Ahoj.Nejde odstranit a NOD ani při ručním přidání si sním neporadí. Myslím že vytváří nebo stahuje nesmyslné číselné exe soubory a odesílá spamy. Správce sítě mě už odpojil. už se stím trápím od včerejška večera. něco mě vyčistil NOD a zbytek lítá znovu a znovu..stačí se připojit fyzicky k netu (RJ45).
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pečimuthovi at 2010-11-14 09:37:20
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 63 GB (63%) free of 100 GB
Total RAM: 1919 MB (61% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class - C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll []
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - Family Toolbar - C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-11-04 2087424]
"Regedit32"=C:\Windows\system32\regedit.exe []
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-11-13 949376]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"NVIDIA driver monitor"=C:\Windows\nvsvc32.exe []
"wuaucldt"=c:\users\pečimuthovi\wuaucldt.exe []
"mymou"=C:\Users\Pečimuthovi\AppData\Roaming\Microsoft\quouquo.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe"="C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-11-14 09:37:21 ----D---- C:\Program Files\trend micro
2010-11-14 09:37:20 ----D---- C:\rsit
2010-11-13 20:04:45 ----A---- C:\Windows\system32\imon.dll
2010-11-13 20:04:45 ----A---- C:\Windows\system32\drivers\nod32drv.sys
2010-11-13 20:04:45 ----A---- C:\Windows\system32\drivers\amon.sys
2010-11-13 20:01:57 ----D---- C:\Program Files\ESET
2010-11-13 19:26:19 ----RSHD---- C:\RECYCLER
2010-11-13 19:25:01 ----RSH---- C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe
2010-11-08 21:02:11 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Vodafone
2010-11-08 21:01:40 ----D---- C:\ProgramData\Vodafone
2010-11-08 21:01:34 ----D---- C:\Program Files\Vodafone
2010-11-08 20:48:42 ----A---- C:\Windows\ntbtlog.txt
2010-11-07 10:50:39 ----D---- C:\Windows\system32\vi-VN
2010-11-07 10:50:39 ----D---- C:\Windows\system32\eu-ES
2010-11-07 10:50:39 ----D---- C:\Windows\system32\ca-ES
2010-11-07 10:31:10 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-11-07 10:31:06 ----A---- C:\Windows\system32\SLsvc.exe
2010-11-07 10:31:06 ----A---- C:\Windows\system32\SLCExt.dll
2010-11-07 10:31:03 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-11-07 10:31:03 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-11-07 10:31:00 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-11-07 10:30:57 ----A---- C:\Windows\system32\mssrch.dll
2010-11-07 10:30:55 ----A---- C:\Windows\system32\drivers\spsys.sys
2010-11-07 10:30:54 ----A---- C:\Windows\system32\tquery.dll
2010-11-07 10:30:53 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-11-07 10:30:53 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-11-07 10:30:52 ----A---- C:\Windows\system32\scavenge.dll
2010-11-07 10:30:50 ----A---- C:\Windows\system32\msi.dll
2010-11-07 10:30:49 ----A---- C:\Windows\system32\imapi2fs.dll
2010-11-07 10:30:48 ----A---- C:\Windows\system32\WscEapPr.dll
2010-11-07 10:30:48 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-11-07 10:30:48 ----A---- C:\Windows\system32\sysmain.dll
2010-11-07 10:30:46 ----A---- C:\Windows\system32\icardagt.exe
2010-11-07 10:30:45 ----A---- C:\Windows\system32\EhStorShell.dll
2010-11-07 10:30:43 ----A---- C:\Windows\system32\spreview.exe
2010-11-07 10:30:43 ----A---- C:\Windows\system32\spinstall.exe
2010-11-07 10:30:43 ----A---- C:\Windows\system32\drmv2clt.dll
2010-11-07 10:30:42 ----A---- C:\Windows\system32\spwizui.dll
2010-11-07 10:30:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-11-07 10:30:41 ----A---- C:\Windows\system32\p2psvc.dll
2010-11-07 10:30:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-11-07 10:30:40 ----A---- C:\Windows\system32\mssvp.dll
2010-11-07 10:30:39 ----A---- C:\Windows\system32\mssphtb.dll
2010-11-07 10:30:39 ----A---- C:\Windows\system32\mssph.dll
2010-11-07 10:30:39 ----A---- C:\Windows\system32\imapi2.dll
2010-11-07 10:30:38 ----A---- C:\Windows\system32\sdohlp.dll
2010-11-07 10:30:37 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-11-07 10:30:37 ----A---- C:\Windows\system32\esent.dll
2010-11-07 10:30:36 ----A---- C:\Windows\system32\sperror.dll
2010-11-07 10:30:36 ----A---- C:\Windows\system32\DevicePairing.dll
2010-11-07 10:30:35 ----A---- C:\Windows\system32\wevtsvc.dll
2010-11-07 10:30:35 ----A---- C:\Windows\system32\SLC.dll
2010-11-07 10:30:35 ----A---- C:\Windows\system32\korwbrkr.dll
2010-11-07 10:30:34 ----A---- C:\Windows\system32\msshsq.dll
2010-11-07 10:30:31 ----A---- C:\Windows\system32\msjet40.dll
2010-11-07 10:30:31 ----A---- C:\Windows\system32\MPSSVC.dll
2010-11-07 10:30:30 ----A---- C:\Windows\system32\Query.dll
2010-11-07 10:30:30 ----A---- C:\Windows\system32\qmgr.dll
2010-11-07 10:30:29 ----A---- C:\Windows\system32\P2PGraph.dll
2010-11-07 10:30:29 ----A---- C:\Windows\system32\msexch40.dll
2010-11-07 10:30:29 ----A---- C:\Windows\system32\diagperf.dll
2010-11-07 10:30:28 ----A---- C:\Windows\system32\srchadmin.dll
2010-11-07 10:30:28 ----A---- C:\Windows\system32\ntdll.dll
2010-11-07 10:30:28 ----A---- C:\Windows\system32\IasMigReader.exe
2010-11-07 10:30:27 ----A---- C:\Windows\system32\winload.exe
2010-11-07 10:30:27 ----A---- C:\Windows\system32\mblctr.exe
2010-11-07 10:30:26 ----A---- C:\Windows\system32\uDWM.dll
2010-11-07 10:30:26 ----A---- C:\Windows\system32\mmc.exe
2010-11-07 10:30:26 ----A---- C:\Windows\system32\EncDec.dll
2010-11-07 10:30:25 ----A---- C:\Windows\system32\riched20.dll
2010-11-07 10:30:25 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-11-07 10:30:25 ----A---- C:\Windows\system32\dfsr.exe
2010-11-07 10:30:24 ----A---- C:\Windows\system32\fdBth.dll
2010-11-07 10:30:23 ----A---- C:\Windows\system32\RacEngn.dll
2010-11-07 10:30:23 ----A---- C:\Windows\system32\kernel32.dll
2010-11-07 10:30:22 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-11-07 10:30:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-11-07 10:30:22 ----A---- C:\Windows\system32\milcore.dll
2010-11-07 10:30:22 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\spoolss.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\schedsvc.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\CertEnroll.dll
2010-11-07 10:30:14 ----A---- C:\Windows\system32\msjtes40.dll
2010-11-07 10:30:13 ----A---- C:\Windows\system32\msvcp60.dll
2010-11-07 10:30:13 ----A---- C:\Windows\system32\gpedit.dll
2010-11-07 10:30:12 ----A---- C:\Windows\system32\WinSAT.exe
2010-11-07 10:30:12 ----A---- C:\Windows\system32\infocardapi.dll
2010-11-07 10:30:12 ----A---- C:\Windows\system32\es.dll
2010-11-07 10:30:10 ----A---- C:\Windows\system32\Magnify.exe
2010-11-07 10:30:09 ----A---- C:\Windows\system32\mstext40.dll
2010-11-07 10:30:09 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-11-07 10:30:09 ----A---- C:\Windows\system32\advapi32.dll
2010-11-07 10:30:08 ----A---- C:\Windows\system32\WMPhoto.dll
2010-11-07 10:30:08 ----A---- C:\Windows\system32\WebClnt.dll
2010-11-07 10:30:08 ----A---- C:\Windows\system32\msexcl40.dll
2010-11-07 10:30:07 ----A---- C:\Windows\system32\slwmi.dll
2010-11-07 10:30:07 ----A---- C:\Windows\system32\comsvcs.dll
2010-11-07 10:30:06 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-11-07 10:30:06 ----A---- C:\Windows\system32\msxbde40.dll
2010-11-07 10:30:05 ----A---- C:\Windows\system32\vssapi.dll
2010-11-07 10:30:04 ----A---- C:\Windows\system32\authui.dll
2010-11-07 10:30:03 ----A---- C:\Windows\system32\msrepl40.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\propsys.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\newdev.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\iasrecst.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\gpsvc.dll
2010-11-07 10:30:01 ----A---- C:\Windows\system32\rpcss.dll
2010-11-07 10:30:01 ----A---- C:\Windows\system32\eudcedit.exe
2010-11-07 10:30:01 ----A---- C:\Windows\system32\crypt32.dll
2010-11-07 10:30:01 ----A---- C:\Windows\explorer.exe
2010-11-07 10:30:00 ----A---- C:\Windows\system32\setupapi.dll
2010-11-07 10:29:59 ----A---- C:\Windows\system32\mspbde40.dll
2010-11-07 10:29:59 ----A---- C:\Windows\system32\d3d9.dll
2010-11-07 10:29:58 ----A---- C:\Windows\system32\msltus40.dll
2010-11-07 10:29:58 ----A---- C:\Windows\system32\davclnt.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\shlwapi.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\msrd3x40.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\msdtctm.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\mfc42.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\wevtapi.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\photowiz.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\nlhtml.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-07 10:29:56 ----A---- C:\Windows\system32\browseui.dll
2010-11-07 10:29:55 ----A---- C:\Windows\system32\user32.dll
2010-11-07 10:29:54 ----A---- C:\Windows\system32\samsrv.dll
2010-11-07 10:29:54 ----A---- C:\Windows\system32\ci.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\win32spl.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-11-07 10:29:53 ----A---- C:\Windows\system32\oleaut32.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-11-07 10:29:52 ----A---- C:\Windows\system32\netshell.dll
2010-11-07 10:29:52 ----A---- C:\Windows\system32\drivers\rdbss.sys
2010-11-07 10:29:52 ----A---- C:\Windows\system32\compcln.exe
2010-11-07 10:29:52 ----A---- C:\Windows\system32\apds.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\xmlfilter.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\mswstr10.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\msctf.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\emdmgmt.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-11-07 10:29:51 ----A---- C:\Windows\system32\audiosrv.dll
2010-11-07 10:29:50 ----A---- C:\Windows\system32\VSSVC.exe
2010-11-07 10:29:50 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-11-07 10:29:50 ----A---- C:\Windows\system32\msvcrt.dll
2010-11-07 10:29:50 ----A---- C:\Windows\system32\gdi32.dll
2010-11-07 10:29:50 ----A---- C:\Windows\system32\drivers\netio.sys
2010-11-07 10:29:49 ----A---- C:\Windows\system32\SLUI.exe
2010-11-07 10:29:49 ----A---- C:\Windows\system32\msrd2x40.dll
2010-11-07 10:29:49 ----A---- C:\Windows\system32\mfc42u.dll
2010-11-07 10:29:49 ----A---- C:\Windows\system32\eapphost.dll
2010-11-07 10:29:48 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-11-07 10:29:48 ----A---- C:\Windows\system32\odbc32.dll
2010-11-07 10:29:48 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-11-07 10:29:47 ----A---- C:\Windows\system32\winresume.exe
2010-11-07 10:29:47 ----A---- C:\Windows\system32\shdocvw.dll
2010-11-07 10:29:47 ----A---- C:\Windows\system32\propdefs.dll
2010-11-07 10:29:47 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-11-07 10:29:46 ----A---- C:\Windows\system32\wevtutil.exe
2010-11-07 10:29:46 ----A---- C:\Windows\system32\dbgeng.dll
2010-11-07 10:29:45 ----A---- C:\Windows\system32\mssitlb.dll
2010-11-07 10:29:44 ----A---- C:\Windows\system32\WsmSvc.dll
2010-11-07 10:29:44 ----A---- C:\Windows\system32\swprv.dll
2010-11-07 10:29:43 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-11-07 10:29:42 ----A---- C:\Windows\system32\vds.exe
2010-11-07 10:29:42 ----A---- C:\Windows\system32\drvinst.exe
2010-11-07 10:29:42 ----A---- C:\Windows\system32\devmgr.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\netlogon.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\msscb.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\msctfp.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\BFE.DLL
2010-11-07 10:29:41 ----A---- C:\Windows\system32\adsldpc.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\Wldap32.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\wcnwiz.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\evr.dll
2010-11-07 10:29:39 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-11-07 10:29:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-11-07 10:29:39 ----A---- C:\Windows\system32\services.exe
2010-11-07 10:29:38 ----A---- C:\Windows\system32\wercon.exe
2010-11-07 10:29:38 ----A---- C:\Windows\system32\wcncsvc.dll
2010-11-07 10:29:38 ----A---- C:\Windows\system32\mimefilt.dll
2010-11-07 10:29:38 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2010-11-07 10:29:38 ----A---- C:\Windows\system32\comdlg32.dll
2010-11-07 10:29:38 ----A---- C:\Windows\system32\adtschema.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\taskeng.exe
2010-11-07 10:29:37 ----A---- C:\Windows\system32\rtffilt.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\reg.exe
2010-11-07 10:29:37 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\mswdat10.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\msjter40.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\msdtcprx.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\certcli.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\w32time.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\dnsapi.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\certutil.exe
2010-11-07 10:29:35 ----A---- C:\Windows\system32\msshooks.dll
2010-11-07 10:29:35 ----A---- C:\Windows\system32\msscntrs.dll
2010-11-07 10:29:35 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-11-07 10:29:35 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-11-07 10:29:35 ----A---- C:\Windows\system32\bthserv.dll
2010-11-07 10:29:35 ----A---- C:\Windows\system32\bcrypt.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-11-07 10:29:34 ----A---- C:\Windows\system32\rsaenh.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\msstrc.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\msihnd.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\drivers\ndis.sys
2010-11-07 10:29:33 ----A---- C:\Windows\system32\netapi32.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\mtxclu.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\mscories.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\inetpp.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\hidserv.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\fundisc.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\cryptsvc.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\termsrv.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\profsvc.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\wdc.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\shsvcs.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\msiexec.exe
2010-11-07 10:29:31 ----A---- C:\Windows\system32\imapi.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\chsbrkr.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\drivers\pci.sys
2010-11-07 10:29:31 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2010-11-07 10:29:30 ----A---- C:\Windows\system32\rasmans.dll
2010-11-07 10:29:30 ----A---- C:\Windows\system32\pnidui.dll
2010-11-07 10:29:30 ----A---- C:\Windows\system32\icardres.dll
2010-11-07 10:29:30 ----A---- C:\Windows\system32\iassdo.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\wersvc.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\slmgr.vbs
2010-11-07 10:29:29 ----A---- C:\Windows\system32\scrrun.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\PSHED.DLL
2010-11-07 10:29:29 ----A---- C:\Windows\system32\pdh.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\termdd.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\Storport.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\clfs.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\autofmt.exe
2010-11-07 10:29:28 ----A---- C:\Windows\system32\pidgenx.dll
2010-11-07 10:29:28 ----A---- C:\Windows\system32\drivers\partmgr.sys
2010-11-07 10:29:28 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-11-07 10:29:28 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-11-07 10:29:28 ----A---- C:\Windows\system32\azroles.dll
2010-11-07 10:29:23 ----A---- C:\Windows\system32\winlogon.exe
2010-11-07 10:29:23 ----A---- C:\Windows\system32\SyncCenter.dll
2010-11-07 10:29:23 ----A---- C:\Windows\system32\SLUINotify.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\sethc.exe
2010-11-07 10:29:22 ----A---- C:\Windows\system32\ncrypt.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\kd1394.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\drivers\mup.sys
2010-11-07 10:29:22 ----A---- C:\Windows\system32\comuid.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\certmgr.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\wisptis.exe
2010-11-07 10:29:21 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\untfs.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\spp.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\scrobj.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\iassam.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\dwm.exe
2010-11-07 10:29:21 ----A---- C:\Windows\system32\drivers\disk.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\taskcomp.dll
2010-11-07 10:29:20 ----A---- C:\Windows\system32\printui.dll
2010-11-07 10:29:20 ----A---- C:\Windows\system32\iasnap.dll
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\autochk.exe
2010-11-07 10:29:19 ----A---- C:\Windows\system32\winsrv.dll
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\pciide.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\msrpc.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\ecache.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\autoconv.exe
2010-11-07 10:29:18 ----A---- C:\Windows\system32\wow32.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\userenv.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\osk.exe
2010-11-07 10:29:18 ----A---- C:\Windows\system32\onex.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\mswsock.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\kdcom.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\cscript.exe
2010-11-07 10:29:18 ----A---- C:\Windows\system32\basecsp.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\audiodg.exe
2010-11-07 10:29:17 ----A---- C:\Windows\system32\WinSCard.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\winmm.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\RelMon.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\rdpencom.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\kdusb.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\drivers\netbt.sys
2010-11-07 10:29:17 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-11-07 10:29:16 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-11-07 10:29:16 ----A---- C:\Windows\system32\spcmsg.dll
2010-11-07 10:29:16 ----A---- C:\Windows\system32\offfilt.dll
2010-11-07 10:29:16 ----A---- C:\Windows\system32\msftedit.dll
2010-11-07 10:29:16 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-11-07 10:29:15 ----A---- C:\Windows\system32\WerFault.exe
2010-11-07 10:29:15 ----A---- C:\Windows\system32\Utilman.exe
2010-11-07 10:29:14 ----A---- C:\Windows\system32\wsepno.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\stobject.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\SndVol.exe
2010-11-07 10:29:14 ----A---- C:\Windows\system32\msnetobj.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\mscms.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\mfplat.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\diskraid.exe
2010-11-07 10:29:14 ----A---- C:\Windows\system32\apphelp.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\adsmsext.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\wscript.exe
2010-11-07 10:29:13 ----A---- C:\Windows\system32\wiaservc.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\ulib.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\sysclass.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\prnntfy.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\odbccp32.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\iasdatastore.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\wscntfy.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\rastapi.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\pnpsetup.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-11-07 10:29:12 ----A---- C:\Windows\system32\fdProxy.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\dsound.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\cryptui.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\wlangpui.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\iashlpr.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\gpapi.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\diskpart.exe
2010-11-07 10:29:11 ----A---- C:\Windows\system32\brcpl.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\wscsvc.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-11-07 10:29:10 ----A---- C:\Windows\system32\vdsdyn.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\rasapi32.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\ntprint.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\logman.exe
2010-11-07 10:29:09 ----A---- C:\Windows\system32\wusa.exe
2010-11-07 10:29:09 ----A---- C:\Windows\system32\regsvc.dll
2010-11-07 10:29:09 ----A---- C:\Windows\system32\mscorier.dll
2010-11-07 10:29:09 ----A---- C:\Windows\system32\iasrad.dll
2010-11-07 10:29:09 ----A---- C:\Windows\system32\findstr.exe
2010-11-07 10:29:08 ----A---- C:\Windows\system32\zipfldr.dll
2010-11-07 10:29:08 ----A---- C:\Windows\system32\wshext.dll
2010-11-07 10:29:07 ----A---- C:\Windows\system32\wpccpl.dll
2010-11-07 10:29:07 ----A---- C:\Windows\system32\netcenter.dll
2010-11-07 10:29:05 ----A---- C:\Windows\system32\wer.dll
2010-11-07 10:29:05 ----A---- C:\Windows\system32\rasdlg.dll
2010-11-07 10:29:05 ----A---- C:\Windows\system32\iassvcs.dll
2010-11-07 10:29:04 ----A---- C:\Windows\system32\wsnmp32.dll
2010-11-07 10:29:04 ----A---- C:\Windows\system32\themecpl.dll
2010-11-07 10:29:04 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-11-07 10:29:03 ----A---- C:\Windows\system32\uxsms.dll
2010-11-07 10:29:03 ----A---- C:\Windows\system32\mssprxy.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\scansetting.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\ntmarta.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\msutb.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\mstlsapi.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\iasads.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2010-11-07 10:29:01 ----A---- C:\Windows\system32\slcc.dll
2010-11-07 10:29:01 ----A---- C:\Windows\system32\powrprof.dll
2010-11-07 10:29:01 ----A---- C:\Windows\system32\mstsc.exe
2010-11-07 10:29:01 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-07 10:29:00 ----A---- C:\Windows\system32\iasacct.dll
2010-11-07 10:28:56 ----A---- C:\Windows\system32\powercpl.dll
2010-11-07 10:28:56 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-11-07 10:28:56 ----A---- C:\Windows\system32\networkmap.dll
2010-11-07 10:28:55 ----A---- C:\Windows\system32\newdev.exe
2010-11-07 10:28:55 ----A---- C:\Windows\system32\connect.dll
2010-11-07 10:28:55 ----A---- C:\Windows\system32\authz.dll
2010-11-07 10:28:54 ----A---- C:\Windows\system32\systemcpl.dll
2010-11-07 10:28:54 ----A---- C:\Windows\system32\sud.dll
2010-11-07 10:28:54 ----A---- C:\Windows\system32\dot3svc.dll
2010-11-07 10:28:53 ----A---- C:\Windows\system32\themeui.dll
2010-11-07 10:28:53 ----A---- C:\Windows\system32\pcaui.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\usercpl.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\samlib.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\mmci.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-11-07 10:28:51 ----A---- C:\Windows\system32\wlanpref.dll
2010-11-07 10:28:51 ----A---- C:\Windows\system32\qdvd.dll
2010-11-07 10:28:51 ----A---- C:\Windows\system32\autoplay.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\wpcao.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\vdsutil.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\rpchttp.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\regapi.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\msinfo32.exe
2010-11-07 10:28:49 ----A---- C:\Windows\system32\tapisrv.dll
2010-11-07 10:28:49 ----A---- C:\Windows\system32\scksp.dll
2010-11-07 10:28:49 ----A---- C:\Windows\system32\mpr.dll
2010-11-07 10:28:49 ----A---- C:\Windows\system32\feclient.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\wscisvif.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\scesrv.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\rekeywiz.exe
2010-11-07 10:28:48 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\oleprn.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\imm32.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\iaspolcy.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\Faultrep.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\drivers\exfat.sys
2010-11-07 10:28:48 ----A---- C:\Windows\system32\dot3msm.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\DeviceEject.exe
2010-11-07 10:28:48 ----A---- C:\Windows\system32\AudioSes.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\sdclt.exe
2010-11-07 10:28:47 ----A---- C:\Windows\system32\qedit.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\pnpui.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\perfdisk.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\ncryptui.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\dpapimig.exe
2010-11-07 10:28:47 ----A---- C:\Windows\system32\certreq.exe
2010-11-07 10:28:46 ----A---- C:\Windows\system32\TSTheme.exe
2010-11-07 10:28:46 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\scecli.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\rasplap.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\rasgcw.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\hdwwiz.exe
2010-11-07 10:28:46 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-11-07 10:28:46 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2010-11-07 10:28:45 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-11-07 10:28:45 ----A---- C:\Windows\system32\spwinsat.dll
2010-11-07 10:28:45 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-11-07 10:28:45 ----A---- C:\Windows\system32\cmmon32.exe
2010-11-07 10:28:44 ----A---- C:\Windows\system32\whealogr.dll
2010-11-07 10:28:44 ----A---- C:\Windows\system32\tcpmon.dll
2010-11-07 10:28:44 ----A---- C:\Windows\system32\fdWSD.dll
2010-11-07 10:28:44 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2010-11-07 10:28:44 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2010-11-07 10:28:44 ----A---- C:\Windows\system32\drivers\portcls.sys
2010-11-07 10:28:43 ----A---- C:\Windows\system32\srcore.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\SCardSvr.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\raschap.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\fontext.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\conime.exe
2010-11-07 10:28:43 ----A---- C:\Windows\system32\cmdial32.dll
2010-11-07 10:28:42 ----A---- C:\Windows\system32\wiaaut.dll
2010-11-07 10:28:42 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-11-07 10:28:42 ----A---- C:\Windows\system32\drivers\npfs.sys
2010-11-07 10:28:42 ----A---- C:\Windows\system32\drivers\afd.sys
2010-11-07 10:28:41 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-11-07 10:28:41 ----A---- C:\Windows\system32\wlanui.dll
2010-11-07 10:28:41 ----A---- C:\Windows\system32\shwebsvc.dll
2010-11-07 10:28:41 ----A---- C:\Windows\system32\rasppp.dll
2010-11-07 10:28:41 ----A---- C:\Windows\system32\PnPutil.exe
2010-11-07 10:28:41 ----A---- C:\Windows\system32\dsprop.dll
2010-11-07 10:28:40 ----A---- C:\Windows\system32\oobefldr.dll
2010-11-07 10:28:40 ----A---- C:\Windows\system32\drivers\tdx.sys
2010-11-07 10:28:40 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-11-07 10:28:40 ----A---- C:\Windows\system32\dimsroam.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\shsetup.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\rasmontr.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\mscandui.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\modemui.dll
2010-11-07 10:28:38 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-11-07 10:28:38 ----A---- C:\Windows\system32\chtbrkr.dll
2010-11-07 10:28:38 ----A---- C:\Windows\system32\dataclen.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\smss.exe
2010-11-07 10:28:37 ----A---- C:\Windows\system32\rdpwsx.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\drivers\fastfat.sys
2010-11-07 10:28:37 ----A---- C:\Windows\system32\credui.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\blackbox.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\WSDMon.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\wmpeffects.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\netplwiz.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-11-07 10:28:36 ----A---- C:\Windows\system32\certprop.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\wpcsvc.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\networkexplorer.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\msscp.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\logagent.exe
2010-11-07 10:28:35 ----A---- C:\Windows\system32\InkEd.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\ifmon.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\cipher.exe
2010-11-07 10:28:34 ----A---- C:\Windows\system32\wscapi.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\thawbrkr.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\softkbd.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\sendmail.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\msimtf.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\gpresult.exe
2010-11-07 10:28:34 ----A---- C:\Windows\system32\drivers\watchdog.sys
2010-11-07 10:28:33 ----A---- C:\Windows\system32\olepro32.dll
2010-11-07 10:28:33 ----A---- C:\Windows\system32\msctfui.dll
2010-11-07 10:28:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-11-07 10:28:33 ----A---- C:\Windows\system32\drivers\smb.sys
2010-11-07 10:28:33 ----A---- C:\Windows\system32\drivers\hidusb.sys
2010-11-07 10:28:33 ----A---- C:\Windows\system32\dmsynth.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\puiapi.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\input.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\drivers\udfs.sys
2010-11-07 10:28:32 ----A---- C:\Windows\system32\cdd.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\wshbth.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\version.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\SLLUA.exe
2010-11-07 10:28:31 ----A---- C:\Windows\system32\msisip.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\mprapi.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\fc.exe
2010-11-07 10:28:30 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\msjint40.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\fdSSDP.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\eapp3hst.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2010-11-07 10:28:30 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2010-11-07 10:28:30 ----A---- C:\Windows\system32\dmusic.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\cscapi.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\wsdchngr.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\l2nacp.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\ftp.exe
2010-11-07 10:28:29 ----A---- C:\Windows\system32\cscdll.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\Storprop.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\rasdial.exe
2010-11-07 10:28:28 ----A---- C:\Windows\system32\rasdiag.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\ipconfig.exe
2010-11-07 10:28:28 ----A---- C:\Windows\system32\fdWCN.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\eappcfg.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\dot3cfg.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\bthudtask.exe
2010-11-07 10:28:28 ----A---- C:\Windows\system32\bthci.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\tscupgrd.exe
2010-11-07 10:28:27 ----A---- C:\Windows\system32\slcinst.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\ocsetup.exe
2010-11-07 10:28:27 ----A---- C:\Windows\system32\nslookup.exe
2010-11-07 10:28:27 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\eappgnui.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\drivers\rassstp.sys
2010-11-07 10:28:27 ----A---- C:\Windows\system32\drivers\hidclass.sys
2010-11-07 10:28:26 ----A---- C:\Windows\system32\mmcico.dll
2010-11-07 10:28:26 ----A---- C:\Windows\system32\hbaapi.dll
2010-11-07 10:28:26 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-11-07 10:28:26 ----A---- C:\Windows\system32\fdeploy.dll
2010-11-07 10:28:25 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-11-07 10:28:25 ----A---- C:\Windows\system32\gpupdate.exe
2010-11-07 10:28:25 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-11-07 10:28:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2010-11-07 10:28:25 ----A---- C:\Windows\system32\drivers\cdrom.sys
2010-11-07 10:28:24 ----A---- C:\Windows\system32\csrstub.exe
2010-11-07 10:28:24 ----A---- C:\Windows\system32\cbsra.exe
2010-11-07 10:28:24 ----A---- C:\Windows\system32\bitsigd.dll
2010-11-07 10:28:23 ----A---- C:\Windows\system32\NcdProp.dll
2010-11-07 10:28:23 ----A---- C:\Windows\system32\iscsilog.dll
2010-11-07 10:28:22 ----A---- C:\Windows\system32\vdmdbg.dll
2010-11-07 10:28:22 ----A---- C:\Windows\system32\odbcconf.dll
2010-11-07 10:28:22 ----A---- C:\Windows\system32\drivers\dxg.sys
2010-11-07 10:28:22 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-07 10:28:21 ----A---- C:\Windows\system32\winrnr.dll
2010-11-07 10:28:21 ----A---- C:\Windows\system32\slwga.dll
2010-11-07 10:28:21 ----A---- C:\Windows\system32\midimap.dll
2010-11-07 10:28:21 ----A---- C:\Windows\system32\inetppui.dll
2010-11-07 10:28:19 ----A---- C:\Windows\system32\drivers\stream.sys
2010-11-07 10:28:19 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2010-11-07 10:28:18 ----A---- C:\Windows\system32\drivers\usbohci.sys
2010-11-07 10:28:18 ----A---- C:\Windows\system32\drivers\bridge.sys
2010-11-07 10:28:17 ----A---- C:\Windows\system32\msimsg.dll
2010-11-07 10:28:17 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-11-07 10:28:17 ----A---- C:\Windows\system32\drivers\usb8023.sys
2010-11-07 10:28:17 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2010-11-07 10:27:31 ----A---- C:\Windows\system32\SmiEngine.dll
2010-11-07 10:27:16 ----A---- C:\Windows\system32\wdscore.dll
2010-11-07 10:27:16 ----A---- C:\Windows\system32\PkgMgr.exe
2010-11-07 10:26:39 ----A---- C:\Windows\system32\drvstore.dll
2010-11-07 09:59:30 ----A---- C:\Windows\system32\gameux.dll
2010-11-07 09:59:28 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-11-07 09:59:27 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-31 20:00:02 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Netscape
2010-10-31 20:00:02 ----D---- C:\Program Files\Photodex Presenter
2010-10-31 19:59:20 ----D---- C:\Program Files\Photodex
2010-10-31 19:57:22 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Photodex
2010-10-29 23:01:11 ----D---- C:\Program Files\WinClamAVShield
2010-10-27 13:33:12 ----D---- C:\Program Files\Zrychleni Pocitace
2010-10-27 13:32:54 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\OpenCandy
2010-10-26 12:33:54 ----D---- C:\ProgramData\Sony Ericsson
2010-10-26 12:33:12 ----D---- C:\Program Files\Avanquest update
2010-10-26 10:05:54 ----SHD---- C:\found.000
2010-10-25 04:37:04 ----D---- C:\ProgramData\BVRP Software
2010-10-16 23:06:14 ----A---- C:\Windows\system32\mshtml.dll
2010-10-16 23:06:13 ----A---- C:\Windows\system32\ieframe.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\wininet.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\urlmon.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\occache.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\mstime.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-16 23:06:12 ----A---- C:\Windows\system32\ieui.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iesetup.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iertutil.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iernonce.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iepeers.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-16 23:06:11 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-16 23:06:11 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-16 23:06:11 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-16 23:06:07 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-16 23:06:07 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-16 23:06:07 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-16 23:06:07 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-16 23:06:06 ----A---- C:\Windows\system32\netevent.dll
2010-10-16 23:05:56 ----A---- C:\Windows\system32\wmp.dll
2010-10-16 23:05:54 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-16 23:05:45 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-16 23:05:45 ----A---- C:\Windows\system32\mfc40.dll
2010-10-16 23:05:44 ----A---- C:\Windows\system32\win32k.sys
2010-10-16 23:05:43 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-16 23:05:42 ----A---- C:\Windows\system32\t2embed.dll
2010-10-16 23:05:40 ----A---- C:\Windows\system32\ole32.dll
2010-10-16 23:05:38 ----A---- C:\Windows\system32\schannel.dll
2010-10-16 23:03:34 ----A---- C:\Windows\system32\comctl32.dll
2010-10-16 23:01:48 ----D---- C:\Program Files\Common Files\Adobe
2010-10-16 23:01:48 ----D---- C:\Program Files\Adobe
======List of files/folders modified in the last 1 months======
2010-11-14 09:37:21 ----RD---- C:\Program Files
2010-11-14 09:36:57 ----D---- C:\Windows\Temp
2010-11-14 09:29:00 ----D---- C:\Windows\System32
2010-11-14 09:28:59 ----D---- C:\Windows\inf
2010-11-14 09:28:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-13 21:08:27 ----SD---- C:\Users\Pečimuthovi\AppData\Roaming\Microsoft
2010-11-13 20:45:38 ----D---- C:\Windows
2010-11-13 20:43:29 ----SHD---- C:\System Volume Information
2010-11-13 20:04:45 ----D---- C:\Windows\system32\drivers
2010-11-13 19:35:51 ----HD---- C:\Config.Msi
2010-11-13 19:33:35 ----SHD---- C:\Windows\Installer
2010-11-13 19:33:29 ----D---- C:\Windows\system32\catroot
2010-11-13 19:26:19 ----D---- C:\Windows\Prefetch
2010-11-13 19:16:57 ----D---- C:\Windows\system32\catroot2
2010-11-11 16:04:01 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Skype
2010-11-11 16:00:21 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\skypePM
2010-11-11 15:30:39 ----HD---- C:\ProgramData
2010-11-08 21:02:03 ----D---- C:\Windows\winsxs
2010-11-08 12:45:47 ----D---- C:\ProgramData\ESET
2010-11-07 11:20:58 ----D---- C:\Windows\rescache
2010-11-07 11:13:47 ----D---- C:\Windows\Microsoft.NET
2010-11-07 11:13:24 ----RSD---- C:\Windows\assembly
2010-11-07 10:56:41 ----SHD---- C:\Boot
2010-11-07 10:54:35 ----D---- C:\ProgramData\NVIDIA
2010-11-07 10:53:40 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Sidebar
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Photo Gallery
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Media Player
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Mail
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Collaboration
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Calendar
2010-11-07 10:50:57 ----D---- C:\Program Files\Movie Maker
2010-11-07 10:50:57 ----D---- C:\Program Files\Internet Explorer
2010-11-07 10:50:57 ----D---- C:\Program Files\Common Files\System
2010-11-07 10:50:56 ----D---- C:\Windows\servicing
2010-11-07 10:50:56 ----D---- C:\Program Files\Windows Defender
2010-11-07 10:50:55 ----D---- C:\Windows\system32\XPSViewer
2010-11-07 10:50:55 ----D---- C:\Windows\system32\sk-SK
2010-11-07 10:50:55 ----D---- C:\Windows\system32\ru-RU
2010-11-07 10:50:55 ----D---- C:\Windows\system32\oobe
2010-11-07 10:50:55 ----D---- C:\Windows\system32\migration
2010-11-07 10:50:55 ----D---- C:\Windows\system32\lv-LV
2010-11-07 10:50:55 ----D---- C:\Windows\system32\ko-KR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\it-IT
2010-11-07 10:50:55 ----D---- C:\Windows\system32\hr-HR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\fr-FR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\et-EE
2010-11-07 10:50:55 ----D---- C:\Windows\system32\en-US
2010-11-07 10:50:55 ----D---- C:\Windows\system32\el-GR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\de-DE
2010-11-07 10:50:55 ----D---- C:\Windows\system32\da-DK
2010-11-07 10:50:55 ----D---- C:\Windows\system32\AdvancedInstallers
2010-11-07 10:50:55 ----D---- C:\Windows\IME
2010-11-07 10:50:54 ----D---- C:\Windows\system32\sv-SE
2010-11-07 10:50:54 ----D---- C:\Windows\system32\setup
2010-11-07 10:50:54 ----D---- C:\Windows\system32\he-IL
2010-11-07 10:50:54 ----D---- C:\Windows\system32\fi-FI
2010-11-07 10:50:54 ----D---- C:\Windows\system32\cs-CZ
2010-11-07 10:50:54 ----D---- C:\Windows\system32\cs
2010-11-07 10:50:51 ----D---- C:\Windows\system32\SLUI
2010-11-07 10:50:51 ----D---- C:\Windows\system32\pt-PT
2010-11-07 10:50:51 ----D---- C:\Windows\system32\hu-HU
2010-11-07 10:50:50 ----D---- C:\Windows\system32\zh-TW
2010-11-07 10:50:50 ----D---- C:\Windows\system32\zh-CN
2010-11-07 10:50:50 ----D---- C:\Windows\system32\uk-UA
2010-11-07 10:50:50 ----D---- C:\Windows\system32\th-TH
2010-11-07 10:50:50 ----D---- C:\Windows\system32\sr-Latn-CS
2010-11-07 10:50:50 ----D---- C:\Windows\system32\sl-SI
2010-11-07 10:50:50 ----D---- C:\Windows\system32\ro-RO
2010-11-07 10:50:50 ----D---- C:\Windows\system32\pl-PL
2010-11-07 10:50:50 ----D---- C:\Windows\system32\manifeststore
2010-11-07 10:50:50 ----D---- C:\Windows\system32\ja-JP
2010-11-07 10:50:50 ----D---- C:\Windows\system32\es-ES
2010-11-07 10:50:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-11-07 10:50:50 ----D---- C:\Windows\system32\bg-BG
2010-11-07 10:50:49 ----D---- C:\Windows\system32\wbem
2010-11-07 10:50:49 ----D---- C:\Windows\system32\tr-TR
2010-11-07 10:50:49 ----D---- C:\Windows\system32\pt-BR
2010-11-07 10:50:49 ----D---- C:\Windows\system32\nl-NL
2010-11-07 10:50:49 ----D---- C:\Windows\system32\nb-NO
2010-11-07 10:50:49 ----D---- C:\Windows\system32\migwiz
2010-11-07 10:50:49 ----D---- C:\Windows\system32\lt-LT
2010-11-07 10:50:49 ----D---- C:\Windows\system32\ar-SA
2010-11-07 10:50:42 ----RSD---- C:\Windows\Fonts
2010-11-07 10:50:42 ----D---- C:\Windows\AppPatch
2010-11-07 10:50:39 ----D---- C:\Windows\system32\Boot
2010-11-07 10:46:28 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2010-11-04 14:13:09 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\ICQ
2010-11-02 06:23:40 ----D---- C:\Program Files\ICQ7.1
2010-10-31 20:00:02 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Mozilla
2010-10-31 08:08:50 ----D---- C:\Program Files\Mozilla Firefox
2010-10-26 12:33:08 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-26 11:55:46 ----D---- C:\Windows\Minidump
2010-10-26 11:48:54 ----D---- C:\Program Files\Common Files\InstallShield
2010-10-26 11:41:21 ----D---- C:\Windows\system32\Tasks
2010-10-22 11:33:05 ----D---- C:\ProgramData\Electronic Arts
2010-10-22 11:33:05 ----D---- C:\Program Files\Electronic Arts
2010-10-19 11:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-16 23:07:01 ----A---- C:\Windows\system32\mrt.exe
2010-10-16 23:01:53 ----D---- C:\ProgramData\Adobe
2010-10-16 23:01:48 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-18 691696]
R1 nod32drv;nod32drv; C:\Windows\system32\drivers\nod32drv.sys [2010-11-13 15424]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2010-11-13 512096]
R3 3xHybrid;SAA713x TV Card Service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-07-06 906368]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 a2tc6yx9;a2tc6yx9; C:\Windows\system32\drivers\a2tc6yx9.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-12-08 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-12-08 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-12-08 104960]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-11-13 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-10-31 181312]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-04 14336]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Malware juzjf.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Malware juzjf.exe
Zdravim a pekny den preji 
Vzhledem k tomu, ze pouzivate nelegalni SW
se nedivim, ze jste navstevnikem naseho fora 
Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava
.
Obstarejte si proto legalni ochranu Vaseho PC (antivir+firewall), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.
Osobne Vam doporucuji kombinaci Avast+ZoneAlarm. Prehled antiviru mate ZDE a firewallu TADY.
Log z RSITu - viz muj podpis
Stahnete na plochu CKScanner
Navod na odinstalaci nelegalniho NODu mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=42886 pouzijte Rafazon, a az pak pripadne alternativu http://www.viry.cz/forum/viewtopic.php?p=889437#p889437
Jinak haveti tam mate opravdu pozehnane 
Vzhledem k tomu, ze pouzivate nelegalni SW
se nedivim, ze jste navstevnikem naseho fora Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava
.Obstarejte si proto legalni ochranu Vaseho PC (antivir+firewall), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.
Osobne Vam doporucuji kombinaci Avast+ZoneAlarm. Prehled antiviru mate ZDE a firewallu TADY.
Log z RSITu - viz muj podpis Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
Navod na odinstalaci nelegalniho NODu mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=42886 pouzijte Rafazon, a az pak pripadne alternativu http://www.viry.cz/forum/viewtopic.php?p=889437#p889437 Jinak haveti tam mate opravdu pozehnane "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
Tak už to snad bude lepší.. Není to moje PC, ale mládež nad ním vládne v pracovně. Myslím že je to něco z Facebooku ve stylu "tohle musíš vidět.exe" trvalo to trošku déle. Provedl jsem všechny možné testy. Přikládám logy
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pečimuthovi at 2010-11-14 17:34:58
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 62 GB (62%) free of 100 GB
Total RAM: 1919 MB (63% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class - C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll []
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - Family Toolbar - C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-11-04 2087424]
"Regedit32"=C:\Windows\system32\regedit.exe []
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-09-02 1043968]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"NVIDIA driver monitor"=C:\Windows\nvsvc32.exe []
"wuaucldt"=c:\users\pečimuthovi\wuaucldt.exe []
"mymou"=C:\Users\Pečimuthovi\AppData\Roaming\Microsoft\quouquo.exe []
"Windows Firewall"=C:\Users\PEIMUT~1\AppData\Local\Temp\lsass.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe"="C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-11-14 10:56:53 ----A---- C:\Windows\system32\vsregexp.dll
2010-11-14 10:56:50 ----A---- C:\Windows\system32\zlcommdb.dll
2010-11-14 10:56:50 ----A---- C:\Windows\system32\zlcomm.dll
2010-11-14 10:56:43 ----A---- C:\Windows\system32\vswmi.dll
2010-11-14 10:56:41 ----A---- C:\Windows\system32\zpeng25.dll
2010-11-14 10:56:41 ----A---- C:\Windows\system32\vsxml.dll
2010-11-14 10:56:40 ----A---- C:\Windows\system32\vspubapi.dll
2010-11-14 10:56:40 ----A---- C:\Windows\system32\vsmonapi.dll
2010-11-14 10:56:40 ----A---- C:\Windows\system32\vsdata.dll
2010-11-14 10:56:36 ----D---- C:\Windows\system32\ZoneLabs
2010-11-14 10:56:36 ----A---- C:\Windows\system32\drivers\vsdatant.sys
2010-11-14 10:56:35 ----D---- C:\Program Files\Zone Labs
2010-11-14 10:55:51 ----D---- C:\ProgramData\CheckPoint
2010-11-14 10:55:50 ----D---- C:\Windows\Internet Logs
2010-11-14 10:55:50 ----A---- C:\Windows\system32\vsutil.dll
2010-11-14 10:55:50 ----A---- C:\Windows\system32\vsinit.dll
2010-11-14 10:49:55 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-11-14 10:49:55 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-11-14 10:49:54 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-11-14 10:49:54 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-11-14 10:49:53 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-11-14 10:49:25 ----A---- C:\Windows\system32\aswBoot.exe
2010-11-14 10:49:17 ----D---- C:\ProgramData\Alwil Software
2010-11-14 10:49:17 ----D---- C:\Program Files\Alwil Software
2010-11-14 09:37:21 ----D---- C:\Program Files\trend micro
2010-11-14 09:37:20 ----D---- C:\rsit
2010-11-13 19:26:19 ----RSHD---- C:\RECYCLER
2010-11-13 19:25:01 ----RSH---- C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe
2010-11-08 21:02:11 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Vodafone
2010-11-08 21:01:40 ----D---- C:\ProgramData\Vodafone
2010-11-08 21:01:34 ----D---- C:\Program Files\Vodafone
2010-11-08 20:48:42 ----A---- C:\Windows\ntbtlog.txt
2010-11-07 10:50:39 ----D---- C:\Windows\system32\vi-VN
2010-11-07 10:50:39 ----D---- C:\Windows\system32\eu-ES
2010-11-07 10:50:39 ----D---- C:\Windows\system32\ca-ES
2010-11-07 10:31:10 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-11-07 10:31:06 ----A---- C:\Windows\system32\SLsvc.exe
2010-11-07 10:31:06 ----A---- C:\Windows\system32\SLCExt.dll
2010-11-07 10:31:03 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-11-07 10:31:03 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-11-07 10:31:00 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-11-07 10:30:57 ----A---- C:\Windows\system32\mssrch.dll
2010-11-07 10:30:55 ----A---- C:\Windows\system32\drivers\spsys.sys
2010-11-07 10:30:54 ----A---- C:\Windows\system32\tquery.dll
2010-11-07 10:30:53 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-11-07 10:30:53 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-11-07 10:30:52 ----A---- C:\Windows\system32\scavenge.dll
2010-11-07 10:30:50 ----A---- C:\Windows\system32\msi.dll
2010-11-07 10:30:49 ----A---- C:\Windows\system32\imapi2fs.dll
2010-11-07 10:30:48 ----A---- C:\Windows\system32\WscEapPr.dll
2010-11-07 10:30:48 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-11-07 10:30:48 ----A---- C:\Windows\system32\sysmain.dll
2010-11-07 10:30:46 ----A---- C:\Windows\system32\icardagt.exe
2010-11-07 10:30:45 ----A---- C:\Windows\system32\EhStorShell.dll
2010-11-07 10:30:43 ----A---- C:\Windows\system32\spreview.exe
2010-11-07 10:30:43 ----A---- C:\Windows\system32\spinstall.exe
2010-11-07 10:30:43 ----A---- C:\Windows\system32\drmv2clt.dll
2010-11-07 10:30:42 ----A---- C:\Windows\system32\spwizui.dll
2010-11-07 10:30:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-11-07 10:30:41 ----A---- C:\Windows\system32\p2psvc.dll
2010-11-07 10:30:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-11-07 10:30:40 ----A---- C:\Windows\system32\mssvp.dll
2010-11-07 10:30:39 ----A---- C:\Windows\system32\mssphtb.dll
2010-11-07 10:30:39 ----A---- C:\Windows\system32\mssph.dll
2010-11-07 10:30:39 ----A---- C:\Windows\system32\imapi2.dll
2010-11-07 10:30:38 ----A---- C:\Windows\system32\sdohlp.dll
2010-11-07 10:30:37 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-11-07 10:30:37 ----A---- C:\Windows\system32\esent.dll
2010-11-07 10:30:36 ----A---- C:\Windows\system32\sperror.dll
2010-11-07 10:30:36 ----A---- C:\Windows\system32\DevicePairing.dll
2010-11-07 10:30:35 ----A---- C:\Windows\system32\wevtsvc.dll
2010-11-07 10:30:35 ----A---- C:\Windows\system32\SLC.dll
2010-11-07 10:30:35 ----A---- C:\Windows\system32\korwbrkr.dll
2010-11-07 10:30:34 ----A---- C:\Windows\system32\msshsq.dll
2010-11-07 10:30:31 ----A---- C:\Windows\system32\msjet40.dll
2010-11-07 10:30:31 ----A---- C:\Windows\system32\MPSSVC.dll
2010-11-07 10:30:30 ----A---- C:\Windows\system32\Query.dll
2010-11-07 10:30:30 ----A---- C:\Windows\system32\qmgr.dll
2010-11-07 10:30:29 ----A---- C:\Windows\system32\P2PGraph.dll
2010-11-07 10:30:29 ----A---- C:\Windows\system32\msexch40.dll
2010-11-07 10:30:29 ----A---- C:\Windows\system32\diagperf.dll
2010-11-07 10:30:28 ----A---- C:\Windows\system32\srchadmin.dll
2010-11-07 10:30:28 ----A---- C:\Windows\system32\ntdll.dll
2010-11-07 10:30:28 ----A---- C:\Windows\system32\IasMigReader.exe
2010-11-07 10:30:27 ----A---- C:\Windows\system32\winload.exe
2010-11-07 10:30:27 ----A---- C:\Windows\system32\mblctr.exe
2010-11-07 10:30:26 ----A---- C:\Windows\system32\uDWM.dll
2010-11-07 10:30:26 ----A---- C:\Windows\system32\mmc.exe
2010-11-07 10:30:26 ----A---- C:\Windows\system32\EncDec.dll
2010-11-07 10:30:25 ----A---- C:\Windows\system32\riched20.dll
2010-11-07 10:30:25 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-11-07 10:30:25 ----A---- C:\Windows\system32\dfsr.exe
2010-11-07 10:30:24 ----A---- C:\Windows\system32\fdBth.dll
2010-11-07 10:30:23 ----A---- C:\Windows\system32\RacEngn.dll
2010-11-07 10:30:23 ----A---- C:\Windows\system32\kernel32.dll
2010-11-07 10:30:22 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-11-07 10:30:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-11-07 10:30:22 ----A---- C:\Windows\system32\milcore.dll
2010-11-07 10:30:22 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\spoolss.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\schedsvc.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-11-07 10:30:21 ----A---- C:\Windows\system32\CertEnroll.dll
2010-11-07 10:30:14 ----A---- C:\Windows\system32\msjtes40.dll
2010-11-07 10:30:13 ----A---- C:\Windows\system32\msvcp60.dll
2010-11-07 10:30:13 ----A---- C:\Windows\system32\gpedit.dll
2010-11-07 10:30:12 ----A---- C:\Windows\system32\WinSAT.exe
2010-11-07 10:30:12 ----A---- C:\Windows\system32\infocardapi.dll
2010-11-07 10:30:12 ----A---- C:\Windows\system32\es.dll
2010-11-07 10:30:10 ----A---- C:\Windows\system32\Magnify.exe
2010-11-07 10:30:09 ----A---- C:\Windows\system32\mstext40.dll
2010-11-07 10:30:09 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-11-07 10:30:09 ----A---- C:\Windows\system32\advapi32.dll
2010-11-07 10:30:08 ----A---- C:\Windows\system32\WMPhoto.dll
2010-11-07 10:30:08 ----A---- C:\Windows\system32\WebClnt.dll
2010-11-07 10:30:08 ----A---- C:\Windows\system32\msexcl40.dll
2010-11-07 10:30:07 ----A---- C:\Windows\system32\slwmi.dll
2010-11-07 10:30:07 ----A---- C:\Windows\system32\comsvcs.dll
2010-11-07 10:30:06 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-11-07 10:30:06 ----A---- C:\Windows\system32\msxbde40.dll
2010-11-07 10:30:05 ----A---- C:\Windows\system32\vssapi.dll
2010-11-07 10:30:04 ----A---- C:\Windows\system32\authui.dll
2010-11-07 10:30:03 ----A---- C:\Windows\system32\msrepl40.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\propsys.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\newdev.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\iasrecst.dll
2010-11-07 10:30:02 ----A---- C:\Windows\system32\gpsvc.dll
2010-11-07 10:30:01 ----A---- C:\Windows\system32\rpcss.dll
2010-11-07 10:30:01 ----A---- C:\Windows\system32\eudcedit.exe
2010-11-07 10:30:01 ----A---- C:\Windows\system32\crypt32.dll
2010-11-07 10:30:01 ----A---- C:\Windows\explorer.exe
2010-11-07 10:30:00 ----A---- C:\Windows\system32\setupapi.dll
2010-11-07 10:29:59 ----A---- C:\Windows\system32\mspbde40.dll
2010-11-07 10:29:59 ----A---- C:\Windows\system32\d3d9.dll
2010-11-07 10:29:58 ----A---- C:\Windows\system32\msltus40.dll
2010-11-07 10:29:58 ----A---- C:\Windows\system32\davclnt.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\shlwapi.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\msrd3x40.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\msdtctm.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\mfc42.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-11-07 10:29:57 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\wevtapi.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\photowiz.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\nlhtml.dll
2010-11-07 10:29:56 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-07 10:29:56 ----A---- C:\Windows\system32\browseui.dll
2010-11-07 10:29:55 ----A---- C:\Windows\system32\user32.dll
2010-11-07 10:29:54 ----A---- C:\Windows\system32\samsrv.dll
2010-11-07 10:29:54 ----A---- C:\Windows\system32\ci.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\win32spl.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-11-07 10:29:53 ----A---- C:\Windows\system32\oleaut32.dll
2010-11-07 10:29:53 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-11-07 10:29:52 ----A---- C:\Windows\system32\netshell.dll
2010-11-07 10:29:52 ----A---- C:\Windows\system32\drivers\rdbss.sys
2010-11-07 10:29:52 ----A---- C:\Windows\system32\compcln.exe
2010-11-07 10:29:52 ----A---- C:\Windows\system32\apds.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\xmlfilter.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\mswstr10.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\msctf.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\emdmgmt.dll
2010-11-07 10:29:51 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-11-07 10:29:51 ----A---- C:\Windows\system32\audiosrv.dll
2010-11-07 10:29:50 ----A---- C:\Windows\system32\VSSVC.exe
2010-11-07 10:29:50 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-11-07 10:29:50 ----A---- C:\Windows\system32\msvcrt.dll
2010-11-07 10:29:50 ----A---- C:\Windows\system32\gdi32.dll
2010-11-07 10:29:50 ----A---- C:\Windows\system32\drivers\netio.sys
2010-11-07 10:29:49 ----A---- C:\Windows\system32\SLUI.exe
2010-11-07 10:29:49 ----A---- C:\Windows\system32\msrd2x40.dll
2010-11-07 10:29:49 ----A---- C:\Windows\system32\mfc42u.dll
2010-11-07 10:29:49 ----A---- C:\Windows\system32\eapphost.dll
2010-11-07 10:29:48 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-11-07 10:29:48 ----A---- C:\Windows\system32\odbc32.dll
2010-11-07 10:29:48 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-11-07 10:29:47 ----A---- C:\Windows\system32\winresume.exe
2010-11-07 10:29:47 ----A---- C:\Windows\system32\shdocvw.dll
2010-11-07 10:29:47 ----A---- C:\Windows\system32\propdefs.dll
2010-11-07 10:29:47 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-11-07 10:29:46 ----A---- C:\Windows\system32\wevtutil.exe
2010-11-07 10:29:46 ----A---- C:\Windows\system32\dbgeng.dll
2010-11-07 10:29:45 ----A---- C:\Windows\system32\mssitlb.dll
2010-11-07 10:29:44 ----A---- C:\Windows\system32\WsmSvc.dll
2010-11-07 10:29:44 ----A---- C:\Windows\system32\swprv.dll
2010-11-07 10:29:43 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-11-07 10:29:42 ----A---- C:\Windows\system32\vds.exe
2010-11-07 10:29:42 ----A---- C:\Windows\system32\drvinst.exe
2010-11-07 10:29:42 ----A---- C:\Windows\system32\devmgr.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\netlogon.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\msscb.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\msctfp.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-11-07 10:29:41 ----A---- C:\Windows\system32\BFE.DLL
2010-11-07 10:29:41 ----A---- C:\Windows\system32\adsldpc.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\Wldap32.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\wcnwiz.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-11-07 10:29:40 ----A---- C:\Windows\system32\evr.dll
2010-11-07 10:29:39 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-11-07 10:29:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-11-07 10:29:39 ----A---- C:\Windows\system32\services.exe
2010-11-07 10:29:38 ----A---- C:\Windows\system32\wercon.exe
2010-11-07 10:29:38 ----A---- C:\Windows\system32\wcncsvc.dll
2010-11-07 10:29:38 ----A---- C:\Windows\system32\mimefilt.dll
2010-11-07 10:29:38 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2010-11-07 10:29:38 ----A---- C:\Windows\system32\comdlg32.dll
2010-11-07 10:29:38 ----A---- C:\Windows\system32\adtschema.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\taskeng.exe
2010-11-07 10:29:37 ----A---- C:\Windows\system32\rtffilt.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\reg.exe
2010-11-07 10:29:37 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\mswdat10.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\msjter40.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\msdtcprx.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-11-07 10:29:37 ----A---- C:\Windows\system32\certcli.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\w32time.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\dnsapi.dll
2010-11-07 10:29:36 ----A---- C:\Windows\system32\certutil.exe
2010-11-07 10:29:35 ----A---- C:\Windows\system32\msshooks.dll
2010-11-07 10:29:35 ----A---- C:\Windows\system32\msscntrs.dll
2010-11-07 10:29:35 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-11-07 10:29:35 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-11-07 10:29:35 ----A---- C:\Windows\system32\bthserv.dll
2010-11-07 10:29:35 ----A---- C:\Windows\system32\bcrypt.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-11-07 10:29:34 ----A---- C:\Windows\system32\rsaenh.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\msstrc.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\msihnd.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-11-07 10:29:34 ----A---- C:\Windows\system32\drivers\ndis.sys
2010-11-07 10:29:33 ----A---- C:\Windows\system32\netapi32.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\mtxclu.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\mscories.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\inetpp.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\hidserv.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\fundisc.dll
2010-11-07 10:29:33 ----A---- C:\Windows\system32\cryptsvc.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\termsrv.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\profsvc.dll
2010-11-07 10:29:32 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\wdc.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\shsvcs.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\msiexec.exe
2010-11-07 10:29:31 ----A---- C:\Windows\system32\imapi.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\chsbrkr.dll
2010-11-07 10:29:31 ----A---- C:\Windows\system32\drivers\pci.sys
2010-11-07 10:29:31 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2010-11-07 10:29:30 ----A---- C:\Windows\system32\rasmans.dll
2010-11-07 10:29:30 ----A---- C:\Windows\system32\pnidui.dll
2010-11-07 10:29:30 ----A---- C:\Windows\system32\icardres.dll
2010-11-07 10:29:30 ----A---- C:\Windows\system32\iassdo.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\wersvc.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\slmgr.vbs
2010-11-07 10:29:29 ----A---- C:\Windows\system32\scrrun.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\PSHED.DLL
2010-11-07 10:29:29 ----A---- C:\Windows\system32\pdh.dll
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\termdd.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\Storport.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\clfs.sys
2010-11-07 10:29:29 ----A---- C:\Windows\system32\autofmt.exe
2010-11-07 10:29:28 ----A---- C:\Windows\system32\pidgenx.dll
2010-11-07 10:29:28 ----A---- C:\Windows\system32\drivers\partmgr.sys
2010-11-07 10:29:28 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-11-07 10:29:28 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-11-07 10:29:28 ----A---- C:\Windows\system32\azroles.dll
2010-11-07 10:29:23 ----A---- C:\Windows\system32\winlogon.exe
2010-11-07 10:29:23 ----A---- C:\Windows\system32\SyncCenter.dll
2010-11-07 10:29:23 ----A---- C:\Windows\system32\SLUINotify.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\sethc.exe
2010-11-07 10:29:22 ----A---- C:\Windows\system32\ncrypt.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\kd1394.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\drivers\mup.sys
2010-11-07 10:29:22 ----A---- C:\Windows\system32\comuid.dll
2010-11-07 10:29:22 ----A---- C:\Windows\system32\certmgr.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\wisptis.exe
2010-11-07 10:29:21 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\untfs.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\spp.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\scrobj.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\iassam.dll
2010-11-07 10:29:21 ----A---- C:\Windows\system32\dwm.exe
2010-11-07 10:29:21 ----A---- C:\Windows\system32\drivers\disk.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\taskcomp.dll
2010-11-07 10:29:20 ----A---- C:\Windows\system32\printui.dll
2010-11-07 10:29:20 ----A---- C:\Windows\system32\iasnap.dll
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2010-11-07 10:29:20 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2010-11-07 10:29:20 ----A---- C:\Windows\system32\autochk.exe
2010-11-07 10:29:19 ----A---- C:\Windows\system32\winsrv.dll
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\pciide.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\msrpc.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\ecache.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2010-11-07 10:29:19 ----A---- C:\Windows\system32\autoconv.exe
2010-11-07 10:29:18 ----A---- C:\Windows\system32\wow32.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\userenv.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\osk.exe
2010-11-07 10:29:18 ----A---- C:\Windows\system32\onex.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\mswsock.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\kdcom.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\cscript.exe
2010-11-07 10:29:18 ----A---- C:\Windows\system32\basecsp.dll
2010-11-07 10:29:18 ----A---- C:\Windows\system32\audiodg.exe
2010-11-07 10:29:17 ----A---- C:\Windows\system32\WinSCard.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\winmm.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\RelMon.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\rdpencom.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\kdusb.dll
2010-11-07 10:29:17 ----A---- C:\Windows\system32\drivers\netbt.sys
2010-11-07 10:29:17 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-11-07 10:29:16 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-11-07 10:29:16 ----A---- C:\Windows\system32\spcmsg.dll
2010-11-07 10:29:16 ----A---- C:\Windows\system32\offfilt.dll
2010-11-07 10:29:16 ----A---- C:\Windows\system32\msftedit.dll
2010-11-07 10:29:16 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-11-07 10:29:15 ----A---- C:\Windows\system32\WerFault.exe
2010-11-07 10:29:15 ----A---- C:\Windows\system32\Utilman.exe
2010-11-07 10:29:14 ----A---- C:\Windows\system32\wsepno.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\stobject.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\SndVol.exe
2010-11-07 10:29:14 ----A---- C:\Windows\system32\msnetobj.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\mscms.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\mfplat.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\diskraid.exe
2010-11-07 10:29:14 ----A---- C:\Windows\system32\apphelp.dll
2010-11-07 10:29:14 ----A---- C:\Windows\system32\adsmsext.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\wscript.exe
2010-11-07 10:29:13 ----A---- C:\Windows\system32\wiaservc.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\ulib.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\sysclass.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\prnntfy.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\odbccp32.dll
2010-11-07 10:29:13 ----A---- C:\Windows\system32\iasdatastore.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\wscntfy.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\rastapi.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\pnpsetup.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-11-07 10:29:12 ----A---- C:\Windows\system32\fdProxy.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\dsound.dll
2010-11-07 10:29:12 ----A---- C:\Windows\system32\cryptui.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\wlangpui.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\iashlpr.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\gpapi.dll
2010-11-07 10:29:11 ----A---- C:\Windows\system32\diskpart.exe
2010-11-07 10:29:11 ----A---- C:\Windows\system32\brcpl.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\wscsvc.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-11-07 10:29:10 ----A---- C:\Windows\system32\vdsdyn.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\rasapi32.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\ntprint.dll
2010-11-07 10:29:10 ----A---- C:\Windows\system32\logman.exe
2010-11-07 10:29:09 ----A---- C:\Windows\system32\wusa.exe
2010-11-07 10:29:09 ----A---- C:\Windows\system32\regsvc.dll
2010-11-07 10:29:09 ----A---- C:\Windows\system32\mscorier.dll
2010-11-07 10:29:09 ----A---- C:\Windows\system32\iasrad.dll
2010-11-07 10:29:09 ----A---- C:\Windows\system32\findstr.exe
2010-11-07 10:29:08 ----A---- C:\Windows\system32\zipfldr.dll
2010-11-07 10:29:08 ----A---- C:\Windows\system32\wshext.dll
2010-11-07 10:29:07 ----A---- C:\Windows\system32\wpccpl.dll
2010-11-07 10:29:07 ----A---- C:\Windows\system32\netcenter.dll
2010-11-07 10:29:05 ----A---- C:\Windows\system32\wer.dll
2010-11-07 10:29:05 ----A---- C:\Windows\system32\rasdlg.dll
2010-11-07 10:29:05 ----A---- C:\Windows\system32\iassvcs.dll
2010-11-07 10:29:04 ----A---- C:\Windows\system32\wsnmp32.dll
2010-11-07 10:29:04 ----A---- C:\Windows\system32\themecpl.dll
2010-11-07 10:29:04 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-11-07 10:29:03 ----A---- C:\Windows\system32\uxsms.dll
2010-11-07 10:29:03 ----A---- C:\Windows\system32\mssprxy.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\scansetting.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\ntmarta.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\msutb.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\mstlsapi.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\iasads.dll
2010-11-07 10:29:02 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2010-11-07 10:29:01 ----A---- C:\Windows\system32\slcc.dll
2010-11-07 10:29:01 ----A---- C:\Windows\system32\powrprof.dll
2010-11-07 10:29:01 ----A---- C:\Windows\system32\mstsc.exe
2010-11-07 10:29:01 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-07 10:29:00 ----A---- C:\Windows\system32\iasacct.dll
2010-11-07 10:28:56 ----A---- C:\Windows\system32\powercpl.dll
2010-11-07 10:28:56 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-11-07 10:28:56 ----A---- C:\Windows\system32\networkmap.dll
2010-11-07 10:28:55 ----A---- C:\Windows\system32\newdev.exe
2010-11-07 10:28:55 ----A---- C:\Windows\system32\connect.dll
2010-11-07 10:28:55 ----A---- C:\Windows\system32\authz.dll
2010-11-07 10:28:54 ----A---- C:\Windows\system32\systemcpl.dll
2010-11-07 10:28:54 ----A---- C:\Windows\system32\sud.dll
2010-11-07 10:28:54 ----A---- C:\Windows\system32\dot3svc.dll
2010-11-07 10:28:53 ----A---- C:\Windows\system32\themeui.dll
2010-11-07 10:28:53 ----A---- C:\Windows\system32\pcaui.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\usercpl.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\samlib.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\mmci.dll
2010-11-07 10:28:52 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-11-07 10:28:51 ----A---- C:\Windows\system32\wlanpref.dll
2010-11-07 10:28:51 ----A---- C:\Windows\system32\qdvd.dll
2010-11-07 10:28:51 ----A---- C:\Windows\system32\autoplay.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\wpcao.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\vdsutil.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\rpchttp.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\regapi.dll
2010-11-07 10:28:50 ----A---- C:\Windows\system32\msinfo32.exe
2010-11-07 10:28:49 ----A---- C:\Windows\system32\tapisrv.dll
2010-11-07 10:28:49 ----A---- C:\Windows\system32\scksp.dll
2010-11-07 10:28:49 ----A---- C:\Windows\system32\mpr.dll
2010-11-07 10:28:49 ----A---- C:\Windows\system32\feclient.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\wscisvif.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\scesrv.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\rekeywiz.exe
2010-11-07 10:28:48 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\oleprn.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\imm32.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\iaspolcy.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\Faultrep.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\drivers\exfat.sys
2010-11-07 10:28:48 ----A---- C:\Windows\system32\dot3msm.dll
2010-11-07 10:28:48 ----A---- C:\Windows\system32\DeviceEject.exe
2010-11-07 10:28:48 ----A---- C:\Windows\system32\AudioSes.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\sdclt.exe
2010-11-07 10:28:47 ----A---- C:\Windows\system32\qedit.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\pnpui.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\perfdisk.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\ncryptui.dll
2010-11-07 10:28:47 ----A---- C:\Windows\system32\dpapimig.exe
2010-11-07 10:28:47 ----A---- C:\Windows\system32\certreq.exe
2010-11-07 10:28:46 ----A---- C:\Windows\system32\TSTheme.exe
2010-11-07 10:28:46 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\scecli.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\rasplap.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\rasgcw.dll
2010-11-07 10:28:46 ----A---- C:\Windows\system32\hdwwiz.exe
2010-11-07 10:28:46 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-11-07 10:28:46 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2010-11-07 10:28:45 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-11-07 10:28:45 ----A---- C:\Windows\system32\spwinsat.dll
2010-11-07 10:28:45 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-11-07 10:28:45 ----A---- C:\Windows\system32\cmmon32.exe
2010-11-07 10:28:44 ----A---- C:\Windows\system32\whealogr.dll
2010-11-07 10:28:44 ----A---- C:\Windows\system32\tcpmon.dll
2010-11-07 10:28:44 ----A---- C:\Windows\system32\fdWSD.dll
2010-11-07 10:28:44 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2010-11-07 10:28:44 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2010-11-07 10:28:44 ----A---- C:\Windows\system32\drivers\portcls.sys
2010-11-07 10:28:43 ----A---- C:\Windows\system32\srcore.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\SCardSvr.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\raschap.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\fontext.dll
2010-11-07 10:28:43 ----A---- C:\Windows\system32\conime.exe
2010-11-07 10:28:43 ----A---- C:\Windows\system32\cmdial32.dll
2010-11-07 10:28:42 ----A---- C:\Windows\system32\wiaaut.dll
2010-11-07 10:28:42 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-11-07 10:28:42 ----A---- C:\Windows\system32\drivers\npfs.sys
2010-11-07 10:28:42 ----A---- C:\Windows\system32\drivers\afd.sys
2010-11-07 10:28:41 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-11-07 10:28:41 ----A---- C:\Windows\system32\wlanui.dll
2010-11-07 10:28:41 ----A---- C:\Windows\system32\shwebsvc.dll
2010-11-07 10:28:41 ----A---- C:\Windows\system32\rasppp.dll
2010-11-07 10:28:41 ----A---- C:\Windows\system32\PnPutil.exe
2010-11-07 10:28:41 ----A---- C:\Windows\system32\dsprop.dll
2010-11-07 10:28:40 ----A---- C:\Windows\system32\oobefldr.dll
2010-11-07 10:28:40 ----A---- C:\Windows\system32\drivers\tdx.sys
2010-11-07 10:28:40 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-11-07 10:28:40 ----A---- C:\Windows\system32\dimsroam.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\shsetup.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\rasmontr.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\mscandui.dll
2010-11-07 10:28:39 ----A---- C:\Windows\system32\modemui.dll
2010-11-07 10:28:38 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-11-07 10:28:38 ----A---- C:\Windows\system32\chtbrkr.dll
2010-11-07 10:28:38 ----A---- C:\Windows\system32\dataclen.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\smss.exe
2010-11-07 10:28:37 ----A---- C:\Windows\system32\rdpwsx.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\drivers\fastfat.sys
2010-11-07 10:28:37 ----A---- C:\Windows\system32\credui.dll
2010-11-07 10:28:37 ----A---- C:\Windows\system32\blackbox.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\WSDMon.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\wmpeffects.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\netplwiz.dll
2010-11-07 10:28:36 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-11-07 10:28:36 ----A---- C:\Windows\system32\certprop.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\wpcsvc.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\networkexplorer.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\msscp.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\logagent.exe
2010-11-07 10:28:35 ----A---- C:\Windows\system32\InkEd.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\ifmon.dll
2010-11-07 10:28:35 ----A---- C:\Windows\system32\cipher.exe
2010-11-07 10:28:34 ----A---- C:\Windows\system32\wscapi.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\thawbrkr.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\softkbd.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\sendmail.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\msimtf.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-11-07 10:28:34 ----A---- C:\Windows\system32\gpresult.exe
2010-11-07 10:28:34 ----A---- C:\Windows\system32\drivers\watchdog.sys
2010-11-07 10:28:33 ----A---- C:\Windows\system32\olepro32.dll
2010-11-07 10:28:33 ----A---- C:\Windows\system32\msctfui.dll
2010-11-07 10:28:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-11-07 10:28:33 ----A---- C:\Windows\system32\drivers\smb.sys
2010-11-07 10:28:33 ----A---- C:\Windows\system32\drivers\hidusb.sys
2010-11-07 10:28:33 ----A---- C:\Windows\system32\dmsynth.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\puiapi.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\input.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-11-07 10:28:32 ----A---- C:\Windows\system32\drivers\udfs.sys
2010-11-07 10:28:32 ----A---- C:\Windows\system32\cdd.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\wshbth.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\version.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\SLLUA.exe
2010-11-07 10:28:31 ----A---- C:\Windows\system32\msisip.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\mprapi.dll
2010-11-07 10:28:31 ----A---- C:\Windows\system32\fc.exe
2010-11-07 10:28:30 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\msjint40.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\fdSSDP.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\eapp3hst.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2010-11-07 10:28:30 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2010-11-07 10:28:30 ----A---- C:\Windows\system32\dmusic.dll
2010-11-07 10:28:30 ----A---- C:\Windows\system32\cscapi.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\wsdchngr.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\l2nacp.dll
2010-11-07 10:28:29 ----A---- C:\Windows\system32\ftp.exe
2010-11-07 10:28:29 ----A---- C:\Windows\system32\cscdll.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\Storprop.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\rasdial.exe
2010-11-07 10:28:28 ----A---- C:\Windows\system32\rasdiag.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\ipconfig.exe
2010-11-07 10:28:28 ----A---- C:\Windows\system32\fdWCN.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\eappcfg.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\dot3cfg.dll
2010-11-07 10:28:28 ----A---- C:\Windows\system32\bthudtask.exe
2010-11-07 10:28:28 ----A---- C:\Windows\system32\bthci.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\tscupgrd.exe
2010-11-07 10:28:27 ----A---- C:\Windows\system32\slcinst.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\ocsetup.exe
2010-11-07 10:28:27 ----A---- C:\Windows\system32\nslookup.exe
2010-11-07 10:28:27 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\eappgnui.dll
2010-11-07 10:28:27 ----A---- C:\Windows\system32\drivers\rassstp.sys
2010-11-07 10:28:27 ----A---- C:\Windows\system32\drivers\hidclass.sys
2010-11-07 10:28:26 ----A---- C:\Windows\system32\mmcico.dll
2010-11-07 10:28:26 ----A---- C:\Windows\system32\hbaapi.dll
2010-11-07 10:28:26 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-11-07 10:28:26 ----A---- C:\Windows\system32\fdeploy.dll
2010-11-07 10:28:25 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-11-07 10:28:25 ----A---- C:\Windows\system32\gpupdate.exe
2010-11-07 10:28:25 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-11-07 10:28:25 ----A---- C:\Windows\system32\drivers\dfsc.sys
2010-11-07 10:28:25 ----A---- C:\Windows\system32\drivers\cdrom.sys
2010-11-07 10:28:24 ----A---- C:\Windows\system32\csrstub.exe
2010-11-07 10:28:24 ----A---- C:\Windows\system32\cbsra.exe
2010-11-07 10:28:24 ----A---- C:\Windows\system32\bitsigd.dll
2010-11-07 10:28:23 ----A---- C:\Windows\system32\NcdProp.dll
2010-11-07 10:28:23 ----A---- C:\Windows\system32\iscsilog.dll
2010-11-07 10:28:22 ----A---- C:\Windows\system32\vdmdbg.dll
2010-11-07 10:28:22 ----A---- C:\Windows\system32\odbcconf.dll
2010-11-07 10:28:22 ----A---- C:\Windows\system32\drivers\dxg.sys
2010-11-07 10:28:22 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-07 10:28:21 ----A---- C:\Windows\system32\winrnr.dll
2010-11-07 10:28:21 ----A---- C:\Windows\system32\slwga.dll
2010-11-07 10:28:21 ----A---- C:\Windows\system32\midimap.dll
2010-11-07 10:28:21 ----A---- C:\Windows\system32\inetppui.dll
2010-11-07 10:28:19 ----A---- C:\Windows\system32\drivers\stream.sys
2010-11-07 10:28:19 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2010-11-07 10:28:18 ----A---- C:\Windows\system32\drivers\usbohci.sys
2010-11-07 10:28:18 ----A---- C:\Windows\system32\drivers\bridge.sys
2010-11-07 10:28:17 ----A---- C:\Windows\system32\msimsg.dll
2010-11-07 10:28:17 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-11-07 10:28:17 ----A---- C:\Windows\system32\drivers\usb8023.sys
2010-11-07 10:28:17 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2010-11-07 10:27:31 ----A---- C:\Windows\system32\SmiEngine.dll
2010-11-07 10:27:16 ----A---- C:\Windows\system32\wdscore.dll
2010-11-07 10:27:16 ----A---- C:\Windows\system32\PkgMgr.exe
2010-11-07 10:26:39 ----A---- C:\Windows\system32\drvstore.dll
2010-11-07 09:59:30 ----A---- C:\Windows\system32\gameux.dll
2010-11-07 09:59:28 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-11-07 09:59:27 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-31 20:00:02 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Netscape
2010-10-31 20:00:02 ----D---- C:\Program Files\Photodex Presenter
2010-10-31 19:59:20 ----D---- C:\Program Files\Photodex
2010-10-31 19:57:22 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Photodex
2010-10-29 23:01:11 ----D---- C:\Program Files\WinClamAVShield
2010-10-27 13:33:12 ----D---- C:\Program Files\Zrychleni Pocitace
2010-10-27 13:32:54 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\OpenCandy
2010-10-26 12:33:54 ----D---- C:\ProgramData\Sony Ericsson
2010-10-26 12:33:12 ----D---- C:\Program Files\Avanquest update
2010-10-26 10:05:54 ----SHD---- C:\found.000
2010-10-25 04:37:04 ----D---- C:\ProgramData\BVRP Software
2010-10-16 23:06:14 ----A---- C:\Windows\system32\mshtml.dll
2010-10-16 23:06:13 ----A---- C:\Windows\system32\ieframe.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\wininet.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\urlmon.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\occache.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\mstime.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-16 23:06:12 ----A---- C:\Windows\system32\ieui.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iesetup.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iertutil.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iernonce.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iepeers.dll
2010-10-16 23:06:12 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-16 23:06:11 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-16 23:06:11 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-16 23:06:11 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-16 23:06:07 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-16 23:06:07 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-16 23:06:07 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-16 23:06:07 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-16 23:06:06 ----A---- C:\Windows\system32\netevent.dll
2010-10-16 23:05:56 ----A---- C:\Windows\system32\wmp.dll
2010-10-16 23:05:54 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-16 23:05:45 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-16 23:05:45 ----A---- C:\Windows\system32\mfc40.dll
2010-10-16 23:05:44 ----A---- C:\Windows\system32\win32k.sys
2010-10-16 23:05:43 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-16 23:05:42 ----A---- C:\Windows\system32\t2embed.dll
2010-10-16 23:05:40 ----A---- C:\Windows\system32\ole32.dll
2010-10-16 23:05:38 ----A---- C:\Windows\system32\schannel.dll
2010-10-16 23:03:34 ----A---- C:\Windows\system32\comctl32.dll
2010-10-16 23:01:48 ----D---- C:\Program Files\Common Files\Adobe
2010-10-16 23:01:48 ----D---- C:\Program Files\Adobe
======List of files/folders modified in the last 1 months======
2010-11-14 17:35:00 ----D---- C:\Windows\Temp
2010-11-14 17:28:28 ----D---- C:\Windows\System32
2010-11-14 17:28:28 ----D---- C:\Windows\inf
2010-11-14 17:28:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-14 11:13:30 ----D---- C:\Windows
2010-11-14 11:13:06 ----SD---- C:\Users\Pečimuthovi\AppData\Roaming\Microsoft
2010-11-14 10:56:39 ----D---- C:\Windows\system32\drivers
2010-11-14 10:56:38 ----D---- C:\Windows\system32\catroot
2010-11-14 10:56:35 ----RD---- C:\Program Files
2010-11-14 10:55:51 ----HD---- C:\ProgramData
2010-11-14 10:49:50 ----SHD---- C:\Windows\Installer
2010-11-14 10:49:50 ----HD---- C:\Config.Msi
2010-11-14 10:49:50 ----D---- C:\Windows\winsxs
2010-11-14 10:49:32 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-14 10:49:16 ----SHD---- C:\System Volume Information
2010-11-13 19:26:19 ----D---- C:\Windows\Prefetch
2010-11-13 19:16:57 ----D---- C:\Windows\system32\catroot2
2010-11-11 16:04:01 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Skype
2010-11-11 16:00:21 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\skypePM
2010-11-08 12:45:47 ----D---- C:\ProgramData\ESET
2010-11-07 11:20:58 ----D---- C:\Windows\rescache
2010-11-07 11:13:47 ----D---- C:\Windows\Microsoft.NET
2010-11-07 11:13:24 ----RSD---- C:\Windows\assembly
2010-11-07 10:56:41 ----SHD---- C:\Boot
2010-11-07 10:54:35 ----D---- C:\ProgramData\NVIDIA
2010-11-07 10:53:40 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Sidebar
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Photo Gallery
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Media Player
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Mail
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Collaboration
2010-11-07 10:50:57 ----D---- C:\Program Files\Windows Calendar
2010-11-07 10:50:57 ----D---- C:\Program Files\Movie Maker
2010-11-07 10:50:57 ----D---- C:\Program Files\Internet Explorer
2010-11-07 10:50:57 ----D---- C:\Program Files\Common Files\System
2010-11-07 10:50:56 ----D---- C:\Windows\servicing
2010-11-07 10:50:56 ----D---- C:\Program Files\Windows Defender
2010-11-07 10:50:55 ----D---- C:\Windows\system32\XPSViewer
2010-11-07 10:50:55 ----D---- C:\Windows\system32\sk-SK
2010-11-07 10:50:55 ----D---- C:\Windows\system32\ru-RU
2010-11-07 10:50:55 ----D---- C:\Windows\system32\oobe
2010-11-07 10:50:55 ----D---- C:\Windows\system32\migration
2010-11-07 10:50:55 ----D---- C:\Windows\system32\lv-LV
2010-11-07 10:50:55 ----D---- C:\Windows\system32\ko-KR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\it-IT
2010-11-07 10:50:55 ----D---- C:\Windows\system32\hr-HR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\fr-FR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\et-EE
2010-11-07 10:50:55 ----D---- C:\Windows\system32\en-US
2010-11-07 10:50:55 ----D---- C:\Windows\system32\el-GR
2010-11-07 10:50:55 ----D---- C:\Windows\system32\de-DE
2010-11-07 10:50:55 ----D---- C:\Windows\system32\da-DK
2010-11-07 10:50:55 ----D---- C:\Windows\system32\AdvancedInstallers
2010-11-07 10:50:55 ----D---- C:\Windows\IME
2010-11-07 10:50:54 ----D---- C:\Windows\system32\sv-SE
2010-11-07 10:50:54 ----D---- C:\Windows\system32\setup
2010-11-07 10:50:54 ----D---- C:\Windows\system32\he-IL
2010-11-07 10:50:54 ----D---- C:\Windows\system32\fi-FI
2010-11-07 10:50:54 ----D---- C:\Windows\system32\cs-CZ
2010-11-07 10:50:54 ----D---- C:\Windows\system32\cs
2010-11-07 10:50:51 ----D---- C:\Windows\system32\SLUI
2010-11-07 10:50:51 ----D---- C:\Windows\system32\pt-PT
2010-11-07 10:50:51 ----D---- C:\Windows\system32\hu-HU
2010-11-07 10:50:50 ----D---- C:\Windows\system32\zh-TW
2010-11-07 10:50:50 ----D---- C:\Windows\system32\zh-CN
2010-11-07 10:50:50 ----D---- C:\Windows\system32\uk-UA
2010-11-07 10:50:50 ----D---- C:\Windows\system32\th-TH
2010-11-07 10:50:50 ----D---- C:\Windows\system32\sr-Latn-CS
2010-11-07 10:50:50 ----D---- C:\Windows\system32\sl-SI
2010-11-07 10:50:50 ----D---- C:\Windows\system32\ro-RO
2010-11-07 10:50:50 ----D---- C:\Windows\system32\pl-PL
2010-11-07 10:50:50 ----D---- C:\Windows\system32\manifeststore
2010-11-07 10:50:50 ----D---- C:\Windows\system32\ja-JP
2010-11-07 10:50:50 ----D---- C:\Windows\system32\es-ES
2010-11-07 10:50:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-11-07 10:50:50 ----D---- C:\Windows\system32\bg-BG
2010-11-07 10:50:49 ----D---- C:\Windows\system32\wbem
2010-11-07 10:50:49 ----D---- C:\Windows\system32\tr-TR
2010-11-07 10:50:49 ----D---- C:\Windows\system32\pt-BR
2010-11-07 10:50:49 ----D---- C:\Windows\system32\nl-NL
2010-11-07 10:50:49 ----D---- C:\Windows\system32\nb-NO
2010-11-07 10:50:49 ----D---- C:\Windows\system32\migwiz
2010-11-07 10:50:49 ----D---- C:\Windows\system32\lt-LT
2010-11-07 10:50:49 ----D---- C:\Windows\system32\ar-SA
2010-11-07 10:50:42 ----RSD---- C:\Windows\Fonts
2010-11-07 10:50:42 ----D---- C:\Windows\AppPatch
2010-11-07 10:50:39 ----D---- C:\Windows\system32\Boot
2010-11-07 10:46:28 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2010-11-04 14:13:09 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\ICQ
2010-11-02 06:23:40 ----D---- C:\Program Files\ICQ7.1
2010-10-31 20:00:02 ----D---- C:\Users\Pečimuthovi\AppData\Roaming\Mozilla
2010-10-31 08:08:50 ----D---- C:\Program Files\Mozilla Firefox
2010-10-26 12:33:08 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-26 11:55:46 ----D---- C:\Windows\Minidump
2010-10-26 11:48:54 ----D---- C:\Program Files\Common Files\InstallShield
2010-10-26 11:41:21 ----D---- C:\Windows\system32\Tasks
2010-10-22 11:33:05 ----D---- C:\ProgramData\Electronic Arts
2010-10-22 11:33:05 ----D---- C:\Program Files\Electronic Arts
2010-10-19 11:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-16 23:07:01 ----A---- C:\Windows\system32\mrt.exe
2010-10-16 23:01:53 ----D---- C:\ProgramData\Adobe
2010-10-16 23:01:48 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-18 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 457304]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 3xHybrid;SAA713x TV Card Service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-07-06 906368]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 a4c1uvez;a4c1uvez; C:\Windows\system32\drivers\a4c1uvez.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-12-08 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-12-08 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-12-08 104960]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-10-31 181312]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-04 14336]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-09-02 2435592]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
A ještě
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----
Re: Malware juzjf.exe
Uz je to lepsi 
Jake testy jste provadel - jelikoz soubory po haveti videt nejsou, jsou tam videt jen zbytky zapisu v registru...
Stahnete OTM (viz muj podpis)
Jake testy jste provadel - jelikoz soubory po haveti videt nejsou, jsou tam videt jen zbytky zapisu v registru... Stahnete OTM (viz muj podpis)
- Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
- Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize
Kód: Vybrat vše
:reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=- "HP Software Update"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "Regedit32"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "WMPNSCFG"=- "NVIDIA driver monitor"=- "wuaucldt"=- "mymou"=- "Windows Firewall"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe"=- :files C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe C:\Windows\nvsvc32.exe c:\users\pečimuthovi\wuaucldt.exe C:\Users\Pečimuthovi\AppData\Roaming\Microsoft\quouquo.exe C:\Windows\system32\regedit.exe C:\Program Files\Ask.com C:\Program Files\DAEMON Tools Toolbar C:\Program Files\Family Toolbar %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [CLEARALLRESTOREPOINTS]- Kliknete na cervene tlacitko MoveIt!
- Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
Provedl jsem kopletní hloubkový test, a dále test po restartu. všechno co to našlo jsem odstranil. Jen mě je stále podezřelý ten
C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe Stejnou ikonu jsem našel u více souborů hned na začátku než jsem se obrátil na Vás. Ty se ale daly smazat. tento nesmaže ani antivir i když ho ručně přidám do karantény. Viz příloha
Jinak ještě podotýkám, že jsem doposud všechno prováděl s odpojeným netem (kabel ven). Protože když jsem tam dával antivir tak a prováděl testy, tak při připojení netu mě to hned hlásilo pokusy o připojení a samé koně typu 251.exe 193.exe Jen číslo a přípona. Od poskytovatele netu jsem dostal i email, cituji výtažek "Automatickými systémy sítě KHnet.info bylo zjištěno, že tvůj počítač pecimutova.khnet.info (ip adresa 10.XXX.XXX.73) pravděpodobně používá DNS servery mimo síť khnet.info. " dále "bylo zjištěno min. 3625 požadavků na zmíněný externí DNS server" Počítač byl připojený za uvedené období tak 1,5 hod. Za tu dobu se taky pokusil odeslat více jak 60824 emailů.. Samozřejmě došlo ze stany poskytovatele k bloku..Ale to už jse měl komp venku ze zásuvky a pátral.
To mě tak připomíná, že jsem musel v pondělí udělat (přesně si nevzpomínám) winsock reset.
-------------------------------------------------------------------
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C37B053-FD68-456a-82E1-D788EE342E6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\wuaucldt deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mymou deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Firewall deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe deleted successfully.
========== FILES ==========
File/Folder C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe not found.
File/Folder C:\Windows\nvsvc32.exe not found.
File/Folder c:\users\pečimuthovi\wuaucldt.exe not found.
File/Folder C:\Users\Pečimuthovi\AppData\Roaming\Microsoft\quouquo.exe not found.
File/Folder C:\Windows\system32\regedit.exe not found.
File/Folder C:\Program Files\Ask.com not found.
File/Folder C:\Program Files\DAEMON Tools Toolbar not found.
C:\Program Files\Family Toolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DEE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EBD.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A76.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AF7.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA342.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5B0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB0D7.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCD1D.tmp folder moved successfully.
C:\Windows\Installer\MSI5806.tmp moved successfully.
C:\Windows\Installer\MSI5C92.tmp moved successfully.
C:\Windows\Installer\MSI86AC.tmp moved successfully.
C:\Windows\Internet Logs\xDBB892.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5dc6438a773f560554c912ef58aecdea\BIT4F5C.tmp moved successfully.
C:\Windows\Temp\DMI3655.tmp moved successfully.
C:\Windows\Temp\DMI62EE.tmp moved successfully.
C:\Windows\Temp\exp4A51.tmp moved successfully.
C:\Windows\Temp\hel164F.tmp moved successfully.
C:\Windows\Temp\hel19CA.tmp moved successfully.
C:\Windows\Temp\hel366D.tmp moved successfully.
C:\Windows\Temp\hel41C0.tmp moved successfully.
C:\Windows\Temp\hel4996.tmp moved successfully.
C:\Windows\Temp\hel5C37.tmp moved successfully.
C:\Windows\Temp\hel6151.tmp moved successfully.
C:\Windows\Temp\hel6912.tmp moved successfully.
celé se to tu nevleze( počet znaků... následné vypadá stejně
C:\Windows\Temp\NODFFF8.tmp moved successfully.
C:\Windows\Temp\NODFFF9.tmp moved successfully.
C:\Windows\Temp\NODFFFA.tmp moved successfully.
C:\Windows\Temp\NODFFFB.tmp moved successfully.
C:\Windows\Temp\NODFFFC.tmp moved successfully.
C:\Windows\Temp\NODFFFD.tmp moved successfully.
C:\Windows\Temp\NODFFFE.tmp moved successfully.
C:\Windows\Temp\NODFFFF.tmp moved successfully.
File move failed. C:\Windows\Temp\ZLT04480.TMP scheduled to be moved on reboot.
C:\Windows\Temp\ZLT05558.TMP moved successfully.
C:\Windows\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
User: Pečimuthovi
->Temp folder emptied: 16222681 bytes
->Java cache emptied: 8788172 bytes
->FireFox cache emptied: 90463624 bytes
->Opera cache emptied: 3995069 bytes
->Flash cache emptied: 108724 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1179271982 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1174398 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 240,00 mb
Restore point Set: OTM Restore Point
OTM by OldTimer - Version 3.1.17.2 log created on 11142010_180635
Files moved on Reboot...
File C:\Windows\Temp\ZLT04480.TMP not found!
C:\Users\Pečimuthovi\AppData\Local\Temp\~DF9AD.tmp moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe Stejnou ikonu jsem našel u více souborů hned na začátku než jsem se obrátil na Vás. Ty se ale daly smazat. tento nesmaže ani antivir i když ho ručně přidám do karantény. Viz příloha
Jinak ještě podotýkám, že jsem doposud všechno prováděl s odpojeným netem (kabel ven). Protože když jsem tam dával antivir tak a prováděl testy, tak při připojení netu mě to hned hlásilo pokusy o připojení a samé koně typu 251.exe 193.exe Jen číslo a přípona. Od poskytovatele netu jsem dostal i email, cituji výtažek "Automatickými systémy sítě KHnet.info bylo zjištěno, že tvůj počítač pecimutova.khnet.info (ip adresa 10.XXX.XXX.73) pravděpodobně používá DNS servery mimo síť khnet.info. " dále "bylo zjištěno min. 3625 požadavků na zmíněný externí DNS server" Počítač byl připojený za uvedené období tak 1,5 hod. Za tu dobu se taky pokusil odeslat více jak 60824 emailů.. Samozřejmě došlo ze stany poskytovatele k bloku..Ale to už jse měl komp venku ze zásuvky a pátral.
To mě tak připomíná, že jsem musel v pondělí udělat (přesně si nevzpomínám) winsock reset.
-------------------------------------------------------------------
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C37B053-FD68-456a-82E1-D788EE342E6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\wuaucldt deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mymou deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Firewall deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe deleted successfully.
========== FILES ==========
File/Folder C:\Users\Pečimuthovi\AppData\Local\Opera\Opera\temporary_downloads\P1876832.JPG-www.facebook.exe not found.
File/Folder C:\Windows\nvsvc32.exe not found.
File/Folder c:\users\pečimuthovi\wuaucldt.exe not found.
File/Folder C:\Users\Pečimuthovi\AppData\Roaming\Microsoft\quouquo.exe not found.
File/Folder C:\Windows\system32\regedit.exe not found.
File/Folder C:\Program Files\Ask.com not found.
File/Folder C:\Program Files\DAEMON Tools Toolbar not found.
C:\Program Files\Family Toolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DEE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EBD.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A76.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AF7.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA342.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5B0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB0D7.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCD1D.tmp folder moved successfully.
C:\Windows\Installer\MSI5806.tmp moved successfully.
C:\Windows\Installer\MSI5C92.tmp moved successfully.
C:\Windows\Installer\MSI86AC.tmp moved successfully.
C:\Windows\Internet Logs\xDBB892.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\5dc6438a773f560554c912ef58aecdea\BIT4F5C.tmp moved successfully.
C:\Windows\Temp\DMI3655.tmp moved successfully.
C:\Windows\Temp\DMI62EE.tmp moved successfully.
C:\Windows\Temp\exp4A51.tmp moved successfully.
C:\Windows\Temp\hel164F.tmp moved successfully.
C:\Windows\Temp\hel19CA.tmp moved successfully.
C:\Windows\Temp\hel366D.tmp moved successfully.
C:\Windows\Temp\hel41C0.tmp moved successfully.
C:\Windows\Temp\hel4996.tmp moved successfully.
C:\Windows\Temp\hel5C37.tmp moved successfully.
C:\Windows\Temp\hel6151.tmp moved successfully.
C:\Windows\Temp\hel6912.tmp moved successfully.
celé se to tu nevleze( počet znaků... následné vypadá stejněC:\Windows\Temp\NODFFF8.tmp moved successfully.
C:\Windows\Temp\NODFFF9.tmp moved successfully.
C:\Windows\Temp\NODFFFA.tmp moved successfully.
C:\Windows\Temp\NODFFFB.tmp moved successfully.
C:\Windows\Temp\NODFFFC.tmp moved successfully.
C:\Windows\Temp\NODFFFD.tmp moved successfully.
C:\Windows\Temp\NODFFFE.tmp moved successfully.
C:\Windows\Temp\NODFFFF.tmp moved successfully.
File move failed. C:\Windows\Temp\ZLT04480.TMP scheduled to be moved on reboot.
C:\Windows\Temp\ZLT05558.TMP moved successfully.
C:\Windows\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
User: Pečimuthovi
->Temp folder emptied: 16222681 bytes
->Java cache emptied: 8788172 bytes
->FireFox cache emptied: 90463624 bytes
->Opera cache emptied: 3995069 bytes
->Flash cache emptied: 108724 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1179271982 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1174398 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 240,00 mb
Restore point Set: OTM Restore Point
OTM by OldTimer - Version 3.1.17.2 log created on 11142010_180635
Files moved on Reboot...
File C:\Windows\Temp\ZLT04480.TMP not found!
C:\Users\Pečimuthovi\AppData\Local\Temp\~DF9AD.tmp moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
- Přílohy
-
- screen.jpg
- Viditelná Ikona juzjf
- (86.58 KiB) Staženo 280 x
Naposledy upravil(a) VanaFrantisek dne 14 lis 2010 19:13, celkem upraveno 1 x.
-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
Za velikost obrázku se omlouvám...klidně smáznout...Re: Malware juzjf.exe
Stahnete Avenger (viz muj podpis)
- Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
- Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
- Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize
-
Kód: Vybrat vše
Files to delete: C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe - Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
- Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
- Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
- Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt
Je mozne, ze je tam DNS changer, kouknem na to 
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows Vista
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
malware zatím skenuje.
Po připojení netu mě naskočilo okno a opakovalo se od *3/DR3 až do *5/DR5
http://swandog46.geekstogo.com
Platform: Windows Vista
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
malware zatím skenuje.
Po připojení netu mě naskočilo okno a opakovalo se od *3/DR3 až do *5/DR5
- Přílohy
-
- screen2.jpg (9.99 KiB) Zobrazeno 2125 x
Re: Malware juzjf.exe
Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Kliknete na OK
- Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte
Kolik mate hardisku Mate je nejak rozdelene "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 5114
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
14.11.2010 20:41:18
mbam-log-2010-11-14 (20-41-18).txt
Typ skenu: Úplný sken (C:\|D:\|E:\|)
Skenované objekty: 324280
Uplynulý čas: 58 minuta(y), 12 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 3
Infikované datové položky registru: 1
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.Palevo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\nvidia driver monitor (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> No action taken.
Infikované datové položky registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (C:\RECYCLER\S-1-5-21-8955656025-3648328655-848727445-3278\yv8g67.exe,C:\Users\Pečimuthovi\AppData\Roaming\juzjf.exe,explorer.exe,C:\RECYCLER\S-1-5-21-0649034117-8857640709-199052838-9181\yv8g67.exe) Good: (Explorer.exe) -> No action taken.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Users\Pečimuthovi\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> No action taken.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: MAXTOR_S rev.4.AA -> Harddisk0\DR0 -> \Device\00000053
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Disk 0 Základní 149,05 GB rozdělený na (C:) 97,66 GB NTFS a (E:) 51,37 GB NTFS (20MB nepřiřazeno)
Disk 1 Základní (D:) 465,76 GB NTFS
Disk 2 slot (H:)
Disk 3 slot (I:)
Disk 4 slot (J:)
Disk 5 slot (K:)
CD-ROM 0 (F:)
CD-ROM 1 (G:) (DAEMON TOOL)
Re: Malware juzjf.exe
Vse co nasel MBAM smazte mbr jste udelal spatne - pouze jej mejte ulozeny na plose nespoustejte Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Kliknete na OK
- Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
no to jsem zkoušel... ale nenašlo to cestu...
[Window Title]
Umístění není dostupné.
[Content]
C:\Users\Pečimuthovi\plocha\ odkazuje na umístění, které již není k dispozici. Umístění může být na pevném disku tohoto počítače nebo v síti. Ujistěte se, že je disk řádně vložen a že jste připojeni k Internetu nebo k síti a opakujte akci. Pokud stále nelze umístění najít, je možné, že bylo přesunuto jinam.
[OK]
[Window Title]
Umístění není dostupné.
[Content]
C:\Users\Pečimuthovi\plocha\ odkazuje na umístění, které již není k dispozici. Umístění může být na pevném disku tohoto počítače nebo v síti. Ujistěte se, že je disk řádně vložen a že jste připojeni k Internetu nebo k síti a opakujte akci. Pokud stále nelze umístění najít, je možné, že bylo přesunuto jinam.
[OK]
Re: Malware juzjf.exe
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
VanaFrantisek
- Návštěvník
- Příspěvky: 23
- Registrován: 13 lis 2010 20:35
Re: Malware juzjf.exe
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: MAXTOR_S rev.4.AA -> Harddisk0\DR0 -> \Device\00000053
jj...bohužel visty 32...je to děs... musel jsem si vypnou řízení uživatelských účtů...jinak bach se zbláznil..Zlaté XP...tam má člověk aspoň přehled
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x84F3A1F8]<<
1 ntkrnlpa!IofCallDriver[0x82091962] -> \Device\Harddisk0\DR0[0x85F53858]
3 CLASSPNP[0x87FAA8B3] -> ntkrnlpa!IofCallDriver[0x82091962] -> [0x84F9FF08]
5 acpi[0x807336BC] -> ntkrnlpa!IofCallDriver[0x82091962] -> \Device\00000053[0x84F91C90]
\Driver\nvstor32[0x84F80518] -> IRP_MJ_CREATE -> 0x84F3A1F8
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi -> 0x84f381f8
user & kernel MBR OK
Warning: possible MBR rootkit infection !
Windows 6.0.6002 Disk: MAXTOR_S rev.4.AA -> Harddisk0\DR0 -> \Device\00000053
jj...bohužel visty 32...je to děs... musel jsem si vypnou řízení uživatelských účtů...jinak bach se zbláznil..Zlaté XP...tam má člověk aspoň přehled
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x84F3A1F8]<<
1 ntkrnlpa!IofCallDriver[0x82091962] -> \Device\Harddisk0\DR0[0x85F53858]
3 CLASSPNP[0x87FAA8B3] -> ntkrnlpa!IofCallDriver[0x82091962] -> [0x84F9FF08]
5 acpi[0x807336BC] -> ntkrnlpa!IofCallDriver[0x82091962] -> \Device\00000053[0x84F91C90]
\Driver\nvstor32[0x84F80518] -> IRP_MJ_CREATE -> 0x84F3A1F8
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi -> 0x84f381f8
user & kernel MBR OK
Warning: possible MBR rootkit infection !
Re: Malware juzjf.exe
Bud mbr matou virtualni mechaniky, nebo je tam mbr rootkit Stahnete SPTD http://www.duplexsecure.com/en/downloads
- Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
- Ulozte na plochu a spustte
- Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte
Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe
- Ulozte na plochu a spustte
- Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
"%userprofile%\Desktop\mbr" -t- Kliknete na OK
- Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte
A novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?