Visty po reinstalaci

Zpráva

Jirka · #1 Příspěvek od **Jirka** » 15 pro 2010 21:39

Prosim,po reinstalaci W Vista32 Bissness z důvodu červů se po spuštění bjeví hláška:

Another instance of program is running.

Chci-li tisknout (Pixma 630),tak po zapnutí tiskárny se procesor rozjede přes 100%.
Ve správci úloh jsem našel, že výkon žere a sám se spustil wmplayer.
Dám ukončit proces, klesne vytížení na 3-5% a vše je v normálu. Mohu tisknout a vše jiné, ale dojde-li k usnutí PC, pak po probuzení dtto procesor přes 100%.
Také sám Wmplayer po spuštění ručně sežere výkon a musím ho vypnout.
OS a programy jsou legální.

#2 Příspěvek od **motji** » 16 pro 2010 23:52

Dobrý večer

To dělá hned po reinstalu?

poprosím o log ze Rsitu, viz můj podpis.

Jirka · #3 Příspěvek od **Jirka** » 17 pro 2010 10:20

Ano hned po reinstalaci.Prosím zasílám log na 2x je to tak dobře? Díky

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jiří Boháček at 2010-12-15 20:58:10
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 90 GB (62%) free of 145 GB
Total RAM: 3053 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:58:14, on 15.12.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\RaimaRadio\RaimaRadio.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Jiří Boháček\Downloads\RSIT.exe
C:\Program Files\trend micro\Jiří Boháček.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Info-Czechdata] %PROGRAMFILES%\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Info nastenka CzechData.lnk = C:\Program Files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe
O15 - Trusted Zone: http://csnonline.unmz.cz
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 5682 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{B1A8C134-0608-4D5C-9BFF-CBB4B1256028}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-04 2731360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-25 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-25 2475336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Info-Czechdata"=C:\Program Files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe [2009-03-29 2058240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"feedreader.exe"=C:\Program Files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe [2009-03-29 2058240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
Info nastenka CzechData.lnk - C:\Program Files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-15 20:58:10 ----D---- C:\rsit
2010-12-15 20:51:23 ----D---- C:\Program Files\trend micro
2010-12-15 13:40:02 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 13:40:00 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 13:40:00 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 13:40:00 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 13:39:59 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 13:39:59 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 13:39:57 ----A---- C:\Windows\system32\consent.exe
2010-12-15 13:39:56 ----A---- C:\Windows\system32\fontsub.dll
2010-12-15 13:39:56 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 13:39:56 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 13:39:54 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 13:39:53 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 13:39:52 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 13:39:52 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\occache.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 13:39:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-15 13:39:51 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\iesetup.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\iernonce.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 13:39:51 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-15 13:39:42 ----A---- C:\Windows\system32\tzres.dll
2010-12-14 15:28:18 ----D---- C:\Program Files\ESET
2010-12-12 09:48:18 ----HD---- C:\Program Files\CanonBJ
2010-12-11 21:05:15 ----D---- C:\Program Files\Defraggler
2010-12-11 10:35:37 ----D---- C:\Program Files\Common Files\Adobe
2010-12-11 10:26:49 ----SHD---- C:\Config.Msi
2010-12-11 09:53:10 ----D---- C:\Users\Jiří Boháček\AppData\Roaming\FileOpen
2010-12-11 09:53:10 ----D---- C:\ProgramData\FileOpen
2010-12-11 09:52:49 ----D---- C:\Program Files\FileOpen
2010-11-28 14:00:58 ----AD---- C:\Users\Jiří Boháček\AppData\Roaming\Feedreader
2010-11-28 14:00:48 ----D---- C:\Program Files\Info-nastenka-Czechdata
2010-11-20 09:48:50 ----D---- C:\Program Files\Recuva
2010-11-18 17:34:32 ----D---- C:\Users\Jiří Boháček\AppData\Roaming\Media Player Classic
2010-11-18 17:20:10 ----D---- C:\Program Files\Microsoft.NET
2010-11-18 17:09:41 ----D---- C:\Program Files\ConvertHelper
2010-11-18 03:20:18 ----D---- C:\Program Files\Windows Portable Devices
2010-11-18 03:04:22 ----A---- C:\Windows\system32\UIAnimation.dll
2010-11-18 03:04:21 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-11-18 03:04:21 ----A---- C:\Windows\system32\UIRibbon.dll
2010-11-18 03:03:56 ----A---- C:\Windows\system32\WMPhoto.dll
2010-11-18 03:03:55 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-11-18 03:03:55 ----A---- C:\Windows\system32\cdd.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\dxdiagn.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\d3d10warp.dll
2010-11-18 03:03:53 ----A---- C:\Windows\system32\d2d1.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\xpsservices.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\XpsPrint.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-11-18 03:03:52 ----A---- C:\Windows\system32\OpcServices.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\FntCache.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\dxgi.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\dxdiag.exe
2010-11-18 03:03:52 ----A---- C:\Windows\system32\DWrite.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\d3d11.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\d3d10level9.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\d3d10core.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\d3d10_1.dll
2010-11-18 03:03:52 ----A---- C:\Windows\system32\d3d10.dll
2010-11-18 03:03:23 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-11-18 03:03:23 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-11-18 03:03:22 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-11-18 03:03:15 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-11-18 03:03:13 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-11-18 03:03:13 ----A---- C:\Windows\system32\wpdshext.dll
2010-11-18 03:03:13 ----A---- C:\Windows\system32\wpd_ci.dll
2010-11-18 03:03:13 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-11-18 03:03:12 ----A---- C:\Windows\system32\WPDSp.dll
2010-11-18 03:03:12 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-11-18 03:03:12 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-11-18 03:03:12 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-11-18 03:02:22 ----A---- C:\Windows\system32\oleaccrc.dll
2010-11-18 03:02:21 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-11-18 03:02:21 ----A---- C:\Windows\system32\oleacc.dll
2010-11-17 11:23:14 ----A---- C:\Windows\system32\vbscript.dll
2010-11-17 11:22:31 ----A---- C:\Windows\system32\jscript.dll
2010-11-17 09:59:53 ----D---- C:\Program Files\Český telefon 2004 STANDARD
2010-11-17 09:36:56 ----D---- C:\Program Files\Příjmové a výdajové doklady
2010-11-17 09:32:53 ----A---- C:\Windows\system32\DBCLIENT.DLL
2010-11-17 09:32:52 ----D---- C:\Program Files\Common Files\Borland Shared
2010-11-17 09:32:22 ----D---- C:\Program Files\ProFact 3.0 Free
2010-11-16 16:19:48 ----D---- C:\Windows\system32\eu-ES
2010-11-16 16:19:48 ----D---- C:\Windows\system32\ca-ES
2010-11-16 16:19:47 ----D---- C:\Windows\system32\vi-VN
2010-11-16 15:59:33 ----D---- C:\Windows\system32\EventProviders
2010-11-16 14:57:51 ----A---- C:\Windows\system32\msls31.dll
2010-11-16 14:57:51 ----A---- C:\Windows\system32\mshtmler.dll
2010-11-16 14:57:51 ----A---- C:\Windows\system32\icardie.dll
2010-11-16 14:57:51 ----A---- C:\Windows\system32\admparse.dll
2010-11-16 14:57:50 ----A---- C:\Windows\system32\imgutil.dll
2010-11-16 14:57:50 ----A---- C:\Windows\system32\ieakeng.dll
2010-11-16 14:57:50 ----A---- C:\Windows\system32\dxtrans.dll
2010-11-16 14:57:50 ----A---- C:\Windows\system32\dxtmsft.dll
2010-11-16 14:57:50 ----A---- C:\Windows\system32\corpol.dll
2010-11-16 14:57:49 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-11-16 14:57:49 ----A---- C:\Windows\system32\wextract.exe
2010-11-16 14:57:49 ----A---- C:\Windows\system32\webcheck.dll
2010-11-16 14:57:49 ----A---- C:\Windows\system32\msrating.dll
2010-11-16 14:57:49 ----A---- C:\Windows\system32\inseng.dll
2010-11-16 14:57:49 ----A---- C:\Windows\system32\ieakui.dll
2010-11-16 14:57:49 ----A---- C:\Windows\system32\ieaksie.dll
2010-11-16 14:57:48 ----A---- C:\Windows\system32\url.dll
2010-11-16 14:57:48 ----A---- C:\Windows\system32\pngfilt.dll
2010-11-16 14:57:48 ----A---- C:\Windows\system32\ieapfltr.dll
2010-11-16 14:57:48 ----A---- C:\Windows\system32\advpack.dll
2010-11-16 14:57:47 ----A---- C:\Windows\system32\mshta.exe
2010-11-16 14:57:47 ----A---- C:\Windows\system32\iexpress.exe
2010-11-16 14:57:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-11-16 14:57:46 ----A---- C:\Windows\system32\SetDepNx.exe
2010-11-16 14:57:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-11-16 14:57:46 ----A---- C:\Windows\system32\PDMSetup.exe
2010-11-16 14:56:52 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-11-16 14:56:52 ----A---- C:\Windows\system32\PresentationHost.exe
2010-11-16 14:56:52 ----A---- C:\Windows\system32\netfxperf.dll
2010-11-16 14:56:52 ----A---- C:\Windows\system32\mscoree.dll
2010-11-16 14:56:51 ----A---- C:\Windows\system32\dfshim.dll
2010-11-16 14:49:14 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-11-16 14:49:10 ----A---- C:\Windows\system32\SLsvc.exe
2010-11-16 14:49:10 ----A---- C:\Windows\system32\SLCExt.dll
2010-11-16 14:49:08 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-11-16 14:49:08 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-11-16 14:49:06 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-11-16 14:49:05 ----A---- C:\Windows\system32\mssrch.dll
2010-11-16 14:49:03 ----A---- C:\Windows\system32\tquery.dll
2010-11-16 14:49:03 ----A---- C:\Windows\system32\drivers\spsys.sys
2010-11-16 14:49:02 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-11-16 14:49:01 ----A---- C:\Windows\system32\scavenge.dll
2010-11-16 14:49:01 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-11-16 14:49:00 ----A---- C:\Windows\system32\msi.dll
2010-11-16 14:48:59 ----A---- C:\Windows\system32\WscEapPr.dll
2010-11-16 14:48:59 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-11-16 14:48:59 ----A---- C:\Windows\system32\imapi2fs.dll
2010-11-16 14:48:58 ----A---- C:\Windows\system32\sysmain.dll
2010-11-16 14:48:57 ----A---- C:\Windows\system32\icardagt.exe
2010-11-16 14:48:57 ----A---- C:\Windows\system32\EhStorShell.dll
2010-11-16 14:48:57 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2010-11-16 14:48:56 ----A---- C:\Windows\system32\spreview.exe
2010-11-16 14:48:56 ----A---- C:\Windows\system32\spinstall.exe
2010-11-16 14:48:55 ----A---- C:\Windows\system32\spwizui.dll
2010-11-16 14:48:55 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-11-16 14:48:55 ----A---- C:\Windows\system32\drmv2clt.dll
2010-11-16 14:48:54 ----A---- C:\Windows\system32\p2psvc.dll
2010-11-16 14:48:53 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-11-16 14:48:53 ----A---- C:\Windows\system32\mssvp.dll
2010-11-16 14:48:53 ----A---- C:\Windows\system32\mssphtb.dll
2010-11-16 14:48:53 ----A---- C:\Windows\system32\mssph.dll
2010-11-16 14:48:52 ----A---- C:\Windows\system32\sdohlp.dll
2010-11-16 14:48:52 ----A---- C:\Windows\system32\imapi2.dll
2010-11-16 14:48:51 ----A---- C:\Windows\system32\sperror.dll
2010-11-16 14:48:51 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-11-16 14:48:51 ----A---- C:\Windows\system32\esent.dll
2010-11-16 14:48:51 ----A---- C:\Windows\system32\DevicePairing.dll
2010-11-16 14:48:50 ----A---- C:\Windows\system32\wevtsvc.dll
2010-11-16 14:48:50 ----A---- C:\Windows\system32\SLC.dll
2010-11-16 14:48:50 ----A---- C:\Windows\system32\korwbrkr.dll
2010-11-16 14:48:49 ----A---- C:\Windows\system32\pmcsnap.dll
2010-11-16 14:48:49 ----A---- C:\Windows\system32\msjet40.dll
2010-11-16 14:48:48 ----A---- C:\Windows\system32\MPSSVC.dll
2010-11-16 14:48:47 ----A---- C:\Windows\system32\Query.dll
2010-11-16 14:48:47 ----A---- C:\Windows\system32\qmgr.dll
2010-11-16 14:48:46 ----A---- C:\Windows\system32\srchadmin.dll
2010-11-16 14:48:46 ----A---- C:\Windows\system32\P2PGraph.dll
2010-11-16 14:48:46 ----A---- C:\Windows\system32\ntdll.dll
2010-11-16 14:48:46 ----A---- C:\Windows\system32\msexch40.dll
2010-11-16 14:48:46 ----A---- C:\Windows\system32\IasMigReader.exe
2010-11-16 14:48:46 ----A---- C:\Windows\system32\diagperf.dll
2010-11-16 14:48:45 ----A---- C:\Windows\system32\winload.exe
2010-11-16 14:48:45 ----A---- C:\Windows\system32\uDWM.dll
2010-11-16 14:48:45 ----A---- C:\Windows\system32\riched20.dll
2010-11-16 14:48:45 ----A---- C:\Windows\system32\mmc.exe
2010-11-16 14:48:45 ----A---- C:\Windows\system32\mblctr.exe
2010-11-16 14:48:45 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-11-16 14:48:45 ----A---- C:\Windows\system32\EncDec.dll
2010-11-16 14:48:45 ----A---- C:\Windows\system32\dfsr.exe
2010-11-16 14:48:44 ----A---- C:\Windows\system32\RacEngn.dll
2010-11-16 14:48:44 ----A---- C:\Windows\system32\kernel32.dll
2010-11-16 14:48:44 ----A---- C:\Windows\system32\fdBth.dll
2010-11-16 14:48:43 ----A---- C:\Windows\system32\spoolss.dll
2010-11-16 14:48:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-11-16 14:48:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-11-16 14:48:43 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-11-16 14:48:43 ----A---- C:\Windows\system32\milcore.dll
2010-11-16 14:48:43 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-11-16 14:48:43 ----A---- C:\Windows\system32\CertEnroll.dll
2010-11-16 14:48:42 ----A---- C:\Windows\system32\WinSAT.exe
2010-11-16 14:48:42 ----A---- C:\Windows\system32\msvcp60.dll
2010-11-16 14:48:42 ----A---- C:\Windows\system32\msjtes40.dll
2010-11-16 14:48:42 ----A---- C:\Windows\system32\infocardapi.dll
2010-11-16 14:48:42 ----A---- C:\Windows\system32\gpedit.dll
2010-11-16 14:48:42 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-11-16 14:48:41 ----A---- C:\Windows\system32\PresentationSettings.exe
2010-11-16 14:48:41 ----A---- C:\Windows\system32\mstext40.dll
2010-11-16 14:48:41 ----A---- C:\Windows\system32\Magnify.exe
2010-11-16 14:48:41 ----A---- C:\Windows\system32\es.dll
2010-11-16 14:48:41 ----A---- C:\Windows\system32\cscsvc.dll
2010-11-16 14:48:41 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2010-11-16 14:48:41 ----A---- C:\Windows\system32\advapi32.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\WebClnt.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\vssapi.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\slwmi.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\msxbde40.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\msexcl40.dll
2010-11-16 14:48:40 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-11-16 14:48:40 ----A---- C:\Windows\system32\comsvcs.dll
2010-11-16 14:48:39 ----A---- C:\Windows\system32\NetProjW.dll
2010-11-16 14:48:39 ----A---- C:\Windows\system32\msrepl40.dll
2010-11-16 14:48:39 ----A---- C:\Windows\system32\authui.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\setupapi.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\rpcss.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\propsys.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\newdev.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\iasrecst.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\gpsvc.dll
2010-11-16 14:48:38 ----A---- C:\Windows\system32\eudcedit.exe
2010-11-16 14:48:38 ----A---- C:\Windows\system32\crypt32.dll
2010-11-16 14:48:38 ----A---- C:\Windows\explorer.exe
2010-11-16 14:48:37 ----A---- C:\Windows\system32\mspbde40.dll
2010-11-16 14:48:37 ----A---- C:\Windows\system32\msltus40.dll
2010-11-16 14:48:37 ----A---- C:\Windows\system32\mfc42.dll
2010-11-16 14:48:37 ----A---- C:\Windows\system32\davclnt.dll
2010-11-16 14:48:37 ----A---- C:\Windows\system32\d3d9.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\wevtapi.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\shlwapi.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\photowiz.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\nlhtml.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\msrd3x40.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\msdtctm.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-11-16 14:48:36 ----A---- C:\Windows\system32\browseui.dll
2010-11-16 14:48:35 ----A---- C:\Windows\system32\user32.dll
2010-11-16 14:48:35 ----A---- C:\Windows\system32\samsrv.dll
2010-11-16 14:48:35 ----A---- C:\Windows\system32\ci.dll
2010-11-16 14:48:34 ----A---- C:\Windows\system32\win32spl.dll
2010-11-16 14:48:34 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-11-16 14:48:34 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-11-16 14:48:34 ----A---- C:\Windows\system32\oleaut32.dll
2010-11-16 14:48:34 ----A---- C:\Windows\system32\netshell.dll
2010-11-16 14:48:34 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-11-16 14:48:33 ----A---- C:\Windows\system32\xmlfilter.dll
2010-11-16 14:48:33 ----A---- C:\Windows\system32\mswstr10.dll
2010-11-16 14:48:33 ----A---- C:\Windows\system32\drivers\rdbss.sys
2010-11-16 14:48:33 ----A---- C:\Windows\system32\compcln.exe
2010-11-16 14:48:33 ----A---- C:\Windows\system32\audiosrv.dll
2010-11-16 14:48:33 ----A---- C:\Windows\system32\apds.dll
2010-11-16 14:48:32 ----A---- C:\Windows\system32\msvcrt.dll
2010-11-16 14:48:32 ----A---- C:\Windows\system32\msctf.dll
2010-11-16 14:48:32 ----A---- C:\Windows\system32\emdmgmt.dll
2010-11-16 14:48:32 ----A---- C:\Windows\system32\drivers\netio.sys
2010-11-16 14:48:32 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-11-16 14:48:31 ----A---- C:\Windows\system32\wbengine.exe
2010-11-16 14:48:31 ----A---- C:\Windows\system32\VSSVC.exe
2010-11-16 14:48:31 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-11-16 14:48:31 ----A---- C:\Windows\system32\SLUI.exe
2010-11-16 14:48:31 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-11-16 14:48:31 ----A---- C:\Windows\system32\msrd2x40.dll
2010-11-16 14:48:31 ----A---- C:\Windows\system32\mfc42u.dll
2010-11-16 14:48:31 ----A---- C:\Windows\system32\gdi32.dll
2010-11-16 14:48:31 ----A---- C:\Windows\system32\eapphost.dll
2010-11-16 14:48:31 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-11-16 14:48:30 ----A---- C:\Windows\system32\winresume.exe
2010-11-16 14:48:30 ----A---- C:\Windows\system32\wevtutil.exe
2010-11-16 14:48:30 ----A---- C:\Windows\system32\shdocvw.dll
2010-11-16 14:48:30 ----A---- C:\Windows\system32\propdefs.dll
2010-11-16 14:48:30 ----A---- C:\Windows\system32\odbc32.dll
2010-11-16 14:48:30 ----A---- C:\Windows\system32\mssitlb.dll
2010-11-16 14:48:30 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-11-16 14:48:30 ----A---- C:\Windows\system32\dbgeng.dll
2010-11-16 14:48:29 ----A---- C:\Windows\system32\WsmSvc.dll
2010-11-16 14:48:29 ----A---- C:\Windows\system32\swprv.dll
2010-11-16 14:48:29 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\Wldap32.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\WFS.exe
2010-11-16 14:48:28 ----A---- C:\Windows\system32\wcnwiz.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\vds.exe
2010-11-16 14:48:28 ----A---- C:\Windows\system32\netlogon.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\msscb.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\msctfp.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\evr.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\drvinst.exe
2010-11-16 14:48:28 ----A---- C:\Windows\system32\devmgr.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-11-16 14:48:28 ----A---- C:\Windows\system32\BFE.DLL
2010-11-16 14:48:28 ----A---- C:\Windows\system32\adsldpc.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-11-16 14:48:27 ----A---- C:\Windows\system32\wercon.exe
2010-11-16 14:48:27 ----A---- C:\Windows\system32\wcncsvc.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\services.exe
2010-11-16 14:48:27 ----A---- C:\Windows\system32\msjter40.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\msdtcprx.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\mimefilt.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2010-11-16 14:48:27 ----A---- C:\Windows\system32\comdlg32.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\certcli.dll
2010-11-16 14:48:27 ----A---- C:\Windows\system32\adtschema.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\w32time.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\rtffilt.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\rsaenh.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\reg.exe
2010-11-16 14:48:26 ----A---- C:\Windows\system32\mswdat10.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\msshooks.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\msscntrs.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\msihnd.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-11-16 14:48:26 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-11-16 14:48:26 ----A---- C:\Windows\system32\drivers\ndis.sys
2010-11-16 14:48:26 ----A---- C:\Windows\system32\dnsapi.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\certutil.exe
2010-11-16 14:48:26 ----A---- C:\Windows\system32\bthserv.dll
2010-11-16 14:48:26 ----A---- C:\Windows\system32\bcrypt.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-11-16 14:48:25 ----A---- C:\Windows\system32\scrptadm.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\netapi32.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\mtxclu.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\msstrc.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\mscories.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\inetpp.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\hidserv.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\fundisc.dll
2010-11-16 14:48:25 ----A---- C:\Windows\system32\drivers\csc.sys
2010-11-16 14:48:25 ----A---- C:\Windows\system32\cryptsvc.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\wdc.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\termsrv.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\shsvcs.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\profsvc.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\msiexec.exe
2010-11-16 14:48:24 ----A---- C:\Windows\system32\imapi.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\chsbrkr.dll
2010-11-16 14:48:24 ----A---- C:\Windows\system32\drivers\pci.sys
2010-11-16 14:48:24 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2010-11-16 14:48:24 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-11-16 14:48:23 ----A---- C:\Windows\system32\rasmans.dll
2010-11-16 14:48:23 ----A---- C:\Windows\system32\pnidui.dll
2010-11-16 14:48:23 ----A---- C:\Windows\system32\icardres.dll
2010-11-16 14:48:23 ----A---- C:\Windows\system32\iassdo.dll
2010-11-16 14:48:23 ----A---- C:\Windows\system32\drivers\termdd.sys
2010-11-16 14:48:23 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-11-16 14:48:23 ----A---- C:\Windows\system32\autofmt.exe
2010-11-16 14:48:22 ----A---- C:\Windows\system32\wersvc.dll
2010-11-16 14:48:22 ----A---- C:\Windows\system32\slmgr.vbs
2010-11-16 14:48:22 ----A---- C:\Windows\system32\scrrun.dll
2010-11-16 14:48:22 ----A---- C:\Windows\system32\PSHED.DLL
2010-11-16 14:48:22 ----A---- C:\Windows\system32\pidgenx.dll
2010-11-16 14:48:22 ----A---- C:\Windows\system32\pdh.dll
2010-11-16 14:48:22 ----A---- C:\Windows\system32\drivers\Storport.sys
2010-11-16 14:48:22 ----A---- C:\Windows\system32\drivers\partmgr.sys
2010-11-16 14:48:22 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2010-11-16 14:48:22 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-11-16 14:48:22 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-11-16 14:48:22 ----A---- C:\Windows\system32\clfs.sys
2010-11-16 14:48:22 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-11-16 14:48:22 ----A---- C:\Windows\system32\azroles.dll
2010-11-16 14:48:21 ----A---- C:\Windows\system32\winlogon.exe
2010-11-16 14:48:21 ----A---- C:\Windows\system32\SyncCenter.dll
2010-11-16 14:48:19 ----A---- C:\Windows\system32\SLUINotify.dll
2010-11-16 14:48:19 ----A---- C:\Windows\system32\sethc.exe
2010-11-16 14:48:19 ----A---- C:\Windows\system32\ncrypt.dll
2010-11-16 14:48:19 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-11-16 14:48:19 ----A---- C:\Windows\system32\kd1394.dll
2010-11-16 14:48:19 ----A---- C:\Windows\system32\drivers\mup.sys
2010-11-16 14:48:19 ----A---- C:\Windows\system32\drivers\disk.sys
2010-11-16 14:48:19 ----A---- C:\Windows\system32\comuid.dll
2010-11-16 14:48:19 ----A---- C:\Windows\system32\certmgr.dll
2010-11-16 14:48:18 ----A---- C:\Windows\system32\wisptis.exe
2010-11-16 14:48:18 ----A---- C:\Windows\system32\untfs.dll
2010-11-16 14:48:18 ----A---- C:\Windows\system32\spp.dll
2010-11-16 14:48:18 ----A---- C:\Windows\system32\scrobj.dll
2010-11-16 14:48:18 ----A---- C:\Windows\system32\iassam.dll
2010-11-16 14:48:18 ----A---- C:\Windows\system32\dwm.exe
2010-11-16 14:48:18 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2010-11-16 14:48:18 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-11-16 14:48:18 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2010-11-16 14:48:18 ----A---- C:\Windows\system32\cscui.dll
2010-11-16 14:48:18 ----A---- C:\Windows\system32\autochk.exe
2010-11-16 14:48:17 ----A---- C:\Windows\system32\winsrv.dll
2010-11-16 14:48:17 ----A---- C:\Windows\system32\printui.dll
2010-11-16 14:48:17 ----A---- C:\Windows\system32\iasnap.dll
2010-11-16 14:48:17 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-11-16 14:48:17 ----A---- C:\Windows\system32\drivers\pciide.sys
2010-11-16 14:48:17 ----A---- C:\Windows\system32\drivers\msrpc.sys
2010-11-16 14:48:17 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2010-11-16 14:48:17 ----A---- C:\Windows\system32\drivers\ecache.sys
2010-11-16 14:48:17 ----A---- C:\Windows\system32\autoconv.exe
2010-11-16 14:48:16 ----A---- C:\Windows\system32\wow32.dll
2010-11-16 14:48:16 ----A---- C:\Windows\system32\userenv.dll
2010-11-16 14:48:16 ----A---- C:\Windows\system32\osk.exe
2010-11-16 14:48:16 ----A---- C:\Windows\system32\onex.dll
2010-11-16 14:48:16 ----A---- C:\Windows\system32\mswsock.dll
2010-11-16 14:48:16 ----A---- C:\Windows\system32\kdcom.dll
2010-11-16 14:48:16 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2010-11-16 14:48:16 ----A---- C:\Windows\system32\cscript.exe
2010-11-16 14:48:16 ----A---- C:\Windows\system32\basecsp.dll
2010-11-16 14:48:16 ----A---- C:\Windows\system32\audiodg.exe
2010-11-16 14:48:15 ----A---- C:\Windows\system32\WinSCard.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\winmm.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-11-16 14:48:15 ----A---- C:\Windows\system32\spcmsg.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\RelMon.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\rdpencom.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\offfilt.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\msftedit.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\kdusb.dll
2010-11-16 14:48:15 ----A---- C:\Windows\system32\drivers\netbt.sys
2010-11-16 14:48:15 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-11-16 14:48:15 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-11-16 14:48:14 ----A---- C:\Windows\system32\WerFault.exe
2010-11-16 14:48:14 ----A---- C:\Windows\system32\Utilman.exe
2010-11-16 14:48:13 ----A---- C:\Windows\system32\wsepno.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\wscript.exe
2010-11-16 14:48:13 ----A---- C:\Windows\system32\wiaservc.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\ulib.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\sysclass.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\stobject.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\SndVol.exe
2010-11-16 14:48:13 ----A---- C:\Windows\system32\prnntfy.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\odbccp32.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\msnetobj.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\mscms.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\mfplat.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\iasdatastore.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\dsound.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\diskraid.exe
2010-11-16 14:48:13 ----A---- C:\Windows\system32\cryptui.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\apphelp.dll
2010-11-16 14:48:13 ----A---- C:\Windows\system32\adsmsext.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\wscntfy.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\wlangpui.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\rastapi.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\pnpsetup.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-11-16 14:48:12 ----A---- C:\Windows\system32\gpapi.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\fdProxy.dll
2010-11-16 14:48:12 ----A---- C:\Windows\system32\diskpart.exe
2010-11-16 14:48:12 ----A---- C:\Windows\system32\brcpl.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\zipfldr.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\wusa.exe
2010-11-16 14:48:11 ----A---- C:\Windows\system32\wshext.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\wscsvc.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-11-16 14:48:11 ----A---- C:\Windows\system32\vdsdyn.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\regsvc.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\rasapi32.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\ntprint.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\mscorier.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\logman.exe
2010-11-16 14:48:11 ----A---- C:\Windows\system32\iasrad.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\iashlpr.dll
2010-11-16 14:48:11 ----A---- C:\Windows\system32\findstr.exe
2010-11-16 14:48:10 ----A---- C:\Windows\system32\wsnmp32.dll
2010-11-16 14:48:10 ----A---- C:\Windows\system32\wer.dll
2010-11-16 14:48:10 ----A---- C:\Windows\system32\themecpl.dll
2010-11-16 14:48:10 ----A---- C:\Windows\system32\rasdlg.dll
2010-11-16 14:48:10 ----A---- C:\Windows\system32\netcenter.dll
2010-11-16 14:48:10 ----A---- C:\Windows\system32\iassvcs.dll
2010-11-16 14:48:10 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-11-16 14:48:09 ----A---- C:\Windows\system32\uxsms.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\slcc.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\scansetting.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\powrprof.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\ntmarta.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\msutb.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\mstlsapi.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\mssprxy.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\iasads.dll
2010-11-16 14:48:09 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2010-11-16 14:48:08 ----A---- C:\Windows\system32\powercpl.dll
2010-11-16 14:48:08 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-11-16 14:48:08 ----A---- C:\Windows\system32\networkmap.dll
2010-11-16 14:48:08 ----A---- C:\Windows\system32\mstsc.exe
2010-11-16 14:48:08 ----A---- C:\Windows\system32\iasacct.dll
2010-11-16 14:48:08 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-16 14:48:07 ----A---- C:\Windows\system32\umrdp.dll
2010-11-16 14:48:07 ----A---- C:\Windows\system32\systemcpl.dll
2010-11-16 14:48:07 ----A---- C:\Windows\system32\sud.dll
2010-11-16 14:48:07 ----A---- C:\Windows\system32\newdev.exe
2010-11-16 14:48:07 ----A---- C:\Windows\system32\dot3svc.dll
2010-11-16 14:48:07 ----A---- C:\Windows\system32\connect.dll
2010-11-16 14:48:07 ----A---- C:\Windows\system32\authz.dll
2010-11-16 14:48:06 ----A---- C:\Windows\system32\usercpl.dll
2010-11-16 14:48:06 ----A---- C:\Windows\system32\themeui.dll
2010-11-16 14:48:06 ----A---- C:\Windows\system32\samlib.dll
2010-11-16 14:48:06 ----A---- C:\Windows\system32\pcaui.dll
2010-11-16 14:48:06 ----A---- C:\Windows\system32\mmci.dll
2010-11-16 14:48:06 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\wlanpref.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\vdsutil.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\rpchttp.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\regapi.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\qdvd.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\msinfo32.exe
2010-11-16 14:48:05 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2010-11-16 14:48:05 ----A---- C:\Windows\system32\cscobj.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\brcplsiw.dll
2010-11-16 14:48:05 ----A---- C:\Windows\system32\autoplay.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\wscisvif.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\tapisrv.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\sdclt.exe
2010-11-16 14:48:04 ----A---- C:\Windows\system32\scksp.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\scesrv.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\rekeywiz.exe
2010-11-16 14:48:04 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\oleprn.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\mpr.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\imm32.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\iaspolcy.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\feclient.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\Faultrep.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\drivers\exfat.sys
2010-11-16 14:48:04 ----A---- C:\Windows\system32\dot3msm.dll
2010-11-16 14:48:04 ----A---- C:\Windows\system32\DeviceEject.exe
2010-11-16 14:48:04 ----A---- C:\Windows\system32\AudioSes.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\TSTheme.exe
2010-11-16 14:48:03 ----A---- C:\Windows\system32\spwinsat.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\scecli.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\rasplap.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\rasgcw.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\qedit.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\pnpui.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\perfdisk.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\ncryptui.dll
2010-11-16 14:48:03 ----A---- C:\Windows\system32\hdwwiz.exe
2010-11-16 14:48:03 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-11-16 14:48:03 ----A---- C:\Windows\system32\dpapimig.exe
2010-11-16 14:48:03 ----A---- C:\Windows\system32\certreq.exe
2010-11-16 14:48:02 ----A---- C:\Windows\system32\wiaaut.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\whealogr.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\tcpmon.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\srcore.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\SnippingTool.exe
2010-11-16 14:48:02 ----A---- C:\Windows\system32\SCardSvr.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\raschap.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-11-16 14:48:02 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\fontext.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\fdWSD.dll
2010-11-16 14:48:02 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2010-11-16 14:48:02 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2010-11-16 14:48:02 ----A---- C:\Windows\system32\drivers\portcls.sys
2010-11-16 14:48:02 ----A---- C:\Windows\system32\drivers\npfs.sys
2010-11-16 14:48:02 ----A---- C:\Windows\system32\drivers\afd.sys
2010-11-16 14:48:02 ----A---- C:\Windows\system32\conime.exe
2010-11-16 14:48:02 ----A---- C:\Windows\system32\cmmon32.exe
2010-11-16 14:48:02 ----A---- C:\Windows\system32\cmdial32.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-11-16 14:48:01 ----A---- C:\Windows\system32\wlanui.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\shwebsvc.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\shsetup.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\rasppp.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\PnPutil.exe
2010-11-16 14:48:01 ----A---- C:\Windows\system32\oobefldr.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\dsprop.dll
2010-11-16 14:48:01 ----A---- C:\Windows\system32\drivers\tdx.sys
2010-11-16 14:48:01 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-11-16 14:48:01 ----A---- C:\Windows\system32\dimsroam.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\tscfgwmi.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\smss.exe
2010-11-16 14:48:00 ----A---- C:\Windows\system32\rdpwsx.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\rasmontr.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\netplwiz.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\mscandui.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\modemui.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\chtbrkr.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\drivers\fastfat.sys
2010-11-16 14:48:00 ----A---- C:\Windows\system32\dataclen.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\credui.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\blackbox.dll
2010-11-16 14:48:00 ----A---- C:\Windows\system32\appmgmts.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\WSDMon.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\wscapi.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\wmpeffects.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\networkexplorer.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\msscp.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\msimtf.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\logagent.exe
2010-11-16 14:47:59 ----A---- C:\Windows\system32\InkEd.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\ifmon.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\gpresult.exe
2010-11-16 14:47:59 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-11-16 14:47:59 ----A---- C:\Windows\system32\drivers\ohci1394.sys
2010-11-16 14:47:59 ----A---- C:\Windows\system32\CscMig.dll
2010-11-16 14:47:59 ----A---- C:\Windows\system32\cipher.exe
2010-11-16 14:47:59 ----A---- C:\Windows\system32\certprop.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\wshbth.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\version.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\thawbrkr.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\softkbd.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\SLLUA.exe
2010-11-16 14:47:58 ----A---- C:\Windows\system32\sendmail.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\rdpclip.exe
2010-11-16 14:47:58 ----A---- C:\Windows\system32\puiapi.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\olepro32.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\msisip.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\msctfui.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\mprapi.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\input.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\gpprnext.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\fc.exe
2010-11-16 14:47:58 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-11-16 14:47:58 ----A---- C:\Windows\system32\drivers\watchdog.sys
2010-11-16 14:47:58 ----A---- C:\Windows\system32\drivers\udfs.sys
2010-11-16 14:47:58 ----A---- C:\Windows\system32\drivers\smb.sys
2010-11-16 14:47:58 ----A---- C:\Windows\system32\drivers\hidusb.sys
2010-11-16 14:47:58 ----A---- C:\Windows\system32\dmsynth.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\wsdchngr.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\Storprop.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\rdpendp.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\rasdial.exe
2010-11-16 14:47:57 ----A---- C:\Windows\system32\rasdiag.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\msjint40.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\l2nacp.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\gpscript.exe
2010-11-16 14:47:57 ----A---- C:\Windows\system32\ftp.exe
2010-11-16 14:47:57 ----A---- C:\Windows\system32\fdWCN.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\fdSSDP.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\eapp3hst.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2010-11-16 14:47:57 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2010-11-16 14:47:57 ----A---- C:\Windows\system32\dot3cfg.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\dmusic.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\cscdll.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\cscapi.dll
2010-11-16 14:47:57 ----A---- C:\Windows\system32\bthudtask.exe
2010-11-16 14:47:57 ----A---- C:\Windows\system32\bthci.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\winrnr.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\vdmdbg.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\tskill.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\tsdiscon.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\tscupgrd.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\tscon.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\slwga.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\slcinst.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\shadow.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\rwinsta.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\reset.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\query.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\qprocess.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\qappsrv.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\PrintBrmUi.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\odbcconf.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\ocsetup.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\nslookup.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\NcdProp.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\mmcico.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\logoff.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\iscsilog.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\ipconfig.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\inetppui.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\chgusr.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\chgport.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\chglogon.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\change.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\hbaapi.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\gpupdate.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\gpscript.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\fdeploy.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\eappgnui.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\eappcfg.dll
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\rassstp.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\hidclass.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\dxg.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\dfsc.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\drivers\cdrom.sys
2010-11-16 14:47:56 ----A---- C:\Windows\system32\csrstub.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\cbsra.exe
2010-11-16 14:47:56 ----A---- C:\Windows\system32\bitsigd.dll
2010-11-16 14:47:55 ----A---- C:\Windows\system32\midimap.dll
2010-11-16 14:47:55 ----A---- C:\Windows\system32\drivers\stream.sys
2010-11-16 14:47:55 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2010-11-16 14:47:55 ----A---- C:\Windows\system32\drivers\bridge.sys
2010-11-16 14:47:54 ----A---- C:\Windows\system32\msimsg.dll
2010-11-16 14:47:54 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-11-16 14:47:54 ----A---- C:\Windows\system32\drivers\usb8023.sys
2010-11-16 14:47:54 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2010-11-16 14:47:40 ----A---- C:\Windows\system32\SmiEngine.dll
2010-11-16 14:47:38 ----A---- C:\Windows\system32\wdscore.dll
2010-11-16 14:47:38 ----A---- C:\Windows\system32\PkgMgr.exe
2010-11-16 14:47:34 ----A---- C:\Windows\system32\drvstore.dll
2010-11-16 14:29:44 ----A---- C:\Windows\system32\wmp.dll
2010-11-16 14:29:43 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-16 14:29:35 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-16 14:29:35 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-16 14:29:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-16 14:29:35 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-16 14:29:34 ----A---- C:\Windows\system32\netevent.dll
2010-11-16 14:29:31 ----A---- C:\Windows\system32\usp10.dll
2010-11-16 14:29:21 ----A---- C:\Windows\system32\schannel.dll
2010-11-16 14:29:16 ----A---- C:\Windows\system32\iccvid.dll
2010-11-16 14:29:09 ----A---- C:\Windows\system32\asycfilt.dll
2010-11-16 14:29:07 ----A---- C:\Windows\system32\ole32.dll
2010-11-16 14:29:06 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-16 14:28:59 ----A---- C:\Windows\system32\t2embed.dll
2010-11-16 14:28:54 ----A---- C:\Windows\system32\gameux.dll
2010-11-16 14:28:53 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-11-16 14:28:53 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-11-16 14:28:47 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-11-16 14:28:44 ----A---- C:\Windows\system32\mfc40u.dll
2010-11-16 14:28:44 ----A---- C:\Windows\system32\mfc40.dll
2010-11-16 14:28:40 ----A---- C:\Windows\system32\rtutils.dll
2010-11-16 14:28:38 ----A---- C:\Windows\system32\msshsq.dll
2010-11-16 14:28:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-11-16 14:28:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-11-16 14:28:33 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-16 14:28:30 ----A---- C:\Windows\system32\msxml3.dll
2010-11-16 14:28:15 ----A---- C:\Windows\system32\shell32.dll
2010-11-16 14:28:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-11-16 14:28:10 ----A---- C:\Windows\system32\inetcomm.dll
2010-11-16 14:28:08 ----A---- C:\Windows\system32\comctl32.dll

======List of files/folders modified in the last 1 months======

Jirka · #4 Příspěvek od **Jirka** » 17 pro 2010 10:22

======List of files/folders modified in the last 1 months======

2010-12-15 20:58:10 ----D---- C:\Windows\Temp
2010-12-15 20:53:23 ----D---- C:\Windows\Prefetch
2010-12-15 20:51:23 ----RD---- C:\Program Files
2010-12-15 20:16:57 ----D---- C:\Windows\System32
2010-12-15 20:16:57 ----D---- C:\Windows\inf
2010-12-15 20:16:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-15 16:41:41 ----D---- C:\Windows\system32\drivers\AVG
2010-12-15 14:12:13 ----D---- C:\Windows\rescache
2010-12-15 14:07:31 ----D---- C:\Windows\winsxs
2010-12-15 13:54:30 ----D---- C:\Program Files\Windows Mail
2010-12-15 13:54:30 ----D---- C:\Program Files\Internet Explorer
2010-12-15 13:54:29 ----D---- C:\Windows\system32\migration
2010-12-15 13:47:54 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 13:47:37 ----D---- C:\Windows\system32\catroot
2010-12-15 13:45:38 ----D---- C:\Windows\Debug
2010-12-15 13:45:36 ----A---- C:\Windows\system32\mrt.exe
2010-12-15 13:45:18 ----SHD---- C:\System Volume Information
2010-12-15 13:39:13 ----D---- C:\Windows\system32\catroot2
2010-12-14 08:10:37 ----D---- C:\ProgramData\CanonIJPLM
2010-12-13 16:15:44 ----SD---- C:\ProgramData\Microsoft
2010-12-11 10:52:06 ----D---- C:\Windows
2010-12-11 10:50:30 ----SHD---- C:\Windows\Installer
2010-12-11 10:50:00 ----D---- C:\ProgramData\Adobe
2010-12-11 10:36:35 ----D---- C:\Users\Jiří Boháček\AppData\Roaming\Adobe
2010-12-11 10:35:37 ----D---- C:\Program Files\Common Files
2010-12-11 09:53:10 ----HD---- C:\ProgramData
2010-12-11 08:35:43 ----D---- C:\Program Files\Windows Media Player
2010-12-10 17:06:12 ----D---- C:\Program Files\Mozilla Firefox
2010-11-28 11:57:05 ----D---- C:\Windows\system32\NDF
2010-11-28 09:02:26 ----D---- C:\Windows\system32\FxsTmp
2010-11-26 19:52:53 ----D---- C:\Program Files\CCleaner
2010-11-25 17:16:38 ----D---- C:\Users\Jiří Boháček\AppData\Roaming\Zoner
2010-11-25 17:15:44 ----D---- C:\Program Files\Zoner
2010-11-24 15:50:52 ----D---- C:\Windows\system32\WDI
2010-11-24 08:11:19 ----D---- C:\Windows\system32\drivers
2010-11-18 17:27:57 ----RSD---- C:\Windows\assembly
2010-11-18 17:27:57 ----D---- C:\Windows\Microsoft.NET
2010-11-18 17:20:19 ----D---- C:\Windows\system32\en-US
2010-11-18 03:22:43 ----D---- C:\Windows\system32\Tasks
2010-11-18 03:21:40 ----D---- C:\Windows\system32\drivers\UMDF
2010-11-18 03:20:19 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-11-18 03:20:18 ----D---- C:\Windows\system32\wbem
2010-11-18 03:20:17 ----D---- C:\Windows\system32\zh-TW
2010-11-18 03:20:17 ----D---- C:\Windows\system32\zh-HK
2010-11-18 03:20:17 ----D---- C:\Windows\system32\zh-CN
2010-11-18 03:20:17 ----D---- C:\Windows\system32\uk-UA
2010-11-18 03:20:17 ----D---- C:\Windows\system32\tr-TR
2010-11-18 03:20:17 ----D---- C:\Windows\system32\th-TH
2010-11-18 03:20:17 ----D---- C:\Windows\system32\sv-SE
2010-11-18 03:20:17 ----D---- C:\Windows\system32\sr-Latn-CS
2010-11-18 03:20:17 ----D---- C:\Windows\system32\sl-SI
2010-11-18 03:20:17 ----D---- C:\Windows\system32\sk-SK
2010-11-18 03:20:17 ----D---- C:\Windows\system32\ru-RU
2010-11-18 03:20:17 ----D---- C:\Windows\system32\ro-RO
2010-11-18 03:20:17 ----D---- C:\Windows\system32\pt-PT
2010-11-18 03:20:17 ----D---- C:\Windows\system32\pt-BR
2010-11-18 03:20:17 ----D---- C:\Windows\system32\pl-PL
2010-11-18 03:20:17 ----D---- C:\Windows\system32\nl-NL
2010-11-18 03:20:17 ----D---- C:\Windows\system32\nb-NO
2010-11-18 03:20:17 ----D---- C:\Windows\system32\lv-LV
2010-11-18 03:20:17 ----D---- C:\Windows\system32\lt-LT
2010-11-18 03:20:17 ----D---- C:\Windows\system32\ko-KR
2010-11-18 03:20:17 ----D---- C:\Windows\system32\ja-JP
2010-11-18 03:20:17 ----D---- C:\Windows\system32\it-IT
2010-11-18 03:20:17 ----D---- C:\Windows\system32\hu-HU
2010-11-18 03:20:17 ----D---- C:\Windows\system32\hr-HR
2010-11-18 03:20:17 ----D---- C:\Windows\system32\he-IL
2010-11-18 03:20:17 ----D---- C:\Windows\system32\fr-FR
2010-11-18 03:20:17 ----D---- C:\Windows\system32\fi-FI
2010-11-18 03:20:17 ----D---- C:\Windows\system32\et-EE
2010-11-18 03:20:17 ----D---- C:\Windows\system32\es-ES
2010-11-18 03:20:17 ----D---- C:\Windows\system32\el-GR
2010-11-18 03:20:17 ----D---- C:\Windows\system32\de-DE
2010-11-18 03:20:17 ----D---- C:\Windows\system32\da-DK
2010-11-18 03:20:17 ----D---- C:\Windows\system32\bg-BG
2010-11-18 03:20:17 ----D---- C:\Windows\system32\ar-SA
2010-11-17 10:02:27 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-17 09:58:38 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-16 16:26:10 ----SHD---- C:\Boot
2010-11-16 16:20:48 ----D---- C:\Program Files\Windows Calendar
2010-11-16 16:20:47 ----D---- C:\Program Files\Windows Sidebar
2010-11-16 16:20:47 ----D---- C:\Program Files\Movie Maker
2010-11-16 16:20:46 ----D---- C:\Program Files\Windows Journal
2010-11-16 16:20:46 ----D---- C:\Program Files\Windows Collaboration
2010-11-16 16:20:44 ----D---- C:\Program Files\Windows Photo Gallery
2010-11-16 16:20:44 ----D---- C:\Program Files\Common Files\System
2010-11-16 16:20:40 ----D---- C:\Windows\servicing
2010-11-16 16:20:40 ----D---- C:\Program Files\Windows Defender
2010-11-16 16:20:32 ----D---- C:\Windows\system32\XPSViewer
2010-11-16 16:20:32 ----D---- C:\Windows\PolicyDefinitions
2010-11-16 16:20:32 ----D---- C:\Windows\IME
2010-11-16 16:20:31 ----D---- C:\Windows\system32\oobe
2010-11-16 16:20:29 ----D---- C:\Windows\system32\setup
2010-11-16 16:20:29 ----D---- C:\Windows\system32\AdvancedInstallers
2010-11-16 16:20:28 ----D---- C:\Windows\system32\SLUI
2010-11-16 16:20:28 ----D---- C:\Windows\system32\manifeststore
2010-11-16 16:20:28 ----D---- C:\Windows\system32\cs
2010-11-16 16:20:25 ----D---- C:\Windows\system32\migwiz
2010-11-16 16:19:52 ----RSD---- C:\Windows\Fonts
2010-11-16 16:19:52 ----D---- C:\Windows\AppPatch
2010-11-16 16:19:47 ----D---- C:\Windows\system32\Boot
2010-11-16 16:12:04 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2010-11-16 16:05:22 ----D---- C:\ProgramData\AVG Security Toolbar
2010-11-16 14:32:58 ----SD---- C:\Users\Jiří Boháček\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-09 299984]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-19 220672]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-10-22 10084360]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2006-11-02 21504]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [2007-07-19 689408]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-25 517448]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#5 Příspěvek od **motji** » 17 pro 2010 12:28

Ještě poprosím o log info.txt.
Máte doinstalovány všechny drivery?
Když pc probudíte, co ho nejvíc vytěžuje, který proces?

Jirka · #6 Příspěvek od **Jirka** » 17 pro 2010 15:56

Tak prosím..zasílám log info.Včera jsem se všiml, že při tom bláznění mi začla blikat fleška v portu USB. Tak jsem jí vytáhl a CPU šlo hned na 2-5% a myslim, že již nereaguje spouštění WMP na chod tiskárny (jako by se to odstranilo), ale zase si tiskárna ráda zachrčí asi v krajní poloze.Ovladače staženy z Canonu.Je to o 70% lepší, aspoň se zdá. Děkuji.

info.txt logfile of random's system information tool 1.08 2010-12-15 20:58:16

======Uninstall list======

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 9.4.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
APC PowerChute Personal Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
AVG 2011-->"C:\Program Files\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2011-->MsiExec.exe /I{5AD96CF5-2627-4F29-9D2D-72FCD85F6355}
AVG 2011-->MsiExec.exe /I{A23061AF-5361-433C-B7F0-CE5F79A22C49}
Canon MP Navigator EX 2.0-->"C:\Program Files\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 2.0\uninst.ini
Canon MP630 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series /L0x0005
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Český telefon 2004 STANDARD-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0310CC17-4A4D-4521-A6BD-44B38612FA0A}
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Ekonomický systém Money S3-->C:\Program Files\CIGLER SOFTWARE\Common Files\Money S3\Setup\Uninst.exe
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
FileOpen Client-->MsiExec.exe /X{AD6ACA58-30FE-4336-A5B0-461FD60AF727}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Info-nastenka-Czechdata-->C:\Program Files\Info-nastenka-Czechdata\uninstall.exe
Inkjet Printer/Scanner Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
K-Lite Mega Codec Pack 6.5.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech SetPoint 6.15-->C:\Program Files\Common Files\LogiShrd\SP6_Uninstall\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Ovladače grafiky 260.99-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
ProFact 3.0 Free-->"C:\Program Files\ProFact 3.0 Free\unins000.exe"
Příjmové a výdajové doklady-->"C:\Program Files\Příjmové a výdajové doklady\unins000.exe"
RaimaRadio 1.4-->"C:\Program Files\RaimaRadio\unins000.exe"
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Registrace uživatele zařízení Canon MP630 series-->C:\Program Files\Canon\IJEREG\MP630 series\UNINST.EXE
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Zoner Photo Studio 10-->"C:\Program Files\Zoner\Photo Studio 10\unins000.exe" /SILENT
Zoner Photo Studio 12-->"C:\Program Files\Zoner\Photo Studio 12\unins000.exe" /SILENT

======Security center information======

AS: Windows Defender (disabled)

======System event log======

Computer Name: JiříBoháček-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 967723-251_neutral_PACKAGE z balíčku KB967723 (Security Update) do stavu Fázování(Staging).
Record Number: 33116
Source Name: Microsoft-Windows-Servicing
Time Written: 20101114112751.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JiříBoháček-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 967723-250_neutral_PACKAGE z balíčku KB967723 (Security Update) do stavu Fázování(Staging).
Record Number: 33115
Source Name: Microsoft-Windows-Servicing
Time Written: 20101114112751.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JiříBoháček-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 967723-247_neutral_PACKAGE z balíčku KB967723 (Security Update) do stavu Fázování(Staging).
Record Number: 33114
Source Name: Microsoft-Windows-Servicing
Time Written: 20101114112751.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JiříBoháček-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 967723-246_neutral_PACKAGE z balíčku KB967723 (Security Update) do stavu Fázování(Staging).
Record Number: 33113
Source Name: Microsoft-Windows-Servicing
Time Written: 20101114112751.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JiříBoháček-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 967723-245_neutral_PACKAGE z balíčku KB967723 (Security Update) do stavu Fázování(Staging).
Record Number: 33112
Source Name: Microsoft-Windows-Servicing
Time Written: 20101114112751.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: 26L2233B2-09
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 5
Source Name: Microsoft-Windows-Search
Time Written: 20101113213258.000000-000
Event Type: Informace
User:

Computer Name: 26L2233B2-09
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20101113213257.000000-000
Event Type: Informace
User:

Computer Name: LH-3T8NOJPHRNR2
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20101113213254.000000-000
Event Type: Informace
User:

Computer Name: LH-3T8NOJPHRNR2
Event Code: 900
Message: Služba Licencování softwaru se spouští.

Record Number: 2
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20101113213254.000000-000
Event Type: Informace
User:

Computer Name: LH-3T8NOJPHRNR2
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101113213254.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: 26L2233B2-09
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 26L2233B2-09$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x230
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101113213226.953125-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-09
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x50265
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101113213224.171875-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-09
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101113213223.125000-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-09
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101113213223.125000-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-09
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:

Předmět:
ID zabezpečení: S-1-5-21-918056312-2952985149-2686913973-500
Název účtu: Administrator
Doména účtu: 26L2233B2-09
ID přihlášení: 0x8657f

Tato událost je generována, pokud je spuštěno odhlášení, ale počet referencí na token není nulový a relaci přihlášení nelze zničit. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102130853.734800-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2

-----------------EOF-----------------

#7 Příspěvek od **motji** » 17 pro 2010 16:18

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Jirka · #8 Příspěvek od **Jirka** » 17 pro 2010 17:51

Nevím,zda jej spouštím dobře,po dočasném zastavení avg 2011 ale hlásí,abych avg odinstaloval, nebo použil jiný program..

#9 Příspěvek od **motji** » 17 pro 2010 17:59

Omlouvám se, AVG musíte odinstalovat, combofix ho nemá rád

.

Použijte tento odinstalátor
http://www.avg.com/download-tools

Jirka · #10 Příspěvek od **Jirka** » 17 pro 2010 18:38

Zde je po odinstalaci AVG:
ComboFix 10-12-16.05 - Jiří Boháček 17.12.2010 18:17:57.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3053.2395 [GMT 1:00]
Spuštěný z: c:\users\Jiří Boháček\Desktop\ComboFix.exe
AV: AVG Anti-Virus 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-11-17 do 2010-12-17 )))))))))))))))))))))))))))))))
.

2010-12-17 17:23 . 2010-12-17 17:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-15 19:58 . 2010-12-17 09:12 -------- d-----w- C:\rsit
2010-12-15 19:51 . 2010-12-15 19:58 -------- d-----w- c:\program files\trend micro
2010-12-15 12:40 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2010-12-15 12:40 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2010-12-15 12:40 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-15 12:40 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-12-15 12:40 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-15 12:40 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-15 12:40 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-14 14:28 . 2010-12-14 14:28 -------- d-----w- c:\program files\ESET
2010-12-12 08:48 . 2010-12-12 08:48 -------- d--h--w- c:\program files\CanonBJ
2010-12-11 20:05 . 2010-12-11 20:05 -------- d-----w- c:\program files\Defraggler
2010-12-11 09:35 . 2010-12-11 09:50 -------- d-----w- c:\program files\Common Files\Adobe
2010-12-11 08:53 . 2010-12-11 08:53 -------- d-----w- c:\users\Jiří Boháček\AppData\Roaming\FileOpen
2010-12-11 08:53 . 2010-12-11 08:53 -------- d-----w- c:\programdata\FileOpen
2010-12-11 08:52 . 2010-12-11 08:52 -------- d-----w- c:\program files\FileOpen
2010-11-28 13:00 . 2010-11-28 13:00 -------- d---a-w- c:\users\Jiří Boháček\AppData\Roaming\Feedreader
2010-11-28 13:00 . 2010-11-28 13:00 -------- d-----w- c:\program files\Info-nastenka-Czechdata
2010-11-24 09:15 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-23 12:23 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CCE282F-3F46-421A-AA7A-1811FF3C1630}\mpengine.dll
2010-11-20 08:48 . 2010-11-20 08:50 -------- d-----w- c:\program files\Recuva
2010-11-20 08:36 . 2010-11-25 16:32 -------- d-----w- c:\users\Jiří Boháček\AppData\Local\Canon Easy-PhotoPrint EX
2010-11-18 16:34 . 2010-12-11 09:07 -------- d-----w- c:\users\Jiří Boháček\AppData\Roaming\Media Player Classic
2010-11-18 16:20 . 2010-11-18 16:20 -------- d-----w- c:\program files\Microsoft.NET
2010-11-18 16:09 . 2010-11-18 16:09 -------- d-----w- c:\program files\ConvertHelper
2010-11-18 02:20 . 2010-11-18 02:20 -------- d-----w- c:\program files\Windows Portable Devices
2010-11-18 02:04 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-11-18 02:04 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-11-18 02:04 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-11-18 02:02 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-11-18 02:02 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-11-18 02:02 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-15 11:33 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-11-15 11:33 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-11-14 12:35 . 2010-11-14 12:35 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-11-14 12:32 . 2010-11-14 12:32 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-11-14 12:32 . 2010-11-14 12:32 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-11-14 12:32 . 2010-11-14 12:32 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-11-14 12:32 . 2010-11-14 12:32 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-11-14 12:30 . 2010-11-14 12:30 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2010-11-14 12:29 . 2010-11-14 12:29 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-11-14 12:25 . 2010-11-14 12:25 37888 ----a-w- c:\windows\system32\printcom.dll
2010-11-14 12:23 . 2010-11-14 12:23 14848 ----a-w- c:\windows\system32\wshrm.dll
2010-11-14 12:22 . 2010-11-14 12:22 43520 ----a-w- c:\windows\system32\msdxm.tlb
2010-11-14 12:22 . 2010-11-14 12:22 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-11-14 12:22 . 2010-11-14 12:22 18432 ----a-w- c:\windows\system32\amcompat.tlb
2010-11-14 12:22 . 2010-11-14 12:22 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-11-14 12:22 . 2010-11-14 12:22 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-11-14 12:22 . 2010-11-14 12:22 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-11-14 12:21 . 2010-11-14 12:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-11-14 12:21 . 2010-11-14 12:21 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-11-14 12:21 . 2010-11-14 12:21 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-11-14 12:21 . 2010-11-14 12:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-11-14 12:21 . 2010-11-14 12:21 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-11-14 12:21 . 2010-11-14 12:21 471552 ----a-w- c:\windows\system32\secproc.dll
2010-11-14 12:21 . 2010-11-14 12:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-11-14 12:21 . 2010-11-14 12:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-11-14 12:21 . 2010-11-14 12:21 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-11-14 10:08 . 2010-11-14 10:08 23552 ----a-w- c:\windows\system32\lpk.dll
2010-11-14 10:08 . 2010-11-14 10:08 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-11-14 10:05 . 2010-11-14 10:05 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-11-14 10:05 . 2010-11-14 10:05 272896 ----a-w- c:\windows\system32\polstore.dll
2010-11-14 09:59 . 2010-11-14 09:59 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-11-14 09:59 . 2010-11-14 09:59 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-11-14 09:59 . 2010-11-14 09:59 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-11-14 09:59 . 2010-11-14 09:59 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-11-14 09:59 . 2010-11-14 09:59 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-11-14 09:59 . 2010-11-14 09:59 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-11-14 09:59 . 2010-11-14 09:59 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-11-14 09:59 . 2010-11-14 09:59 10240 ----a-w- c:\windows\system32\finger.exe
2010-11-14 09:56 . 2010-11-14 09:56 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-11-14 09:56 . 2010-11-14 09:56 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-11-14 09:56 . 2010-11-14 09:56 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-11-14 09:56 . 2010-11-14 09:56 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-11-14 09:56 . 2010-11-14 09:56 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-11-14 09:56 . 2010-11-14 09:56 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-11-14 09:55 . 2010-11-14 09:55 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2010-11-14 09:54 . 2010-11-14 09:54 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-11-14 09:54 . 2010-11-14 09:54 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-11-14 09:54 . 2010-11-14 09:54 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-11-14 09:53 . 2010-11-14 09:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-11-14 09:52 . 2010-11-14 09:52 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-11-14 09:52 . 2010-11-14 09:52 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-11-14 09:52 . 2010-11-14 09:52 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-11-14 09:50 . 2010-11-14 09:50 2868224 ----a-w- c:\windows\system32\mf.dll
2010-11-14 09:50 . 2010-11-14 09:50 98816 ----a-w- c:\windows\system32\mfps.dll
2010-11-14 09:50 . 2010-11-14 09:50 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-11-14 09:50 . 2010-11-14 09:50 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-11-14 09:50 . 2010-11-14 09:50 2048 ----a-w- c:\windows\system32\mferror.dll
2010-11-14 09:42 . 2010-11-14 09:42 71680 ----a-w- c:\windows\system32\atl.dll
2010-11-14 09:36 . 2010-11-14 09:36 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-11-14 09:35 . 2010-11-14 09:35 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-11-14 09:35 . 2010-11-14 09:35 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-11-14 09:35 . 2010-11-14 09:35 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-11-14 09:31 . 2010-11-14 09:31 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-11-14 09:23 . 2010-11-14 09:23 623616 ----a-w- c:\windows\system32\localspl.dll
2010-11-14 09:17 . 2010-11-14 09:17 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-11-14 09:17 . 2010-11-14 09:17 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-11-14 09:17 . 2010-11-14 09:17 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-11-14 09:17 . 2010-11-14 09:17 9728 ----a-w- c:\windows\system32\lsass.exe
2010-11-14 09:17 . 2010-11-14 09:17 72704 ----a-w- c:\windows\system32\secur32.dll
2010-11-14 09:17 . 2010-11-14 09:17 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-11-14 09:14 . 2010-11-14 09:14 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2010-11-14 09:14 . 2010-11-14 09:14 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2010-11-14 09:14 . 2010-11-14 09:14 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2010-11-14 09:14 . 2010-11-14 09:14 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2010-11-14 09:14 . 2010-11-14 09:14 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2010-11-14 09:14 . 2010-11-14 09:14 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2010-11-14 09:14 . 2010-11-14 09:14 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2010-11-14 09:14 . 2010-11-14 09:14 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2010-11-14 09:14 . 2010-11-14 09:14 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2010-11-14 09:14 . 2010-11-14 09:14 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2010-11-14 09:14 . 2010-11-14 09:14 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2010-11-14 09:14 . 2010-11-14 09:14 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2010-11-14 09:14 . 2010-11-14 09:14 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2010-11-14 09:14 . 2010-11-14 09:14 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2010-11-14 09:14 . 2010-11-14 09:14 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2010-11-14 09:14 . 2010-11-14 09:14 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2010-11-14 09:14 . 2010-11-14 09:14 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2010-11-14 09:14 . 2010-11-14 09:14 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2010-11-14 09:14 . 2010-11-14 09:14 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2010-11-14 09:14 . 2010-11-14 09:14 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2010-11-14 09:14 . 2010-11-14 09:14 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2010-11-14 09:14 . 2010-11-14 09:14 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2010-11-14 09:14 . 2010-11-14 09:14 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2010-11-14 09:14 . 2010-11-14 09:14 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2010-11-14 09:14 . 2010-11-14 09:14 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2010-11-14 09:14 . 2010-11-14 09:14 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2010-11-14 09:14 . 2010-11-14 09:14 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2010-11-14 09:14 . 2010-11-14 09:14 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2010-11-14 09:14 . 2010-11-14 09:14 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2010-11-14 09:14 . 2010-11-14 09:14 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"feedreader.exe"="c:\program files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe" [2009-03-29 2058240]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2010-11-14 267520]
Info nastenka CzechData.lnk - c:\program files\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe [2009-3-29 2058240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{B1A8C134-0608-4D5C-9BFF-CBB4B1256028}.job
- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
Trusted Zone: unmz.cz\csnonline
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Jiří Boháček\AppData\Roaming\Mozilla\Firefox\Profiles\eyfmlxi7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.idnes.cz
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-Info-Czechdata - %PROGRAMFILES%\Info-nastenka-Czechdata\Info-nastenka-Czechdata\feedreader.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-17 18:23
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2010-12-17 18:25:01
ComboFix-quarantined-files.txt 2010-12-17 17:24

Před spuštěním: Volných bajtů: 91 313 221 632
Po spuštění: Volných bajtů: 91 438 465 024

- - End Of File - - 56411274D061145E4B7CCDA6049B730F

#11 Příspěvek od **motji** » 17 pro 2010 19:51

Změnilo se něco?

Jirka · #12 Příspěvek od **Jirka** » 17 pro 2010 21:07

Zdá se ,že nic. Vypnu-li PC, pak po spuštění pokud nemám Flasch v portu
zobrazí pouze hlášku Another instance of program is running.
Po uzavření chybového okna maká svým stylem dál. Dám-li požadavek na výtisk chrčí tiskárna chvíli asi 3x po sobě a pak normál tiskne.

Mám-li po spuštění v portu USB Flaschku ,pak jedno a to samé okno Another... a ještě k tomu rozjezd procesoru na 100% a více a opět spuštěn WMP.

#13 Příspěvek od **motji** » 17 pro 2010 22:09

Zkuste tu tiskárnu přeinstalovat

Jirka · #14 Příspěvek od **Jirka** » 18 pro 2010 11:34

Zkouška provedena bez výsledku. Pokud má v USB tu flaschku rozbíhá WMP a bliká flasch a 100% CPU. Po vyjmutí flasche O.K.

#15 Příspěvek od **motji** » 18 pro 2010 15:52

Zkusíme tohle, pak napište, jak to vypadá

Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.
-restartujte počítač

VIRY.CZ

Visty po reinstalaci

Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci log 1.část

Re: Visty po reinstalaci log2

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci

Re: Visty po reinstalaci