Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Zpráva

ZdHlavaty · #1 Příspěvek od **ZdHlavaty** » 05 kvě 2011 12:02

2011-05-02 22:24:24 ----A---- C:\WINDOWS\system32\oleacc.dll
2011-05-02 22:24:24 ----A---- C:\WINDOWS\system32\ole32.dll
2011-05-02 22:24:24 ----A---- C:\WINDOWS\system32\ole2nls.dll
2011-05-02 22:24:23 ----A---- C:\WINDOWS\system32\ole2disp.dll
2011-05-02 22:24:23 ----A---- C:\WINDOWS\system32\ole2.dll
2011-05-02 22:24:23 ----A---- C:\WINDOWS\system32\offfilt.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbctrac.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbcji32.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbcint.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbccu32.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbccr32.dll
2011-05-02 22:24:18 ----A---- C:\WINDOWS\system32\odbccp32.dll
2011-05-02 22:24:17 ----N---- C:\WINDOWS\system32\occache.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbcconf.exe
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbcconf.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbcad32.exe
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbc32.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\Ocmanage.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\objsel.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\oakley.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\nwprovau.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\ntvdm.exe
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\ntshrui.dll
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\drivers\nwlnkspx.sys
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\drivers\nwlnknb.sys
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\drivers\nwlnkflt.sys
2011-05-02 22:24:17 ----A---- C:\WINDOWS\system32\drivers\null.sys
2011-05-02 22:24:16 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2011-05-02 22:24:16 ----A---- C:\WINDOWS\system32\ntsd.exe
2011-05-02 22:24:15 ----A---- C:\WINDOWS\system32\ntprint.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntmarta.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntlanui.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntlanman.dll
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntio804.sys
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntio412.sys
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntio411.sys
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntio404.sys
2011-05-02 22:24:14 ----A---- C:\WINDOWS\system32\ntio.sys
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\ntdos804.sys
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\ntdos412.sys
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\ntdos411.sys
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\ntdos404.sys
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\ntdos.sys
2011-05-02 22:24:13 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2011-05-02 22:24:12 ----A---- C:\WINDOWS\system32\ntdll.dll
2011-05-02 22:24:10 ----A---- C:\WINDOWS\system32\nslookup.exe
2011-05-02 22:24:10 ----A---- C:\WINDOWS\system32\npptools.dll
2011-05-02 22:24:10 ----A---- C:\WINDOWS\system32\notepad.exe
2011-05-02 22:24:10 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2011-05-02 22:24:10 ----A---- C:\WINDOWS\notepad.exe
2011-05-02 22:24:08 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2011-05-02 22:24:08 ----A---- C:\WINDOWS\system32\nlhtml.dll
2011-05-02 22:24:08 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys
2011-05-02 22:24:07 ----A---- C:\WINDOWS\system32\newdev.dll
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netui2.dll
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netui1.dll
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netui0.dll
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netstat.exe
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netshell.dll
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netsh.exe
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netrap.dll
2011-05-02 22:24:06 ----A---- C:\WINDOWS\system32\netplwiz.dll
2011-05-02 22:24:05 ----A---- C:\WINDOWS\system32\netmsg.dll
2011-05-02 22:24:05 ----A---- C:\WINDOWS\system32\netman.dll
2011-05-02 22:24:05 ----A---- C:\WINDOWS\system32\netlogon.dll
2011-05-02 22:24:04 ----A---- C:\WINDOWS\system32\netid.dll
2011-05-02 22:24:04 ----A---- C:\WINDOWS\system32\neth.dll
2011-05-02 22:24:04 ----A---- C:\WINDOWS\system32\netevent.dll
2011-05-02 22:24:04 ----A---- C:\WINDOWS\system32\netdde.exe
2011-05-02 22:24:04 ----A---- C:\WINDOWS\system32\netcfgx.dll
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\netapi32.dll
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\netapi.dll
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\net1.exe
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\net.exe
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\nddenb32.dll
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\nddeapir.exe
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\nddeapi.dll
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2011-05-02 22:24:03 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\nbtstat.exe
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\narrhook.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\narrator.exe
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\napstat.exe
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\napmontr.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\napipsec.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\mydocs.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\mycomput.dll
2011-05-02 22:24:02 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2011-05-02 22:24:01 ----A---- C:\WINDOWS\system32\mtxclu.dll
2011-05-02 22:24:01 ----A---- C:\WINDOWS\system32\msxml6r.dll
2011-05-02 22:24:01 ----A---- C:\WINDOWS\system32\msxml6.dll
2011-05-02 22:24:01 ----A---- C:\WINDOWS\system32\msxml3r.dll
2011-05-02 22:24:01 ----A---- C:\WINDOWS\system32\msxml3.dll
2011-05-02 22:24:01 ----A---- C:\WINDOWS\system32\msxml2r.dll
2011-05-02 22:24:00 ----A---- C:\WINDOWS\system32\msxmlr.dll
2011-05-02 22:24:00 ----A---- C:\WINDOWS\system32\msxml2.dll
2011-05-02 22:24:00 ----A---- C:\WINDOWS\system32\msxml.dll
2011-05-02 22:24:00 ----A---- C:\WINDOWS\system32\mswstr10.dll
2011-05-02 22:24:00 ----A---- C:\WINDOWS\system32\mswsock.dll
2011-05-02 22:23:59 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\mswdat10.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msw3prt.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvideo.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvidctl.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvidc32.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvfw32.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvcrt.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvcp60.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvcp50.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvcirt.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2011-05-02 22:23:58 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2011-05-02 22:23:57 ----N---- C:\WINDOWS\system32\mstime.dll
2011-05-02 22:23:57 ----A---- C:\WINDOWS\system32\msv1_0.dll
2011-05-02 22:23:57 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2011-05-02 22:23:56 ----N---- C:\WINDOWS\system32\msrating.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msswchx.exe
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msswch.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\mssip32.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\mssign32.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msshavmsg.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\mssha.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\mssap.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msrle32.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msratelc.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msprivs.dll
2011-05-02 22:23:56 ----A---- C:\WINDOWS\system32\msports.dll
2011-05-02 22:23:55 ----A---- C:\WINDOWS\system32\mspatcha.dll
2011-05-02 22:23:55 ----A---- C:\WINDOWS\system32\msorcl32.dll
2011-05-02 22:23:55 ----A---- C:\WINDOWS\system32\msorc32r.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msobjs.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msnsspc.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msls31.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msjtes40.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msjter40.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msjint40.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2011-05-02 22:23:54 ----A---- C:\WINDOWS\system32\msjet40.dll
2011-05-02 22:23:53 ----N---- C:\WINDOWS\system32\mshtmled.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msisip.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msiregmv.exe
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msimsg.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msimg32.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msihnd.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msiexec.exe
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msieftp.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msidntld.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msidle.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msident.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\msi.dll
2011-05-02 22:23:53 ----A---- C:\WINDOWS\system32\mshtmler.dll
2011-05-02 22:23:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-05-02 22:23:52 ----A---- C:\WINDOWS\system32\mshta.exe
2011-05-02 22:23:52 ----A---- C:\WINDOWS\system32\msgsvc.dll
2011-05-02 22:23:52 ----A---- C:\WINDOWS\system32\msgina.dll
2011-05-02 22:23:52 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msencode.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msdmo.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msdart.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msdadiag.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\mscpxl32.dLL
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\mscpx32r.dLL
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\mscms.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\mscat32.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msaudite.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msasn1.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msapsspc.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\msafd.dll
2011-05-02 22:23:51 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2011-05-02 22:23:51 ----A---- C:\WINDOWS\msdfmap.ini
2011-05-02 22:23:50 ----A---- C:\WINDOWS\system32\msacm32.dll
2011-05-02 22:23:50 ----A---- C:\WINDOWS\system32\msacm.dll
2011-05-02 22:23:50 ----A---- C:\WINDOWS\system32\msaatext.dll
2011-05-02 22:23:50 ----A---- C:\WINDOWS\system32\mrinfo.exe
2011-05-02 22:23:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2011-05-02 22:23:50 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2011-05-02 22:23:41 ----A---- C:\WINDOWS\system32\mprui.dll
2011-05-02 22:23:41 ----A---- C:\WINDOWS\system32\mprmsg.dll
2011-05-02 22:23:41 ----A---- C:\WINDOWS\system32\mprdim.dll
2011-05-02 22:23:41 ----A---- C:\WINDOWS\system32\mprddm.dll
2011-05-02 22:23:41 ----A---- C:\WINDOWS\system32\mprapi.dll
2011-05-02 22:23:41 ----A---- C:\WINDOWS\system32\mpr.dll
2011-05-02 22:23:40 ----A---- C:\WINDOWS\system32\mpnotify.exe
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mountvol.exe
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\moricons.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\more.com
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\modex.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\modemui.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mode.com
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mobsync.exe
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mobsync.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmutilse.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmsystem.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmdrv.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmcshext.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmcperf.exe
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\mmcbase.dll
2011-05-02 22:23:38 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mmcex.dll
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mmc.exe
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mll_qic.dll
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mll_hp.dll
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\mlang.dll
2011-05-02 22:23:37 ----A---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-05-02 22:23:36 ----A---- C:\WINDOWS\system32\mimefilt.dll
2011-05-02 22:23:36 ----A---- C:\WINDOWS\system32\miglibnt.dll
2011-05-02 22:23:36 ----A---- C:\WINDOWS\system32\midimap.dll
2011-05-02 22:23:35 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2011-05-02 22:23:35 ----A---- C:\WINDOWS\system32\MfcSubs.dll
2011-05-02 22:23:35 ----A---- C:\WINDOWS\system32\mfc42u.dll
2011-05-02 22:23:35 ----A---- C:\WINDOWS\system32\mfc42.dll
2011-05-02 22:23:35 ----A---- C:\WINDOWS\system32\mfc40u.dll
2011-05-02 22:23:34 ----A---- C:\WINDOWS\system32\mfc40.dll
2011-05-02 22:23:34 ----A---- C:\WINDOWS\system32\mf3216.dll
2011-05-02 22:23:34 ----A---- C:\WINDOWS\system32\mem.exe
2011-05-02 22:23:31 ----A---- C:\WINDOWS\system32\mdminst.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mdhcp.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mciwave.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mciseq.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mciole32.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mciole16.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mcicda.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mciavi32.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mcd32.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mcastmib.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\mapistub.dll
2011-05-02 22:23:29 ----A---- C:\WINDOWS\system32\drivers\mcd.sys
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\makecab.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\magnify.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\mag_hook.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lzexpand.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lz32.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lsass.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lsasrv.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lprmonui.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lprhelp.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lpr.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lpq.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lpk.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\logonui.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\logman.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\loghours.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\lodctr.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\locator.exe
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\localui.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\localspl.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\localsec.dll
2011-05-02 22:23:28 ----A---- C:\WINDOWS\system32\keymgr.dll
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\loadperf.dll
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\loadfix.com
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\lmrt.dll
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\linkinfo.dll
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\lights.exe
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\licmgr10.dll
2011-05-02 22:23:27 ----A---- C:\WINDOWS\system32\licdll.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\langwrbk.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\label.exe
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kmsvc.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\keyboard.sys
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\key01.sys
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kernel32.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kerberos.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kdcom.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kd1394.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kbdusx.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kbdusr.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kbdusl.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\kbdus.dll
2011-05-02 22:23:26 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdur.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdukx.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbduk.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdsw.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdsp.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdsg.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdsf.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdpo.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdpl.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdno1.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdno.dll
2011-05-02 22:23:25 ----A---- C:\WINDOWS\system32\kbdnec.dll
2011-05-02 22:23:24 ----A---- C:\WINDOWS\system32\kbdne.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdmon.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdmac.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdlv1.dll
2011-05-02 22:23:22 ----A---- C:\WINDOWS\system32\kbdlv.dll
2011-05-02 22:23:21 ----A---- C:\WINDOWS\system32\kbdlt1.dll
2011-05-02 22:23:21 ----A---- C:\WINDOWS\system32\kbdlt.dll
2011-05-02 22:23:21 ----A---- C:\WINDOWS\system32\kbdla.dll
2011-05-02 22:23:20 ----A---- C:\WINDOWS\system32\kbdkyr.dll
2011-05-02 22:23:20 ----A---- C:\WINDOWS\system32\kbdkaz.dll
2011-05-02 22:23:20 ----A---- C:\WINDOWS\system32\kbdiultn.dll
2011-05-02 22:23:20 ----A---- C:\WINDOWS\system32\kbdit142.dll
2011-05-02 22:23:19 ----A---- C:\WINDOWS\system32\kbdit.dll
2011-05-02 22:23:19 ----A---- C:\WINDOWS\system32\kbdir.dll
2011-05-02 22:23:19 ----A---- C:\WINDOWS\system32\kbdic.dll
2011-05-02 22:23:18 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-05-02 22:23:18 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-05-02 22:23:18 ----A---- C:\WINDOWS\system32\kbdhept.dll
2011-05-02 22:23:18 ----A---- C:\WINDOWS\system32\kbdhela3.dll
2011-05-02 22:23:17 ----A---- C:\WINDOWS\system32\kbdhela2.dll
2011-05-02 22:23:17 ----A---- C:\WINDOWS\system32\kbdhe319.dll
2011-05-02 22:23:17 ----A---- C:\WINDOWS\system32\kbdhe220.dll
2011-05-02 22:23:16 ----A---- C:\WINDOWS\system32\kbdhe.dll
2011-05-02 22:23:16 ----A---- C:\WINDOWS\system32\kbdgr1.dll
2011-05-02 22:23:16 ----A---- C:\WINDOWS\system32\kbdgr.dll
2011-05-02 22:23:16 ----A---- C:\WINDOWS\system32\kbdgkl.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdgeo.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdgae.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdfr.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdfo.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdfi.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdfc.dll
2011-05-02 22:23:15 ----A---- C:\WINDOWS\system32\kbdest.dll
2011-05-02 22:23:14 ----A---- C:\WINDOWS\system32\kbdes.dll
2011-05-02 22:23:14 ----A---- C:\WINDOWS\system32\kbddv.dll
2011-05-02 22:23:14 ----A---- C:\WINDOWS\system32\kbdda.dll
2011-05-02 22:23:14 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2011-05-02 22:23:14 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2011-05-02 22:23:14 ----A---- C:\WINDOWS\system32\kbdcz.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdcan.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdca.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdbu.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdbr.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdblr.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdbhc.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdbene.dll
2011-05-02 22:23:13 ----A---- C:\WINDOWS\system32\kbdbe.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\kbdazel.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\kbdaze.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\kbdarmw.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\kbdarme.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\kbdal.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\kb16.com
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jsproxy.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jscript.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jobexec.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jgsh400.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jgsd400.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jgpl400.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jgmd400.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jgdw400.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jgaw400.dll
2011-05-02 22:23:12 ----A---- C:\WINDOWS\system32\jet500.dll
2011-05-02 22:23:11 ----A---- C:\WINDOWS\system32\ixsso.dll
2011-05-02 22:23:11 ----A---- C:\WINDOWS\system32\iuengine.dll
2011-05-02 22:23:11 ----A---- C:\WINDOWS\system32\itss.dll
2011-05-02 22:23:11 ----A---- C:\WINDOWS\system32\itircl.dll
2011-05-02 22:23:11 ----A---- C:\WINDOWS\system32\ir32_32.dll
2011-05-02 22:23:11 ----A---- C:\WINDOWS\system32\ipxwan.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipxsap.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipxroute.exe
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipxrip.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipv6.exe
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ipsec6.exe
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\iprtprio.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\iprop.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\ippromon.dll
2011-05-02 22:23:10 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\ipmontr.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\ipconfig.exe
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\iologmsg.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\inseng.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\input.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\initpki.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\infosoft.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\inetppui.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\inetpp.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\inetmib1.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\inetcplc.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\imm32.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\imgutil.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\imeshare.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\imapi.exe
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\imagehlp.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\ifsutil.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\ifmon.dll
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\iexpress.exe
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys
2011-05-02 22:23:08 ----A---- C:\WINDOWS\system32\drivers\ip6fw.sys
2011-05-02 22:23:07 ----A---- C:\WINDOWS\system32\iesetup.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\iernonce.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\iepeers.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\ieakui.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\ieaksie.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\ieakeng.dll
2011-05-02 22:23:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\ieencode.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\idq.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\icmui.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\icmp.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\icm32.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iccvid.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iassvcs.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iassdo.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iassam.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iasrecst.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iasrad.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iasnap.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iashlpr.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iasads.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\iasacct.dll
2011-05-02 22:23:06 ----A---- C:\WINDOWS\system32\htui.dll
2011-05-02 22:23:05 ----A---- C:\WINDOWS\system32\httpapi.dll
2011-05-02 22:23:05 ----A---- C:\WINDOWS\system32\hotplug.dll
2011-05-02 22:23:05 ----A---- C:\WINDOWS\system32\hostname.exe
2011-05-02 22:22:56 ----A---- C:\WINDOWS\system32\netsetup.exe
2011-05-02 22:22:55 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2011-05-02 22:22:55 ----A---- C:\WINDOWS\system32\hnetmon.dll
2011-05-02 22:22:55 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2011-05-02 22:22:55 ----A---- C:\WINDOWS\system32\hlink.dll
2011-05-02 22:22:53 ----A---- C:\WINDOWS\system32\himem.sys
2011-05-02 22:22:53 ----A---- C:\WINDOWS\system32\hhsetup.dll
2011-05-02 22:22:53 ----A---- C:\WINDOWS\system32\help.exe
2011-05-02 22:22:53 ----A---- C:\WINDOWS\hh.exe
2011-05-02 22:22:51 ----A---- C:\WINDOWS\system32\h323msp.dll
2011-05-02 22:22:49 ----A---- C:\WINDOWS\system32\grpconv.exe
2011-05-02 22:22:48 ----A---- C:\WINDOWS\system32\graphics.com
2011-05-02 22:22:48 ----A---- C:\WINDOWS\system32\graftabl.com
2011-05-02 22:22:48 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2011-05-02 22:22:47 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2011-05-02 22:22:47 ----A---- C:\WINDOWS\system32\drivers\gmreadme.txt
2011-05-02 22:22:45 ----A---- C:\WINDOWS\system32\glu32.dll
2011-05-02 22:22:45 ----A---- C:\WINDOWS\system32\glmf32.dll
2011-05-02 22:22:43 ----A---- C:\WINDOWS\system32\gdi32.dll
2011-05-02 22:22:43 ----A---- C:\WINDOWS\system32\gdi.exe
2011-05-02 22:22:43 ----A---- C:\WINDOWS\system32\gcdef.dll
2011-05-02 22:22:38 ----A---- C:\WINDOWS\system32\fwcfg.dll
2011-05-02 22:22:38 ----A---- C:\WINDOWS\system32\ftsrch.dll
2011-05-02 22:22:38 ----A---- C:\WINDOWS\system32\ftp.exe
2011-05-02 22:22:38 ----A---- C:\WINDOWS\system32\fsutil.exe
2011-05-02 22:22:38 ----A---- C:\WINDOWS\system32\fsusd.dll
2011-05-02 22:22:38 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2011-05-02 22:22:37 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys
2011-05-02 22:22:36 ----A---- C:\WINDOWS\system32\framebuf.dll
2011-05-02 22:22:34 ----A---- C:\WINDOWS\system32\format.com
2011-05-02 22:22:34 ----A---- C:\WINDOWS\system32\forcedos.exe
2011-05-02 22:22:34 ----A---- C:\WINDOWS\system32\fontview.exe
2011-05-02 22:22:33 ----A---- C:\WINDOWS\system32\fontsub.dll
2011-05-02 22:22:33 ----A---- C:\WINDOWS\system32\fontext.dll
2011-05-02 22:22:32 ----A---- C:\WINDOWS\system32\fmifs.dll
2011-05-02 22:22:31 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2011-05-02 22:22:31 ----A---- C:\WINDOWS\system32\fixmapi.exe
2011-05-02 22:22:31 ----A---- C:\WINDOWS\system32\finger.exe
2011-05-02 22:22:31 ----A---- C:\WINDOWS\system32\findstr.exe
2011-05-02 22:22:31 ----A---- C:\WINDOWS\system32\find.exe
2011-05-02 22:22:31 ----A---- C:\WINDOWS\system32\drivers\fips.sys
2011-05-02 22:22:30 ----A---- C:\WINDOWS\system32\filemgmt.dll
2011-05-02 22:22:29 ----A---- C:\WINDOWS\system32\feclient.dll
2011-05-02 22:22:28 ----A---- C:\WINDOWS\system32\fc.exe
2011-05-02 22:22:28 ----A---- C:\WINDOWS\system32\faultrep.dll
2011-05-02 22:22:28 ----A---- C:\WINDOWS\system32\fastopen.exe
2011-05-02 22:22:28 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2011-05-02 22:22:27 ----N---- C:\WINDOWS\system32\extmgr.dll
2011-05-02 22:22:27 ----A---- C:\WINDOWS\system32\exts.dll
2011-05-02 22:22:27 ----A---- C:\WINDOWS\system32\extrac32.exe
2011-05-02 22:22:27 ----A---- C:\WINDOWS\system32\expsrv.dll
2011-05-02 22:22:26 ----A---- C:\WINDOWS\explorer.exe
2011-05-02 22:22:25 ----A---- C:\WINDOWS\system32\expand.exe
2011-05-02 22:22:22 ----A---- C:\WINDOWS\system32\exe2bin.exe
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\eventvwr.msc
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\eventvwr.exe
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\eventlog.dll
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\eventcls.dll
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\eula.txt
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\eudcedit.exe
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\esentutl.exe
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\esentprf.ini
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\esentprf.dll
2011-05-02 22:22:20 ----A---- C:\WINDOWS\system32\esent97.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\esent.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\es.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\ersvc.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\encdec.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\encapi.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\els.dll
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\edlin.exe
2011-05-02 22:22:19 ----A---- C:\WINDOWS\system32\edb500.dll
2011-05-02 22:22:18 ----A---- C:\WINDOWS\system32\eappprxy.dll
2011-05-02 22:22:18 ----A---- C:\WINDOWS\system32\eapphost.dll
2011-05-02 22:22:18 ----A---- C:\WINDOWS\system32\eappgnui.dll
2011-05-02 22:22:18 ----A---- C:\WINDOWS\system32\eappcfg.dll
2011-05-02 22:22:18 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2011-05-02 22:22:17 ----N---- C:\WINDOWS\system32\dxtrans.dll
2011-05-02 22:22:17 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2011-05-02 22:22:17 ----A---- C:\WINDOWS\system32\eapsvc.dll
2011-05-02 22:22:17 ----A---- C:\WINDOWS\system32\eapqec.dll
2011-05-02 22:22:17 ----A---- C:\WINDOWS\system32\eapolqec.dll
2011-05-02 22:22:17 ----A---- C:\WINDOWS\system32\dwwin.exe
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\dxdiag.exe
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\dx8vb.dll
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\dx7vb.dll
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\drivers\dxgthk.sys
2011-05-02 22:22:16 ----A---- C:\WINDOWS\system32\drivers\dxapi.sys
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\duser.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dumprep.exe
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dswave.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dsuiext.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dssenh.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dssec.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dsquery.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dsprpres.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dsprop.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dsound3d.dll
2011-05-02 22:22:15 ----A---- C:\WINDOWS\system32\dsound.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\dskquoui.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\dskquota.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\dsdmo.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\dsauth.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\ds32gt.dll
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2011-05-02 22:22:14 ----A---- C:\WINDOWS\system32\drwatson.exe
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpwsock.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpvvox.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpvoice.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpvacm.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpserial.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2011-05-02 22:21:14 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpnet.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dplayx.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dplay.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dpcdll.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3ui.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3svc.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3msm.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dot3api.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dosx.exe
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\doskey.exe
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\docprop2.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\docprop.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dnsapi.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dmusic.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dmsynth.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dmstyle.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dmserver.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dmscript.dll
2011-05-02 22:21:13 ----A---- C:\WINDOWS\system32\dmremote.exe
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\drivers\dmload.sys
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmocx.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmloader.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmintf.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmime.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmdskres.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmconfig.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmcompos.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmband.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dmadmin.exe
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dllhost.exe
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\dispex.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\diskperf.exe
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\diskpart.exe
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\diskcopy.dll
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\diskcopy.com
2011-05-02 22:21:12 ----A---- C:\WINDOWS\system32\diskcomp.com
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dinput8.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dinput.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dimsroam.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dimsntfy.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dimap.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\digest.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\diantz.exe
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\diactfrm.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dhcpqec.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2011-05-02 22:21:11 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\dgnet.dll
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\dfrgui.dll
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\dfrgres.dll
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2011-05-02 22:21:10 ----A---- C:\WINDOWS\system32\defrag.exe
2011-05-02 22:21:09 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2011-05-02 22:21:09 ----A---- C:\WINDOWS\system32\dfrg.msc
2011-05-02 22:21:09 ----A---- C:\WINDOWS\system32\devmgr.dll
2011-05-02 22:21:09 ----A---- C:\WINDOWS\system32\devmgmt.msc
2011-05-02 22:21:09 ----A---- C:\WINDOWS\system32\devenum.dll
2011-05-02 22:21:09 ----A---- C:\WINDOWS\system32\deskperf.dll
2011-05-02 22:21:08 ----A---- C:\WINDOWS\system32\deskmon.dll
2011-05-02 22:21:08 ----A---- C:\WINDOWS\system32\deskadp.dll
2011-05-02 22:21:07 ----A---- C:\WINDOWS\system32\debug.exe
2011-05-02 22:21:07 ----A---- C:\WINDOWS\system32\ddrawex.dll
2011-05-02 22:21:07 ----A---- C:\WINDOWS\system32\ddraw.dll
2011-05-02 22:21:07 ----A---- C:\WINDOWS\system32\ddeshare.exe
2011-05-02 22:21:07 ----A---- C:\WINDOWS\system32\ddeml.dll
2011-05-02 22:21:07 ----A---- C:\WINDOWS\system32\dciman32.dll
2011-05-02 22:21:06 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2011-05-02 22:21:06 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2011-05-02 22:21:06 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2011-05-02 22:21:06 ----A---- C:\WINDOWS\system32\dbghelp.dll
2011-05-02 22:21:05 ----A---- C:\WINDOWS\system32\dbgeng.dll
2011-05-02 22:21:05 ----A---- C:\WINDOWS\system32\davclnt.dll
2011-05-02 22:21:05 ----A---- C:\WINDOWS\system32\datime.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\dataclen.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\danim.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\d3dxof.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\d3drm.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\d3dim700.dll
2011-05-02 22:21:04 ----A---- C:\WINDOWS\system32\d3dim.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\d3d9.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\d3d8.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\ctl3dv2.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\csseqchk.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\csrss.exe
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\csrsrv.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cscui.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cscript.exe
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cscdll.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cryptui.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cryptnet.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cryptext.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cryptdll.dll
2011-05-02 22:21:03 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2011-05-02 22:21:02 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-05-02 22:21:02 ----A---- C:\WINDOWS\system32\crtdll.dll
2011-05-02 22:21:02 ----A---- C:\WINDOWS\system32\credui.dll
2011-05-02 22:21:02 ----A---- C:\WINDOWS\system32\credssp.dll
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\country.sys
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\corpol.dll
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\convert.exe
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\control.exe
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\console.dll
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\conime.exe
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\confmsp.dll
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\comres.dll
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\compstui.dll
2011-05-02 22:21:01 ----A---- C:\WINDOWS\system32\compobj.dll
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\compmgmt.msc
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\compatUI.dll
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\compact.exe
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\comp.exe
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\commdlg.dll
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\command.com
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\comdlg32.dll
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\comctl32.dll
2011-05-02 22:21:00 ----A---- C:\WINDOWS\system32\comcat.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cnvfat.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmutil.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmstp.exe
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmsetACL.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmmon32.exe
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmdl32.exe
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmdial32.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmd.exe
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\clusapi.dll
2011-05-02 22:20:59 ----A---- C:\WINDOWS\system32\clipsrv.exe
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\shellstyle.dll
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\cliconfg.exe
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\cliconfg.dll
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\clb.dll
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\ckcnv.exe
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\cisvc.exe
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\ciodm.dll
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\cidaemon.exe
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\cic.dll
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\ciadv.msc
2011-05-02 22:20:58 ----A---- C:\WINDOWS\system32\ciadmin.dll
2011-05-02 22:20:57 ----A---- C:\WINDOWS\system32\chkntfs.exe
2011-05-02 22:20:57 ----A---- C:\WINDOWS\system32\chkdsk.exe
2011-05-02 22:20:57 ----A---- C:\WINDOWS\system32\chcp.com
2011-05-02 22:20:57 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\certmgr.msc
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\certmgr.dll
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\certcli.dll
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\cdosys.dll
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\cdm.dll
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\cdfview.dll
2011-05-02 22:20:56 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2011-05-02 22:20:55 ----A---- C:\WINDOWS\system32\cards.dll
2011-05-02 22:20:55 ----A---- C:\WINDOWS\system32\capesnpn.dll
2011-05-02 22:20:55 ----A---- C:\WINDOWS\system32\camocx.dll
2011-05-02 22:20:54 ----A---- C:\WINDOWS\system32\cacls.exe
2011-05-02 22:20:54 ----A---- C:\WINDOWS\system32\cabview.dll
2011-05-02 22:20:54 ----A---- C:\WINDOWS\system32\cabinet.dll
2011-05-02 22:20:51 ----A---- C:\WINDOWS\system32\btpanui.dll
2011-05-02 22:20:51 ----A---- C:\WINDOWS\system32\browsewm.dll
2011-05-02 22:20:51 ----A---- C:\WINDOWS\system32\browseui.dll
2011-05-02 22:20:51 ----A---- C:\WINDOWS\system32\browser.dll
2011-05-02 22:20:51 ----A---- C:\WINDOWS\system32\browselc.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\drivers\beep.sys
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\bootvid.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\bootok.exe
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\bidispl.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\batt.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\batmeter.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\basesrv.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\azroles.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\avifile.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\avifil32.dll
2011-05-02 22:20:50 ----A---- C:\WINDOWS\system32\avicap32.dll
2011-05-02 22:20:49 ----A---- C:\WINDOWS\system32\avicap.dll
2011-05-02 22:20:49 ----A---- C:\WINDOWS\system32\autolfn.exe
2011-05-02 22:20:49 ----A---- C:\WINDOWS\system32\autofmt.exe
2011-05-02 22:20:49 ----A---- C:\WINDOWS\system32\autodisc.dll
2011-05-02 22:20:49 ----A---- C:\WINDOWS\system32\autoconv.exe
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\drivers\atmuni.sys
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\drivers\atmepvc.sys
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\autochk.exe
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\authz.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\auditusr.exe
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\audiosrv.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\attrib.exe
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\atmlib.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\atmfd.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\atmadm.exe
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\atl.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\atkctrs.dll
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\at.exe
2011-05-02 22:20:48 ----A---- C:\WINDOWS\system32\asycfilt.dll
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\arp.exe
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\apphelp.dll
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\append.exe
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\apcups.dll
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\ansi.sys
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\amstream.dll
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\alrsvc.dll
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\alg.exe
2011-05-02 22:20:47 ----A---- C:\WINDOWS\system32\ahui.exe
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\advpack.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\advapi32.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\adsnt.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\adsmsext.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\adsldpc.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\adsldp.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\adptif.dll
2011-05-02 22:20:46 ----A---- C:\WINDOWS\system32\admparse.dll
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\actxprxy.dll
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\actmovie.exe
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\activeds.dll
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\aclui.dll
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\acledit.dll
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\aaaamon.dll
2011-05-02 22:20:45 ----A---- C:\WINDOWS\system32\6to4svc.dll
2011-05-02 22:20:43 ----A---- C:\WINDOWS\UPGRADE.TXT
2011-05-02 22:20:21 ----D---- C:\WINDOWS\setup.pss
2011-05-02 22:09:37 ----D---- C:\Documents and Settings\Zdeněk - Hlavatý\Data aplikací\IObit
2011-05-02 17:58:51 ----A---- C:\WINDOWS\MBR.exe
2011-04-29 23:30:02 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-04-29 23:30:00 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-04-29 23:29:25 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-04-29 23:29:23 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-04-29 23:29:21 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-04-29 23:29:17 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-04-29 23:29:17 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-04-29 23:29:16 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-04-29 23:26:33 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-29 23:24:17 ----D---- C:\Program Files\AVAST Software
2011-04-29 23:24:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-04-29 07:22:24 ----D---- C:\FOUND.005
2011-04-28 15:41:32 ----D---- C:\FOUND.004
2011-04-28 13:27:03 ----D---- C:\WINDOWS\system32\color
2011-04-28 13:26:58 ----A---- C:\WINDOWS\system32\lftif11n.dll
2011-04-28 13:26:57 ----A---- C:\WINDOWS\system32\LFCMP11n.DLL
2011-04-28 13:26:57 ----A---- C:\WINDOWS\system32\lfbmp11n.dll
2011-04-28 13:26:55 ----A---- C:\WINDOWS\system32\lffax11n.dll
2011-04-28 13:26:53 ----A---- C:\WINDOWS\system32\lfwmf11n.dll
2011-04-28 13:26:37 ----N---- C:\WINDOWS\system32\drivers\cis1284.sys
2011-04-26 16:57:36 ----D---- C:\FOUND.003
2011-04-26 11:39:34 ----D---- C:\FOUND.002
2011-04-26 10:15:44 ----D---- C:\Program Files\Elcomsoft Password Recovery
2011-04-18 18:32:34 ----D---- C:\0733f1702c428b91742305000f136b74
2011-04-13 16:11:11 ----D---- C:\Program Files\NOS
2011-04-13 16:11:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2011-04-13 16:11:02 ----D---- C:\FOUND.001
2011-04-13 16:11:02 ----D---- C:\FOUND.000
2011-04-13 16:10:55 ----D---- C:\Program Files\Adobe
2011-04-13 16:04:43 ----D---- C:\Program Files\pdfforge Toolbar
2011-04-13 16:04:43 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 months======

2011-05-05 11:02:34 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2011-05-04 18:39:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-04 12:01:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-03 10:49:30 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-03 03:48:10 ----A---- C:\WINDOWS\ODBCINST.INI
2011-05-03 03:47:26 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-05-03 03:46:50 ----RD---- C:\WINDOWS\Web
2011-05-03 03:46:50 ----RD---- C:\Program Files
2011-05-03 03:46:38 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-05-03 03:46:24 ----A---- C:\WINDOWS\win.ini
2011-05-03 03:42:42 ----SH---- C:\boot.ini
2011-05-03 03:34:26 ----A---- C:\WINDOWS\system32\oeminfo.ini
2011-05-03 03:34:12 ----A---- C:\WINDOWS\system.ini
2011-05-03 02:03:42 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-04-12 11:48:34 ----A---- C:\WINDOWS\GPInstall.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\WINDOWS\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2008-04-14 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-05-04 691696]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-04-18 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-04-18 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-04-18 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-04-18 307288]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-04-18 49240]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-09-19 21275]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-04-18 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-04-18 102488]
R2 cis1284;cis1284; \??\C:\WINDOWS\system32\drivers\cis1284.sys []
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2008-06-01 34064]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-08 202240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-04-06 6388328]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 NETw5x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2010-01-13 6598656]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2009-07-27 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-02 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-23 162176]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]
S1 kcpkobnn;kcpkobnn; \??\C:\WINDOWS\system32\drivers\kcpkobnn.sys []
S3 a6fsdef1;a6fsdef1; C:\WINDOWS\system32\drivers\a6fsdef1.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 emAudio;USB EMP Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2007-06-14 22912]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2005-11-30 1088896]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-11-30 39424]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2004-08-18 12672]
S3 USB28xxBGA;USB 2881 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-06-14 380416]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-06-14 30208]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-26 1427968]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-04-18 42184]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate1c9ddeee83ed39a;Služba Google Update (gupdate1c9ddeee83ed39a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-26 133104]
S2 MpService;MpService; C:\WINDOWS\MPSERVIC.EXE []
S2 MSSQL$ELISKACLIENT2008;SQL Server (ELISKACLIENT2008); C:\Program Files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe -sELISKACLIENT2008 []
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-26 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLAgent$ELISKACLIENT2008;SQL Server Agent (ELISKACLIENT2008); C:\Program Files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE -i ELISKACLIENT2008 []

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 05 kvě 2011 12:10

Zdravím, potřeboval bych ten log.txt celý, protože z křišťálové koule věštit neumím, tak že ten zbytek si nedomyslím

Pokud se ti sem nevejde nebo ho nedokážeš přesně rozdělit nahraj ho TADY a sem mi dej odkaz na stažení.

ZdHlavaty · #3 Příspěvek od **ZdHlavaty** » 05 kvě 2011 12:17

Pokoušel jsem se to přesně rozdělit,ale asi se to nepovedlo.
Tady je http://leteckaposta.cz/639208057

#4 Příspěvek od **Roli** » 05 kvě 2011 12:30

Bezva.

Tak že, tohle fixni v HJT :

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O23 - Service: MpService - Unknown owner - C:\WINDOWS\MPSERVIC.EXE (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\Zdeněk - Hlavatý.exe

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate1c9ddeee83ed39a)

Služba Google Update (gupdatem)

Cyberlink RichVideo Service(CRVS)

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj Spybot-S&D který je už za zenitem.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

ZdHlavaty · #5 Příspěvek od **ZdHlavaty** » 05 kvě 2011 13:46

Tak snad vše bez problému provedeno.
Jen při čištění CCleaner nesmazal asi 5MG v IE a vyhodil tuhle hlášku viz screen schot na http://leteckaposta.cz/119128354.

Potřebuji si teď odskočit,takže budu u PC asi tak za 1,5h.

Tady je log z Mbam.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6512

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

5.5.2011 14:33:17
mbam-log-2011-05-05 (14-33-17).txt

Typ kontroly: Rychlý test
Testované objekty: 211835
Uplynulý čas: 5 minut, 11 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#6 Příspěvek od **Roli** » 05 kvě 2011 18:46

K té hlášce, přeinstaluj Internet Explorer 7 který tam máš na Internet Explorer 8.

Jinak je vše v pořádku, je tedy nějaký problém s PC ?

ZdHlavaty · #7 Příspěvek od **ZdHlavaty** » 06 kvě 2011 07:53

Nejde mi nainstalovat tiskárna.Při instalaci to vyhodí hlašku,že nejde iniciovat MPSERVIC.exe.

#8 Příspěvek od **Roli** » 06 kvě 2011 13:19

Jedná se pravděpodobně o tiskárnu Canon že ?

Při instalaci nesmí být tiskárna vůbec připojena k PC.

On si ten jejich program řekne sám kdy připojit do USB.

To cos k ní nainstaloval, odinstaluj projeď PC Ccleanerem a zkus znovu nainstalovat.

Případně při instalaci stopni AVG.

Pak dej vědět jak jsi dopadl.

ZdHlavaty · #9 Příspěvek od **ZdHlavaty** » 09 kvě 2011 12:00

Zdravím po víkendu.
IE jsem aktualizoval na 8 a těch 5MG se vymazalo.

Jedná se opravdu o Canon MPC600F.
Vyzkoušel jsem doporučovyný postup,ale problém přetrvává.

Na internetu jsem při hledání,co stím,narazil na nějakém foru na RegistryBooster ktery jsem projel počítač a tady je výsledek http://leteckaposta.cz/631717023.

#10 Příspěvek od **Roli** » 09 kvě 2011 12:46

Registry Booster je něco jako CCleaner.

Zkus se mrknout na stránky Canon jestli k té tiskárně není novější software.

V mezičase stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

ZdHlavaty · #11 Příspěvek od **ZdHlavaty** » 09 kvě 2011 14:05

ComboFix 11-05-08.04 - Zdeněk - Hlavatý 09.05.2011 14:13:45.11.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.317 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdeněk - Hlavatý\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system\msvcr71.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-09 do 2011-05-09 )))))))))))))))))))))))))))))))
.
.
2011-05-09 10:42 . 2001-12-12 10:08 49152 ----a-w- c:\windows\system32\MpSr55a9.rra
2011-05-09 10:41 . 2011-05-09 10:41 -------- d-----w- c:\program files\Canon
2011-05-09 10:40 . 2011-05-09 10:40 -------- d-----w- c:\windows\LastGood
2011-05-09 10:40 . 2001-12-12 08:10 49152 ------w- c:\windows\system32\MPSRVC.DLL
2011-05-09 09:33 . 2011-05-09 09:33 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-05-09 09:12 . 2011-05-09 09:12 -------- d-----w- C:\m231_enx
2011-05-09 09:10 . 2010-10-18 11:10 7680 ------w- c:\windows\system32\dllcache\iecompat.dll
2011-05-09 09:10 . 2011-02-22 23:08 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-09 09:10 . 2011-02-22 23:08 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2011-05-09 09:10 . 2011-02-22 23:08 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-07 08:27 . 2011-04-18 07:15 7071056 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{A5E84D9F-37BE-43AA-8DD1-12927903B70F}\mpengine.dll
2011-05-06 06:53 . 2011-05-06 06:53 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Local Settings\Data aplikací\PackageAware
2011-05-05 15:23 . 2011-05-05 15:23 -------- d-----w- c:\program files\PowerISO
2011-05-05 10:29 . 2011-05-05 10:29 -------- d-----w- c:\program files\trend micro
2011-05-05 10:29 . 2011-05-05 10:29 -------- d-----w- C:\rsit
2011-05-04 12:17 . 2011-05-04 12:17 -------- d-----w- c:\program files\DAEMON Tools Pro
2011-05-04 12:16 . 2011-05-04 12:16 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\DAEMON Tools Pro
2011-05-04 12:16 . 2011-05-04 12:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Pro
2011-05-04 11:13 . 2011-05-04 11:13 -------- d-----w- c:\program files\Elaborate Bytes
2011-05-04 08:36 . 2009-10-20 15:20 265728 ------w- c:\windows\system32\dllcache\http.sys
2011-05-03 15:24 . 2011-05-03 15:24 -------- d-----w- c:\windows\system32\NtmsData
2011-05-03 14:54 . 2011-05-03 14:54 3584 ----a-r- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2011-05-03 14:50 . 2011-05-03 14:50 -------- d-----w- c:\program files\CleanUp!
2011-05-03 14:12 . 2011-05-03 14:12 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-03 14:12 . 2011-05-03 14:12 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-03 14:12 . 2011-05-03 14:12 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-03 14:12 . 2011-05-03 14:12 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-03 14:12 . 2011-05-03 14:12 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-03 14:12 . 2011-05-03 14:12 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-03 14:12 . 2011-05-03 14:12 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-03 14:12 . 2011-05-03 14:12 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-03 13:53 . 2011-05-03 13:53 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-03 13:53 . 2011-05-03 13:53 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Local Settings\Data aplikací\NOS
2011-05-03 10:55 . 2001-09-03 09:01 715776 ----a-w- c:\windows\system32\Ltwvc11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 63488 ----a-w- c:\windows\system32\ltlst11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 391680 ----a-w- c:\windows\system32\ltkrn11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 251904 ----a-w- c:\windows\system32\LTDIS11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 115712 ----a-w- c:\windows\system32\ltfil11n.DLL
2011-05-03 10:49 . 2011-05-03 10:49 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Carambis
2011-05-03 10:48 . 2011-05-03 10:48 -------- d-----w- c:\program files\Carambis
2011-05-03 08:34 . 2011-02-22 23:08 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-03 08:34 . 2011-02-22 23:08 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-03 08:34 . 2011-02-22 23:08 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
2011-05-03 08:34 . 2011-02-17 11:43 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2011-05-03 08:34 . 2009-03-08 02:11 445952 ----a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-05-03 08:34 . 2009-02-06 19:07 3698584 ----a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-05-03 08:34 . 2011-02-22 23:08 11080704 ------w- c:\windows\system32\dllcache\ieframe.dll
2011-05-03 08:34 . 2009-03-08 02:31 59904 ----a-w- c:\windows\system32\dllcache\icardie.dll
2011-05-03 07:52 . 2009-11-27 16:14 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2011-05-03 07:50 . 2009-11-27 15:09 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll
2011-05-03 07:50 . 2009-11-27 15:09 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
2011-05-03 07:49 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2011-05-03 07:31 . 2011-02-17 13:18 455936 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-05-03 07:27 . 2010-12-09 15:14 2194944 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-05-03 07:27 . 2010-12-09 15:14 2150912 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-05-03 07:27 . 2010-12-09 15:14 2029056 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-05-03 07:27 . 2010-12-09 15:14 2071552 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-05-03 05:18 . 2011-05-03 05:18 -------- d-----w- c:\program files\Common Files\Apple
2011-05-03 02:20 . 2011-05-03 02:20 -------- d-----w- C:\FOUND.006
2011-05-03 01:49 . 2008-04-14 12:00 33792 ----a-w- c:\windows\system32\dllcache\lmmib2.dll
2011-05-03 01:43 . 2008-04-14 06:52 152064 ----a-w- c:\windows\system32\irftp.exe
2011-05-03 01:43 . 2008-04-14 06:51 27648 ----a-w- c:\windows\system32\irmon.dll
2011-05-03 01:43 . 2008-04-13 22:24 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2011-05-03 01:43 . 2008-04-14 06:52 8192 ----a-w- c:\windows\system32\wshirda.dll
2011-05-03 01:36 . 2001-08-17 19:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2011-05-02 21:27 . 2008-04-14 12:00 480256 ----a-w- c:\windows\system32\dllcache\cintsetp.exe
2011-05-02 21:27 . 2008-04-14 12:00 21504 ----a-w- c:\windows\system32\CINTLGNT.IME
2011-05-02 21:27 . 2008-04-14 12:00 198656 ----a-w- c:\windows\system32\dllcache\cintime.dll
2011-05-02 21:27 . 2008-04-14 12:00 173568 ----a-w- c:\windows\system32\dllcache\chtskf.dll
2011-05-02 21:27 . 2008-04-14 12:00 56320 ----a-w- c:\windows\system32\dllcache\chtskdic.dll
2011-05-02 21:27 . 2008-04-14 12:00 97792 ----a-w- c:\windows\system32\dllcache\chtmbx.dll
2011-05-02 21:27 . 2008-04-14 12:00 455168 ----a-w- c:\windows\system32\dllcache\tintsetp.exe
2011-05-02 21:27 . 2008-04-14 12:00 44032 ----a-w- c:\windows\system32\dllcache\tintlphr.exe
2011-05-02 21:27 . 2008-04-14 12:00 10240 ----a-w- c:\windows\system32\dllcache\tmigrate.dll
2011-05-02 21:27 . 2008-04-14 12:00 571392 ----a-w- c:\windows\system32\TINTLGNT.IME
2011-05-02 21:26 . 2008-04-14 12:00 70144 ----a-w- c:\windows\system32\dllcache\pintlphr.exe
2011-05-02 21:26 . 2008-04-14 12:00 67584 ----a-w- c:\windows\system32\dllcache\pmigrate.dll
2011-05-02 21:26 . 2008-04-14 12:00 59392 ----a-w- c:\windows\system32\dllcache\imscinst.exe
2011-05-02 21:26 . 2008-04-14 12:00 482304 ----a-w- c:\windows\system32\PINTLGNT.IME
2011-05-02 21:25 . 2008-04-14 12:00 10096640 ----a-w- c:\windows\system32\dllcache\hwxcht.dll
2011-05-02 21:19 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-05-02 21:19 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-05-02 21:19 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-05-02 21:19 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\dllcache\irclass.dll
2011-05-02 20:25 . 2008-04-14 12:00 73802 ----a-w- c:\windows\system32\msrclr40.dll
2011-05-02 20:24 . 2009-02-09 11:25 111104 ----a-w- c:\windows\system32\services.exe
2011-05-02 20:23 . 2009-08-05 09:01 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2011-05-02 20:22 . 2008-04-14 12:00 331776 ----a-w- c:\windows\system32\netsetup.exe
2011-05-02 20:21 . 2008-04-14 12:00 83456 ----a-w- c:\windows\system32\dpvsetup.exe
2011-05-02 20:20 . 2008-04-14 12:00 63488 ----a-w- c:\windows\system32\dllcache\cmstp.exe
2011-05-02 20:09 . 2011-05-02 20:09 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\IObit
2011-04-29 21:30 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-29 21:30 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-29 21:29 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-29 21:29 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-29 21:29 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-29 21:29 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-29 21:29 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-29 21:29 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-29 21:26 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-29 21:26 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-29 21:24 . 2011-04-29 21:24 -------- d-----w- c:\program files\AVAST Software
2011-04-29 21:24 . 2011-04-29 21:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-29 05:22 . 2011-04-29 05:22 -------- d-----w- C:\FOUND.005
2011-04-28 13:41 . 2011-04-28 13:41 -------- d-----w- C:\FOUND.004
2011-04-28 11:27 . 2011-04-28 11:27 -------- d-----w- c:\windows\system32\color
2011-04-28 11:26 . 2001-09-03 09:01 145920 ----a-w- c:\windows\system32\lftif11n.dll
2011-04-28 11:26 . 2001-09-03 09:01 36864 ----a-w- c:\windows\system32\lfbmp11n.dll
2011-04-28 11:26 . 2001-09-03 09:01 273920 ----a-w- c:\windows\system32\LFCMP11n.DLL
2011-04-28 11:26 . 2001-09-03 09:01 80896 ----a-w- c:\windows\system32\lffax11n.dll
2011-04-28 11:26 . 2001-09-03 09:01 59392 ----a-w- c:\windows\system32\lfwmf11n.dll
2011-04-28 11:26 . 2001-09-03 09:02 48408 ------w- c:\windows\system32\drivers\cis1284.sys
2011-04-26 14:57 . 2011-04-26 14:57 -------- d-----w- C:\FOUND.003
2011-04-26 14:19 . 2011-04-26 14:19 -------- d-----w- c:\documents and settings\Zdeněk Hlavatý\Data aplikací\Malwarebytes
2011-04-26 13:18 . 2011-04-26 13:18 -------- d-s---w- c:\documents and settings\Administrator
2011-04-26 09:39 . 2011-04-26 09:39 -------- d-----w- C:\FOUND.002
2011-04-26 08:15 . 2011-04-26 08:15 -------- d-----w- c:\program files\Elcomsoft Password Recovery
2011-04-18 16:32 . 2011-04-18 16:32 -------- d-----w- C:\0733f1702c428b91742305000f136b74
2011-04-13 14:11 . 2011-04-13 14:11 -------- d-----w- c:\program files\NOS
2011-04-13 14:11 . 2011-04-13 14:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NOS
2011-04-13 14:11 . 2011-04-13 14:11 -------- d-----w- C:\FOUND.001
2011-04-13 14:11 . 2011-04-13 14:11 -------- d-----w- C:\FOUND.000
2011-04-13 14:04 . 2011-04-13 14:04 -------- d-----w- c:\program files\pdfforge Toolbar
2011-04-13 14:04 . 2011-04-13 14:04 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-04 12:18 . 2009-08-17 11:55 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-04-18 07:15 . 2009-04-20 10:45 7071056 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-04-12 09:48 . 2009-06-11 06:37 796672 ----a-w- c:\windows\GPInstall.exe
2011-04-06 13:33 . 2005-11-16 22:45 6388328 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-03-24 14:03 . 2010-03-29 14:31 56936 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-03-21 15:13 . 2005-11-16 18:27 20053096 ----a-w- c:\windows\RTHDCPL.EXE
2011-03-07 05:33 . 2004-08-18 18:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-02-25 17:37 . 2005-04-16 05:20 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-02-17 12:54 . 2008-05-05 05:25 5632 ------w- c:\windows\system32\xpsp4res.dll
2011-02-11 14:44 . 2004-08-18 18:00 232448 ----a-w- c:\windows\system32\fxscover.exe
2011-05-03 14:12 . 2011-05-03 14:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.

Kód: Vybrat vše

<pre>
c:\program files\Intel\Wireless\Bin\ifrmewrk .exe
c:\program files\Intel\Wireless\Bin\zcfgsvc .exe
c:\program files\Intel\Wireless\Bin\eouwiz .exe
c:\program files\Synaptics\SynTP\syntplpr .exe
c:\program files\Synaptics\SynTP\syntpenh .exe
c:\program files\Adobe\Reader 8.0\Reader\reader_sl .exe
c:\program files\Acer\Acer Arcade\pcmservice .exe
c:\program files\Acer\OrbiCam\installhelper .exe
c:\program files\Acer\OrbiCam\cameraassistant .exe
c:\program files\ATI Technologies\ATI.ACE\cli .exe
c:\program files\Launch Manager\qtzgacer .exe
c:\program files\Spyware Terminator\spywareterminatorshield .exe
c:\program files\Spyware Terminator\spywareterminatorupdate .exe
c:\program files\Java\jre6\bin\jusched .exe
c:\program files\Microsoft ActiveSync\wcescomm         .exe
c:\program files\OLYMPUS\OLYMPUS Master 2\firststart .exe
c:\program files\OLYMPUS\OLYMPUS Master 2\mmonitor      .exe
c:\program files\MSI\Digi Vox AD\DTVR\scheduled .exe
c:\program files\Windows Defender\msascui .exe
c:\program files\QuickTime\qttask         .exe
c:\program files\Microsoft Security Essentials\msseces .exe
c:\windows\ime\imjp8_1\imjpmig .exe
</pre>

.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-05-13 26624]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-12-10 247144]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2009-12-16 312640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-11-01 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-01 692315]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"RTHDCPL"="RTHDCPL.EXE" [2011-03-21 20053096]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-01-20 200704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-18 44544]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-14 11:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\docume~1\ALLUSE~1\DATAAP~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\DATAAP~1\SPYWAR~1\sp_rsdel.dat\0sprestrt\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSI\\Digi Vox AD\\DTVR\\DTVR.exe"=
"c:\\WINDOWS\\System32\\java.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Spyware Terminator\\spywareterminatorupdate .exe"=
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\\Garmin\\UMP-pcPL\\rsync.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.8.2009 13:55 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29.4.2011 23:29 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.4.2011 23:30 307288]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.11.2008 15:11 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.11.2008 15:11 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.4.2011 23:30 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1.6.2008 8:13 34064]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.11.2008 15:11 7408]
S1 kcpkobnn;kcpkobnn;\??\c:\windows\system32\drivers\kcpkobnn.sys --> c:\windows\system32\drivers\kcpkobnn.sys [?]
S2 MSSQL$ELISKACLIENT2008;SQL Server (ELISKACLIENT2008);"c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe" -sELISKACLIENT2008 --> c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.3.2010 16:32 1691480]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30.11.2005 5:28 1088896]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2.5.2011 22:25 14336]
S4 gupdate1c9ddeee83ed39a;Služba Google Update (gupdate1c9ddeee83ed39a);c:\program files\Google\Update\GoogleUpdate.exe [26.5.2009 12:44 133104]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26.5.2009 12:44 133104]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 1:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 SQLAgent$ELISKACLIENT2008;SQL Server Agent (ELISKACLIENT2008);"c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE" -i ELISKACLIENT2008 --> c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-09 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
2011-05-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-05-09 c:\windows\Tasks\User_Feed_Synchronization-{6275EB59-C9D0-4B84-B5DA-5BB3FDDBAB0E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2011-05-09 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 15:31]
.
2011-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 10:44]
.
2011-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 10:44]
.
2011-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659754447-3941593778-4232737989-1006Core1cacb49162d37d6.job
- c:\documents and settings\Zden [2009-05-13 13:16]
.
.
------- Doplňkový sken -------
.
uStart Page = https://expo.cmss.cz/
IE: Compare Prices with &Dealio - c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Dealio\kb124\res\DealioSearch.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Mozilla\Firefox\Profiles\mdwq8nok.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://web.volny.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=723823&p=
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-95416dc623 - (no file)
Notify-geBqNhFY - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-09 14:28
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
Tady je log z ComboFix

--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-05-09 14:35:02
ComboFix-quarantined-files.txt 2011-05-09 12:34
.
Před spuštěním: Volných bajtů: 27 281 784 832
Po spuštění: Volných bajtů: 27 230 535 680
.
Current=6 Default=6 Failed=0 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - F07D570911B51FF22AF3DD6F6EF1513B

#12 Příspěvek od **Roli** » 09 kvě 2011 18:48

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::  
C:\FOUND.006
C:\FOUND.005
C:\FOUND.004
C:\FOUND.003
C:\FOUND.002
C:\FOUND.001
C:\FOUND.000

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

ZdHlavaty · #13 Příspěvek od **ZdHlavaty** » 09 kvě 2011 22:46

ComboFix 11-05-09.01 - Zdeněk - Hlavatý 09.05.2011 23:01:04.12.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.457 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdeněk - Hlavatý\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Zdeněk - Hlavatý\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\FOUND.000
C:\FOUND.001
C:\FOUND.002
c:\found.002\FILE0000.CHK
c:\found.002\FILE0001.CHK
c:\found.002\FILE0002.CHK
c:\found.002\FILE0003.CHK
c:\found.002\FILE0004.CHK
c:\found.002\FILE0005.CHK
C:\FOUND.003
c:\found.003\FILE0000.CHK
C:\FOUND.004
c:\found.004\FILE0000.CHK
c:\found.004\FILE0001.CHK
c:\found.004\FILE0002.CHK
c:\found.004\FILE0003.CHK
c:\found.004\FILE0004.CHK
c:\found.004\FILE0005.CHK
c:\found.004\FILE0006.CHK
c:\found.004\FILE0007.CHK
c:\found.004\FILE0008.CHK
c:\found.004\FILE0009.CHK
c:\found.004\FILE0010.CHK
c:\found.004\FILE0011.CHK
C:\FOUND.005
c:\found.005\FILE0000.CHK
C:\FOUND.006
c:\found.006\FILE0000.CHK
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-09 do 2011-05-09 )))))))))))))))))))))))))))))))
.
.
2011-05-09 09:33 . 2011-05-09 09:33 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-05-09 09:12 . 2011-05-09 09:12 -------- d-----w- C:\m231_enx
2011-05-09 09:10 . 2010-10-18 11:10 7680 ------w- c:\windows\system32\dllcache\iecompat.dll
2011-05-09 09:10 . 2011-02-22 23:08 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-09 09:10 . 2011-02-22 23:08 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2011-05-09 09:10 . 2011-02-22 23:08 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-07 08:27 . 2011-04-18 07:15 7071056 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{A5E84D9F-37BE-43AA-8DD1-12927903B70F}\mpengine.dll
2011-05-06 06:53 . 2011-05-06 06:53 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Local Settings\Data aplikací\PackageAware
2011-05-05 15:23 . 2011-05-05 15:23 -------- d-----w- c:\program files\PowerISO
2011-05-05 10:29 . 2011-05-05 10:29 -------- d-----w- c:\program files\trend micro
2011-05-05 10:29 . 2011-05-05 10:29 -------- d-----w- C:\rsit
2011-05-04 12:17 . 2011-05-04 12:17 -------- d-----w- c:\program files\DAEMON Tools Pro
2011-05-04 12:16 . 2011-05-04 12:16 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\DAEMON Tools Pro
2011-05-04 12:16 . 2011-05-04 12:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Pro
2011-05-04 11:13 . 2011-05-04 11:13 -------- d-----w- c:\program files\Elaborate Bytes
2011-05-04 08:36 . 2009-10-20 15:20 265728 ------w- c:\windows\system32\dllcache\http.sys
2011-05-03 15:24 . 2011-05-03 15:24 -------- d-----w- c:\windows\system32\NtmsData
2011-05-03 14:54 . 2011-05-03 14:54 3584 ----a-r- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2011-05-03 14:50 . 2011-05-03 14:50 -------- d-----w- c:\program files\CleanUp!
2011-05-03 14:12 . 2011-05-03 14:12 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-03 14:12 . 2011-05-03 14:12 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-03 14:12 . 2011-05-03 14:12 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-03 14:12 . 2011-05-03 14:12 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-03 14:12 . 2011-05-03 14:12 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-03 14:12 . 2011-05-03 14:12 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-03 14:12 . 2011-05-03 14:12 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-03 14:12 . 2011-05-03 14:12 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-03 13:53 . 2011-05-03 13:53 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-03 13:53 . 2011-05-03 13:53 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Local Settings\Data aplikací\NOS
2011-05-03 10:55 . 2001-09-03 09:01 715776 ----a-w- c:\windows\system32\Ltwvc11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 63488 ----a-w- c:\windows\system32\ltlst11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 391680 ----a-w- c:\windows\system32\ltkrn11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 251904 ----a-w- c:\windows\system32\LTDIS11n.dll
2011-05-03 10:55 . 2001-09-03 09:01 115712 ----a-w- c:\windows\system32\ltfil11n.DLL
2011-05-03 10:49 . 2011-05-03 10:49 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Carambis
2011-05-03 10:48 . 2011-05-03 10:48 -------- d-----w- c:\program files\Carambis
2011-05-03 08:34 . 2011-02-22 23:08 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-03 08:34 . 2011-02-22 23:08 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-03 08:34 . 2011-02-22 23:08 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
2011-05-03 08:34 . 2011-02-17 11:43 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2011-05-03 08:34 . 2009-03-08 02:11 445952 ----a-w- c:\windows\system32\dllcache\ieapfltr.dll
2011-05-03 08:34 . 2009-02-06 19:07 3698584 ----a-w- c:\windows\system32\dllcache\ieapfltr.dat
2011-05-03 08:34 . 2011-02-22 23:08 11080704 ------w- c:\windows\system32\dllcache\ieframe.dll
2011-05-03 08:34 . 2009-03-08 02:31 59904 ----a-w- c:\windows\system32\dllcache\icardie.dll
2011-05-03 07:52 . 2009-11-27 16:14 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2011-05-03 07:50 . 2009-11-27 15:09 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll
2011-05-03 07:50 . 2009-11-27 15:09 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
2011-05-03 07:49 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2011-05-03 07:31 . 2011-02-17 13:18 455936 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-05-03 07:27 . 2010-12-09 15:14 2194944 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-05-03 07:27 . 2010-12-09 15:14 2150912 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-05-03 07:27 . 2010-12-09 15:14 2029056 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-05-03 07:27 . 2010-12-09 15:14 2071552 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-05-03 05:18 . 2011-05-03 05:18 -------- d-----w- c:\program files\Common Files\Apple
2011-05-03 01:49 . 2008-04-14 12:00 33792 ----a-w- c:\windows\system32\dllcache\lmmib2.dll
2011-05-03 01:43 . 2008-04-14 06:52 152064 ----a-w- c:\windows\system32\irftp.exe
2011-05-03 01:43 . 2008-04-14 06:51 27648 ----a-w- c:\windows\system32\irmon.dll
2011-05-03 01:43 . 2008-04-13 22:24 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2011-05-03 01:43 . 2008-04-14 06:52 8192 ----a-w- c:\windows\system32\wshirda.dll
2011-05-03 01:36 . 2001-08-17 19:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2011-05-02 21:27 . 2008-04-14 12:00 480256 ----a-w- c:\windows\system32\dllcache\cintsetp.exe
2011-05-02 21:27 . 2008-04-14 12:00 21504 ----a-w- c:\windows\system32\CINTLGNT.IME
2011-05-02 21:27 . 2008-04-14 12:00 198656 ----a-w- c:\windows\system32\dllcache\cintime.dll
2011-05-02 21:27 . 2008-04-14 12:00 173568 ----a-w- c:\windows\system32\dllcache\chtskf.dll
2011-05-02 21:27 . 2008-04-14 12:00 56320 ----a-w- c:\windows\system32\dllcache\chtskdic.dll
2011-05-02 21:27 . 2008-04-14 12:00 97792 ----a-w- c:\windows\system32\dllcache\chtmbx.dll
2011-05-02 21:27 . 2008-04-14 12:00 455168 ----a-w- c:\windows\system32\dllcache\tintsetp.exe
2011-05-02 21:27 . 2008-04-14 12:00 44032 ----a-w- c:\windows\system32\dllcache\tintlphr.exe
2011-05-02 21:27 . 2008-04-14 12:00 10240 ----a-w- c:\windows\system32\dllcache\tmigrate.dll
2011-05-02 21:27 . 2008-04-14 12:00 571392 ----a-w- c:\windows\system32\TINTLGNT.IME
2011-05-02 21:26 . 2008-04-14 12:00 70144 ----a-w- c:\windows\system32\dllcache\pintlphr.exe
2011-05-02 21:26 . 2008-04-14 12:00 67584 ----a-w- c:\windows\system32\dllcache\pmigrate.dll
2011-05-02 21:26 . 2008-04-14 12:00 59392 ----a-w- c:\windows\system32\dllcache\imscinst.exe
2011-05-02 21:26 . 2008-04-14 12:00 482304 ----a-w- c:\windows\system32\PINTLGNT.IME
2011-05-02 21:25 . 2008-04-14 12:00 10096640 ----a-w- c:\windows\system32\dllcache\hwxcht.dll
2011-05-02 21:19 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-05-02 21:19 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-05-02 21:19 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-05-02 21:19 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\dllcache\irclass.dll
2011-05-02 20:25 . 2008-04-14 12:00 73802 ----a-w- c:\windows\system32\msrclr40.dll
2011-05-02 20:24 . 2009-02-09 11:25 111104 ----a-w- c:\windows\system32\services.exe
2011-05-02 20:23 . 2009-08-05 09:01 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2011-05-02 20:22 . 2008-04-14 12:00 331776 ----a-w- c:\windows\system32\netsetup.exe
2011-05-02 20:21 . 2008-04-14 12:00 83456 ----a-w- c:\windows\system32\dpvsetup.exe
2011-05-02 20:20 . 2008-04-14 12:00 63488 ----a-w- c:\windows\system32\dllcache\cmstp.exe
2011-05-02 20:09 . 2011-05-02 20:09 -------- d-----w- c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\IObit
2011-04-29 21:30 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-29 21:30 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-29 21:29 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-29 21:29 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-29 21:29 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-29 21:29 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-29 21:29 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-29 21:29 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-29 21:26 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-29 21:26 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-29 21:24 . 2011-04-29 21:24 -------- d-----w- c:\program files\AVAST Software
2011-04-29 21:24 . 2011-04-29 21:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-04-28 11:27 . 2011-04-28 11:27 -------- d-----w- c:\windows\system32\color
2011-04-28 11:26 . 2001-09-03 09:01 145920 ----a-w- c:\windows\system32\lftif11n.dll
2011-04-28 11:26 . 2001-09-03 09:01 36864 ----a-w- c:\windows\system32\lfbmp11n.dll
2011-04-28 11:26 . 2001-09-03 09:01 273920 ----a-w- c:\windows\system32\LFCMP11n.DLL
2011-04-28 11:26 . 2001-09-03 09:01 80896 ----a-w- c:\windows\system32\lffax11n.dll
2011-04-28 11:26 . 2001-09-03 09:01 59392 ----a-w- c:\windows\system32\lfwmf11n.dll
2011-04-28 11:26 . 2001-09-03 09:02 48408 ------w- c:\windows\system32\drivers\cis1284.sys
2011-04-26 14:19 . 2011-04-26 14:19 -------- d-----w- c:\documents and settings\Zdeněk Hlavatý\Data aplikací\Malwarebytes
2011-04-26 13:18 . 2011-04-26 13:18 -------- d-s---w- c:\documents and settings\Administrator
2011-04-26 08:15 . 2011-04-26 08:15 -------- d-----w- c:\program files\Elcomsoft Password Recovery
2011-04-18 16:32 . 2011-04-18 16:32 -------- d-----w- C:\0733f1702c428b91742305000f136b74
2011-04-13 14:11 . 2011-04-13 14:11 -------- d-----w- c:\program files\NOS
2011-04-13 14:11 . 2011-04-13 14:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NOS
2011-04-13 14:04 . 2011-04-13 14:04 -------- d-----w- c:\program files\pdfforge Toolbar
2011-04-13 14:04 . 2011-04-13 14:04 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-04 12:18 . 2009-08-17 11:55 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-04-18 07:15 . 2009-04-20 10:45 7071056 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-04-12 09:48 . 2009-06-11 06:37 796672 ----a-w- c:\windows\GPInstall.exe
2011-04-06 13:33 . 2005-11-16 22:45 6388328 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-03-24 14:03 . 2010-03-29 14:31 56936 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-03-21 15:13 . 2005-11-16 18:27 20053096 ----a-w- c:\windows\RTHDCPL.EXE
2011-03-07 05:33 . 2004-08-18 18:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-02-25 17:37 . 2005-04-16 05:20 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-02-17 12:54 . 2008-05-05 05:25 5632 ------w- c:\windows\system32\xpsp4res.dll
2011-02-11 14:44 . 2004-08-18 18:00 232448 ----a-w- c:\windows\system32\fxscover.exe
2011-05-03 14:12 . 2011-05-03 14:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.

Kód: Vybrat vše

<pre>
c:\program files\Intel\Wireless\Bin\ifrmewrk .exe
c:\program files\Intel\Wireless\Bin\zcfgsvc .exe
c:\program files\Intel\Wireless\Bin\eouwiz .exe
c:\program files\Synaptics\SynTP\syntplpr .exe
c:\program files\Synaptics\SynTP\syntpenh .exe
c:\program files\Adobe\Reader 8.0\Reader\reader_sl .exe
c:\program files\Acer\Acer Arcade\pcmservice .exe
c:\program files\Acer\OrbiCam\installhelper .exe
c:\program files\Acer\OrbiCam\cameraassistant .exe
c:\program files\ATI Technologies\ATI.ACE\cli .exe
c:\program files\Launch Manager\qtzgacer .exe
c:\program files\Spyware Terminator\spywareterminatorshield .exe
c:\program files\Spyware Terminator\spywareterminatorupdate .exe
c:\program files\Java\jre6\bin\jusched .exe
c:\program files\Microsoft ActiveSync\wcescomm         .exe
c:\program files\OLYMPUS\OLYMPUS Master 2\firststart .exe
c:\program files\OLYMPUS\OLYMPUS Master 2\mmonitor      .exe
c:\program files\MSI\Digi Vox AD\DTVR\scheduled .exe
c:\program files\Windows Defender\msascui .exe
c:\program files\QuickTime\qttask         .exe
c:\program files\Microsoft Security Essentials\msseces .exe
c:\windows\ime\imjp8_1\imjpmig .exe
</pre>

.
((((((((((((((((((((((((((((( SnapShot@2011-05-09_12.29.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-13 03:50 . 2007-02-24 07:20 139264 c:\windows\system32\mpmasdll.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-05-13 26624]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-12-10 247144]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2009-12-16 312640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-11-01 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-01 692315]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"RTHDCPL"="RTHDCPL.EXE" [2011-03-21 20053096]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-01-20 200704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-18 44544]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-14 11:36 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\docume~1\ALLUSE~1\DATAAP~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\DATAAP~1\SPYWAR~1\sp_rsdel.dat\0sprestrt\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSI\\Digi Vox AD\\DTVR\\DTVR.exe"=
"c:\\WINDOWS\\System32\\java.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Spyware Terminator\\spywareterminatorupdate .exe"=
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\\Garmin\\UMP-pcPL\\rsync.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.8.2009 13:55 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29.4.2011 23:29 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.4.2011 23:30 307288]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [17.11.2008 15:11 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.11.2008 15:11 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.4.2011 23:30 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1.6.2008 8:13 34064]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30.11.2005 5:28 1088896]
S1 kcpkobnn;kcpkobnn;\??\c:\windows\system32\drivers\kcpkobnn.sys --> c:\windows\system32\drivers\kcpkobnn.sys [?]
S2 MSSQL$ELISKACLIENT2008;SQL Server (ELISKACLIENT2008);"c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe" -sELISKACLIENT2008 --> c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29.3.2010 16:32 1691480]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2.5.2011 22:25 14336]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.11.2008 15:11 7408]
S4 gupdate1c9ddeee83ed39a;Služba Google Update (gupdate1c9ddeee83ed39a);c:\program files\Google\Update\GoogleUpdate.exe [26.5.2009 12:44 133104]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26.5.2009 12:44 133104]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 1:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 SQLAgent$ELISKACLIENT2008;SQL Server Agent (ELISKACLIENT2008);"c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE" -i ELISKACLIENT2008 --> c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-09 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
2011-05-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-05-09 c:\windows\Tasks\User_Feed_Synchronization-{6275EB59-C9D0-4B84-B5DA-5BB3FDDBAB0E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2011-05-09 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 15:31]
.
2011-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 10:44]
.
2011-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 10:44]
.
2011-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1659754447-3941593778-4232737989-1006Core1cacb49162d37d6.job
- c:\documents and settings\Zden [2009-05-13 13:16]
.
.
------- Doplňkový sken -------
.
uStart Page = https://expo.cmss.cz/
IE: Compare Prices with &Dealio - c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Dealio\kb124\res\DealioSearch.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\Zdeněk - Hlavatý\Data aplikací\Mozilla\Firefox\Profiles\mdwq8nok.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://web.volny.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=723823&p=
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-09 23:13
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-05-09 23:18:35
ComboFix-quarantined-files.txt 2011-05-09 21:18
ComboFix2.txt 2011-05-09 12:35
.
Před spuštěním: Volných bajtů: 27 131 281 408
Po spuštění: Volných bajtů: 27 126 431 744
.
Current=6 Default=6 Failed=0 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
- - End Of File - - 6FC0608FEA7F2B93BE54EE707BAEE15D

#14 Příspěvek od **Roli** » 10 kvě 2011 18:24

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jaký je stav PC.

ZdHlavaty · #15 Příspěvek od **ZdHlavaty** » 11 kvě 2011 12:16

Zdravím,
odinstalovano a vyčištěno.
Při instalaci tiskárny opět hláška že nejde iniciovat MPSERVIC.exe.Po neuspěšné instalaci však zůstaly ve vytvořené složce nějaké soubory dll,ktere nešly vymazat.Nakonec jsem po různých experimentech zkopíroval do této složky soubor MPSERVIC.exe z druhého počítače,kde mi tiskárna beží a po opětovné istalaci se tiskárna nainstalovala.Po restartu PC se znova objevila nějaká hláška ohledně MPSERVIC.exe.tak jsem znova pustil istalaci tiskarny a vybral nabídku opravit,ktera proběhla už bez problémů a tiskárna běži.
Nicméně jsem zase přišel na to,že se nemužu do tohoto počítače dostat v domácí síti.PC se mi sice v síti objeví,ale při poklepání na ikonu se objeví hlaška:
Položka \\Notebook není přístupná. Zřejmě nemáte dostatečná oprávnění pro přístup k této položce. Obraťte se na správce servru a ověřte oprávnění.
Přihlašovací chyba:Uživateli nebyl v tomto počítači udělen požadovaný typ přihlášení.
Obraceně to funguje.
Oba PC XP Home a nejde to s firewallem ani bez.
Tak si myslím,jestli by nebylo lepší přeinstalovani/inovace XP.

VIRY.CZ

Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji

Re: Prosím o kontrolu logu z RSIT(druhá část).Děkuji