VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

problém s svchost.exe

https://forum.viry.cz:443/viewtopic.php?t=100145

Stránka 1 z 1

problém s svchost.exe

Napsal: 16 dub 2010 10:39
od Jaykuš
Dobrý den,
asi před týdnem jsem od jednoho kamaráda zjistil že mám slušně zaneřáděný počítač souborama svchost.exe, který mi zpomalují počítač. Když dám ctrl+alt+delete tak v procesech se mi ukaže 6 těchto souborů.
To mě docela překvapilo, protože pravidelné kontroly Avastem nic nehlásili.
Zkoušel jsem počítač projet esetem a nortnem, ale ty mi také nic nenašli. Jako poslední věc, kterou jsem vyzkoušel bylo sformatovaní disku.
Bohužel to taky nepomohlo a tak bych vás chtěl poprosit o radu vyřešení tohoto problému.
Předem děkuji.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Wx2000 at 2010-04-16 11:32:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 120 GB (79%) free of 153 GB
Total RAM: 479 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:03, on 16. 4. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Wx2000\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Wx2000.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6848 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-10 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-06 16262656]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"Google Update"=C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-08 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="C:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LucasArts\Republic Heroes\Republic Heroes.exe"="C:\Program Files\LucasArts\Republic Heroes\Republic Heroes.exe:*:Enabled:Republic Heroes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-16 11:06:17 ----D---- C:\Program Files\trend micro
2010-04-16 11:06:15 ----D---- C:\rsit
2010-04-15 22:42:36 ----A---- C:\ComboFix.txt
2010-04-15 22:34:24 ----A---- C:\Boot.bak
2010-04-15 22:34:17 ----RASHD---- C:\cmdcons
2010-04-15 22:33:18 ----A---- C:\WINDOWS\zip.exe
2010-04-15 22:33:18 ----A---- C:\WINDOWS\SWREG.exe
2010-04-15 22:33:18 ----A---- C:\WINDOWS\sed.exe
2010-04-15 22:33:18 ----A---- C:\WINDOWS\PEV.exe
2010-04-15 22:33:18 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-15 22:33:18 ----A---- C:\WINDOWS\MBR.exe
2010-04-15 22:33:18 ----A---- C:\WINDOWS\grep.exe
2010-04-15 22:33:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-15 22:33:17 ----A---- C:\WINDOWS\SWSC.exe
2010-04-15 22:32:58 ----D---- C:\WINDOWS\ERDNT
2010-04-15 22:31:28 ----D---- C:\ComboFix
2010-04-15 22:30:37 ----D---- C:\Qoobox
2010-04-15 22:21:53 ----A---- C:\avenger.txt
2010-04-15 22:15:37 ----D---- C:\Avenger
2010-04-15 20:41:01 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-15 20:41:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-15 15:17:13 ----A---- C:\WINDOWS\system32\muweb.dll
2010-04-15 15:17:13 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-04-15 15:17:13 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-04-15 14:09:47 ----D---- C:\Program Files\EA GAMES
2010-04-15 14:09:46 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2010-04-15 14:03:56 ----A---- C:\WINDOWS\system32\msonpmon.dll
2010-04-15 14:02:46 ----D---- C:\Program Files\Microsoft Works
2010-04-15 14:02:11 ----D---- C:\Program Files\Microsoft Visual Studio
2010-04-15 14:02:10 ----D---- C:\Program Files\Common Files\DESIGNER
2010-04-15 14:01:23 ----D---- C:\Program Files\Microsoft.NET
2010-04-15 13:57:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-04-15 13:57:19 ----D---- C:\WINDOWS\SHELLNEW
2010-04-15 13:56:45 ----D---- C:\Program Files\Microsoft Office
2010-04-15 13:56:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-15 13:56:17 ----RD---- C:\MSOCache
2010-04-14 21:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 21:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 21:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-14 21:50:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 21:50:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 21:50:33 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 21:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 21:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-13 21:22:37 ----D---- C:\Program Files\SIW
2010-04-13 21:10:15 ----D---- C:\Program Files\ESET
2010-04-13 15:32:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\SWTCWRH
2010-04-13 15:32:26 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-13 15:32:26 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-13 15:32:26 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-13 15:32:26 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-13 15:32:26 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-13 15:32:25 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-13 15:32:25 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-13 15:32:25 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-13 15:32:25 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-13 15:32:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-13 15:32:25 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-13 15:32:24 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-13 15:32:24 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-13 15:32:24 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-13 15:32:23 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-13 15:32:23 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-13 15:32:23 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-13 15:32:23 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-13 15:32:23 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-13 15:32:22 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-13 15:32:22 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-13 15:32:22 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-13 15:32:21 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-13 15:32:20 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-13 15:32:20 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-13 15:32:20 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-13 15:32:20 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-13 15:32:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-04-13 15:32:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-04-13 15:32:19 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-13 15:32:19 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-13 15:32:19 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-13 15:32:18 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-04-13 15:32:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-04-13 15:32:18 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-04-13 15:32:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-04-13 15:32:17 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-04-13 15:32:17 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-04-13 15:32:16 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-04-13 15:32:16 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-04-13 15:32:16 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-04-13 15:32:15 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-04-13 15:32:15 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-04-13 15:32:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-04-13 15:32:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-04-13 15:32:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-04-13 15:32:14 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-04-13 15:32:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-04-13 15:32:14 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-04-13 15:32:13 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-04-13 15:32:13 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-04-13 15:32:12 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-04-13 15:32:12 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-04-13 15:32:12 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-04-13 15:32:12 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-04-13 15:32:11 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-04-13 15:32:11 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-04-13 15:32:11 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-04-13 15:32:10 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-04-13 15:32:09 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-04-13 15:32:03 ----D---- C:\WINDOWS\Logs
2010-04-13 15:31:45 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-04-13 15:30:24 ----D---- C:\Program Files\MSBuild
2010-04-13 15:26:01 ----D---- C:\WINDOWS\system32\XPSViewer
2010-04-13 15:25:58 ----D---- C:\WINDOWS\system32\en-us
2010-04-13 15:25:22 ----D---- C:\Program Files\Reference Assemblies
2010-04-13 15:25:05 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-04-13 15:22:47 ----RSD---- C:\WINDOWS\assembly
2010-04-13 15:22:18 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-13 15:21:34 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-13 15:21:34 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-13 15:21:33 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-13 15:21:23 ----D---- C:\WINDOWS\system32\xlive
2010-04-13 15:21:23 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2010-04-13 15:20:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-13 15:20:28 ----D---- C:\WINDOWS\system32\AGEIA
2010-04-13 15:20:27 ----D---- C:\Program Files\AGEIA Technologies
2010-04-13 15:20:18 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-13 15:17:23 ----A---- C:\WINDOWS\system32\XINPUT1_3.dll
2010-04-13 15:17:23 ----A---- C:\WINDOWS\system32\d3dx9_39.dll
2010-04-12 22:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-04-12 22:04:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-04-12 22:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-04-11 18:36:28 ----D---- C:\WINDOWS\Prefetch
2010-04-11 18:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-04-11 18:33:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-11 18:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-04-11 18:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-11 18:33:30 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-11 18:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-04-11 18:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-11 18:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-04-11 18:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-11 18:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-04-11 18:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-04-11 18:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-04-11 18:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-04-11 18:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-04-11 18:32:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-04-11 18:32:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-04-11 18:32:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-04-11 18:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-04-11 18:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-04-11 18:32:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-04-11 18:32:06 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-04-11 18:32:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-04-11 18:31:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-04-11 18:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-11 18:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-04-11 18:31:41 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-04-11 18:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-04-11 18:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-04-11 18:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-04-11 18:31:19 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-04-11 18:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-04-11 18:31:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-04-11 18:31:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-04-11 18:30:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-04-11 18:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-04-11 18:30:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-04-11 18:30:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-04-11 18:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-04-11 18:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-04-11 18:30:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-04-11 18:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-04-11 18:30:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-04-11 18:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-04-11 18:30:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-04-11 18:30:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-04-11 18:29:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-04-11 18:29:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-04-11 18:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-04-11 18:29:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-04-11 18:29:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-04-11 18:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-04-11 18:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-04-11 18:29:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-04-11 18:25:46 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-11 18:25:44 ----D---- C:\WINDOWS\system32\cs
2010-04-11 18:25:44 ----D---- C:\WINDOWS\system32\bits
2010-04-11 18:25:44 ----D---- C:\WINDOWS\l2schemas
2010-04-11 18:22:27 ----D---- C:\WINDOWS\network diagnostic
2010-04-11 18:20:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-04-11 18:20:00 ----D---- C:\WINDOWS\EHome
2010-04-11 18:14:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-11 18:13:56 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-11 14:43:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-11 00:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$
2010-04-11 00:53:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$
2010-04-10 19:39:33 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-04-10 16:04:36 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-10 14:02:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-04-10 14:02:37 ----D---- C:\Program Files\DVD Shrink
2010-04-10 14:02:24 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\WinRAR
2010-04-10 12:39:24 ----D---- C:\WINDOWS\Sun
2010-04-10 12:38:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-10 12:38:30 ----D---- C:\Program Files\Common Files\Java
2010-04-10 12:38:06 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-04-10 12:38:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-10 12:38:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-10 12:38:05 ----A---- C:\WINDOWS\system32\java.exe
2010-04-10 12:37:28 ----D---- C:\Program Files\Java
2010-04-10 12:36:28 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\Sun
2010-04-10 12:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-04-10 12:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-04-10 12:01:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-04-10 12:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-04-10 12:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-04-10 12:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-04-10 12:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-04-10 12:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-04-10 12:01:06 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2010-04-10 12:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-04-10 12:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-04-10 12:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-04-10 12:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-04-10 12:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-04-10 12:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-04-10 12:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-04-10 12:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-04-10 12:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-04-10 12:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2_0$
2010-04-10 11:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-04-10 11:59:51 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-04-10 11:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-04-10 11:59:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-04-10 11:59:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-04-10 11:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-04-10 11:59:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-04-10 11:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-04-10 11:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-04-10 11:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB978251_0$
2010-04-10 11:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-04-10 11:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-04-10 11:58:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-04-10 11:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-04-10 11:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-04-10 11:58:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-04-10 11:58:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-04-10 11:58:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-04-10 11:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-04-10 11:58:00 ----HDC---- C:\WINDOWS\$NtUninstallKB980182_0$
2010-04-10 11:57:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-04-10 11:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2010-04-10 11:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-04-10 11:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-04-10 11:57:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-04-10 11:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-04-10 11:57:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-04-10 11:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-04-10 11:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-04-10 11:57:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-04-10 11:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-04-10 11:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-04-10 11:56:49 ----D---- C:\WINDOWS\ServicePackFiles
2010-04-10 11:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-04-10 11:56:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-04-10 11:56:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-04-10 11:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-04-10 11:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-04-10 11:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-04-10 11:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-04-10 11:56:15 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-04-10 11:56:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-04-10 11:56:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-04-10 11:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-04-10 11:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2010-04-09 20:33:07 ----D---- C:\Program Files\Common Files\Nero
2010-04-09 20:30:10 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-04-09 20:30:02 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2010-04-09 20:30:02 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2010-04-09 20:30:02 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2010-04-09 20:30:01 ----N---- C:\WINDOWS\system32\ImagX7.dll
2010-04-09 20:29:59 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-04-09 20:29:53 ----D---- C:\Program Files\Common Files\Ahead
2010-04-09 20:29:50 ----D---- C:\Program Files\Ahead
2010-04-09 16:40:56 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-04-08 21:51:52 ----D---- C:\WINDOWS\system32\PreInstall
2010-04-08 21:51:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-04-08 21:48:52 ----D---- C:\Program Files\IObit
2010-04-08 20:21:15 ----D---- C:\Program Files\LucasArts
2010-04-08 19:57:29 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-04-08 19:57:29 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-04-08 19:57:29 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-04-08 19:57:29 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-04-08 19:57:28 ----A---- C:\WINDOWS\system32\unrar.dll
2010-04-08 19:57:27 ----A---- C:\WINDOWS\avisplitter.ini
2010-04-08 19:57:21 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-04-08 19:57:20 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-04-08 19:57:20 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-04-08 19:57:19 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2010-04-08 19:57:19 ----A---- C:\WINDOWS\system32\dpl100.dll
2010-04-08 19:57:19 ----A---- C:\WINDOWS\system32\divx.dll
2010-04-08 19:57:17 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-04-08 19:57:16 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-04-08 19:57:15 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-04-08 19:57:14 ----D---- C:\Program Files\K-Lite Codec Pack
2010-04-08 19:57:14 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-04-08 19:24:57 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-04-08 19:24:43 ----D---- C:\Program Files\DAEMON Tools Lite
2010-04-08 19:24:25 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\DAEMON Tools Lite
2010-04-08 19:24:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-04-08 18:29:48 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\URSoft
2010-04-08 18:29:48 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-08 18:29:45 ----D---- C:\Program Files\Your Uninstaller 2008
2010-04-08 18:09:12 ----A---- C:\WINDOWS\system32\h323log.txt
2010-04-08 18:06:00 ----A---- C:\WINDOWS\system32\usbui.dll
2010-04-08 18:04:17 ----SHD---- C:\WINDOWS\Installer
2010-04-08 18:04:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-08 18:04:16 ----D---- C:\Program Files\Common Files\ODBC
2010-04-08 18:04:16 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-08 18:04:13 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-04-08 18:04:12 ----RD---- C:\Program Files
2010-04-08 18:04:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-08 18:04:12 ----D---- C:\Program Files\Common Files
2010-04-08 18:04:10 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-04-08 18:04:10 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-04-08 18:04:10 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-04-08 18:04:08 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-04-08 18:04:08 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-04-08 18:04:08 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-04-08 18:04:07 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-04-08 18:04:05 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-04-08 18:04:05 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-04-08 18:04:05 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-04-08 18:04:05 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-04-08 18:04:05 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-04-08 18:04:05 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-04-08 18:04:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-04-08 18:04:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-04-08 18:04:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-04-08 18:04:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-04-08 18:04:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-04-08 18:04:03 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-04-08 18:03:59 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2010-04-08 18:03:59 ----A---- C:\WINDOWS\system32\kbdsl.dll
2010-04-08 18:03:59 ----A---- C:\WINDOWS\system32\kbdro.dll
2010-04-08 18:03:59 ----A---- C:\WINDOWS\system32\kbdpl.dll
2010-04-08 18:03:58 ----A---- C:\WINDOWS\system32\kbdycl.dll
2010-04-08 18:03:58 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2010-04-08 18:03:58 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2010-04-08 18:03:58 ----A---- C:\WINDOWS\system32\kbdhu.dll
2010-04-08 18:03:58 ----A---- C:\WINDOWS\system32\kbdcr.dll
2010-04-08 18:03:58 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2010-04-08 18:03:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-04-08 18:03:57 ----A---- C:\WINDOWS\system32\irclass.dll
2010-04-08 18:03:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-04-08 18:03:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-04-08 18:03:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-04-08 18:03:54 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-04-08 18:03:54 ----A---- C:\WINDOWS\system32\batt.dll
2010-04-08 18:03:53 ----A---- C:\WINDOWS\notepad.exe
2010-04-08 18:03:52 ----A---- C:\WINDOWS\system32\storprop.dll
2010-04-08 18:03:45 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-04-08 18:03:31 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-08 18:03:31 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-08 18:03:26 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-08 18:03:02 ----SHD---- C:\System Volume Information
2010-04-08 18:03:02 ----D---- C:\Documents and Settings
2010-04-08 18:02:31 ----RASH---- C:\boot.ini
2010-04-08 18:02:26 ----D---- C:\DRIVERS
2010-04-08 17:56:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-08 17:56:15 ----RSD---- C:\WINDOWS\Fonts
2010-04-08 17:56:15 ----RD---- C:\WINDOWS\Web
2010-04-08 17:56:15 ----HD---- C:\WINDOWS\inf
2010-04-08 17:56:15 ----D---- C:\WINDOWS\WinSxS
2010-04-08 17:56:15 ----D---- C:\WINDOWS\twain_32
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Temp
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\wins
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\wbem
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\usmt
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\spool
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\ShellExt
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\Setup
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\ras
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\oobe
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\npp
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\mui
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\IME
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\icsxml
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\ias
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\export
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\drivers
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\dhcp
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\config
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\3com_dmi
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\3076
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\2052
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1054
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1042
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1041
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1037
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1033
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1031
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1029
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1028
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32\1025
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system32
2010-04-08 17:56:15 ----D---- C:\WINDOWS\system
2010-04-08 17:56:15 ----D---- C:\WINDOWS\security
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Resources
2010-04-08 17:56:15 ----D---- C:\WINDOWS\repair
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Provisioning
2010-04-08 17:56:15 ----D---- C:\WINDOWS\pchealth
2010-04-08 17:56:15 ----D---- C:\WINDOWS\PeerNet
2010-04-08 17:56:15 ----D---- C:\WINDOWS\mui
2010-04-08 17:56:15 ----D---- C:\WINDOWS\msapps
2010-04-08 17:56:15 ----D---- C:\WINDOWS\msagent
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Media
2010-04-08 17:56:15 ----D---- C:\WINDOWS\java
2010-04-08 17:56:15 ----D---- C:\WINDOWS\ime
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Help
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Driver Cache
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Debug
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Cursors
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Connection Wizard
2010-04-08 17:56:15 ----D---- C:\WINDOWS\Config
2010-04-08 17:56:15 ----D---- C:\WINDOWS\AppPatch
2010-04-08 17:56:15 ----D---- C:\WINDOWS\addins
2010-04-08 17:56:15 ----D---- C:\WINDOWS
2010-04-08 17:47:49 ----D---- C:\Program Files\WinRAR
2010-04-08 17:35:47 ----D---- C:\Program Files\Ask.com
2010-04-08 17:35:19 ----D---- C:\Program Files\The KMPlayer
2010-04-08 17:25:51 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-08 17:25:46 ----D---- C:\Program Files\Alwil Software
2010-04-08 17:25:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-04-08 17:07:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2010-04-08 17:05:04 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\Macromedia
2010-04-08 17:05:00 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\Adobe
2010-04-08 17:04:02 ----D---- C:\Program Files\ICQ6Toolbar
2010-04-08 17:03:58 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\Mozilla
2010-04-08 17:03:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-04-08 17:03:33 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\ICQ
2010-04-08 17:03:03 ----D---- C:\Program Files\ICQ6.5
2010-04-08 16:59:37 ----D---- C:\Program Files\Defraggler
2010-04-08 16:59:26 ----D---- C:\Program Files\Yahoo!
2010-04-08 16:59:21 ----D---- C:\Program Files\CCleaner
2010-04-08 16:49:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-04-08 16:49:35 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-04-08 16:41:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2010-04-08 16:41:04 ----D---- C:\Program Files\NVIDIA Corporation
2010-04-08 16:40:23 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-04-08 16:40:23 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-04-08 16:40:23 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-04-08 16:40:23 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-04-08 16:40:23 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-04-08 16:40:17 ----D---- C:\NVIDIA
2010-04-08 16:39:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-04-08 16:38:08 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-04-08 16:37:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2010-04-08 16:35:21 ----N---- C:\WINDOWS\system32\nvuide.exe
2010-04-08 16:35:20 ----RA---- C:\WINDOWS\system32\NVCOI.DLL
2010-04-08 16:35:20 ----RA---- C:\WINDOWS\system32\idecoiins.dll
2010-04-08 16:35:20 ----RA---- C:\WINDOWS\system32\idecoi.dll
2010-04-08 16:35:07 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2010-04-08 16:35:07 ----RA---- C:\WINDOWS\system32\fdco1.dll
2010-04-08 16:35:05 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-04-08 16:35:04 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2010-04-08 16:35:04 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2010-04-08 16:35:04 ----RA---- C:\WINDOWS\system32\bdco1.dll
2010-04-08 16:34:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-08 16:32:52 ----D---- C:\WINDOWS\nview
2010-04-08 16:32:52 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-04-08 16:32:35 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-04-08 16:30:56 ----D---- C:\WINDOWS\system32\Lang
2010-04-08 16:29:21 ----R---- C:\WINDOWS\system32\ChCfg.exe
2010-04-08 16:29:00 ----D---- C:\WINDOWS\system32\RTCOM
2010-04-08 16:28:58 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-04-08 16:28:32 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-04-08 16:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2010-04-08 16:28:29 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2010-04-08 16:28:28 ----RA---- C:\WINDOWS\SkyTel.exe
2010-04-08 16:28:28 ----RA---- C:\WINDOWS\RtlUpd.exe
2010-04-08 16:28:26 ----RA---- C:\WINDOWS\RTLCPL.EXE
2010-04-08 16:28:22 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2010-04-08 16:28:21 ----RA---- C:\WINDOWS\MicCal.exe
2010-04-08 16:28:20 ----RA---- C:\WINDOWS\ALCMTR.EXE
2010-04-08 16:28:19 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2010-04-08 16:28:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-08 16:28:18 ----D---- C:\Program Files\Realtek
2010-04-08 16:28:14 ----R---- C:\WINDOWS\RtlExUpd.dll
2010-04-08 16:24:57 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-08 16:23:35 ----D---- C:\Documents and Settings\Wx2000\Data aplikací\Identities
2010-04-08 16:23:34 ----HD---- C:\Program Files\Uninstall Information
2010-04-08 16:23:29 ----ASH---- C:\Documents and Settings\Wx2000\Data aplikací\desktop.ini
2010-04-08 16:23:28 ----SD---- C:\Documents and Settings\Wx2000\Data aplikací\Microsoft
2010-04-08 16:22:45 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-08 16:22:44 ----SD---- C:\WINDOWS\system32\Microsoft
2010-04-08 16:15:16 ----D---- C:\WINDOWS\system32\xircom
2010-04-08 16:15:16 ----D---- C:\Program Files\xerox
2010-04-08 16:15:15 ----D---- C:\Program Files\microsoft frontpage
2010-04-08 16:15:11 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-08 16:14:57 ----A---- C:\WINDOWS\control.ini
2010-04-08 16:14:57 ----A---- C:\AUTOEXEC.BAT
2010-04-08 16:14:39 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-04-08 16:13:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-08 16:13:49 ----RD---- C:\WINDOWS\Offline Web Pages
2010-04-08 16:13:48 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-04-08 16:13:42 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-04-08 16:13:37 ----HD---- C:\Program Files\WindowsUpdate
2010-04-08 16:13:33 ----D---- C:\Program Files\Online Services
2010-04-08 16:13:15 ----D---- C:\WINDOWS\system32\DirectX
2010-04-08 16:12:51 ----A---- C:\WINDOWS\system32\atrace.dll
2010-04-08 16:12:49 ----A---- C:\WINDOWS\system32\desktop.ini
2010-04-08 16:12:49 ----A---- C:\WINDOWS\desktop.ini
2010-04-08 16:12:41 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-04-08 16:12:40 ----A---- C:\WINDOWS\system32\acctres.dll
2010-04-08 16:12:39 ----D---- C:\Program Files\Common Files\Services
2010-04-08 16:12:36 ----SD---- C:\WINDOWS\Tasks
2010-04-08 16:12:36 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-04-08 16:12:35 ----D---- C:\Program Files\Common Files\MSSoap
2010-04-08 16:12:30 ----D---- C:\WINDOWS\srchasst
2010-04-08 16:12:29 ----D---- C:\WINDOWS\system32\Macromed
2010-04-08 16:12:26 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-04-08 16:12:26 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-04-08 16:12:26 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-04-08 16:12:26 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\wups.dll
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-04-08 16:12:25 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-04-08 16:12:24 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-08 16:12:20 ----D---- C:\Program Files\Movie Maker
2010-04-08 16:12:16 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-04-08 16:12:15 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-04-08 16:12:15 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-04-08 16:12:15 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-04-08 16:12:12 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-04-08 16:12:12 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-04-08 16:12:11 ----D---- C:\WINDOWS\system32\Restore
2010-04-08 16:12:11 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-04-08 16:12:11 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-04-08 16:12:11 ----A---- C:\WINDOWS\system32\srclient.dll
2010-04-08 16:12:10 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-04-08 16:12:10 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-04-08 16:12:10 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-04-08 16:12:10 ----A---- C:\WINDOWS\system32\ils.dll
2010-04-08 16:12:09 ----A---- C:\WINDOWS\system32\msconf.dll
2010-04-08 16:12:09 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-04-08 16:12:06 ----D---- C:\Program Files\NetMeeting
2010-04-08 16:12:06 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-04-08 16:12:06 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-04-08 16:12:05 ----A---- C:\WINDOWS\system32\inetres.dll
2010-04-08 16:12:05 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-04-08 16:12:02 ----D---- C:\Program Files\Outlook Express
2010-04-08 16:12:02 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-04-08 16:12:02 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-04-08 16:12:02 ----A---- C:\WINDOWS\system32\mstask.dll
2010-04-08 16:12:01 ----A---- C:\WINDOWS\system32\isign32.dll
2010-04-08 16:12:01 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-04-08 16:12:01 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-04-08 16:12:01 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-04-08 16:11:55 ----D---- C:\Program Files\Common Files\System
2010-04-08 16:11:53 ----D---- C:\Program Files\Internet Explorer
2010-04-08 16:11:43 ----D---- C:\Program Files\ComPlus Applications
2010-04-08 16:11:41 ----A---- C:\WINDOWS\vbaddin.ini
2010-04-08 16:11:41 ----A---- C:\WINDOWS\vb.ini
2010-04-08 16:11:36 ----D---- C:\WINDOWS\Registration
2010-04-08 16:11:07 ----D---- C:\Program Files\Windows Media Player
2010-04-08 16:11:02 ----D---- C:\Program Files\Messenger
2010-04-08 16:10:58 ----D---- C:\Program Files\MSN Gaming Zone
2010-04-08 16:10:58 ----A---- C:\WINDOWS\system32\write.exe
2010-04-08 16:10:47 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-04-08 16:10:46 ----A---- C:\WINDOWS\system32\hticons.dll
2010-04-08 16:10:46 ----A---- C:\WINDOWS\system32\avwav.dll
2010-04-08 16:10:46 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-04-08 16:10:46 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-04-08 16:10:45 ----A---- C:\WINDOWS\system32\winchat.exe
2010-04-08 16:10:37 ----A---- C:\WINDOWS\system32\charmap.exe
2010-04-08 16:10:37 ----A---- C:\WINDOWS\system32\getuname.dll
2010-04-08 16:10:37 ----A---- C:\WINDOWS\system32\calc.exe
2010-04-08 16:10:36 ----A---- C:\WINDOWS\system32\winmine.exe
2010-04-08 16:10:36 ----A---- C:\WINDOWS\system32\sol.exe
2010-04-08 16:10:36 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\tskill.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\tscon.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\shadow.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\reset.exe
2010-04-08 16:10:35 ----A---- C:\WINDOWS\system32\freecell.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\regini.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\msg.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\logoff.exe
2010-04-08 16:10:34 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-04-08 16:10:33 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-04-08 16:10:33 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-04-08 16:10:33 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-04-08 16:10:32 ----A---- C:\WINDOWS\system32\stclient.dll
2010-04-08 16:10:32 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-04-08 16:10:32 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-04-08 16:10:32 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-04-08 16:10:32 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-04-08 16:10:26 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-04-08 16:10:25 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-04-08 16:10:25 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-04-08 16:10:25 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-04-08 16:10:25 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-04-08 16:10:24 ----D---- C:\Program Files\Windows NT
2010-04-08 16:10:24 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-04-08 16:10:24 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-04-08 16:10:23 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-04-08 16:10:23 ----A---- C:\WINDOWS\system32\spider.exe
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-04-08 16:10:22 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-04-08 16:10:21 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-04-08 16:10:20 ----D---- C:\WINDOWS\system32\MsDtc
2010-04-08 16:10:20 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-04-08 16:10:20 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-04-08 16:10:20 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-04-08 16:10:20 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-04-08 16:10:19 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-04-08 16:10:19 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-04-08 16:10:19 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-04-08 16:10:18 ----D---- C:\WINDOWS\system32\Com
2010-04-08 16:10:18 ----A---- C:\WINDOWS\system32\colbact.dll
2010-04-08 16:10:18 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-04-08 16:10:18 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-04-08 16:10:18 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-04-08 16:10:17 ----A---- C:\WINDOWS\system32\comuid.dll
2010-04-08 16:10:17 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-04-08 16:10:17 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-04-08 16:10:16 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-04-08 16:10:11 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-04-08 16:10:11 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-04-08 16:10:10 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-04-08 16:10:10 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-04-15 22:40:22 ----A---- C:\WINDOWS\system.ini
2010-04-15 13:57:36 ----A---- C:\WINDOWS\win.ini
2010-03-19 18:05:50 ----A---- C:\WINDOWS\system32\wmp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-04-14 28880]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-04-14 46672]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-04-14 100432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-04-14 23376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-06 4377600]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-16 10232352]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 a4ygeycp;a4ygeycp; C:\WINDOWS\system32\drivers\a4ygeycp.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Wx2000\LOCALS~1\Temp\catchme.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-10 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Re: problém s svchost.exe

Napsal: 16 dub 2010 13:49
od Clier
Nevím, zda je to tvůj problém, ale mě to samé dělal ICQ toolbar... :)

Re: problém s svchost.exe

Napsal: 16 dub 2010 13:55
od Jaykuš
zkusím ho odinstalovat a uvidíme :)

Re: problém s svchost.exe

Napsal: 16 dub 2010 13:57
od Clier
ok, pak napiš

Re: problém s svchost.exe

Napsal: 16 dub 2010 14:04
od Jaykuš
dobře dobře za chvilku to tam bude

Re: problém s svchost.exe

Napsal: 16 dub 2010 14:27
od Jaykuš
takže tohle mi ukázal combofix. Za chvilku pošlu to druhý

ComboFix 10-04-15.04 - Wx2000 . 04. 2010 15:18:12.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.479.136 [GMT 2:00]
Spuštěný z: c:\documents and settings\Wx2000\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-16 do 2010-04-16 )))))))))))))))))))))))))))))))
.

2010-04-16 09:06 . 2010-04-16 10:56 -------- d-----w- c:\program files\trend micro
2010-04-16 09:06 . 2010-04-16 09:06 -------- d-----w- C:\rsit
2010-04-15 18:41 . 2010-04-15 20:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-15 13:17 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-04-15 13:17 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-15 12:09 . 2010-04-15 13:44 -------- d-----w- c:\program files\EA GAMES
2010-04-15 12:09 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2010-04-15 12:03 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-04-15 12:03 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-04-15 12:02 . 2010-04-15 12:02 -------- d-----w- c:\program files\Microsoft Works
2010-04-15 12:01 . 2010-04-15 12:01 -------- d-----w- c:\program files\Microsoft.NET
2010-04-15 11:57 . 2010-04-15 11:57 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-04-15 11:57 . 2010-04-15 12:02 -------- d-----w- c:\windows\SHELLNEW
2010-04-15 11:56 . 2010-04-15 11:56 -------- d-----r- C:\MSOCache
2010-04-13 19:22 . 2010-04-13 19:22 -------- d-----w- c:\program files\SIW
2010-04-13 19:10 . 2010-04-13 19:10 -------- d-----w- c:\program files\ESET
2010-04-13 13:30 . 2010-04-15 12:02 -------- d-----w- c:\program files\MSBuild
2010-04-13 13:26 . 2010-04-13 13:31 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-13 13:25 . 2010-04-13 13:25 -------- d-----w- c:\program files\Reference Assemblies
2010-04-13 13:25 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-04-13 13:25 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-04-13 13:21 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-04-13 13:21 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-04-13 13:21 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-04-13 13:21 . 2010-04-13 13:21 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-04-13 13:21 . 2010-04-13 13:21 -------- d-----w- c:\windows\system32\xlive
2010-04-13 13:20 . 2010-04-13 13:20 -------- dc----w- c:\windows\system32\DRVSTORE
2010-04-13 13:20 . 2010-04-13 13:20 -------- d-----w- c:\windows\system32\AGEIA
2010-04-13 13:20 . 2010-04-13 13:20 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-13 13:20 . 2010-04-13 13:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-13 13:17 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\d3dx9_39.dll
2010-04-13 13:17 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\XINPUT1_3.dll
2010-04-12 11:23 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-04-11 19:36 . 2010-04-11 19:36 -------- d-s---w- c:\documents and settings\Wx2000\UserData
2010-04-11 16:25 . 2010-04-13 13:31 -------- d-----w- c:\windows\system32\cs-cz
2010-04-11 16:25 . 2010-04-11 16:25 -------- d-----w- c:\windows\l2schemas
2010-04-11 16:25 . 2010-04-11 16:25 -------- d-----w- c:\windows\system32\cs
2010-04-11 16:25 . 2010-04-11 16:25 -------- d-----w- c:\windows\system32\bits
2010-04-11 16:20 . 2010-04-11 16:20 -------- d-----w- c:\windows\EHome
2010-04-11 16:13 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-10 17:39 . 2008-04-14 03:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-10 12:02 . 2010-04-10 12:02 -------- d-----w- c:\program files\DVD Shrink
2010-04-10 10:39 . 2010-04-10 10:39 -------- d-----w- c:\windows\Sun
2010-04-10 10:38 . 2010-04-10 10:38 -------- d-----w- c:\program files\Common Files\Java
2010-04-10 10:38 . 2010-04-10 10:37 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-10 10:37 . 2010-04-10 10:37 -------- d-----w- c:\program files\Java
2010-04-09 18:33 . 2010-04-09 18:33 -------- d-----w- c:\program files\Common Files\Nero
2010-04-09 18:30 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-04-09 18:30 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-04-09 18:30 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-04-09 18:30 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-04-09 18:30 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-04-09 18:29 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-04-09 18:29 . 2010-04-09 18:29 -------- d-----w- c:\program files\Common Files\Ahead
2010-04-09 18:29 . 2010-04-09 18:30 -------- d-----w- c:\program files\Ahead
2010-04-09 16:32 . 2004-08-17 13:43 701440 ------w- c:\windows\system32\drivers\ati2mtag.sys
2010-04-09 14:47 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-09 14:47 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-04-09 14:47 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-04-09 14:47 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-09 14:42 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-09 14:41 . 2009-04-15 14:54 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2010-04-09 14:41 . 2009-12-17 07:42 343552 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-04-09 14:41 . 2009-08-25 09:19 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2010-04-09 14:40 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-04-09 14:40 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-04-09 14:40 . 2009-06-25 08:27 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2010-04-09 14:40 . 2009-09-11 14:19 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2010-04-09 14:40 . 2009-06-25 08:27 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2010-04-09 14:40 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2010-04-08 19:48 . 2010-04-08 19:48 -------- d-----w- c:\program files\IObit
2010-04-08 18:21 . 2010-04-13 13:08 -------- d-----w- c:\program files\LucasArts
2010-04-08 17:24 . 2010-04-08 17:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-04-08 17:24 . 2010-04-08 17:24 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-08 17:24 . 2010-04-08 17:25 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-08 16:29 . 2010-04-08 16:32 -------- d-----w- c:\program files\Your Uninstaller 2008
2010-04-08 16:07 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-04-08 16:06 . 2008-04-14 02:14 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-04-08 16:06 . 2008-04-14 03:22 75264 ----a-w- c:\windows\system32\usbui.dll
2010-04-08 16:03 . 2006-03-02 12:00 6656 -c--a-w- c:\windows\system32\dllcache\kbdsl1.dll
2010-04-08 16:02 . 2010-04-08 16:02 -------- d-----w- C:\DRIVERS

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-16 13:00 . 2010-04-08 14:59 -------- d-----w- c:\program files\Yahoo!
2010-04-16 12:59 . 2010-04-08 15:04 -------- d-----w- c:\program files\ICQ6Toolbar
2010-04-14 16:47 . 2010-04-08 15:25 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-14 16:47 . 2010-04-08 15:25 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-14 16:35 . 2010-04-08 15:26 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-14 16:35 . 2010-04-08 15:26 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-14 16:31 . 2010-04-08 15:26 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-14 16:31 . 2010-04-08 15:26 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-14 16:31 . 2010-04-08 15:26 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-14 16:31 . 2010-04-08 15:26 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-14 16:30 . 2010-04-08 15:26 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-13 13:30 . 2006-03-02 12:00 76516 ----a-w- c:\windows\system32\perfc005.dat
2010-04-13 13:30 . 2006-03-02 12:00 424082 ----a-w- c:\windows\system32\perfh005.dat
2010-04-13 13:08 . 2010-04-08 14:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-11 16:28 . 2010-04-08 14:14 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-11 16:28 . 2010-04-08 14:14 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-11 16:26 . 2010-04-08 14:14 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-04-08 18:20 . 2010-04-08 14:24 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-08 17:57 . 2010-04-08 17:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-04-08 17:35 . 2010-04-08 14:59 -------- d-----w- c:\program files\Defraggler
2010-04-08 17:34 . 2010-04-08 14:59 -------- d-----w- c:\program files\CCleaner
2010-04-08 17:29 . 2010-04-08 15:35 -------- d-----w- c:\program files\The KMPlayer
2010-04-08 16:32 . 2010-04-08 15:35 -------- d-----w- c:\program files\Ask.com
2010-04-08 15:25 . 2010-04-08 15:25 -------- d-----w- c:\program files\Alwil Software
2010-04-08 15:04 . 2010-04-08 15:03 -------- d-----w- c:\program files\ICQ6.5
2010-04-08 14:49 . 2010-04-08 14:41 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-08 14:28 . 2010-04-08 14:28 -------- d-----w- c:\program files\Realtek
2010-04-08 14:15 . 2010-04-08 14:15 -------- d-----w- c:\program files\microsoft frontpage
2010-04-08 14:11 . 2010-04-08 14:11 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-16 01:37 . 2010-03-16 01:37 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-03-12 09:26 . 2010-04-08 14:32 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-03-10 18:00 . 2010-04-08 17:57 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-09 11:11 . 2006-03-02 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-26 05:43 . 2006-03-02 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2006-03-02 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2006-03-02 12:00 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2004-08-17 15:45 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2006-03-02 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2006-03-02 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-10 17:13 . 2010-04-08 17:57 165376 ----a-w- c:\windows\system32\unrar.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-04-15_20.40.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-16 13:11 . 2010-04-16 13:11 16384 c:\windows\Temp\Perflib_Perfdata_f0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"Google Update"="c:\documents and settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-04-08 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-06 16262656]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LucasArts\\Republic Heroes\\Republic Heroes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8. 4. 2010 17:26 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8. 4. 2010 17:26 19024]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8. 4. 2010 19:24 691696]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-16 15:23
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-04-16 15:26:33
ComboFix-quarantined-files.txt 2010-04-16 13:26
ComboFix2.txt 2010-04-15 20:42

Před spuštěním: Volných bajtů: 126 002 573 312
Po spuštění: Volných bajtů: 125 971 361 792

- - End Of File - - C03DD6323873966606E3EF0C33F85AFE

Re: problém s svchost.exe

Napsal: 16 dub 2010 14:44
od Jaykuš
Mam s Avengerem trošku problémy, protože nevím co mám sním dělat :). Když ho spustím je tam okénko mam do něj něco napsat?...

Re: problém s svchost.exe

Napsal: 16 dub 2010 15:16
od Jaykuš
Omlouvám se nevěděl jsem jak ten log z avengeru dostanu (s programem se setkávám prvně) tak jsem myslel že funguje podobně jako combofix

Combofix -quarantined...
2010-04-15 20:41:32 . 2010-04-15 20:41:33 113 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-nwiz.reg.dat
2010-04-15 20:41:27 . 2010-04-15 20:41:27 116 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat
2010-04-15 20:41:26 . 2010-04-15 20:41:26 207 ----a-w- C:\Qoobox\Quarantine\Registry_backups\BHO-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat
2010-04-15 20:39:17 . 2010-04-16 13:22:28 4,903 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2010-04-15 20:32:58 . 2010-04-16 13:15:50 204 ----a-w- C:\Qoobox\Quarantine\catchme.log
2005-10-13 14:49:26 . 2005-10-13 14:49:26 4,608 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\THUMBS.DB.vir

Combofix2...
ComboFix 10-04-14.04 - Wx2000 . 04. 2010 22:36:19.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.479.219 [GMT 2:00]
Spuštěný z: c:\documents and settings\Wx2000\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-15 do 2010-04-15 )))))))))))))))))))))))))))))))
.

2010-04-15 18:41 . 2010-04-15 20:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-15 18:20 . 2010-04-15 18:20 -------- d-s---w- c:\documents and settings\Guest\UserData
2010-04-15 13:17 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-04-15 13:17 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-15 12:09 . 2010-04-15 13:44 -------- d-----w- c:\program files\EA GAMES
2010-04-15 12:09 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2010-04-15 12:03 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-04-15 12:03 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-04-15 12:02 . 2010-04-15 12:02 -------- d-----w- c:\program files\Microsoft Works
2010-04-15 12:01 . 2010-04-15 12:01 -------- d-----w- c:\program files\Microsoft.NET
2010-04-15 11:57 . 2010-04-15 11:57 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-04-15 11:57 . 2010-04-15 12:02 -------- d-----w- c:\windows\SHELLNEW
2010-04-15 11:56 . 2010-04-15 11:56 -------- d-----r- C:\MSOCache
2010-04-13 19:22 . 2010-04-13 19:22 -------- d-----w- c:\program files\SIW
2010-04-13 19:10 . 2010-04-13 19:10 -------- d-----w- c:\program files\ESET
2010-04-13 13:30 . 2010-04-15 12:02 -------- d-----w- c:\program files\MSBuild
2010-04-13 13:26 . 2010-04-13 13:31 -------- d-----w- c:\windows\system32\XPSViewer
2010-04-13 13:25 . 2010-04-13 13:25 -------- d-----w- c:\program files\Reference Assemblies
2010-04-13 13:25 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-04-13 13:25 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-04-13 13:21 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-04-13 13:21 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-04-13 13:21 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-04-13 13:21 . 2010-04-13 13:21 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-04-13 13:21 . 2010-04-13 13:21 -------- d-----w- c:\windows\system32\xlive
2010-04-13 13:20 . 2010-04-13 13:20 -------- dc----w- c:\windows\system32\DRVSTORE
2010-04-13 13:20 . 2010-04-13 13:20 -------- d-----w- c:\windows\system32\AGEIA
2010-04-13 13:20 . 2010-04-13 13:20 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-13 13:20 . 2010-04-13 13:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-13 13:17 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\d3dx9_39.dll
2010-04-13 13:17 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\XINPUT1_3.dll
2010-04-12 11:23 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-04-11 19:36 . 2010-04-11 19:36 -------- d-s---w- c:\documents and settings\Wx2000\UserData
2010-04-11 16:25 . 2010-04-13 13:31 -------- d-----w- c:\windows\system32\cs-cz
2010-04-11 16:25 . 2010-04-11 16:25 -------- d-----w- c:\windows\l2schemas
2010-04-11 16:25 . 2010-04-11 16:25 -------- d-----w- c:\windows\system32\cs
2010-04-11 16:25 . 2010-04-11 16:25 -------- d-----w- c:\windows\system32\bits
2010-04-11 16:20 . 2010-04-11 16:20 -------- d-----w- c:\windows\EHome
2010-04-11 16:13 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-10 17:39 . 2008-04-14 03:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-10 12:02 . 2010-04-10 12:02 -------- d-----w- c:\program files\DVD Shrink
2010-04-10 10:39 . 2010-04-10 10:39 -------- d-----w- c:\windows\Sun
2010-04-10 10:38 . 2010-04-10 10:38 -------- d-----w- c:\program files\Common Files\Java
2010-04-10 10:38 . 2010-04-10 10:37 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-10 10:37 . 2010-04-10 10:37 -------- d-----w- c:\program files\Java
2010-04-09 18:33 . 2010-04-09 18:33 -------- d-----w- c:\program files\Common Files\Nero
2010-04-09 18:30 . 2000-06-26 09:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-04-09 18:30 . 2004-07-26 15:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-04-09 18:30 . 2004-07-26 15:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-04-09 18:30 . 2004-07-26 15:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-04-09 18:30 . 2004-07-26 15:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-04-09 18:29 . 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-04-09 18:29 . 2010-04-09 18:29 -------- d-----w- c:\program files\Common Files\Ahead
2010-04-09 18:29 . 2010-04-09 18:30 -------- d-----w- c:\program files\Ahead
2010-04-09 16:32 . 2004-08-17 13:43 701440 ------w- c:\windows\system32\drivers\ati2mtag.sys
2010-04-09 14:47 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-09 14:47 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-04-09 14:47 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-04-09 14:47 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-09 14:42 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-09 14:41 . 2009-04-15 14:54 585216 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2010-04-09 14:41 . 2009-12-17 07:42 343552 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-04-09 14:41 . 2009-08-25 09:19 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2010-04-09 14:40 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-04-09 14:40 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-04-09 14:40 . 2009-06-25 08:27 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2010-04-09 14:40 . 2009-09-11 14:19 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2010-04-09 14:40 . 2009-06-25 08:27 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2010-04-09 14:40 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2010-04-08 19:48 . 2010-04-08 19:48 -------- d-----w- c:\program files\IObit
2010-04-08 18:21 . 2010-04-13 13:08 -------- d-----w- c:\program files\LucasArts
2010-04-08 17:24 . 2010-04-08 17:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-04-08 17:24 . 2010-04-08 17:24 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-08 17:24 . 2010-04-08 17:25 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-08 16:29 . 2010-04-08 16:32 -------- d-----w- c:\program files\Your Uninstaller 2008
2010-04-08 16:07 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-04-08 16:06 . 2008-04-14 02:14 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-04-08 16:06 . 2008-04-14 03:22 75264 ----a-w- c:\windows\system32\usbui.dll
2010-04-08 16:03 . 2006-03-02 12:00 6656 -c--a-w- c:\windows\system32\dllcache\kbdsl1.dll
2010-04-08 16:02 . 2010-04-08 16:02 -------- d-----w- C:\DRIVERS

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-14 16:47 . 2010-04-08 15:25 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-14 16:47 . 2010-04-08 15:25 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-14 16:35 . 2010-04-08 15:26 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-14 16:35 . 2010-04-08 15:26 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-14 16:31 . 2010-04-08 15:26 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-14 16:31 . 2010-04-08 15:26 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-14 16:31 . 2010-04-08 15:26 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-14 16:31 . 2010-04-08 15:26 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-14 16:30 . 2010-04-08 15:26 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-13 13:30 . 2006-03-02 12:00 76516 ----a-w- c:\windows\system32\perfc005.dat
2010-04-13 13:30 . 2006-03-02 12:00 424082 ----a-w- c:\windows\system32\perfh005.dat
2010-04-13 13:08 . 2010-04-08 14:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-11 16:28 . 2010-04-08 14:14 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-11 16:28 . 2010-04-08 14:14 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-11 16:26 . 2010-04-08 14:14 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-04-08 18:20 . 2010-04-08 14:24 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-08 17:57 . 2010-04-08 17:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-04-08 17:35 . 2010-04-08 14:59 -------- d-----w- c:\program files\Defraggler
2010-04-08 17:34 . 2010-04-08 14:59 -------- d-----w- c:\program files\CCleaner
2010-04-08 17:29 . 2010-04-08 15:35 -------- d-----w- c:\program files\The KMPlayer
2010-04-08 16:32 . 2010-04-08 15:35 -------- d-----w- c:\program files\Ask.com
2010-04-08 15:25 . 2010-04-08 15:25 -------- d-----w- c:\program files\Alwil Software
2010-04-08 15:04 . 2010-04-08 15:03 -------- d-----w- c:\program files\ICQ6.5
2010-04-08 15:04 . 2010-04-08 15:04 -------- d-----w- c:\program files\ICQ6Toolbar
2010-04-08 14:59 . 2010-04-08 14:59 -------- d-----w- c:\program files\Yahoo!
2010-04-08 14:49 . 2010-04-08 14:41 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-08 14:28 . 2010-04-08 14:28 -------- d-----w- c:\program files\Realtek
2010-04-08 14:15 . 2010-04-08 14:15 -------- d-----w- c:\program files\microsoft frontpage
2010-04-08 14:11 . 2010-04-08 14:11 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-16 01:37 . 2010-03-16 01:37 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-03-12 09:26 . 2010-04-08 14:32 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-03-10 18:00 . 2010-04-08 17:57 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-09 11:11 . 2006-03-02 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-26 05:43 . 2006-03-02 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2006-03-02 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2006-03-02 12:00 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2004-08-17 15:45 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2006-03-02 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2006-03-02 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-10 17:13 . 2010-04-08 17:57 165376 ----a-w- c:\windows\system32\unrar.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"Google Update"="c:\documents and settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-04-08 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-06 16262656]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LucasArts\\Republic Heroes\\Republic Heroes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8. 4. 2010 17:26 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8. 4. 2010 17:26 19024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [8. 4. 2010 17:04 222456]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8. 4. 2010 19:24 691696]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-nwiz - nwiz.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-15 22:40
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-04-15 22:42:34
ComboFix-quarantined-files.txt 2010-04-15 20:42

Před spuštěním: Volných bajtů: 126 114 193 408
Po spuštění: Volných bajtů: 126 091 251 712

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 3F2271186A34C46B27397FF3A202C916

Re: problém s svchost.exe

Napsal: 16 dub 2010 15:42
od Jaykuš
Nemyslím si že by mi chtěl nějak zaškodit... Nemohl jsem rozchodit jednu hru (sekala se) tak jsem ho požádal jestli by mi jí nepomohl rozchodit. Říkal že by stačilo hru spustit přes hosta, protože nespouští nějaké programy a tudíž nezatěžuje tolik počítač. Zrovna když o tom byla řeč poslal mi program SIW, abych z něj mu poslal log. Takhle zjistil že mam zavirovaný počítač. Viry se schovávají pod názvem svchost.exe. Tyto soubory nejdou smazat a antiviry, který mi poslal nic nenašli.

Vkládám log. z SIW z kterého mi zjistil ty viry.

PID Image Name Version Name Type Parent PID Threads Priority Window Title Creation Time Running Time Kernel Time User Time Size File Name and Path Command Line with Parameters
0 [System Process] <file not found> [unknown] 0 1 0 28,672
4 System <file not found> [unknown] 0 75 8 45,056
600 smss.exe 5.1.2600.5512 Správce relací systému Windows NT / Operační systém Microsoft® Windows® 32-bit 4 3 11 04/16/2010 @ 15:34:57 0d 01h 06m 17s 0h 00m 00s 0h 00m 00s 61,440 C:\WINDOWS\System32\smss.exe \SystemRoot\System32\smss.exe
652 csrss.exe 5.1.2600.5512 Client Server Runtime Process / Microsoft® Windows® Operating System 32-bit 600 12 13 04/16/2010 @ 15:35:02 0d 01h 06m 12s 0h 00m 04s 0h 00m 01s 1,953,792
684 winlogon.exe 5.1.2600.5512 Windows NT Logon Application / Operační systém Microsoft® Windows® 32-bit 600 15 13 04/16/2010 @ 15:35:03 0d 01h 06m 11s 0h 00m 00s 0h 00m 00s 1,462,272 C:\WINDOWS\system32\winlogon.exe winlogon.exe
728 services.exe 5.1.2600.5755 Services and Controller app / Operační systém Microsoft® Windows® 32-bit 684 15 9 04/16/2010 @ 15:35:04 0d 01h 06m 10s 0h 00m 01s 0h 00m 00s 1,568,768 C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\services.exe
740 lsass.exe 5.1.2600.5512 LSA Shell (Export Version) / Microsoft® Windows® Operating System 32-bit 684 21 9 04/16/2010 @ 15:35:04 0d 01h 06m 10s 0h 00m 00s 0h 00m 00s 1,560,576 C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\lsass.exe
908 nvsvc32.exe 4.0.1381.9713 NVIDIA Driver Helper Service, Version 197.13 32-bit 728 4 8 NVSVCPMMWindowClass 04/16/2010 @ 15:35:05 0d 01h 06m 09s 0h 00m 01s 0h 00m 00s 671,744 C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\nvsvc32.exe
940 svchost.exe 5.1.2600.5512 Generic Host Process for Win32 Services / Microsoft® Windows® Operating System 32-bit 728 17 8 04/16/2010 @ 15:35:06 0d 01h 06m 08s 0h 00m 00s 0h 00m 00s 1,654,784 C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost -k DcomLaunch
1004 svchost.exe 5.1.2600.5512 Generic Host Process for Win32 Services / Microsoft® Windows® Operating System 32-bit 728 9 8 04/16/2010 @ 15:35:07 0d 01h 06m 07s 0h 00m 00s 0h 00m 00s 1,404,928
1120 svchost.exe 5.1.2600.5512 Generic Host Process for Win32 Services / Microsoft® Windows® Operating System 32-bit 728 61 8 04/16/2010 @ 15:35:07 0d 01h 06m 07s 0h 00m 04s 0h 05m 13s 25,600,000 C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs
1188 svchost.exe 5.1.2600.5512 Generic Host Process for Win32 Services / Microsoft® Windows® Operating System 32-bit 728 5 8 04/16/2010 @ 15:35:07 0d 01h 06m 07s 0h 00m 00s 0h 00m 28s 2,572,288
1256 svchost.exe 5.1.2600.5512 Generic Host Process for Win32 Services / Microsoft® Windows® Operating System 32-bit 728 10 8 04/16/2010 @ 15:35:07 0d 01h 06m 07s 0h 00m 00s 0h 00m 00s 536,576
1448 AvastSvc.exe 5.0.507.0 avast! Service / avast! Antivirus 32-bit 728 29 8 04/16/2010 @ 15:35:09 0d 01h 06m 05s 0h 00m 00s 0h 00m 01s 2,207,744 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
1676 spoolsv.exe 5.1.2600.5512 Spooler SubSystem App / Microsoft® Windows® Operating System 32-bit 728 11 8 04/16/2010 @ 15:35:14 0d 01h 06m 00s 0h 00m 00s 0h 00m 00s 1,605,632 C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
1864 Explorer.EXE 6.0.2900.5512 Průzkumník Windows / Microsoft(R) Windows (R) 2000 Operating System 32-bit 1848 17 8 Program Manager 04/16/2010 @ 15:35:25 0d 01h 05m 49s 0h 00m 17s 0h 00m 11s 9,330,688 C:\WINDOWS\Explorer.EXE C:\WINDOWS\Explorer.EXE
644 svchost.exe 5.1.2600.5512 Generic Host Process for Win32 Services / Microsoft® Windows® Operating System 32-bit 728 4 8 04/16/2010 @ 15:35:32 0d 01h 05m 42s 0h 00m 00s 0h 00m 00s 217,088
1048 jqs.exe 6.0.190.4 Java(TM) Quick Starter Service / Java(TM) Platform SE 6 U19 32-bit 728 8 4 04/16/2010 @ 15:35:33 0d 01h 05m 41s 0h 00m 04s 0h 00m 01s 1,413,120 C:\Program Files\Java\jre6\bin\jqs.exe "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
1460 RTHDCPL.EXE 2.0.9.6 Realtek HD Audio Control Panel / Realtek HD Audio Sound Effect Manager 32-bit 1864 4 8 DTS Connect 04/16/2010 @ 15:35:34 0d 01h 05m 40s 0h 00m 00s 0h 00m 01s 1,187,840 C:\WINDOWS\RTHDCPL.EXE "C:\WINDOWS\RTHDCPL.EXE"
1928 RUNDLL32.EXE 5.1.2600.5512 Run a DLL as an App / Operační systém Microsoft® Windows® 32-bit 1864 1 8 MediaCenter 04/16/2010 @ 15:35:36 0d 01h 05m 38s 0h 00m 00s 0h 00m 00s 692,224 C:\WINDOWS\system32\RUNDLL32.EXE "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
2000 avastUI.exe 5.0.507.0 avast! Antivirus 32-bit 1864 7 8 avast! UI Control Window 04/16/2010 @ 15:35:36 0d 01h 05m 38s 0h 00m 00s 0h 00m 00s 827,392 C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe "C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe" /nogui
220 jusched.exe 2.0.2.1 Java(TM) Update Scheduler / Java(TM) Platform SE Auto Updater 2 0 32-bit 1864 1 8 04/16/2010 @ 15:35:37 0d 01h 05m 37s 0h 00m 00s 0h 00m 00s 737,280 C:\Program Files\Common Files\Java\Java Update\jusched.exe "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
516 GrooveMonitor.exe 12.0.4518.1014 GrooveMonitor Utility 32-bit 1864 1 8 04/16/2010 @ 15:35:37 0d 01h 05m 37s 0h 00m 00s 0h 00m 00s 2,912,256 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
972 ICQ.exe 6.5.0.2024 ICQ 32-bit 1864 11 8 ICQ 04/16/2010 @ 15:35:37 0d 01h 05m 37s 0h 00m 00s 0h 00m 00s 3,604,480 C:\Program Files\ICQ6.5\ICQ.exe "C:\Program Files\ICQ6.5\ICQ.exe" silent
1908 GoogleUpdate.exe 1.2.183.21 Instalační program Google / Google Update 32-bit 1864 6 8 {2D905E07-FC38-4b89-83E1-931D3630937F} 04/16/2010 @ 15:35:37 0d 01h 05m 37s 0h 00m 00s 0h 00m 00s 1,708,032 C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe "C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
240 DTLite.exe 4.35.6.91 DAEMON Tools Lite 32-bit 1864 2 8 DAEMON Tools Agent window 04/16/2010 @ 15:35:37 0d 01h 05m 37s 0h 00m 00s 0h 00m 00s 1,032,192 C:\Program Files\DAEMON Tools Lite\DTLite.exe "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
1988 TeaTimer.exe 1.6.6.32 System settings protector / Spybot - Search & Destroy 32-bit 1864 3 4 Spybot - Search & Destroy 04/16/2010 @ 15:35:38 0d 01h 05m 36s 0h 00m 12s 0h 00m 16s 100,982,784 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
1640 wscntfy.exe 5.1.2600.5512 Windows Security Center Notification App / Microsoft® Windows® Operating System 32-bit 1120 1 8 04/16/2010 @ 15:35:50 0d 01h 05m 24s 0h 00m 00s 0h 00m 00s 278,528 C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wscntfy.exe
2264 alg.exe 5.1.2600.5512 Application Layer Gateway Service / Microsoft® Windows® Operating System 32-bit 728 6 8 04/16/2010 @ 15:35:54 0d 01h 05m 20s 0h 00m 00s 0h 00m 00s 585,728
2876 chrome.exe 0.0.0.0 Google Chrome 32-bit 1864 16 8 VIRY.CZ • Odeslat odpověď - Google Chrome 04/16/2010 @ 15:36:59 0d 01h 04m 15s 0h 00m 38s 0h 00m 30s 31,768,576 C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe "C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"
3128 chrome.exe 0.0.0.0 Google Chrome 32-bit 2876 3 8 04/16/2010 @ 15:37:35 0d 01h 03m 39s 0h 00m 16s 0h 00m 50s 30,842,880 C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe "C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" --channel=2876.2ff8100.1665146965 --type=renderer --lang=cs --force-fieldtest=AsyncSlowStart/_AsyncSlowStart/CacheSize/CacheSizeGroup_0/DnsImpact/_max_750ms_queue_prefetch/GlobalSdch/_global_enable_sdch/SocketLateBinding/_enable_late_binding/
2548 chrome.exe 0.0.0.0 Google Chrome 32-bit 2876 6 8 04/16/2010 @ 16:26:36 0d 00h 14m 38s 0h 00m 00s 0h 00m 00s 9,965,568 C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe "C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll --lang=cs --plugin-data-dir="C:\Documents and Settings\Wx2000\Local Settings\Data aplikací\Google\Chrome\User Data\Default" --channel=2876.3da5d80.1603477055
2712 avenger.exe 32-bit 1864 2 8 The Avenger 04/16/2010 @ 16:27:03 0d 00h 14m 11s 0h 00m 00s 0h 00m 00s 11,362,304 C:\Documents and Settings\Wx2000\Plocha\avenger.exe "C:\Documents and Settings\Wx2000\Plocha\avenger.exe"
2656 siw.exe 2010.2.10.0 System Information / System Information for Windows 32-bit 1864 7 10 SIW 04/16/2010 @ 16:41:02 0d 00h 00m 12s 0h 00m 03s 0h 00m 00s 18,878,464 C:\Program Files\SIW\siw.exe "C:\Program Files\SIW\siw.exe"
3212 wmiprvse.exe 5.1.2600.5755 WMI / Microsoft® Windows® Operating System 32-bit 940 9 8 04/16/2010 @ 16:41:07 0d 00h 00m 07s 0h 00m 00s 0h 00m 00s 6,803,456
3168 wmiprvse.exe 5.1.2600.5755 WMI / Microsoft® Windows® Operating System 32-bit 940 7 8 04/16/2010 @ 16:41:09 0d 00h 00m 05s 0h 00m 00s 0h 00m 00s 5,140,480

Re: problém s svchost.exe

Napsal: 16 dub 2010 16:44
od Jaykuš
Při průběhu scanu se restartoval počítač. Po načtení se objevila modrá obrazovka kde bylo napsáno že system potřebuje zkontrolovat disk E kde mam umístěnou SD kartu... po přihlášení jsem klikl na internet abych o tom mohl informovat, ale zase se restartoval počítač po přihlašení se mi ukázala zpráva ´´činnost systému byla obnovena po závažné chybě.´´ :o

Re: problém s svchost.exe

Napsal: 16 dub 2010 16:59
od Jaykuš
Restartovaní proběhlo úspěšně. Nehlasí se žádná chyba jen mu trochu dýl trvalo načítání...

Re: problém s svchost.exe

Napsal: 16 dub 2010 17:33
od Jaykuš
Řekl bych že by jsme to měli ukončit... Viry podle vás v počítači nemam :) a to jsem rád :). Neříkám že mi chtěl kámoš nějak uškodit, ale nejspíš udělal ukvapený závěr. Každopádně pro jistotu reinstaluju počítač (zformátování dělám vždycky a to tu delší někdy i 2X).

Takže děkuji za váš čas a trpělivost snad jsem moc neotravoval :) ještě jednou děkuji.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz