Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter.exe

Zpráva

kilda · #1 Příspěvek od **kilda** » 11 úno 2011 18:20

Prosim o kontrolu logu a radu, potreboval jsem prevest bat soubory do exe. Tenhle program se nespustil, antivirus mi v nem nic nenasel, ale virustotal.com nasel nejaky trojany.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jacoobic at 2011-02-11 18:14:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 27 GB (18%) free of 153 GB
Total RAM: 1015 MB (28% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-29 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AccelerometerSysTrayApplet"=C:\WINDOWS\System32\accelerometerST.exe [2009-04-07 70200]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-04-15 1044480]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-07-25 888832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-29 137752]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-09 1434920]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-17 186904]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2010-07-21 1778064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2008-02-29 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2008-02-29 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-15 181816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-05-11 513080]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
kravinka.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Security Client\msseces.exe"="C:\Program Files\Microsoft Security Client\msseces.exe:*:Enabled:Microsoft Security Essentials"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-02-11 18:14:04 ----D---- C:\Program Files\trend micro
2011-02-11 18:14:02 ----D---- C:\rsit
2011-02-11 17:02:55 ----D---- C:\Program Files\Codyssey
2011-02-11 11:13:21 ----ASH---- C:\hiberfil.sys
2011-02-11 11:06:40 ----HD---- C:\WINDOWS\PIF
2011-02-11 09:05:05 ----D---- C:\Program Files\Advanced BAT to EXE Converter v2.44
2011-02-10 20:21:52 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-02-10 20:21:52 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-02-10 20:21:52 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-02-10 20:21:51 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-02-10 20:21:50 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-02-10 20:21:50 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-02-10 20:21:49 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-02-10 20:21:49 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-02-10 20:21:48 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-02-10 20:21:48 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-02-10 20:21:48 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-02-10 20:21:47 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-02-10 20:21:47 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-02-10 20:21:46 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-02-10 20:21:46 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-02-10 20:21:45 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-02-10 20:21:44 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-02-10 20:21:44 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-02-10 20:21:43 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-02-10 20:21:42 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-02-10 20:21:42 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-02-10 20:21:41 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-02-10 20:21:41 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-02-10 20:21:41 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-02-10 20:21:40 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-02-10 20:21:40 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-02-10 20:21:39 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-02-10 20:21:39 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-02-10 20:21:38 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-02-10 20:21:37 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-02-10 20:21:37 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-02-10 20:21:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-02-10 20:21:36 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-02-10 20:21:35 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-02-10 20:21:35 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-02-10 20:21:34 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-02-10 20:21:34 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-02-10 20:21:34 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-02-10 20:21:33 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-02-10 20:21:32 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-02-10 20:21:32 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-02-10 20:21:31 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-02-10 20:21:31 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-02-10 20:21:30 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-02-10 20:21:30 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-02-10 20:21:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-02-10 20:21:28 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-02-10 20:21:28 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-02-10 20:21:27 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-02-10 20:21:27 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-02-10 20:21:27 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-02-10 20:21:26 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-02-10 20:21:25 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-02-10 20:21:24 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-02-10 20:21:24 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-02-10 20:21:23 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-02-10 20:21:23 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-02-10 20:21:22 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-02-10 20:21:22 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-02-10 20:21:21 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-02-10 20:21:20 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-02-10 20:21:20 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-02-10 20:21:20 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-02-10 20:21:20 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-02-10 20:21:19 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-02-10 20:21:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-02-10 20:21:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-02-10 20:21:16 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-02-10 20:21:16 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-02-10 20:21:14 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-02-10 20:21:13 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-02-10 20:21:12 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-02-10 20:21:11 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-02-10 20:21:10 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-02-10 20:21:10 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-02-10 20:21:10 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-02-10 20:21:09 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-02-10 20:21:08 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-02-10 20:21:08 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-02-10 20:21:07 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-02-10 20:21:06 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-02-10 20:21:03 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-02-10 20:21:02 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-02-10 20:21:02 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-02-10 20:21:01 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-02-10 20:21:01 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-02-10 20:21:00 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-02-10 20:20:59 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-02-10 20:20:59 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-02-10 20:20:58 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-02-10 20:20:57 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-02-10 20:17:28 ----HD---- C:\WINDOWS\msdownld.tmp
2011-02-10 20:17:22 ----D---- C:\WINDOWS\Logs
2011-02-10 20:10:20 ----A---- C:\WINDOWS\game.ini
2011-02-10 15:09:03 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Google
2011-02-10 15:02:51 ----D---- C:\Program Files\Google
2011-02-08 17:19:09 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-02-08 16:42:28 ----D---- C:\UT2004
2011-02-03 19:50:40 ----D---- C:\Program Files\GameSpy Arcade
2011-02-03 19:46:17 ----D---- C:\Program Files\Aspyr
2011-02-03 18:44:22 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2011-02-03 18:44:18 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2011-02-02 15:27:17 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-02 09:33:59 ----A---- C:\WINDOWS\system32\libqt4intf.dll
2011-02-02 09:29:23 ----D---- C:\lazarus
2011-02-02 08:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-02-02 08:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-02-02 08:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-02-02 08:45:25 ----D---- C:\WINDOWS\ie8updates
2011-02-02 08:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-02-02 08:23:49 ----A---- C:\WINDOWS\system32\muweb.dll
2011-02-02 08:23:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2011-02-02 08:23:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-02-01 18:29:28 ----D---- C:\Program Files\JoWooD
2011-02-01 10:29:54 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-01 10:29:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-02-01 10:29:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-02-01 10:29:16 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-02-01 10:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-02-01 10:28:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-02-01 10:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-02-01 10:28:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-02-01 10:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-02-01 10:27:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-02-01 10:27:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-02-01 10:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-02-01 10:26:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-02-01 10:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-02-01 10:25:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-02-01 10:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-02-01 10:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-02-01 10:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-02-01 10:24:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-02-01 10:24:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-02-01 10:24:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-02-01 10:24:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-02-01 10:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-02-01 10:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-02-01 10:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-02-01 10:21:23 ----D---- C:\WINDOWS\WBEM
2011-02-01 10:20:45 ----HDC---- C:\WINDOWS\ie8
2011-02-01 10:20:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-02-01 10:19:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-02-01 10:19:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-02-01 10:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-02-01 10:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-02-01 10:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-02-01 10:19:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-02-01 10:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-02-01 10:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-02-01 10:18:25 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-02-01 10:17:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-02-01 10:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-02-01 10:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-02-01 10:08:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-02-01 10:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-02-01 10:07:51 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-02-01 10:07:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-02-01 10:07:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-02-01 10:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-02-01 10:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-02-01 10:00:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-02-01 09:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-02-01 09:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-02-01 09:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-02-01 09:53:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-02-01 09:53:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-02-01 09:52:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-02-01 09:52:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-02-01 09:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-02-01 09:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-02-01 09:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-02-01 09:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-02-01 09:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-02-01 09:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-02-01 09:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-02-01 09:44:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-02-01 09:43:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-02-01 09:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-02-01 09:43:35 ----A---- C:\WINDOWS\system32\wmpns.dll
2011-02-01 09:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-02-01 09:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-02-01 09:42:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-02-01 09:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-02-01 09:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-02-01 09:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-02-01 09:41:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-02-01 09:40:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-02-01 09:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2011-02-01 09:39:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-02-01 09:39:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-02-01 09:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-02-01 09:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-02-01 09:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-02-01 09:38:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-02-01 09:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-02-01 09:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-02-01 09:38:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-02-01 09:31:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-02-01 09:27:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-02-01 09:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-02-01 09:25:39 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-02-01 09:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-02-01 09:25:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-02-01 09:25:10 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-02-01 09:25:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-02-01 09:24:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-02-01 08:59:39 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-02-01 08:55:24 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-02-01 08:34:52 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2011-02-01 08:33:57 ----D---- C:\WINDOWS\system32\PreInstall
2011-02-01 08:33:56 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-02-01 08:33:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-01 08:14:37 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-01-31 22:59:54 ----D---- C:\Program Files\CCleaner
2011-01-29 15:26:56 ----D---- C:\Program Files\Activision
2011-01-29 13:42:41 ----A---- C:\WINDOWS\Thps3.INI
2011-01-29 12:53:03 ----D---- C:\Program Files\SystemRequirementsLab
2011-01-29 12:53:02 ----D---- C:\Documents and Settings\Jacoobic\Application Data\SystemRequirementsLab
2011-01-29 12:52:50 ----D---- C:\WINDOWS\Sun
2011-01-29 12:51:51 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2011-01-29 12:51:49 ----D---- C:\Program Files\Common Files\Java
2011-01-29 12:51:21 ----A---- C:\WINDOWS\system32\javaws.exe
2011-01-29 12:51:21 ----A---- C:\WINDOWS\system32\javaw.exe
2011-01-29 12:51:21 ----A---- C:\WINDOWS\system32\java.exe
2011-01-29 12:51:21 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-01-29 12:50:54 ----D---- C:\Program Files\Java
2011-01-29 12:49:47 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Sun
2011-01-27 21:22:36 ----D---- C:\Program Files\Microsoft IntelliType Pro
2011-01-27 18:23:16 ----D---- C:\Program Files\XMoto
2011-01-26 18:21:56 ----D---- C:\Program Files\Cross Racing Championship
2011-01-26 08:32:38 ----D---- C:\Documents and Settings\Jacoobic\Application Data\BatteryBar
2011-01-26 08:32:36 ----D---- C:\Program Files\BatteryBar
2011-01-26 07:54:50 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Foxit Software
2011-01-26 07:54:09 ----D---- C:\Program Files\Ask.com
2011-01-26 07:53:47 ----D---- C:\Program Files\Foxit Software
2011-01-25 23:30:49 ----D---- C:\Documents and Settings\Jacoobic\Application Data\DivX
2011-01-25 22:27:03 ----D---- C:\Documents and Settings\Jacoobic\Application Data\vlc
2011-01-25 20:20:02 ----A---- C:\WINDOWS\AutoKMS.ini
2011-01-25 20:11:08 ----D---- C:\Program Files\Common Files\DivX Shared
2011-01-25 20:09:50 ----D---- C:\Program Files\DivX
2011-01-25 20:08:17 ----D---- C:\Program Files\VideoLAN
2011-01-25 20:00:58 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-01-25 20:00:58 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2011-01-25 19:43:58 ----D---- C:\Program Files\Microsoft Synchronization Services
2011-01-25 19:43:57 ----D---- C:\Program Files\Common Files\DESIGNER
2011-01-25 19:43:22 ----D---- C:\Program Files\Microsoft.NET
2011-01-25 19:43:22 ----D---- C:\Program Files\Microsoft Sync Framework
2011-01-25 19:43:22 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-01-25 19:41:27 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-01-25 19:40:39 ----D---- C:\WINDOWS\SHELLNEW
2011-01-25 19:40:38 ----D---- C:\Program Files\Microsoft Analysis Services
2011-01-25 19:40:26 ----D---- C:\Program Files\Microsoft Office
2011-01-25 19:40:26 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-01-25 19:40:09 ----RHD---- C:\MSOCache
2011-01-25 19:16:58 ----A---- C:\error.txt
2011-01-25 19:15:30 ----D---- C:\Program Files\Codemasters
2011-01-25 19:15:30 ----A---- C:\WINDOWS\system32\MSOSS.DLL
2011-01-25 19:15:23 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-01-25 19:15:06 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-01-25 19:14:59 ----D---- C:\Program Files\DAEMON Tools Lite
2011-01-25 19:13:43 ----D---- C:\Documents and Settings\Jacoobic\Application Data\DAEMON Tools Lite
2011-01-25 19:13:43 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2011-01-25 18:44:27 ----A---- C:\WINDOWS\UC.PIF
2011-01-25 18:44:27 ----A---- C:\WINDOWS\RAR.PIF
2011-01-25 18:44:27 ----A---- C:\WINDOWS\PKZIP.PIF
2011-01-25 18:44:27 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-01-25 18:44:27 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-01-25 18:44:27 ----A---- C:\WINDOWS\LHA.PIF
2011-01-25 18:44:27 ----A---- C:\WINDOWS\ARJ.PIF
2011-01-25 18:44:26 ----D---- C:\totalcmd
2011-01-25 18:44:26 ----D---- C:\Documents and Settings\Jacoobic\Application Data\GHISLER
2011-01-25 18:24:01 ----SHD---- C:\RECYCLER
2011-01-25 18:21:06 ----D---- C:\Documents and Settings\Jacoobic\Application Data\skypePM
2011-01-25 18:19:12 ----D---- C:\Program Files\Common Files\Skype
2011-01-25 18:19:10 ----RD---- C:\Program Files\Skype
2011-01-25 18:19:09 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Skype
2011-01-25 18:19:05 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-01-25 18:16:53 ----D---- C:\Program Files\Microsoft Security Client
2011-01-25 18:16:47 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2011-01-25 18:11:04 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Trillian
2011-01-25 18:10:49 ----D---- C:\Program Files\Trillian
2011-01-25 18:10:03 ----D---- C:\Documents and Settings\Jacoobic\Application Data\WinRAR
2011-01-25 18:10:01 ----D---- C:\Program Files\WinRAR
2011-01-25 18:07:46 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Macromedia
2011-01-25 18:07:46 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Adobe
2011-01-25 17:59:17 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Mozilla
2011-01-25 17:59:13 ----D---- C:\Program Files\Mozilla Firefox
2011-01-25 16:14:19 ----A---- C:\WINDOWS\system32\h323log.txt
2011-01-25 16:12:07 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2011-01-25 16:12:05 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2011-01-25 16:12:03 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2011-01-25 16:12:03 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2011-01-25 16:12:02 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2011-01-25 16:12:01 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2011-01-25 16:12:00 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-01-25 16:11:58 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2011-01-25 16:11:58 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-01-25 16:11:56 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-01-25 16:11:55 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-01-25 16:11:46 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2011-01-25 16:11:46 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-01-25 16:11:46 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-01-25 16:11:34 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-01-25 16:11:00 ----A---- C:\WINDOWS\system32\usbui.dll
2011-01-25 16:10:54 ----A---- C:\WINDOWS\system32\drivers\wmiacpi.sys
2011-01-25 16:10:49 ----A---- C:\WINDOWS\system32\drivers\compbatt.sys
2011-01-25 16:10:48 ----A---- C:\WINDOWS\system32\drivers\battc.sys
2011-01-25 16:10:47 ----A---- C:\WINDOWS\system32\drivers\CmBatt.sys
2011-01-25 16:09:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-25 16:09:45 ----SHD---- C:\WINDOWS\Installer
2011-01-25 16:09:45 ----D---- C:\Program Files\Common Files\ODBC
2011-01-25 16:09:45 ----A---- C:\WINDOWS\ODBCINST.INI
2011-01-25 16:09:42 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-01-25 16:09:41 ----RD---- C:\Program Files
2011-01-25 16:09:41 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-25 16:09:41 ----D---- C:\Program Files\Common Files
2011-01-25 16:09:37 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-01-25 16:09:37 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-01-25 16:09:37 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-01-25 16:09:35 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-01-25 16:09:33 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-01-25 16:09:31 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-01-25 16:09:31 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-01-25 16:09:31 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-01-25 16:09:31 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-01-25 16:09:31 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-01-25 16:09:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2011-01-25 16:09:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2011-01-25 16:09:30 ----RA---- C:\WINDOWS\system32\kbdro.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2011-01-25 16:09:29 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2011-01-25 16:09:26 ----A---- C:\WINDOWS\system32\irclass.dll
2011-01-25 16:09:23 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-01-25 16:09:23 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-01-25 16:09:23 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-01-25 16:09:23 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-01-25 16:09:20 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-01-25 16:09:19 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-01-25 16:09:19 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-01-25 16:09:19 ----A---- C:\WINDOWS\system32\batt.dll
2011-01-25 16:09:18 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-01-25 16:09:16 ----A---- C:\WINDOWS\system32\storprop.dll
2011-01-25 16:09:11 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2011-01-25 16:09:05 ----RA---- C:\WINDOWS\SET8.tmp
2011-01-25 16:09:02 ----RA---- C:\WINDOWS\SET4.tmp
2011-01-25 16:09:00 ----RA---- C:\WINDOWS\SET3.tmp
2011-01-25 16:08:55 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-25 16:08:55 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-25 16:08:49 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-01-25 16:08:25 ----SHD---- C:\System Volume Information
2011-01-25 16:08:25 ----D---- C:\Documents and Settings
2011-01-25 16:07:45 ----SH---- C:\boot.ini
2011-01-25 16:04:11 ----RA---- C:\WINDOWS\system32\igfxres.dll
2011-01-25 16:01:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-25 16:01:59 ----RSD---- C:\WINDOWS\Fonts
2011-01-25 16:01:59 ----RD---- C:\WINDOWS\Web
2011-01-25 16:01:59 ----HD---- C:\WINDOWS\inf
2011-01-25 16:01:59 ----D---- C:\WINDOWS\WinSxS
2011-01-25 16:01:59 ----D---- C:\WINDOWS\twain_32
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Temp
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\wins
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\wbem
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\usmt
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\spool
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\ShellExt
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\Setup
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\scripting
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\ras
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\oobe
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\npp
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\mui
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\IME
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\icsxml
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\ias
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\export
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\en
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\drivers
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\dhcp
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\config
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\3com_dmi
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\3076
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\2052
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1054
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1042
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1041
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1037
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1033
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1031
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1028
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32\1025
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system32
2011-01-25 16:01:59 ----D---- C:\WINDOWS\system
2011-01-25 16:01:59 ----D---- C:\WINDOWS\security
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Resources
2011-01-25 16:01:59 ----D---- C:\WINDOWS\repair
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Provisioning
2011-01-25 16:01:59 ----D---- C:\WINDOWS\pchealth
2011-01-25 16:01:59 ----D---- C:\WINDOWS\PeerNet
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Network Diagnostic
2011-01-25 16:01:59 ----D---- C:\WINDOWS\mui
2011-01-25 16:01:59 ----D---- C:\WINDOWS\msapps
2011-01-25 16:01:59 ----D---- C:\WINDOWS\msagent
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Media
2011-01-25 16:01:59 ----D---- C:\WINDOWS\L2Schemas
2011-01-25 16:01:59 ----D---- C:\WINDOWS\java
2011-01-25 16:01:59 ----D---- C:\WINDOWS\ime
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Help
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Driver Cache
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Debug
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Cursors
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Connection Wizard
2011-01-25 16:01:59 ----D---- C:\WINDOWS\Config
2011-01-25 16:01:59 ----D---- C:\WINDOWS\AppPatch
2011-01-25 16:01:59 ----D---- C:\WINDOWS\addins
2011-01-25 16:01:59 ----D---- C:\WINDOWS
2011-01-25 16:01:59 ----ASH---- C:\pagefile.sys
2011-01-25 16:00:22 ----RA---- C:\WINDOWS\system32\CSVer.dll
2011-01-25 16:00:22 ----D---- C:\Program Files\Intel
2011-01-25 15:59:02 ----D---- C:\Program Files\Broadcom
2011-01-25 15:59:02 ----A---- C:\WINDOWS\system32\drivers\BCMWL5.SYS
2011-01-25 15:59:02 ----A---- C:\WINDOWS\system32\bcmwlcoi.dll
2011-01-25 15:58:37 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-01-25 15:58:34 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2011-01-25 15:58:31 ----RA---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2011-01-25 15:58:31 ----RA---- C:\WINDOWS\system32\SynTPCo4.dll
2011-01-25 15:58:31 ----RA---- C:\WINDOWS\system32\SynTPAPI.dll
2011-01-25 15:58:31 ----RA---- C:\WINDOWS\system32\SynCtrl.dll
2011-01-25 15:58:31 ----RA---- C:\WINDOWS\system32\SynCOM.dll
2011-01-25 15:58:31 ----RA---- C:\WINDOWS\system32\drivers\SynTP.sys
2011-01-25 15:58:31 ----D---- C:\Program Files\Synaptics
2011-01-25 15:56:54 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2011-01-25 15:56:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-01-25 15:56:29 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2011-01-25 15:56:26 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2011-01-25 15:56:26 ----A---- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys
2011-01-25 15:56:26 ----A---- C:\WINDOWS\system32\drivers\CPQBttn.sys
2011-01-25 15:56:24 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2011-01-25 15:56:24 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2011-01-25 15:55:40 ----D---- C:\Program Files\Marvell
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\iglicd32.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igldev32.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxzoom.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxtray.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxsrvc.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxsrvc.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxress.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxpph.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxpers.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxext.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxexps.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxdo.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxdev.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxCoIn_v4926.dll
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\igfxcfg.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\hkcmd.exe
2011-01-25 15:55:15 ----RA---- C:\WINDOWS\system32\hccutils.dll
2011-01-25 15:55:14 ----RA---- C:\WINDOWS\system32\igxprd32.dll
2011-01-25 15:55:14 ----RA---- C:\WINDOWS\system32\igxpgd32.dll
2011-01-25 15:55:14 ----RA---- C:\WINDOWS\system32\igxpdx32.dll
2011-01-25 15:55:14 ----RA---- C:\WINDOWS\system32\igxpdv32.dll
2011-01-25 15:55:14 ----RA---- C:\WINDOWS\system32\drivers\igxpmp32.sys
2011-01-25 15:55:11 ----RA---- C:\WINDOWS\system32\igxpun.exe
2011-01-25 15:55:11 ----RA---- C:\WINDOWS\system32\difxapi.dll
2011-01-25 15:55:11 ----D---- C:\WINDOWS\system32\Lang
2011-01-25 15:55:10 ----D---- C:\Intel
2011-01-25 15:43:12 ----N---- C:\WINDOWS\system32\pusbfd1.sys
2011-01-25 15:41:36 ----A---- C:\WINDOWS\system32\vsnp2uvc.dll
2011-01-25 15:41:36 ----A---- C:\WINDOWS\system32\drivers\snp2uvc.sys
2011-01-25 15:41:36 ----A---- C:\WINDOWS\system32\drivers\sncduvc.sys
2011-01-25 15:41:36 ----A---- C:\WINDOWS\system32\csnp2uvc.dll
2011-01-25 15:41:36 ----A---- C:\WINDOWS\snuvcdsm.exe
2011-01-25 15:41:36 ----A---- C:\WINDOWS\snp2uvc.ini
2011-01-25 15:41:34 ----D---- C:\Program Files\Common Files\SNP2UVC
2011-01-25 15:41:34 ----A---- C:\WINDOWS\system32\rsnp2uvc.dll
2011-01-25 15:41:27 ----D---- C:\Documents and Settings\Jacoobic\Application Data\InstallShield
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\drivers\btwsecfl.sys
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\drivers\btwdndis.sys
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\drivers\btport.sys
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\drivers\btaudio.sys
2011-01-25 15:40:34 ----A---- C:\WINDOWS\system32\btw_ci.dll
2011-01-25 15:40:31 ----D---- C:\Program Files\WIDCOMM
2011-01-25 15:39:13 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-01-25 15:39:11 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-01-25 15:39:09 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-01-25 15:39:08 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-01-25 15:39:06 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-01-25 15:39:05 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-01-25 15:39:04 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-01-25 15:39:03 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-01-25 15:38:55 ----RA---- C:\WINDOWS\system32\PostProc.dll
2011-01-25 15:38:55 ----RA---- C:\WINDOWS\system32\drivers\sfaudio.sys
2011-01-25 15:38:55 ----RA---- C:\WINDOWS\system32\drivers\aeaudio.sys
2011-01-25 15:38:55 ----RA---- C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011-01-25 15:38:53 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-01-25 15:38:53 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-01-25 15:38:45 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-25 15:38:45 ----D---- C:\Program Files\Analog Devices
2011-01-25 15:38:45 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2011-01-25 15:38:45 ----A---- C:\WINDOWS\system32\SMMedia.dll
2011-01-25 15:38:45 ----A---- C:\WINDOWS\system32\DSndUp.exe
2011-01-25 15:38:34 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-25 15:35:33 ----A---- C:\Documents and Settings\All Users\Application Data\HPWALog.txt
2011-01-25 15:34:26 ----D---- C:\Documents and Settings\Jacoobic\Application Data\hpqLog
2011-01-25 15:34:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-25 15:34:08 ----A---- C:\WINDOWS\system32\drivers\hpdskflt.sys
2011-01-25 15:34:08 ----A---- C:\WINDOWS\system32\drivers\Accelerometer.sys
2011-01-25 15:33:55 ----A---- C:\WINDOWS\system32\VBAR332.DLL
2011-01-25 15:33:55 ----A---- C:\WINDOWS\system32\MSRD2X35.DLL
2011-01-25 15:33:55 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2011-01-25 15:33:55 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2011-01-25 15:33:55 ----A---- C:\WINDOWS\system32\MSJET35.DLL
2011-01-25 15:32:53 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-25 15:32:50 ----D---- C:\Program Files\MSBuild
2011-01-25 15:32:43 ----D---- C:\Program Files\Reference Assemblies
2011-01-25 15:32:16 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-01-25 15:32:14 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-01-25 15:32:14 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-01-25 15:32:14 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-01-25 15:32:13 ----D---- C:\28f3b36bd427fa6faa
2011-01-25 15:31:50 ----RSD---- C:\WINDOWS\assembly
2011-01-25 15:31:26 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-25 15:26:40 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-01-25 15:26:35 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-01-25 15:26:23 ----D---- C:\Program Files\Hewlett-Packard
2011-01-25 15:25:42 ----D---- C:\SWSetup
2011-01-25 15:25:34 ----D---- C:\system.sav
2011-01-25 15:24:25 ----D---- C:\Documents and Settings\Jacoobic\Application Data\Identities
2011-01-25 15:24:23 ----HD---- C:\Program Files\Uninstall Information
2011-01-25 15:24:18 ----SD---- C:\Documents and Settings\Jacoobic\Application Data\Microsoft
2011-01-25 15:24:18 ----ASH---- C:\Documents and Settings\Jacoobic\Application Data\desktop.ini
2011-01-25 15:23:29 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-25 15:23:28 ----SD---- C:\WINDOWS\system32\Microsoft
2011-01-25 15:23:28 ----D---- C:\WINDOWS\Prefetch
2011-01-25 15:23:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-25 15:19:53 ----D---- C:\WINDOWS\system32\xircom
2011-01-25 15:19:53 ----D---- C:\Program Files\xerox
2011-01-25 15:19:53 ----D---- C:\Program Files\microsoft frontpage
2011-01-25 15:19:47 ----RASH---- C:\MSDOS.SYS
2011-01-25 15:19:47 ----RASH---- C:\IO.SYS
2011-01-25 15:19:47 ----A---- C:\WINDOWS\control.ini
2011-01-25 15:19:47 ----A---- C:\CONFIG.SYS
2011-01-25 15:19:47 ----A---- C:\AUTOEXEC.BAT
2011-01-25 15:19:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-01-25 15:18:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-25 15:18:43 ----RD---- C:\WINDOWS\Offline Web Pages
2011-01-25 15:18:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-01-25 15:18:34 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-01-25 15:18:30 ----HD---- C:\Program Files\WindowsUpdate
2011-01-25 15:18:13 ----D---- C:\WINDOWS\system32\DirectX
2011-01-25 15:18:07 ----A---- C:\WINDOWS\system32\atrace.dll
2011-01-25 15:18:04 ----A---- C:\WINDOWS\system32\desktop.ini
2011-01-25 15:18:04 ----A---- C:\WINDOWS\desktop.ini
2011-01-25 15:17:57 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-01-25 15:17:55 ----A---- C:\WINDOWS\system32\acctres.dll
2011-01-25 15:17:54 ----D---- C:\Program Files\Common Files\Services
2011-01-25 15:17:52 ----SD---- C:\WINDOWS\Tasks
2011-01-25 15:17:52 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-01-25 15:17:51 ----D---- C:\Program Files\Common Files\MSSoap
2011-01-25 15:17:47 ----D---- C:\WINDOWS\srchasst
2011-01-25 15:17:46 ----D---- C:\WINDOWS\system32\Macromed
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wups.dll
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-01-25 15:17:43 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-01-25 15:17:42 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-01-25 15:17:42 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-01-25 15:17:42 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-01-25 15:17:42 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-01-25 15:17:42 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-01-25 15:17:39 ----D---- C:\Program Files\Movie Maker
2011-01-25 15:17:20 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-01-25 15:17:20 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-01-25 15:17:20 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-01-25 15:17:20 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-01-25 15:17:18 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-01-25 15:17:17 ----D---- C:\WINDOWS\system32\Restore
2011-01-25 15:17:17 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-01-25 15:17:17 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-01-25 15:17:17 ----A---- C:\WINDOWS\system32\srclient.dll
2011-01-25 15:17:17 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-01-25 15:17:17 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-01-25 15:17:16 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-01-25 15:17:16 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-01-25 15:17:16 ----A---- C:\WINDOWS\system32\ils.dll
2011-01-25 15:17:16 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-01-25 15:17:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-01-25 15:17:15 ----A---- C:\WINDOWS\system32\msconf.dll
2011-01-25 15:17:15 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-01-25 15:17:12 ----D---- C:\Program Files\NetMeeting
2011-01-25 15:17:12 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-01-25 15:17:12 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-01-25 15:17:11 ----A---- C:\WINDOWS\system32\inetres.dll
2011-01-25 15:17:11 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-01-25 15:17:09 ----D---- C:\Program Files\Outlook Express
2011-01-25 15:17:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-01-25 15:17:09 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-01-25 15:17:09 ----A---- C:\WINDOWS\system32\mstask.dll
2011-01-25 15:17:09 ----A---- C:\WINDOWS\system32\isign32.dll
2011-01-25 15:17:09 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-01-25 15:17:09 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-01-25 15:17:08 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-01-25 15:17:03 ----D---- C:\Program Files\Common Files\System
2011-01-25 15:16:57 ----D---- C:\Program Files\Internet Explorer
2011-01-25 15:16:53 ----D---- C:\Program Files\ComPlus Applications
2011-01-25 15:16:52 ----A---- C:\WINDOWS\vbaddin.ini
2011-01-25 15:16:52 ----A---- C:\WINDOWS\vb.ini
2011-01-25 15:16:50 ----D---- C:\WINDOWS\Registration
2011-01-25 15:16:21 ----D---- C:\Program Files\Windows Media Player
2011-01-25 15:16:21 ----D---- C:\Program Files\Online Services
2011-01-25 15:16:15 ----D---- C:\Program Files\Messenger
2011-01-25 15:16:11 ----D---- C:\Program Files\MSN Gaming Zone
2011-01-25 15:16:11 ----A---- C:\WINDOWS\system32\write.exe
2011-01-25 15:16:00 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-01-25 15:16:00 ----A---- C:\WINDOWS\system32\hticons.dll
2011-01-25 15:16:00 ----A---- C:\WINDOWS\system32\avwav.dll
2011-01-25 15:16:00 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-01-25 15:16:00 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-01-25 15:15:59 ----A---- C:\WINDOWS\system32\winchat.exe
2011-01-25 15:15:52 ----A---- C:\WINDOWS\system32\charmap.exe
2011-01-25 15:15:52 ----A---- C:\WINDOWS\system32\getuname.dll
2011-01-25 15:15:51 ----A---- C:\WINDOWS\system32\winmine.exe
2011-01-25 15:15:51 ----A---- C:\WINDOWS\system32\sol.exe
2011-01-25 15:15:51 ----A---- C:\WINDOWS\system32\calc.exe
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\tskill.exe
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\reset.exe
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-01-25 15:15:50 ----A---- C:\WINDOWS\system32\freecell.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\tscon.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\shadow.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\regini.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\msg.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\logoff.exe
2011-01-25 15:15:49 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-01-25 15:15:48 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-01-25 15:15:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-01-25 15:15:36 ----D---- C:\Program Files\MSN
2011-01-25 15:15:35 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-01-25 15:15:34 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-01-25 15:15:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-01-25 15:15:34 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-01-25 15:15:33 ----D---- C:\Program Files\Windows NT
2011-01-25 15:15:33 ----A---- C:\WINDOWS\system32\spider.exe
2011-01-25 15:15:33 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-01-25 15:15:33 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-01-25 15:15:32 ----D---- C:\WINDOWS\system32\en-US
2011-01-25 15:15:32 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-01-25 15:15:32 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-01-25 15:15:32 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-01-25 15:15:32 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-01-25 15:15:31 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-01-25 15:15:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-01-25 15:15:31 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-01-25 15:15:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-01-25 15:15:30 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-01-25 15:15:29 ----D---- C:\WINDOWS\system32\MsDtc
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-01-25 15:15:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-01-25 15:15:28 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-01-25 15:15:28 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-01-25 15:15:28 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-01-25 15:15:28 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-01-25 15:15:28 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-01-25 15:15:28 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-01-25 15:15:27 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-01-25 15:15:27 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-01-25 15:15:27 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-01-25 15:15:26 ----D---- C:\WINDOWS\system32\Com
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\stclient.dll
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\colbact.dll
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-01-25 15:15:26 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-01-25 15:15:25 ----A---- C:\WINDOWS\system32\comuid.dll
2011-01-25 15:15:25 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-01-25 15:15:25 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-01-25 15:15:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-01-25 15:15:25 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-01-25 15:15:25 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-01-25 15:15:20 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-01-25 15:15:20 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-01-25 15:15:20 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-01-25 15:15:19 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-01-25 15:15:15 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2011-01-25 15:15:14 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

======List of files/folders modified in the last 1 months======

2011-02-11 11:07:03 ----A---- C:\WINDOWS\system.ini
2011-01-25 19:41:06 ----A---- C:\WINDOWS\win.ini
2011-01-25 15:19:25 ----ASH---- C:\WINDOWS\fonts\desktop.ini

kilda · #2 Příspěvek od **kilda** » 11 úno 2011 18:20

tady je zbytek logu, do jedne zpravy se to neveslo:
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2008-05-23 24624]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2008-12-04 328728]
R0 SFAUDIO;Sonic Focus DSP Driver; C:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-25 218688]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKslab33cd6c;MpKslab33cd6c; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1F736AFF-821D-4982-B80A-695E8857E4F5}\MpKslab33cd6c.sys []
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 Accelerometer;HP Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2008-05-23 28592]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-04-15 339456]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2009-03-12 112896]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2011-01-25 1746432]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-01-15 534568]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2009-01-15 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-01-15 991656]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-01-15 156816]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-01-15 47272]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-03-19 9216]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-06-09 208304]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-06-04 297728]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-12-11 346720]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-17 354840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-29 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 yksvc;Marvell Yukon Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-10 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#3 Příspěvek od **motji** » 11 úno 2011 19:42

Dobrý večer

Prominte, já Vám nerozumím. Ten bat soubor jste si psal sám? Můžete mi dát odkaz na virustotal?

kilda · #4 Příspěvek od **kilda** » 11 úno 2011 19:58

Nepsal, stahnul (a kdyz antivirus nic nenasel tak i pustil)
odkaz je zde:

Kód: Vybrat vše

http://www.virustotal.com/file-scan/report.html?id=3e540ef13e1edd7b2c03e28d55c305af22aeace54dd9e3d9e8bab84672780c82-1297443895

#5 Příspěvek od **motji** » 11 úno 2011 20:22

Já bych řekla že je program v pořádku, to jsou celkem neznámé antiviry, ostatní mlčí.

kilda · #6 Příspěvek od **kilda** » 11 úno 2011 20:24

i ten muj, nicmene se neda smazat, vzdy vyskoci hlaska ze ho pouziva jiny program....ja o zadnem takovem nevim a v procesech jsem neobjevil nic podezreleho

#7 Příspěvek od **motji** » 11 úno 2011 20:26

Ten program Vám nejde smazat?
Restartujte počítač a zkuste ho smazat v nouzovém režimu.

kilda · #8 Příspěvek od **kilda** » 11 úno 2011 20:33

nouzovy rezim jsem zkousel, bohuzel nejenze nejde smazat program, jeste navic mi v nouz. r. pada proces explorer.exe

#9 Příspěvek od **motji** » 11 úno 2011 20:38

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

kilda · #10 Příspěvek od **kilda** » 11 úno 2011 21:07

Dekuji, prikladam log:
ComboFix 11-02-11.01 - Jacoobic 11.02.2011 20:56:01.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1033.18.1015.614 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jacoobic\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\oem19.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-11 do 2011-02-11 )))))))))))))))))))))))))))))))
.

2011-02-11 17:14 . 2011-02-11 17:14 -------- d-----w- C:\rsit
2011-02-08 15:42 . 2011-02-08 17:24 -------- d-----w- C:\UT2004
2011-02-02 08:29 . 2011-02-02 08:38 -------- d-----w- C:\lazarus
2011-01-25 18:40 . 2011-01-25 18:40 -------- d-----r- C:\MSOCache
2011-01-25 17:44 . 2011-01-25 17:44 -------- d-----w- C:\totalcmd

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AccelerometerSysTrayApplet"="c:\windows\System32\accelerometerST.exe" [2009-04-07 70200]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-04-14 1044480]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-09 1434920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-17 186904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776]
kravinka.bat [2011-2-11 201]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-28 23:00 166424 ----a-r- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-28 23:00 141848 ----a-r- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-04-15 07:57 181816 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-05-11 14:19 513080 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Security Client\\msseces.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=

R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [25.1.2011 15:38 24064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [25.1.2011 19:15 218688]
R1 MpKslab33cd6c;MpKslab33cd6c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1F736AFF-821D-4982-B80A-695E8857E4F5}\MpKslab33cd6c.sys [11.2.2011 11:13 28752]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [14.4.2008 18:00 14336]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10.2.2011 15:02 136176]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [25.1.2011 15:56 239160]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
Obsah adresáře 'Naplánované úlohy'

2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 14:02]

2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 14:02]

2011-01-28 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2010-07-21 16:07]

2011-02-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]

2011-02-11 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
uInternet Settings,ProxyServer = mail.issstavcb.cz:3128
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Jacoobic\Application Data\Mozilla\Firefox\Profiles\4asfkmoz.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html
FF - prefs.js: network.proxy.ftp - mail.issstavcb.cz
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - mail.issstavcb.cz
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - mail.issstavcb.cz
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - mail.issstavcb.cz
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - mail.issstavcb.cz
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: FireGestures: firegestures@xuldev.org - %profile%\extensions\firegestures@xuldev.org
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-11 21:02
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2011-02-11 21:05:06
ComboFix-quarantined-files.txt 2011-02-11 20:05

Před spuštěním: 27 593 748 480 bytes free
Po spuštění: 28 433 698 816 bytes free

- - End Of File - - 4A1B36C2CD54D1C6551D9EFB7958D2B0

#11 Příspěvek od **motji** » 11 úno 2011 22:04

Ten program Vám tedy můžu smazat?

kilda · #12 Příspěvek od **kilda** » 11 úno 2011 22:11

Ted nerozumim jak to myslite
EDIT: tak uz je hotovo, dekuji za pomoc

. Nakonec stacilo odstrelit explorer.exe a soubor smazat pres totalcmd. Ted uz snad bude vse v poradku

#13 Příspěvek od **motji** » 11 úno 2011 22:43

Chtěla jsem Vám ten program smazat přes combofix, ale Vy jste si poradil sám

. něco málo domažeme

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Folder::
c:\program files\Ask.com

File:.
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Tohle znáte?
kravinka.bat

kilda · #14 Příspěvek od **kilda** » 11 úno 2011 23:15

Ano, ten soubor znam.
Tady je novy log:
ComboFix 11-02-11.01 - Jacoobic 11.02.2011 23:02:44.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1033.18.1015.600 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jacoobic\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jacoobic\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_287.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-11 do 2011-02-11 )))))))))))))))))))))))))))))))
.

2011-02-11 17:14 . 2011-02-11 17:14 -------- d-----w- C:\rsit
2011-02-08 15:42 . 2011-02-08 17:24 -------- d-----w- C:\UT2004
2011-02-02 08:29 . 2011-02-02 08:38 -------- d-----w- C:\lazarus
2011-01-25 18:40 . 2011-01-25 18:40 -------- d-----r- C:\MSOCache
2011-01-25 17:44 . 2011-01-25 17:44 -------- d-----w- C:\totalcmd

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((( SnapShot@2011-02-11_20.02.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-11 22:01 . 2011-02-11 22:01 16384 c:\windows\Temp\Perflib_Perfdata_4d8.dat
+ 2008-04-14 17:00 . 2011-02-11 22:05 68490 c:\windows\system32\perfc009.dat
- 2008-04-14 17:00 . 2011-02-11 19:58 68490 c:\windows\system32\perfc009.dat
+ 2008-04-14 17:00 . 2011-02-11 22:05 435594 c:\windows\system32\perfh009.dat
- 2008-04-14 17:00 . 2011-02-11 19:58 435594 c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AccelerometerSysTrayApplet"="c:\windows\System32\accelerometerST.exe" [2009-04-07 70200]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-04-14 1044480]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-09 1434920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-17 186904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-28 23:00 166424 ----a-r- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-28 23:00 141848 ----a-r- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-04-15 07:57 181816 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-05-11 14:19 513080 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Security Client\\msseces.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=

R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [25.1.2011 15:38 24064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [25.1.2011 19:15 218688]
R1 MpKslb2251650;MpKslb2251650;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EFABFA87-C13F-413E-87F5-78F578152201}\MpKslb2251650.sys [11.2.2011 22:24 28752]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [14.4.2008 18:00 14336]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10.2.2011 15:02 136176]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [25.1.2011 15:56 239160]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
.
Obsah adresáře 'Naplánované úlohy'

2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 14:02]

2011-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-10 14:02]

2011-01-28 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2010-07-21 16:07]

2011-02-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
uInternet Settings,ProxyServer = mail.issstavcb.cz:3128
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Jacoobic\Application Data\Mozilla\Firefox\Profiles\4asfkmoz.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - chrome://foxtab/content/homepage.html
FF - prefs.js: network.proxy.ftp - mail.issstavcb.cz
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.gopher - mail.issstavcb.cz
FF - prefs.js: network.proxy.gopher_port - 3128
FF - prefs.js: network.proxy.http - mail.issstavcb.cz
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - mail.issstavcb.cz
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - mail.issstavcb.cz
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: FireGestures: firegestures@xuldev.org - %profile%\extensions\firegestures@xuldev.org
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-11 23:09
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2011-02-11 23:12:48
ComboFix-quarantined-files.txt 2011-02-11 22:12
ComboFix2.txt 2011-02-11 20:05

Před spuštěním: 28 053 835 776 bytes free
Po spuštění: 28 050 907 136 bytes free

- - End Of File - - 7117FD7595657EC262840C5D1613BB59

#15 Příspěvek od **motji** » 12 úno 2011 08:40

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

VIRY.CZ

Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter.exe

Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter.exe

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter

Re: Zpomaleni pc,nejde odstranit soubor bat-to-exe-converter