\net1.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\net.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nddenb32.dll
2010-08-18 12:50:15 ----A---- C:\WINDOWS\system32\nddeapir.exe
2010-08-18 12:50:15 ----A---- C:\WINDOWS\notepad.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\shdoclc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sfc_os.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sfc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\setup.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sethc.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sensapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sens.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sendmail.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\security.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\secur32.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\seclogon.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sdbinst.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scrrun.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scrobj.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scesrv.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scecli.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\sccsccp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\scarddlg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\runonce.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rundll32.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rtutils.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rtcshare.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsmps.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsh.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rsaenh.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rpcss.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\riched20.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rexec.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\resutils.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regwizc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regsvr32.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regsvc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\regapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\reg.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpdd.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rcp.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rcimlby.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rastls.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rassapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasppp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasphone.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasmans.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\raschap.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\query.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\quartz.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qedwipes.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qedit.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qdvd.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qdv.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\qcap.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\pstorec.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\psbase.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\psapi.dll
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\proquota.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\progman.exe
2010-08-18 12:50:14 ----A---- C:\WINDOWS\system32\profmap.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\upnp.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\uniplat.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\unimdmat.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\umandlg.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\udhisapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\txflog.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tsddd.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\trkwks.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tree.com
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tracert.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tourstart.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\themeui.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\termmgr.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\telnet.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tcpmon.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tcpmib.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\taskmgr.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tapisrv.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tapi32.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\tapi3.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\t2embed.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\syncui.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\synceng.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sxs.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\svchost.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\storprop.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\stobject.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\stimon.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sti_ci.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sti.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\stclient.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\srclient.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\spoolsv.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\spoolss.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\spider.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sort.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\snmpapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\slbiop.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\slayerxp.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\skeys.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sigverif.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\sigtab.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shutdown.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shsvcs.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shscrap.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shrpubw.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shmgrate.exe
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shmedia.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shlwapi.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shimgvw.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shimeng.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shgina.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shfolder.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shell32.dll
2010-08-18 12:50:13 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winrnr.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winntbbu.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winmm.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winlogon.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\winipsec.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiavideo.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiashext.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiaservc.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiascr.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiadss.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiadefui.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wextract.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\webvw.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\webclnt.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wdigest.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\wavemsp.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\watchdog.sys
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\w32time.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vssvc.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vssapi.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\version.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\verifier.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vdmredir.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\vbajet32.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\utilman.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\usp10.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\userenv.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\user32.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\usbui.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\usbmon.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\ups.exe
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\upnpui.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\upnphost.dll
2010-08-18 12:50:12 ----A---- C:\WINDOWS\system32\upnpcont.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\zipfldr.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\xcopy.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\xactsrv.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wstdecod.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wsock32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshrm.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wship6.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshext.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wshcon.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wscript.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\ws2help.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\ws2_32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wpabaln.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wow32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmstream.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpui.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpshell.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmploc.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpcore.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmpcd.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wmi.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wlnotify.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wldap32.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winver.exe
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\wintrust.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winsta.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winsrv.dll
2010-08-18 12:50:11 ----A---- C:\WINDOWS\system32\winscard.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\wkssvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\win32k.sys
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\userinit.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\untfs.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ulib.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\syssetup.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\srvsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\smss.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\schannel.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\setupapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\services.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\scardsvr.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\savedump.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\samsrv.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\samlib.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rshx32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rastapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasman.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasdlg.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasauto.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\rasapi32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\printui.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\perfctrs.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\olecnv32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\oleaut32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\nwprovau.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntvdm.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntprint.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\nslookup.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\msv1_0.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\msgsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\locator.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\localspl.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\kernel32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\imagehlp.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\ftp.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\format.com
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\csrsrv.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\comdlg32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\comctl32.dll
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\cmd.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\cacls.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\autochk.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\autoconv.exe
2010-08-18 12:50:10 ----A---- C:\WINDOWS\system32\advapi32.dll
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\hal.dll
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\vga.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usbaudio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\update.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tdi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\tape.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\swenum.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\stream.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\psched.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\p3.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\modem.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\mf.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\imapi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\fips.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\fdc.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dxg.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\crusoe.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\amdk6.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2010-08-18 12:50:09 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2010-08-18 10:31:00 ----HD---- C:\$AVG
2010-08-18 10:30:20 ----D---- C:\Documents and Settings\All Users\Application Data\avg9
2010-08-18 10:09:17 ----A---- C:\WINDOWS\ntbtlog.txt
2010-08-18 09:20:28 ----D---- C:\Program Files\Enigma Software Group
2010-08-18 09:20:03 ----D---- C:\WINDOWS\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-08-18 09:20:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-16 13:16:31 ----A---- C:\WINDOWS\SEC13F7.tmp
2010-08-16 13:14:06 ----A---- C:\WINDOWS\setuplog.txt
2010-08-16 13:12:36 ----D---- C:\WINDOWS\system32\scripting
2010-08-16 13:12:36 ----D---- C:\WINDOWS\l2schemas
2010-08-16 13:12:35 ----D---- C:\WINDOWS\system32\en
2010-08-16 13:12:35 ----D---- C:\WINDOWS\system32\bits
2010-08-16 13:07:54 ----D---- C:\WINDOWS\network diagnostic
2010-08-16 13:07:29 ----A---- C:\WINDOWS\system32\sprecovr.exe
2010-08-16 13:03:13 ----D---- C:\WINDOWS\EHome
2010-08-12 11:37:38 ----D---- C:\Program Files\Samsung
2010-08-12 11:37:25 ----D---- C:\Program Files\Common Files\Samsung
2010-07-27 11:49:24 ----D---- C:\Program Files\iPod
======List of files/folders modified in the last 1 months======
2010-08-18 15:27:49 ----D---- C:\Program Files\Trend Micro
2010-08-18 15:27:28 ----D---- C:\WINDOWS\Temp
2010-08-18 15:21:17 ----D---- C:\WINDOWS\system32
2010-08-18 15:21:03 ----D---- C:\WINDOWS\system32\drivers
2010-08-18 15:14:55 ----D---- C:\WINDOWS
2010-08-18 15:10:49 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\Spamihilator
2010-08-18 14:44:44 ----HD---- C:\WINDOWS\inf
2010-08-18 14:41:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-18 14:37:24 ----SD---- C:\WINDOWS\Tasks
2010-08-18 14:32:53 ----D---- C:\WINDOWS\system32\wbem
2010-08-18 14:32:53 ----D---- C:\WINDOWS\system32\Setup
2010-08-18 14:32:53 ----D---- C:\WINDOWS\AppPatch
2010-08-18 14:32:50 ----RSD---- C:\WINDOWS\Fonts
2010-08-18 14:31:45 ----D---- C:\WINDOWS\security
2010-08-18 14:30:56 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-18 14:30:51 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-18 14:28:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-18 14:28:10 ----D---- C:\WINDOWS\system32\usmt
2010-08-18 14:28:08 ----D---- C:\WINDOWS\system32\Restore
2010-08-18 14:28:08 ----D---- C:\WINDOWS\system32\oobe
2010-08-18 14:28:08 ----D---- C:\WINDOWS\system32\npp
2010-08-18 14:27:05 ----D---- C:\WINDOWS\system32\Com
2010-08-18 14:25:54 ----D---- C:\WINDOWS\system
2010-08-18 14:25:54 ----D---- C:\WINDOWS\srchasst
2010-08-18 14:25:53 ----D---- C:\WINDOWS\PeerNet
2010-08-18 14:25:52 ----D---- C:\WINDOWS\mui
2010-08-18 14:25:51 ----D---- C:\WINDOWS\msagent
2010-08-18 14:25:46 ----D---- C:\WINDOWS\ime
2010-08-18 14:25:46 ----D---- C:\WINDOWS\Help
2010-08-18 14:25:42 ----D---- C:\Program Files\Windows NT
2010-08-18 14:25:42 ----D---- C:\Program Files\Windows Media Player
2010-08-18 14:25:41 ----D---- C:\Program Files\Outlook Express
2010-08-18 14:25:39 ----D---- C:\Program Files\NetMeeting
2010-08-18 14:25:38 ----D---- C:\Program Files\Movie Maker
2010-08-18 14:25:37 ----D---- C:\Program Files\Messenger
2010-08-18 14:25:32 ----D---- C:\Program Files\Common Files\System
2010-08-18 13:49:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-18 13:00:32 ----A---- C:\WINDOWS\imsins.BAK
2010-08-18 12:58:27 ----D---- C:\WINDOWS\WinSxS
2010-08-18 12:58:03 ----D---- C:\WINDOWS\system32\en-US
2010-08-18 12:52:10 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-18 12:45:51 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-08-18 12:45:05 ----SHD---- C:\WINDOWS\Installer
2010-08-18 12:45:05 ----HD---- C:\Config.Msi
2010-08-18 12:09:31 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-08-18 10:30:33 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2010-08-18 10:30:33 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-08-18 10:30:20 ----D---- C:\Program Files\AVG
2010-08-18 09:20:28 ----RD---- C:\Program Files
2010-08-18 09:20:02 ----D---- C:\Program Files\Common Files
2010-08-18 08:47:06 ----D---- C:\Program Files\XTB-Trader 4
2010-08-18 08:39:53 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 08:39:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-17 15:42:53 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\Skype
2010-08-17 08:53:07 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\skypePM
2010-08-16 15:28:16 ----D---- C:\WINDOWS\Minidump
2010-08-12 16:02:30 ----D---- C:\Downloads
2010-08-12 14:37:42 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\uTorrent
2010-08-12 09:52:08 ----D---- C:\Documents and Settings\Pavel Lorinc\Application Data\Free Download Manager
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-27 11:50:07 ----D---- C:\Program Files\iTunes
2010-07-27 11:49:20 ----D---- C:\Program Files\Common Files\Apple
2010-07-21 10:45:47 ----A---- C:\WINDOWS\WORDPAD.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2010-08-18 52872]
R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-07-28 88704]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-16 721904]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-08-18 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-08-18 29584]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-08-18 243024]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-07-07 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-07-07 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-28 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-28 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-28 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-28 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-28 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-28 87004]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-28 92700]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-07-07 40544]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-09-09 1754624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-02-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-02-28 26496]
R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-10-13 1966000]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-12-06 21568]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-07-13 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-07-13 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-07-13 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-07-13 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-07-13 86368]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1; C:\WINDOWS\system32\drivers\libusb0.sys [2007-03-20 28672]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-09-09 425984]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-08-18 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-18 308136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 anlpublyq;System Task; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 bcaqtdkxg;Shell Driver; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 bhiylgwpv;rxcse; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 btbbguo;Monitor Config; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 bvflekud;Update Driver; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 dehjhxsq;Helper Shell; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 dyxudpg;Monitor Boot; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 dzuylrsvo;Task Update; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 eayemk;Driver Shell; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 fyjlohgow;Microsoft Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 gfozl;System Network; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 gmamyepgl;Time Network; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 guxbp;Time Manager; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 hmecat;Universal Microsoft; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 ivfwo;Center Monitor; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 kecrr;Driver Manager; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 ktakx;glurz; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 lhozoqx;Helper Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 mzpll;Shell Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 nccluok;Monitor Time; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 nfbya;Server Windows; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 oftwyu;Config Image; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 ovyhxqqyv;fovrdf; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 pycyla;Windows Config; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 rbdpft;Monitor Config; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 trarziq;Shell Server; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 vgcwuujbi;Network Image; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 wazadd;Update System; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 wtfgmuaij;Task Manager; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 xaelr;Config Windows; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 xsbwrnama;Universal Server; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 xtgjwekfi;Microsoft Security; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 yzmudlvh;Microsoft Driver; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 zedfpyuq;Config System; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 zhgsrg;Helper Support; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S2 zkexsztj;gtrfsenr; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-06-30 431432]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-26 138168]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-05 435016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Vopred dakujem !
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Zdravim a pekne odpoledne preji 
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Dobry den, prikladam log z Combofix:
ComboFix 10-08-17.04 - Pavel 19.08.2010 7:59.1.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.421.1033.18.1406.919 [GMT 2:00]
Running from: c:\documents and settings\Pavel Lorinc\Desktop\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\LocalService\proxy_port
c:\documents and settings\Pavel Lorinc\Application Data\wiaserva.log
c:\documents and settings\Pavel Lorinc\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\Pavel Lorinc\proxy_port
C:\restore
C:\System
c:\system\FILES\Desktop.ini
c:\windows\system32\cooper.mine
c:\windows\system32\drivers\31.exe
c:\windows\system32\drivers\578.exe
c:\windows\system32\drivers\984.exe
c:\windows\system32\ff4h.gy
c:\windows\system32\h7t.wt
c:\windows\system32\hgtd.ruy
c:\windows\system32\nmklo.dll
c:\windows\system32\ssssssssss
Infected copy of c:\windows\system32\drivers\cdrom.sys was found and disinfected
Restored copy from - c:\system volume information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP79\A0013379.sys
.
((((((((((((((((((((((((( Files Created from 2010-07-19 to 2010-08-19 )))))))))))))))))))))))))))))))
.
2010-08-18 13:27 . 2010-08-18 13:27 -------- d-----w- C:\rsit
2010-08-18 08:31 . 2010-08-18 08:31 -------- d-----w- C:\$AVG
2010-08-18 08:30 . 2010-08-18 08:30 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Enigma Software Group
2010-08-18 07:20 . 2010-08-18 08:05 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\scripting
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\l2schemas
2010-08-16 11:12 . 2010-08-18 11:50 -------- d-----w- c:\windows\system32\bits
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\en
2010-08-16 11:07 . 2007-08-10 19:46 33656 ----a-w- c:\windows\system32\sprecovr.exe
2010-08-16 11:03 . 2010-08-18 10:49 -------- d-----w- c:\windows\EHome
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Samsung
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Common Files\Samsung
2010-08-09 05:22 . 2010-08-09 05:22 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcp71.dll
2010-08-09 05:22 . 2010-08-09 05:22 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\jmc.dll
2010-08-09 05:22 . 2010-08-09 05:22 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcr71.dll
2010-08-09 05:22 . 2010-08-09 05:22 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-sse.dll
2010-08-09 05:22 . 2010-08-09 05:22 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-d3d.dll
2010-07-27 09:49 . 2010-07-27 09:49 -------- d-----w- c:\program files\iPod
2010-07-27 09:42 . 2010-07-27 09:42 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-19 06:10 . 2008-01-04 09:02 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Spamihilator
2010-08-18 13:27 . 2008-01-07 10:14 -------- d-----w- c:\program files\Trend Micro
2010-08-18 11:00 . 2010-08-18 11:00 4146 ----a-w- c:\windows\SEC11EE.tmp
2010-08-18 08:30 . 2009-05-10 09:37 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-18 08:30 . 2009-05-10 09:37 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-18 08:30 . 2007-08-27 11:46 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-18 08:30 . 2009-07-29 08:13 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-18 08:30 . 2009-06-15 05:28 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-08-18 08:30 . 2009-05-10 09:37 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-08-18 08:30 . 2009-05-10 09:37 -------- d-----w- c:\program files\AVG
2010-08-18 07:20 . 2007-08-27 11:35 80640 ----a-w- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-18 06:47 . 2008-10-30 06:34 -------- d-----w- c:\program files\XTB-Trader 4
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-17 13:42 . 2008-02-23 13:55 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Skype
2010-08-17 13:37 . 2009-03-11 14:32 1 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-17 06:53 . 2008-02-23 13:59 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\skypePM
2010-08-16 13:32 . 2007-08-27 11:12 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-16 13:32 . 2007-08-27 11:12 4804 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-16 11:16 . 2010-08-16 11:16 4146 ----a-w- c:\windows\SEC13F7.tmp
2010-08-12 12:37 . 2009-04-28 09:18 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\uTorrent
2010-08-12 07:52 . 2010-07-08 09:34 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Free Download Manager
2010-08-12 06:06 . 2010-04-08 05:24 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-27 09:50 . 2008-09-26 12:54 -------- d-----w- c:\program files\iTunes
2010-07-27 09:49 . 2008-09-26 12:50 -------- d-----w- c:\program files\Common Files\Apple
2010-07-16 11:48 . 2010-07-16 11:48 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\VitySoft
2010-07-08 09:34 . 2010-07-08 09:34 -------- d-----w- c:\program files\Free Download Manager
2010-06-23 07:26 . 2008-02-15 15:03 130958 ----a-w- c:\windows\hpoins12.dat
2010-06-18 13:22 . 2010-06-18 13:22 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-14 14:30 . 2010-08-18 10:50 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-27 07:57 . 2010-05-27 07:57 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcp71.dll
2010-05-27 07:57 . 2010-05-27 07:57 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\jmc.dll
2010-05-27 07:57 . 2010-05-27 07:57 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcr71.dll
2010-05-27 07:57 . 2010-05-27 07:57 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-sse.dll
2010-05-27 07:57 . 2010-05-27 07:57 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-d3d.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-06-30 12:23 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 12:54 1555480 ----a-w- c:\program files\free-downloads.net\tbfree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-28 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-01-06 1003520]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-02-28 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-6 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-18 08:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Google Update"="c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe"
"VX1000"=c:\windows\vVX1000.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Regedit32"=c:\windows\system32\regedit.exe
"AVG9_TRAY"=c:\progra~1\AVG\AVG9\avgtray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [10.5.2009 11:37 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10.5.2009 11:37 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10.5.2009 11:37 243024]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [18.8.2010 10:30 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18.8.2010 10:30 308136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 1:12 1044808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S2 anlpublyq;System Task;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bcaqtdkxg;Shell Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bhiylgwpv;rxcse;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 btbbguo;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bvflekud;Update Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dehjhxsq;Helper Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dyxudpg;Monitor Boot;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dzuylrsvo;Task Update;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 eayemk;Driver Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 fyjlohgow;Microsoft Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gfozl;System Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gmamyepgl;Time Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 guxbp;Time Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 hmecat;Universal Microsoft;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ivfwo;Center Monitor;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 kecrr;Driver Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ktakx;glurz;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 lhozoqx;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 mzpll;Shell Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nccluok;Monitor Time;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nfbya;Server Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 oftwyu;Config Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ovyhxqqyv;fovrdf;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 pycyla;Windows Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 rbdpft;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 trarziq;Shell Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 vgcwuujbi;Network Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wazadd;Update System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wtfgmuaij;Task Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xaelr;Config Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xsbwrnama;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xtgjwekfi;Microsoft Security;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 yzmudlvh;Microsoft Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zedfpyuq;Config System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zhgsrg;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zkexsztj;gtrfsenr;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [18.8.2010 10:30 431432]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [13.7.2006 14:37 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [13.7.2006 14:37 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [13.7.2006 14:37 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [13.7.2006 14:38 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [13.7.2006 14:39 86368]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [7.4.2009 15:38 28672]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.3.2009 16:14 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.3.2009 16:14 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [7.2.2009 13:46 32377]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.12.2008 16:21 721904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
bcaqtdkxg
vdjvk
vuqjzh
pycyla
xaelr
zhgsrg
gmamyepgl
bvflekud
trarziq
nccluok
guxbp
rbdpft
dyxudpg
lhozoqx
gfozl
vgcwuujbi
mzpll
.
Contents of the 'Scheduled Tasks' folder
2010-07-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-08-19 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004Core.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
2010-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004UA.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
.
- - - - ORPHANS REMOVED - - - -
ShellIconOverlayIdentifiers-{2D7E38A6-A604-45AE-9A87-4F5F25760650} - (no file)
Notify-dimsntfy - (no file)
ActiveSetup-{23KLN5J0-4OPM-11WE-AAX5-24EF1D187332} - c:\restore\k-1-3542-4232123213-7676767-8888886\X0R.exe
ActiveSetup-{67KLN5J0-4OPM-00WE-AAX5-14KC2A323342} - c:\system\FILES\ARMY.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-19 08:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="0EA6FE2ED46AD9563E034412F5900D0A014E88932942A5064EEBD700D7F2437ED16CC74C6E58CE987D56FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B555A9C6AECB7A5D1407FEBC9E127BECC74CFA9F11D93E4FB57F966FC69EB0E61591613F202719E054F72846292C40208E26436213C2579F1DA25DC39DAEA47229578E38CAB17DC90AF03576ECF290927949B102FA798A1E106A6BA23C2D795F961AA3DD3EF08FB0AA7996939EC9AD32A935F51823103EB3F33FAA6B22BDE22D7CA1E77ABC3D734EA95C11F16555C51088D2F01FB71F4E69C64B386422078A828A7AD6BB60EBBD028C269EC640BF7CE58FD1B8763C3E0D72197EE735E2B58D2786F32132925CF7CB6EA76AAEFDB6688C4F2416E0850EBB200D0BBF6A5F78FC08C9A3A8D3956D2254FC76D425446B9483E97E0607BC31146CDDE8FAF3E684DDB542DF0679FA042C62F96AF30F0C1480ED17DC3B73E1CDC1F155D387A61A8F29E56F4605612A09FC66BCA28EB0A1699D12237B1B17440FE4F055C9873A7156CBF0E837A42B61E9ED71AEFEA136A52AD5DA6B5E3F430BA3904C518ED14C381926D3565518DE2E16CEB8CE255E2D0E9601D7E44AF430AFBDCD8D5228715C0C9A8EAF7589C7647603E0172F7E2907227670BB164A3DF87F139860F363A4CF5FA2CD4996004D89EFA8D80A75B7999C7F1166DD9AAB4E1E9DDFE093E54E5D6DFA7CA00AA1A9FBFD2784E1335DC07CA6173619B7218211817EE20B1D6DBCC36377F8B77D0D3AD2D97B971AD8B35253C32D36B569ECA1A36B6C5D6E92E246B040C4E9B75568A70D95A26492E45B61D1765A67D836562657870597D6B03244B27AA5A83BE75332148DA1F453E5C9AE61258B239603C76DB165BADA84575CD60E68B0114E2B82D688855656540C0BB89D1A8246F65D41986B76D176AC0B73613748CF0171BEC15A3C206F19052EBBC55705D2347372550FF394663DF5F2228BD9B943DC1B62ECC6B9E771D0C5470FDE12F566D07B942BFA6CF9E3857CDAA33FD4BF9D8D32FAF4E439C9B297EDF24BD18864F707F2BCFDC928460DA95134C8ACB945C37C96905F48AC19610A48754AAEA5AB9BC4AF051E2D33FCF6097711F5474F15731C96D1454236097B4790B2FA4B0A88B2F97DAB6E9C49048D84E6A9A1C48F60B9DD798E556DAD34D4747A365E408B1FF71E1A14E5D1DD2A0C060DDA5B20AA3BF8B9763C4E249F1716BAAB2D8B6BB0F3F729BAC40F4A151C07F54724401A029DE8AB3CF287074A94B947BEE92DEC3773121A05E80A49486D61C26D2906B5AC6414346A706A7AA1F091C9C061812B10E9FDF1944F8AD3051656DF4432F439F4D059559616F1A7CC543F77B32E5A4FDE8B41B6F66B57B40E717244092A"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(840)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
.
**************************************************************************
.
Completion time: 2010-08-19 08:14:49 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-19 06:14
Pre-Run: 56 246 284 288 bytes free
Post-Run: 13 adresárov, 56 417 083 392 voľných bajtov
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 569D619E89587E885FC331E48885E920
ComboFix 10-08-17.04 - Pavel 19.08.2010 7:59.1.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.421.1033.18.1406.919 [GMT 2:00]
Running from: c:\documents and settings\Pavel Lorinc\Desktop\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\LocalService\proxy_port
c:\documents and settings\Pavel Lorinc\Application Data\wiaserva.log
c:\documents and settings\Pavel Lorinc\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\Pavel Lorinc\proxy_port
C:\restore
C:\System
c:\system\FILES\Desktop.ini
c:\windows\system32\cooper.mine
c:\windows\system32\drivers\31.exe
c:\windows\system32\drivers\578.exe
c:\windows\system32\drivers\984.exe
c:\windows\system32\ff4h.gy
c:\windows\system32\h7t.wt
c:\windows\system32\hgtd.ruy
c:\windows\system32\nmklo.dll
c:\windows\system32\ssssssssss
Infected copy of c:\windows\system32\drivers\cdrom.sys was found and disinfected
Restored copy from - c:\system volume information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP79\A0013379.sys
.
((((((((((((((((((((((((( Files Created from 2010-07-19 to 2010-08-19 )))))))))))))))))))))))))))))))
.
2010-08-18 13:27 . 2010-08-18 13:27 -------- d-----w- C:\rsit
2010-08-18 08:31 . 2010-08-18 08:31 -------- d-----w- C:\$AVG
2010-08-18 08:30 . 2010-08-18 08:30 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Enigma Software Group
2010-08-18 07:20 . 2010-08-18 08:05 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\scripting
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\l2schemas
2010-08-16 11:12 . 2010-08-18 11:50 -------- d-----w- c:\windows\system32\bits
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\en
2010-08-16 11:07 . 2007-08-10 19:46 33656 ----a-w- c:\windows\system32\sprecovr.exe
2010-08-16 11:03 . 2010-08-18 10:49 -------- d-----w- c:\windows\EHome
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Samsung
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Common Files\Samsung
2010-08-09 05:22 . 2010-08-09 05:22 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcp71.dll
2010-08-09 05:22 . 2010-08-09 05:22 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\jmc.dll
2010-08-09 05:22 . 2010-08-09 05:22 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcr71.dll
2010-08-09 05:22 . 2010-08-09 05:22 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-sse.dll
2010-08-09 05:22 . 2010-08-09 05:22 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-d3d.dll
2010-07-27 09:49 . 2010-07-27 09:49 -------- d-----w- c:\program files\iPod
2010-07-27 09:42 . 2010-07-27 09:42 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-19 06:10 . 2008-01-04 09:02 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Spamihilator
2010-08-18 13:27 . 2008-01-07 10:14 -------- d-----w- c:\program files\Trend Micro
2010-08-18 11:00 . 2010-08-18 11:00 4146 ----a-w- c:\windows\SEC11EE.tmp
2010-08-18 08:30 . 2009-05-10 09:37 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-18 08:30 . 2009-05-10 09:37 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-18 08:30 . 2007-08-27 11:46 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-18 08:30 . 2009-07-29 08:13 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-18 08:30 . 2009-06-15 05:28 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-08-18 08:30 . 2009-05-10 09:37 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-08-18 08:30 . 2009-05-10 09:37 -------- d-----w- c:\program files\AVG
2010-08-18 07:20 . 2007-08-27 11:35 80640 ----a-w- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-18 06:47 . 2008-10-30 06:34 -------- d-----w- c:\program files\XTB-Trader 4
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-17 13:42 . 2008-02-23 13:55 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Skype
2010-08-17 13:37 . 2009-03-11 14:32 1 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-17 06:53 . 2008-02-23 13:59 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\skypePM
2010-08-16 13:32 . 2007-08-27 11:12 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-16 13:32 . 2007-08-27 11:12 4804 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-16 11:16 . 2010-08-16 11:16 4146 ----a-w- c:\windows\SEC13F7.tmp
2010-08-12 12:37 . 2009-04-28 09:18 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\uTorrent
2010-08-12 07:52 . 2010-07-08 09:34 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Free Download Manager
2010-08-12 06:06 . 2010-04-08 05:24 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-27 09:50 . 2008-09-26 12:54 -------- d-----w- c:\program files\iTunes
2010-07-27 09:49 . 2008-09-26 12:50 -------- d-----w- c:\program files\Common Files\Apple
2010-07-16 11:48 . 2010-07-16 11:48 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\VitySoft
2010-07-08 09:34 . 2010-07-08 09:34 -------- d-----w- c:\program files\Free Download Manager
2010-06-23 07:26 . 2008-02-15 15:03 130958 ----a-w- c:\windows\hpoins12.dat
2010-06-18 13:22 . 2010-06-18 13:22 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-14 14:30 . 2010-08-18 10:50 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-27 07:57 . 2010-05-27 07:57 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcp71.dll
2010-05-27 07:57 . 2010-05-27 07:57 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\jmc.dll
2010-05-27 07:57 . 2010-05-27 07:57 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcr71.dll
2010-05-27 07:57 . 2010-05-27 07:57 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-sse.dll
2010-05-27 07:57 . 2010-05-27 07:57 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-d3d.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-06-30 12:23 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 12:54 1555480 ----a-w- c:\program files\free-downloads.net\tbfree.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-28 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-01-06 1003520]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-02-28 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-6 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-18 08:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Google Update"="c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe"
"VX1000"=c:\windows\vVX1000.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Regedit32"=c:\windows\system32\regedit.exe
"AVG9_TRAY"=c:\progra~1\AVG\AVG9\avgtray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [10.5.2009 11:37 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10.5.2009 11:37 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10.5.2009 11:37 243024]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [18.8.2010 10:30 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18.8.2010 10:30 308136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 1:12 1044808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S2 anlpublyq;System Task;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bcaqtdkxg;Shell Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bhiylgwpv;rxcse;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 btbbguo;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bvflekud;Update Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dehjhxsq;Helper Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dyxudpg;Monitor Boot;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dzuylrsvo;Task Update;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 eayemk;Driver Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 fyjlohgow;Microsoft Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gfozl;System Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gmamyepgl;Time Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 guxbp;Time Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 hmecat;Universal Microsoft;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ivfwo;Center Monitor;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 kecrr;Driver Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ktakx;glurz;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 lhozoqx;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 mzpll;Shell Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nccluok;Monitor Time;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nfbya;Server Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 oftwyu;Config Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ovyhxqqyv;fovrdf;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 pycyla;Windows Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 rbdpft;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 trarziq;Shell Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 vgcwuujbi;Network Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wazadd;Update System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wtfgmuaij;Task Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xaelr;Config Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xsbwrnama;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xtgjwekfi;Microsoft Security;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 yzmudlvh;Microsoft Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zedfpyuq;Config System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zhgsrg;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zkexsztj;gtrfsenr;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [18.8.2010 10:30 431432]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [13.7.2006 14:37 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [13.7.2006 14:37 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [13.7.2006 14:37 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [13.7.2006 14:38 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [13.7.2006 14:39 86368]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [7.4.2009 15:38 28672]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.3.2009 16:14 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.3.2009 16:14 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [7.2.2009 13:46 32377]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.12.2008 16:21 721904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
bcaqtdkxg
vdjvk
vuqjzh
pycyla
xaelr
zhgsrg
gmamyepgl
bvflekud
trarziq
nccluok
guxbp
rbdpft
dyxudpg
lhozoqx
gfozl
vgcwuujbi
mzpll
.
Contents of the 'Scheduled Tasks' folder
2010-07-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-08-19 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004Core.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
2010-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004UA.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
.
- - - - ORPHANS REMOVED - - - -
ShellIconOverlayIdentifiers-{2D7E38A6-A604-45AE-9A87-4F5F25760650} - (no file)
Notify-dimsntfy - (no file)
ActiveSetup-{23KLN5J0-4OPM-11WE-AAX5-24EF1D187332} - c:\restore\k-1-3542-4232123213-7676767-8888886\X0R.exe
ActiveSetup-{67KLN5J0-4OPM-00WE-AAX5-14KC2A323342} - c:\system\FILES\ARMY.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-19 08:10
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="0EA6FE2ED46AD9563E034412F5900D0A014E88932942A5064EEBD700D7F2437ED16CC74C6E58CE987D56FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B555A9C6AECB7A5D1407FEBC9E127BECC74CFA9F11D93E4FB57F966FC69EB0E61591613F202719E054F72846292C40208E26436213C2579F1DA25DC39DAEA47229578E38CAB17DC90AF03576ECF290927949B102FA798A1E106A6BA23C2D795F961AA3DD3EF08FB0AA7996939EC9AD32A935F51823103EB3F33FAA6B22BDE22D7CA1E77ABC3D734EA95C11F16555C51088D2F01FB71F4E69C64B386422078A828A7AD6BB60EBBD028C269EC640BF7CE58FD1B8763C3E0D72197EE735E2B58D2786F32132925CF7CB6EA76AAEFDB6688C4F2416E0850EBB200D0BBF6A5F78FC08C9A3A8D3956D2254FC76D425446B9483E97E0607BC31146CDDE8FAF3E684DDB542DF0679FA042C62F96AF30F0C1480ED17DC3B73E1CDC1F155D387A61A8F29E56F4605612A09FC66BCA28EB0A1699D12237B1B17440FE4F055C9873A7156CBF0E837A42B61E9ED71AEFEA136A52AD5DA6B5E3F430BA3904C518ED14C381926D3565518DE2E16CEB8CE255E2D0E9601D7E44AF430AFBDCD8D5228715C0C9A8EAF7589C7647603E0172F7E2907227670BB164A3DF87F139860F363A4CF5FA2CD4996004D89EFA8D80A75B7999C7F1166DD9AAB4E1E9DDFE093E54E5D6DFA7CA00AA1A9FBFD2784E1335DC07CA6173619B7218211817EE20B1D6DBCC36377F8B77D0D3AD2D97B971AD8B35253C32D36B569ECA1A36B6C5D6E92E246B040C4E9B75568A70D95A26492E45B61D1765A67D836562657870597D6B03244B27AA5A83BE75332148DA1F453E5C9AE61258B239603C76DB165BADA84575CD60E68B0114E2B82D688855656540C0BB89D1A8246F65D41986B76D176AC0B73613748CF0171BEC15A3C206F19052EBBC55705D2347372550FF394663DF5F2228BD9B943DC1B62ECC6B9E771D0C5470FDE12F566D07B942BFA6CF9E3857CDAA33FD4BF9D8D32FAF4E439C9B297EDF24BD18864F707F2BCFDC928460DA95134C8ACB945C37C96905F48AC19610A48754AAEA5AB9BC4AF051E2D33FCF6097711F5474F15731C96D1454236097B4790B2FA4B0A88B2F97DAB6E9C49048D84E6A9A1C48F60B9DD798E556DAD34D4747A365E408B1FF71E1A14E5D1DD2A0C060DDA5B20AA3BF8B9763C4E249F1716BAAB2D8B6BB0F3F729BAC40F4A151C07F54724401A029DE8AB3CF287074A94B947BEE92DEC3773121A05E80A49486D61C26D2906B5AC6414346A706A7AA1F091C9C061812B10E9FDF1944F8AD3051656DF4432F439F4D059559616F1A7CC543F77B32E5A4FDE8B41B6F66B57B40E717244092A"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(840)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
.
**************************************************************************
.
Completion time: 2010-08-19 08:14:49 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-19 06:14
Pre-Run: 56 246 284 288 bytes free
Post-Run: 13 adresárov, 56 417 083 392 voľných bajtov
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 569D619E89587E885FC331E48885E920
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Zasrane jak jetel 
Musim ten bohuzel od PC, budu tu az vecer tak kouknu na log at to domazem co zustalo 
Musim ten bohuzel od PC, budu tu az vecer tak kouknu na log at to domazem co zustalo "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- c:\windows\system32\regedit.exe
- Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
- Kliknete na Otestovat soubor
- Vysledek analyzy sem vlozte (jako odkaz)
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
File:: c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP c:\windows\SEC11EE.tmp c:\windows\SEC13F7.tmp c:\program files\free-downloads.net\tbfree.dll 2010-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004UA.job 2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004Core.job Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"=- "{ecdee021-0d17-467f-a1ff-c7a115230949}"=- [-HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{ecdee021-0d17-467f-a1ff-c7a115230949}"=- DDS:: uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Dobry vecer, pri PC budem až zajtra rano (krátko po siedmej)... Dokoncime to po vašom navrate zo zrazu, alebo Vás ešte zastihnem zajtra rano ?
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Budu tu tak do deviti do rana, pak valim 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Dobre rano prajem, ked som chcel otestovat regedit.exe cez VirusTotal, tak po zadani cesty k suboru mi napisalo, ze subor sa nenasiel... A za dalsie pri Combofix, ked som si vytvoril ten .txt subor na plochu, tak po pretiahnuti na ikonku Combofix sa mi spusta odznova program s upozornenim, ze mam zapnute AVG a uz sa ten Combofix neda vypnut atd...
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Nechte tedy dobehnout CF i se zapnutym AVG, log potom sem
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
log ComboFix:
ComboFix 10-08-18.04 - Pavel 20.08.2010 7:58.2.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.421.1033.18.1406.781 [GMT 2:00]
Running from: c:\documents and settings\Pavel Lorinc\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Pavel Lorinc\Desktop\CFScript.txt
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FILE ::
"c:\program files\free-downloads.net\tbfree.dll"
"c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP"
"c:\windows\SEC11EE.tmp"
"c:\windows\SEC13F7.tmp"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\free-downloads.net\tbfree.dll
c:\windows\SEC11EE.tmp
c:\windows\SEC13F7.tmp
.
((((((((((((((((((((((((( Files Created from 2010-07-20 to 2010-08-20 )))))))))))))))))))))))))))))))
.
2010-08-18 08:31 . 2010-08-18 08:31 -------- d-----w- C:\$AVG
2010-08-18 08:30 . 2010-08-18 08:30 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Enigma Software Group
2010-08-18 07:20 . 2010-08-18 08:05 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\scripting
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\l2schemas
2010-08-16 11:12 . 2010-08-18 11:50 -------- d-----w- c:\windows\system32\bits
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\en
2010-08-16 11:07 . 2007-08-10 19:46 33656 ----a-w- c:\windows\system32\sprecovr.exe
2010-08-16 11:03 . 2010-08-18 10:49 -------- d-----w- c:\windows\EHome
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Samsung
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Common Files\Samsung
2010-08-09 05:22 . 2010-08-09 05:22 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcp71.dll
2010-08-09 05:22 . 2010-08-09 05:22 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\jmc.dll
2010-08-09 05:22 . 2010-08-09 05:22 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcr71.dll
2010-08-09 05:22 . 2010-08-09 05:22 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-sse.dll
2010-08-09 05:22 . 2010-08-09 05:22 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-d3d.dll
2010-07-27 09:49 . 2010-07-27 09:49 -------- d-----w- c:\program files\iPod
2010-07-27 09:42 . 2010-07-27 09:42 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 06:02 . 2009-04-28 11:49 -------- d-----w- c:\program files\free-downloads.net
2010-08-20 05:42 . 2008-01-04 09:02 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Spamihilator
2010-08-19 12:18 . 2007-08-28 06:53 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-18 13:27 . 2008-01-07 10:14 -------- d-----w- c:\program files\Trend Micro
2010-08-18 08:30 . 2009-05-10 09:37 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-18 08:30 . 2009-05-10 09:37 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-18 08:30 . 2007-08-27 11:46 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-18 08:30 . 2009-07-29 08:13 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-18 08:30 . 2009-06-15 05:28 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-08-18 08:30 . 2009-05-10 09:37 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-08-18 08:30 . 2009-05-10 09:37 -------- d-----w- c:\program files\AVG
2010-08-18 07:20 . 2007-08-27 11:35 80640 ----a-w- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-18 06:47 . 2008-10-30 06:34 -------- d-----w- c:\program files\XTB-Trader 4
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-17 13:42 . 2008-02-23 13:55 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Skype
2010-08-17 13:37 . 2009-03-11 14:32 1 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-17 06:53 . 2008-02-23 13:59 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\skypePM
2010-08-16 13:32 . 2007-08-27 11:12 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-16 13:32 . 2007-08-27 11:12 4804 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-12 12:37 . 2009-04-28 09:18 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\uTorrent
2010-08-12 07:52 . 2010-07-08 09:34 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Free Download Manager
2010-08-12 06:06 . 2010-04-08 05:24 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-27 09:50 . 2008-09-26 12:54 -------- d-----w- c:\program files\iTunes
2010-07-27 09:49 . 2008-09-26 12:50 -------- d-----w- c:\program files\Common Files\Apple
2010-07-16 11:48 . 2010-07-16 11:48 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\VitySoft
2010-07-08 09:34 . 2010-07-08 09:34 -------- d-----w- c:\program files\Free Download Manager
2010-06-23 07:26 . 2008-02-15 15:03 130958 ----a-w- c:\windows\hpoins12.dat
2010-06-18 13:22 . 2010-06-18 13:22 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-14 14:30 . 2010-08-18 10:50 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-27 07:57 . 2010-05-27 07:57 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcp71.dll
2010-05-27 07:57 . 2010-05-27 07:57 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\jmc.dll
2010-05-27 07:57 . 2010-05-27 07:57 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcr71.dll
2010-05-27 07:57 . 2010-05-27 07:57 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-sse.dll
2010-05-27 07:57 . 2010-05-27 07:57 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-d3d.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-08-19_06.10.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-19 06:20 . 2010-08-19 06:20 16384 c:\windows\Temp\Perflib_Perfdata_608.dat
+ 2010-08-19 12:19 . 2010-08-19 12:19 3940352 c:\windows\Installer\147ecd4.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-06-30 12:23 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-28 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-01-06 1003520]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-18 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-02-28 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-6 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-18 08:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Google Update"="c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe"
"VX1000"=c:\windows\vVX1000.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Regedit32"=c:\windows\system32\regedit.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [10.5.2009 11:37 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10.5.2009 11:37 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10.5.2009 11:37 243024]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [18.8.2010 10:30 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18.8.2010 10:30 308136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 1:12 1044808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S2 anlpublyq;System Task;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bcaqtdkxg;Shell Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bhiylgwpv;rxcse;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 btbbguo;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bvflekud;Update Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dehjhxsq;Helper Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dyxudpg;Monitor Boot;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dzuylrsvo;Task Update;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 eayemk;Driver Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 fyjlohgow;Microsoft Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gfozl;System Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gmamyepgl;Time Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 guxbp;Time Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 hmecat;Universal Microsoft;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ivfwo;Center Monitor;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 kecrr;Driver Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ktakx;glurz;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 lhozoqx;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 mzpll;Shell Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nccluok;Monitor Time;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nfbya;Server Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 oftwyu;Config Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ovyhxqqyv;fovrdf;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 pycyla;Windows Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 rbdpft;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 trarziq;Shell Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 vgcwuujbi;Network Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wazadd;Update System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wtfgmuaij;Task Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xaelr;Config Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xsbwrnama;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xtgjwekfi;Microsoft Security;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 yzmudlvh;Microsoft Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zedfpyuq;Config System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zhgsrg;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zkexsztj;gtrfsenr;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [18.8.2010 10:30 431432]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [13.7.2006 14:37 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [13.7.2006 14:37 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [13.7.2006 14:37 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [13.7.2006 14:38 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [13.7.2006 14:39 86368]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [7.4.2009 15:38 28672]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.3.2009 16:14 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.3.2009 16:14 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [7.2.2009 13:46 32377]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.12.2008 16:21 721904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
bcaqtdkxg
vdjvk
vuqjzh
pycyla
xaelr
zhgsrg
gmamyepgl
bvflekud
trarziq
nccluok
guxbp
rbdpft
dyxudpg
lhozoqx
gfozl
vgcwuujbi
mzpll
.
Contents of the 'Scheduled Tasks' folder
2010-07-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-08-20 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004Core.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
2010-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004UA.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-20 08:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="0EA6FE2ED46AD9563E034412F5900D0A014E88932942A5064EEBD700D7F2437ED16CC74C6E58CE987D56FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B555A9C6AECB7A5D1407FEBC9E127BECC74CFA9F11D93E4FB57F966FC69EB0E61591613F202719E054F72846292C40208E26436213C2579F1DA25DC39DAEA47229578E38CAB17DC90AF03576ECF290927949B102FA798A1E106A6BA23C2D795F961AA3DD3EF08FB0AA7996939EC9AD32A935F51823103EB3F33FAA6B22BDE22D7CA1E77ABC3D734EA95C11F16555C51088D2F01FB71F4E69C64B386422078A828A7AD6BB60EBBD028C269EC640BF7CE58FD1B8763C3E0D72197EE735E2B58D2786F32132925CF7CB6EA76AAEFDB6688C4F2416E0850EBB200D0BBF6A5F78FC08C9A3A8D3956D2254FC76D425446B9483E97E0607BC31146CDDE8FAF3E684DDB542DF0679FA042C62F96AF30F0C1480ED17DC3B73E1CDC1F155D387A61A8F29E56F4605612A09FC66BCA28EB0A1699D12237B1B17440FE4F055C9873A7156CBF0E837A42B61E9ED71AEFEA136A52AD5DA6B5E3F430BA3904C518ED14C381926D3565518DE2E16CEB8CE255E2D0E9601D7E44AF430AFBDCD8D5228715C0C9A8EAF7589C7647603E0172F7E2907227670BB164A3DF87F139860F363A4CF5FA2CD4996004D89EFA8D80A75B7999C7F1166DD9AAB4E1E9DDFE093E54E5D6DFA7CA00AA1A9FBFD2784E1335DC07CA6173619B7218211817EE20B1D6DBCC36377F8B77D0D3AD2D97B971AD8B35253C32D36B569ECA1A36B6C5D6E92E246B040C4E9B75568A70D95A26492E45B61D1765A67D836562657870597D6B03244B27AA5A83BE75332148DA1F453E5C9AE61258B239603C76DB165BADA84575CD60E68B0114E2B82D688855656540C0BB89D1A8246F65D41986B76D176AC0B73613748CF0171BEC15A3C206F19052EBBC55705D2347372550FF394663DF5F2228BD9B943DC1B62ECC6B9E771D0C5470FDE12F566D07B942BFA6CF9E3857CDAA33FD4BF9D8D32FAF4E439C9B297EDF24BD18864F707F2BCFDC928460DA95134C8ACB945C37C96905F48AC19610A48754AAEA5AB9BC4AF051E2D33FCF6097711F5474F15731C96D1454236097B4790B2FA4B0A88B2F97DAB6E9C49048D84E6A9A1C48F60B9DD798E556DAD34D4747A365E408B1FF71E1A14E5D1DD2A0C060DDA5B20AA3BF8B9763C4E249F1716BAAB2D8B6BB0F3F729BAC40F4A151C07F54724401A029DE8AB3CF287074A94B947BEE92DEC3773121A05E80A49486D61C26D2906B5AC6414346A706A7AA1F091C9C061812B10E9FDF1944F8AD3051656DF4432F439F4D059559616F1A7CC543F77B32E5A4FDE8B41B6F66B57B40E717244092A"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-08-20 08:04:25
ComboFix-quarantined-files.txt 2010-08-20 06:04
ComboFix.txt 2010-08-19 06:14
Pre-Run: 56 931 319 808 bytes free
Post-Run: 56 913 907 712 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 22BBEC78E95D2664F11D593D4DE32256
MBAM zatial bezi 20min., po dokonceni to hodim sem...
ComboFix 10-08-18.04 - Pavel 20.08.2010 7:58.2.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.2.1250.421.1033.18.1406.781 [GMT 2:00]
Running from: c:\documents and settings\Pavel Lorinc\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Pavel Lorinc\Desktop\CFScript.txt
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FILE ::
"c:\program files\free-downloads.net\tbfree.dll"
"c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP"
"c:\windows\SEC11EE.tmp"
"c:\windows\SEC13F7.tmp"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\free-downloads.net\tbfree.dll
c:\windows\SEC11EE.tmp
c:\windows\SEC13F7.tmp
.
((((((((((((((((((((((((( Files Created from 2010-07-20 to 2010-08-20 )))))))))))))))))))))))))))))))
.
2010-08-18 08:31 . 2010-08-18 08:31 -------- d-----w- C:\$AVG
2010-08-18 08:30 . 2010-08-18 08:30 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Enigma Software Group
2010-08-18 07:20 . 2010-08-18 08:05 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-08-18 07:20 . 2010-08-18 07:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\scripting
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\l2schemas
2010-08-16 11:12 . 2010-08-18 11:50 -------- d-----w- c:\windows\system32\bits
2010-08-16 11:12 . 2010-08-18 10:58 -------- d-----w- c:\windows\system32\en
2010-08-16 11:07 . 2007-08-10 19:46 33656 ----a-w- c:\windows\system32\sprecovr.exe
2010-08-16 11:03 . 2010-08-18 10:49 -------- d-----w- c:\windows\EHome
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Samsung
2010-08-12 09:37 . 2010-08-12 09:37 -------- d-----w- c:\program files\Common Files\Samsung
2010-08-09 05:22 . 2010-08-09 05:22 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcp71.dll
2010-08-09 05:22 . 2010-08-09 05:22 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\jmc.dll
2010-08-09 05:22 . 2010-08-09 05:22 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-59ba606c-n\msvcr71.dll
2010-08-09 05:22 . 2010-08-09 05:22 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-sse.dll
2010-08-09 05:22 . 2010-08-09 05:22 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-29c4746e-n\decora-d3d.dll
2010-07-27 09:49 . 2010-07-27 09:49 -------- d-----w- c:\program files\iPod
2010-07-27 09:42 . 2010-07-27 09:42 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 06:02 . 2009-04-28 11:49 -------- d-----w- c:\program files\free-downloads.net
2010-08-20 05:42 . 2008-01-04 09:02 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Spamihilator
2010-08-19 12:18 . 2007-08-28 06:53 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-18 13:27 . 2008-01-07 10:14 -------- d-----w- c:\program files\Trend Micro
2010-08-18 08:30 . 2009-05-10 09:37 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-18 08:30 . 2009-05-10 09:37 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-18 08:30 . 2007-08-27 11:46 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-18 08:30 . 2009-07-29 08:13 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-18 08:30 . 2009-06-15 05:28 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-08-18 08:30 . 2009-05-10 09:37 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-08-18 08:30 . 2009-05-10 09:37 -------- d-----w- c:\program files\AVG
2010-08-18 07:20 . 2007-08-27 11:35 80640 ----a-w- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-18 06:47 . 2008-10-30 06:34 -------- d-----w- c:\program files\XTB-Trader 4
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 06:39 . 2009-05-11 12:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-17 13:42 . 2008-02-23 13:55 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Skype
2010-08-17 13:37 . 2009-03-11 14:32 1 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-08-17 06:53 . 2008-02-23 13:59 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\skypePM
2010-08-16 13:32 . 2007-08-27 11:12 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-16 13:32 . 2007-08-27 11:12 4804 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-12 12:37 . 2009-04-28 09:18 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\uTorrent
2010-08-12 07:52 . 2010-07-08 09:34 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\Free Download Manager
2010-08-12 06:06 . 2010-04-08 05:24 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-27 09:50 . 2008-09-26 12:54 -------- d-----w- c:\program files\iTunes
2010-07-27 09:49 . 2008-09-26 12:50 -------- d-----w- c:\program files\Common Files\Apple
2010-07-16 11:48 . 2010-07-16 11:48 -------- d-----w- c:\documents and settings\Pavel Lorinc\Application Data\VitySoft
2010-07-08 09:34 . 2010-07-08 09:34 -------- d-----w- c:\program files\Free Download Manager
2010-06-23 07:26 . 2008-02-15 15:03 130958 ----a-w- c:\windows\hpoins12.dat
2010-06-18 13:22 . 2010-06-18 13:22 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-14 14:30 . 2010-08-18 10:50 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-27 07:57 . 2010-05-27 07:57 503808 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcp71.dll
2010-05-27 07:57 . 2010-05-27 07:57 499712 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\jmc.dll
2010-05-27 07:57 . 2010-05-27 07:57 348160 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4d077afb-n\msvcr71.dll
2010-05-27 07:57 . 2010-05-27 07:57 61440 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-sse.dll
2010-05-27 07:57 . 2010-05-27 07:57 12800 ----a-w- c:\documents and settings\Pavel Lorinc\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-787b2e9b-n\decora-d3d.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-08-19_06.10.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-19 06:20 . 2010-08-19 06:20 16384 c:\windows\Temp\Perflib_Perfdata_608.dat
+ 2010-08-19 12:19 . 2010-08-19 12:19 3940352 c:\windows\Installer\147ecd4.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-06-30 12:23 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-28 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Spamihilator"="c:\program files\Spamihilator\spamihilator.exe" [2008-01-06 1003520]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-18 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-02-28 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-6 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-18 08:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Google Update"="c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe"
"VX1000"=c:\windows\vVX1000.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Regedit32"=c:\windows\system32\regedit.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spamihilator\\dccproc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [10.5.2009 11:37 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10.5.2009 11:37 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10.5.2009 11:37 243024]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [18.8.2010 10:30 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [18.8.2010 10:30 308136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 1:12 1044808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S2 anlpublyq;System Task;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bcaqtdkxg;Shell Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bhiylgwpv;rxcse;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 btbbguo;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 bvflekud;Update Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dehjhxsq;Helper Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dyxudpg;Monitor Boot;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 dzuylrsvo;Task Update;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 eayemk;Driver Shell;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 fyjlohgow;Microsoft Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gfozl;System Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 gmamyepgl;Time Network;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 guxbp;Time Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 hmecat;Universal Microsoft;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ivfwo;Center Monitor;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 kecrr;Driver Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ktakx;glurz;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 lhozoqx;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 mzpll;Shell Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nccluok;Monitor Time;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 nfbya;Server Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 oftwyu;Config Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 ovyhxqqyv;fovrdf;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 pycyla;Windows Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 rbdpft;Monitor Config;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 trarziq;Shell Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 vgcwuujbi;Network Image;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wazadd;Update System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 wtfgmuaij;Task Manager;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xaelr;Config Windows;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xsbwrnama;Universal Server;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 xtgjwekfi;Microsoft Security;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 yzmudlvh;Microsoft Driver;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zedfpyuq;Config System;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zhgsrg;Helper Support;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S2 zkexsztj;gtrfsenr;c:\windows\system32\svchost.exe -k netsvcs [18.8.2010 12:50 14336]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [18.8.2010 10:30 431432]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [13.7.2006 14:37 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [13.7.2006 14:37 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [13.7.2006 14:37 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [13.7.2006 14:38 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [13.7.2006 14:39 86368]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [7.4.2009 15:38 28672]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.3.2009 16:14 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.3.2009 16:14 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [7.2.2009 13:46 32377]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.12.2008 16:21 721904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
bcaqtdkxg
vdjvk
vuqjzh
pycyla
xaelr
zhgsrg
gmamyepgl
bvflekud
trarziq
nccluok
guxbp
rbdpft
dyxudpg
lhozoqx
gfozl
vgcwuujbi
mzpll
.
Contents of the 'Scheduled Tasks' folder
2010-07-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-08-20 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004Core.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
2010-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-854245398-299502267-839522115-1004UA.job
- c:\documents and settings\Pavel Lorinc\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-11 11:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-20 08:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="0EA6FE2ED46AD9563E034412F5900D0A014E88932942A5064EEBD700D7F2437ED16CC74C6E58CE987D56FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B555A9C6AECB7A5D1407FEBC9E127BECC74CFA9F11D93E4FB57F966FC69EB0E61591613F202719E054F72846292C40208E26436213C2579F1DA25DC39DAEA47229578E38CAB17DC90AF03576ECF290927949B102FA798A1E106A6BA23C2D795F961AA3DD3EF08FB0AA7996939EC9AD32A935F51823103EB3F33FAA6B22BDE22D7CA1E77ABC3D734EA95C11F16555C51088D2F01FB71F4E69C64B386422078A828A7AD6BB60EBBD028C269EC640BF7CE58FD1B8763C3E0D72197EE735E2B58D2786F32132925CF7CB6EA76AAEFDB6688C4F2416E0850EBB200D0BBF6A5F78FC08C9A3A8D3956D2254FC76D425446B9483E97E0607BC31146CDDE8FAF3E684DDB542DF0679FA042C62F96AF30F0C1480ED17DC3B73E1CDC1F155D387A61A8F29E56F4605612A09FC66BCA28EB0A1699D12237B1B17440FE4F055C9873A7156CBF0E837A42B61E9ED71AEFEA136A52AD5DA6B5E3F430BA3904C518ED14C381926D3565518DE2E16CEB8CE255E2D0E9601D7E44AF430AFBDCD8D5228715C0C9A8EAF7589C7647603E0172F7E2907227670BB164A3DF87F139860F363A4CF5FA2CD4996004D89EFA8D80A75B7999C7F1166DD9AAB4E1E9DDFE093E54E5D6DFA7CA00AA1A9FBFD2784E1335DC07CA6173619B7218211817EE20B1D6DBCC36377F8B77D0D3AD2D97B971AD8B35253C32D36B569ECA1A36B6C5D6E92E246B040C4E9B75568A70D95A26492E45B61D1765A67D836562657870597D6B03244B27AA5A83BE75332148DA1F453E5C9AE61258B239603C76DB165BADA84575CD60E68B0114E2B82D688855656540C0BB89D1A8246F65D41986B76D176AC0B73613748CF0171BEC15A3C206F19052EBBC55705D2347372550FF394663DF5F2228BD9B943DC1B62ECC6B9E771D0C5470FDE12F566D07B942BFA6CF9E3857CDAA33FD4BF9D8D32FAF4E439C9B297EDF24BD18864F707F2BCFDC928460DA95134C8ACB945C37C96905F48AC19610A48754AAEA5AB9BC4AF051E2D33FCF6097711F5474F15731C96D1454236097B4790B2FA4B0A88B2F97DAB6E9C49048D84E6A9A1C48F60B9DD798E556DAD34D4747A365E408B1FF71E1A14E5D1DD2A0C060DDA5B20AA3BF8B9763C4E249F1716BAAB2D8B6BB0F3F729BAC40F4A151C07F54724401A029DE8AB3CF287074A94B947BEE92DEC3773121A05E80A49486D61C26D2906B5AC6414346A706A7AA1F091C9C061812B10E9FDF1944F8AD3051656DF4432F439F4D059559616F1A7CC543F77B32E5A4FDE8B41B6F66B57B40E717244092A"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-08-20 08:04:25
ComboFix-quarantined-files.txt 2010-08-20 06:04
ComboFix.txt 2010-08-19 06:14
Pre-Run: 56 931 319 808 bytes free
Post-Run: 56 913 907 712 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 22BBEC78E95D2664F11D593D4DE32256
MBAM zatial bezi 20min., po dokonceni to hodim sem...
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
log MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verzia databázy: 4451
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
20.8.2010 9:02:34
mbam-log-2010-08-20 (09-02-34).txt
Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 197183
Uplynulý čas: 52 min, 57 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 1
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 15
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
(Škodlivé položky neboli zistené)
Infikované registračné kľúče:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{67kln5j0-4opm-00we-aax5-14kc2a323342} (Backdoor.Bifrose) -> No action taken.
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
C:\Qoobox\Quarantine\C\WINDOWS\system32\cooper.mine.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\nmklo.dll.vir (Worm.Mariofev) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\31.exe.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\578.exe.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\984.exe.vir (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024656.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024657.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024658.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024659.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024660.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024661.dll (Worm.Mariofev) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP92\A0024956.dll (Worm.Mariofev) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP93\A0024958.dll (Worm.Mariofev) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP94\A0025137.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP94\A0025138.dll (Worm.Mariofev) -> No action taken.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verzia databázy: 4451
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
20.8.2010 9:02:34
mbam-log-2010-08-20 (09-02-34).txt
Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 197183
Uplynulý čas: 52 min, 57 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 1
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 15
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
(Škodlivé položky neboli zistené)
Infikované registračné kľúče:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{67kln5j0-4opm-00we-aax5-14kc2a323342} (Backdoor.Bifrose) -> No action taken.
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
C:\Qoobox\Quarantine\C\WINDOWS\system32\cooper.mine.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\nmklo.dll.vir (Worm.Mariofev) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\31.exe.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\578.exe.vir (Trojan.Agent) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\984.exe.vir (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024656.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024657.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024658.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024659.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024660.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP89\A0024661.dll (Worm.Mariofev) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP92\A0024956.dll (Worm.Mariofev) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP93\A0024958.dll (Worm.Mariofev) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP94\A0025137.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{1C2328BB-9390-4301-A62F-661160ECFDF4}\RP94\A0025138.dll (Worm.Mariofev) -> No action taken.
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Vse co nasel MBAM smazte, neni to nic hrozneho - zalohy CF a body obnoveni...
Na vikend Vam sem postnu jeste par kroku co udelat
Odinstalujte vsechny emulatory virtualnich jednotek (Deamon Tools, Alcohol 120%, PowerISO apod)
Stahnete SPTD http://www.duplexsecure.com/en/downloads
Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe
Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
Dejte logy z Gmeru - viz muj podpis. Pokud by se gmer v nouzovem rezimu sekla, tak udelat v nouzovem (restart PC, mackat F8, Zvolit stav nouze s praci v siti)
Na vikend Vam sem postnu jeste par kroku co udelat
Odinstalujte vsechny emulatory virtualnich jednotek (Deamon Tools, Alcohol 120%, PowerISO apod) Stahnete SPTD http://www.duplexsecure.com/en/downloads
- Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
- Ulozte na plochu a spustte
- Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte
Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe
- Ulozte na plochu a spustte
- Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte
Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
"%userprofile%\Desktop\mbr" -t- Kliknete na OK
- Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte
Dejte logy z Gmeru - viz muj podpis. Pokud by se gmer v nouzovem rezimu sekla, tak udelat v nouzovem (restart PC, mackat F8, Zvolit stav nouze s praci v siti)"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
Pri stahovani SPTD na mna vyskakuje AVG, ze subor je infikovany... 
- Přílohy
-
- bez_názvu.JPG (24.33 KiB) Zobrazeno 1323 x
Re: Trojske kone v PC (nmklo.dll, NS13.tmp ...)
AVG je paranoidni na tohle...projizdel jsem to na VT a pouze AVG to detekovalo...ale nejste prvni uzivatel, uz jsem to resil s jednim...pred stahnutim vypnete AVG Pak si jej schvalne hodte na VT
Pak si jej schvalne hodte na VT "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
