VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

win32:rustNT awin32:qandr rtk

https://forum.viry.cz:443/viewtopic.php?t=100391

Stránka 1 z 1

win32:rustNT awin32:qandr rtk

Napsal: 23 dub 2010 12:21
od jurca1
DObrý den, prosím o radu je odstranit. Možná je tam toho i víc. Posílám log z rsitu.
Děkuji


Logfile of random's system information tool 1.06 (written by random/random)
Run by Miro at 2010-04-23 13:02:20
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (19%) free of 27 GB
Total RAM: 510 MB (29% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\toolbaru.dll [2006-10-10 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-03-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-03 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-03 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2006-10-10 701952]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-03 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-08 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-08 688218]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-10-08 126976]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-21 40960]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-09 344064]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-01-03 176128]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-01-04 2889216]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-12-09 311296]
"eRecoveryService"=C:\Windows\System32\Check.exe [2004-11-24 245760]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-03-22 198160]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-03-09 37888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-30 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-11-09 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-10-08 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-23 13:02:20 ----D---- C:\rsit
2010-04-23 13:02:20 ----D---- C:\Program Files\trend micro
2010-04-19 12:56:36 ----A---- C:\ComboFix.txt
2010-04-19 11:52:21 ----A---- C:\WINDOWS\zip.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\SWSC.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\SWREG.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\sed.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\PEV.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\MBR.exe
2010-04-19 11:52:21 ----A---- C:\WINDOWS\grep.exe
2010-04-19 11:52:17 ----D---- C:\WINDOWS\ERDNT
2010-04-19 11:51:50 ----D---- C:\Qoobox
2010-04-19 09:27:33 ----D---- C:\WINDOWS\Prefetch
2010-04-19 08:47:52 ----A---- C:\WINDOWS\system32\SET12C3.tmp
2010-04-19 08:47:52 ----A---- C:\WINDOWS\system32\SET12C2.tmp
2010-04-19 08:47:48 ----A---- C:\WINDOWS\system32\SET1297.tmp
2010-04-19 08:47:46 ----A---- C:\WINDOWS\system32\SET127C.tmp
2010-04-19 08:47:45 ----A---- C:\WINDOWS\system32\SET1270.tmp
2010-04-19 08:47:41 ----A---- C:\WINDOWS\system32\SET1253.tmp
2010-04-19 08:47:40 ----A---- C:\WINDOWS\system32\SET1245.tmp
2010-04-19 08:47:39 ----A---- C:\WINDOWS\system32\SET1240.tmp
2010-04-19 08:47:39 ----A---- C:\WINDOWS\system32\SET123E.tmp
2010-04-19 08:43:51 ----A---- C:\WINDOWS\system32\SET6C0.tmp
2010-04-19 08:43:50 ----A---- C:\WINDOWS\system32\SET6BA.tmp
2010-04-19 08:43:01 ----A---- C:\WINDOWS\SET549.tmp
2010-04-19 08:42:57 ----A---- C:\WINDOWS\system32\SET528.tmp
2010-04-19 08:42:57 ----A---- C:\WINDOWS\system32\SET526.tmp
2010-04-19 08:42:56 ----A---- C:\WINDOWS\system32\SET524.tmp
2010-04-19 08:42:56 ----A---- C:\WINDOWS\system32\SET520.tmp
2010-04-19 08:42:56 ----A---- C:\WINDOWS\system32\SET51D.tmp
2010-04-19 08:42:55 ----A---- C:\WINDOWS\system32\SET518.tmp
2010-04-19 08:42:54 ----A---- C:\WINDOWS\system32\SET513.tmp
2010-04-19 08:42:54 ----A---- C:\WINDOWS\system32\SET512.tmp
2010-04-19 08:42:53 ----A---- C:\WINDOWS\system32\SET50E.tmp
2010-04-19 08:42:53 ----A---- C:\WINDOWS\system32\SET50D.tmp
2010-04-19 08:42:53 ----A---- C:\WINDOWS\system32\SET509.tmp
2010-04-19 08:42:52 ----A---- C:\WINDOWS\system32\SET508.tmp
2010-04-19 08:42:51 ----A---- C:\WINDOWS\system32\SET501.tmp
2010-04-19 08:42:50 ----A---- C:\WINDOWS\system32\SET4FF.tmp
2010-04-19 08:42:50 ----A---- C:\WINDOWS\system32\SET4FC.tmp
2010-04-19 08:42:49 ----A---- C:\WINDOWS\system32\SET4F9.tmp
2010-04-19 08:42:48 ----A---- C:\WINDOWS\system32\SET4F2.tmp
2010-04-19 08:42:47 ----A---- C:\WINDOWS\system32\SET4EC.tmp
2010-04-19 08:42:47 ----A---- C:\WINDOWS\system32\SET4E4.tmp
2010-04-19 08:42:47 ----A---- C:\WINDOWS\system32\SET4E3.tmp
2010-04-19 08:42:46 ----A---- C:\WINDOWS\system32\SET4DE.tmp
2010-04-19 08:42:45 ----A---- C:\WINDOWS\system32\SET4DC.tmp
2010-04-19 08:42:44 ----A---- C:\WINDOWS\system32\SET4D9.tmp
2010-04-19 08:42:44 ----A---- C:\WINDOWS\system32\SET4D7.tmp
2010-04-19 08:42:43 ----A---- C:\WINDOWS\system32\SET4D6.tmp
2010-04-19 08:42:43 ----A---- C:\WINDOWS\system32\SET4D4.tmp
2010-04-19 08:42:42 ----A---- C:\WINDOWS\system32\SET4D1.tmp
2010-04-19 08:42:42 ----A---- C:\WINDOWS\system32\SET4D0.tmp
2010-04-19 08:42:42 ----A---- C:\WINDOWS\system32\SET4CF.tmp
2010-04-19 08:42:41 ----A---- C:\WINDOWS\system32\SET4CD.tmp
2010-04-19 08:42:41 ----A---- C:\WINDOWS\system32\SET4CC.tmp
2010-04-19 08:42:41 ----A---- C:\WINDOWS\system32\SET4CB.tmp
2010-04-19 08:42:40 ----A---- C:\WINDOWS\system32\SET4C4.tmp
2010-04-19 08:42:38 ----A---- C:\WINDOWS\system32\SET4B5.tmp
2010-04-19 08:42:37 ----A---- C:\WINDOWS\system32\SET4AA.tmp
2010-04-19 08:42:35 ----A---- C:\WINDOWS\system32\SET497.tmp
2010-04-19 08:42:34 ----A---- C:\WINDOWS\system32\SET496.tmp
2010-04-19 08:42:33 ----A---- C:\WINDOWS\system32\SET486.tmp
2010-04-19 08:42:31 ----A---- C:\WINDOWS\system32\SET47B.tmp
2010-04-19 08:42:30 ----A---- C:\WINDOWS\system32\SET46F.tmp
2010-04-19 08:42:29 ----A---- C:\WINDOWS\system32\SET46E.tmp
2010-04-19 08:42:29 ----A---- C:\WINDOWS\system32\SET46D.tmp
2010-04-19 08:42:28 ----A---- C:\WINDOWS\system32\SET46B.tmp
2010-04-19 08:42:28 ----A---- C:\WINDOWS\system32\SET465.tmp
2010-04-19 08:42:27 ----A---- C:\WINDOWS\system32\SET45C.tmp
2010-04-19 08:42:26 ----A---- C:\WINDOWS\system32\SET456.tmp
2010-04-19 08:42:26 ----A---- C:\WINDOWS\system32\SET454.tmp
2010-04-19 08:42:25 ----A---- C:\WINDOWS\system32\SET451.tmp
2010-04-19 08:42:24 ----A---- C:\WINDOWS\system32\SET446.tmp
2010-04-19 08:42:23 ----A---- C:\WINDOWS\system32\SET441.tmp
2010-04-19 08:42:22 ----A---- C:\WINDOWS\system32\SET438.tmp
2010-04-19 08:42:22 ----A---- C:\WINDOWS\system32\SET437.tmp
2010-04-19 08:42:22 ----A---- C:\WINDOWS\system32\SET433.tmp
2010-04-19 08:42:21 ----A---- C:\WINDOWS\system32\SET428.tmp
2010-04-19 08:42:20 ----A---- C:\WINDOWS\system32\SET423.tmp
2010-04-19 08:42:18 ----A---- C:\WINDOWS\system32\SET412.tmp
2010-04-19 08:42:18 ----A---- C:\WINDOWS\system32\SET40E.tmp
2010-04-19 08:42:17 ----A---- C:\WINDOWS\system32\SET405.tmp
2010-04-19 08:42:16 ----A---- C:\WINDOWS\system32\SET402.tmp
2010-04-19 08:42:16 ----A---- C:\WINDOWS\system32\SET3FD.tmp
2010-04-19 08:42:15 ----A---- C:\WINDOWS\system32\SET3F2.tmp
2010-04-19 08:42:14 ----A---- C:\WINDOWS\system32\SET3EA.tmp
2010-04-19 08:42:12 ----A---- C:\WINDOWS\system32\SET3D4.tmp
2010-04-19 08:42:12 ----A---- C:\WINDOWS\system32\SET3D1.tmp
2010-04-19 08:42:11 ----A---- C:\WINDOWS\system32\SET3CB.tmp
2010-04-19 08:42:10 ----A---- C:\WINDOWS\system32\SET3C9.tmp
2010-04-19 08:42:10 ----A---- C:\WINDOWS\system32\SET3C4.tmp
2010-04-19 08:42:09 ----A---- C:\WINDOWS\system32\SET3C2.tmp
2010-04-19 08:42:09 ----A---- C:\WINDOWS\system32\SET3B8.tmp
2010-04-19 08:42:08 ----A---- C:\WINDOWS\system32\SET3B5.tmp
2010-04-19 08:42:08 ----A---- C:\WINDOWS\system32\SET3B4.tmp
2010-04-19 08:42:07 ----A---- C:\WINDOWS\system32\SET3B3.tmp
2010-04-19 08:42:06 ----A---- C:\WINDOWS\system32\SET3AF.tmp
2010-04-19 08:42:05 ----A---- C:\WINDOWS\system32\SET3A1.tmp
2010-04-19 08:42:04 ----A---- C:\WINDOWS\system32\SET399.tmp
2010-04-19 08:42:03 ----A---- C:\WINDOWS\system32\SET398.tmp
2010-04-19 08:42:03 ----A---- C:\WINDOWS\system32\SET392.tmp
2010-04-19 08:42:02 ----A---- C:\WINDOWS\system32\SET38E.tmp
2010-04-19 08:42:01 ----A---- C:\WINDOWS\system32\SET38C.tmp
2010-04-19 08:42:00 ----A---- C:\WINDOWS\system32\SET38A.tmp
2010-04-19 08:42:00 ----A---- C:\WINDOWS\system32\SET388.tmp
2010-04-19 08:41:59 ----A---- C:\WINDOWS\system32\SET387.tmp
2010-04-19 08:41:58 ----A---- C:\WINDOWS\system32\SET386.tmp
2010-04-19 08:41:57 ----A---- C:\WINDOWS\system32\SET383.tmp
2010-04-19 08:41:54 ----A---- C:\WINDOWS\system32\SET376.tmp
2010-04-19 08:41:53 ----A---- C:\WINDOWS\system32\SET373.tmp
2010-04-19 08:41:52 ----A---- C:\WINDOWS\system32\SET370.tmp
2010-04-19 08:41:51 ----A---- C:\WINDOWS\system32\SET36D.tmp
2010-04-19 08:41:51 ----A---- C:\WINDOWS\system32\SET36C.tmp
2010-04-19 08:41:51 ----A---- C:\WINDOWS\system32\SET36B.tmp
2010-04-19 08:41:51 ----A---- C:\WINDOWS\system32\SET36A.tmp
2010-04-19 08:41:50 ----A---- C:\WINDOWS\system32\SET366.tmp
2010-04-19 08:41:50 ----A---- C:\WINDOWS\system32\SET360.tmp
2010-04-19 08:41:49 ----A---- C:\WINDOWS\system32\SET35E.tmp
2010-04-19 08:41:49 ----A---- C:\WINDOWS\system32\SET35A.tmp
2010-04-19 08:41:48 ----A---- C:\WINDOWS\system32\SET356.tmp
2010-04-19 08:41:48 ----A---- C:\WINDOWS\system32\SET354.tmp
2010-04-19 08:41:48 ----A---- C:\WINDOWS\system32\SET353.tmp
2010-04-19 08:41:47 ----A---- C:\WINDOWS\system32\SET350.tmp
2010-04-19 08:41:46 ----A---- C:\WINDOWS\system32\SET34F.tmp
2010-04-19 08:41:46 ----A---- C:\WINDOWS\system32\SET34D.tmp
2010-04-19 08:41:45 ----A---- C:\WINDOWS\system32\SET347.tmp
2010-04-19 08:41:44 ----A---- C:\WINDOWS\system32\SET341.tmp
2010-04-19 08:41:44 ----A---- C:\WINDOWS\system32\SET338.tmp
2010-04-19 08:41:43 ----A---- C:\WINDOWS\system32\SET337.tmp
2010-04-19 08:41:43 ----A---- C:\WINDOWS\system32\SET333.tmp
2010-04-19 08:41:42 ----A---- C:\WINDOWS\system32\SET330.tmp
2010-04-19 08:41:42 ----A---- C:\WINDOWS\system32\SET32F.tmp
2010-04-19 08:41:41 ----A---- C:\WINDOWS\system32\SET32C.tmp
2010-04-19 08:41:41 ----A---- C:\WINDOWS\system32\SET32B.tmp
2010-04-19 08:41:41 ----A---- C:\WINDOWS\system32\SET329.tmp
2010-04-19 08:41:40 ----A---- C:\WINDOWS\system32\SET326.tmp
2010-04-19 08:41:39 ----A---- C:\WINDOWS\system32\SET324.tmp
2010-04-19 08:41:39 ----A---- C:\WINDOWS\system32\SET323.tmp
2010-04-19 08:41:39 ----A---- C:\WINDOWS\system32\SET322.tmp
2010-04-19 08:41:38 ----A---- C:\WINDOWS\system32\SET31B.tmp
2010-04-19 08:41:37 ----A---- C:\WINDOWS\system32\SET31A.tmp
2010-04-19 08:41:37 ----A---- C:\WINDOWS\system32\SET318.tmp
2010-04-19 08:41:36 ----A---- C:\WINDOWS\system32\SET311.tmp
2010-04-19 08:41:36 ----A---- C:\WINDOWS\system32\SET30D.tmp
2010-04-19 08:41:35 ----A---- C:\WINDOWS\system32\SET30B.tmp
2010-04-19 08:41:35 ----A---- C:\WINDOWS\system32\SET30A.tmp
2010-04-19 08:41:35 ----A---- C:\WINDOWS\system32\SET309.tmp
2010-04-19 08:41:35 ----A---- C:\WINDOWS\system32\SET306.tmp
2010-04-19 08:41:34 ----A---- C:\WINDOWS\system32\SET302.tmp
2010-04-19 08:41:34 ----A---- C:\WINDOWS\system32\SET301.tmp
2010-04-19 08:41:34 ----A---- C:\WINDOWS\system32\SET2FE.tmp
2010-04-19 08:41:34 ----A---- C:\WINDOWS\system32\SET2FD.tmp
2010-04-19 08:41:34 ----A---- C:\WINDOWS\system32\SET2FC.tmp
2010-04-19 08:41:33 ----A---- C:\WINDOWS\system32\SET2FB.tmp
2010-04-19 08:41:33 ----A---- C:\WINDOWS\system32\SET2FA.tmp
2010-04-19 08:41:33 ----A---- C:\WINDOWS\system32\SET2F7.tmp
2010-04-19 08:41:33 ----A---- C:\WINDOWS\system32\SET2F6.tmp
2010-04-19 08:41:32 ----A---- C:\WINDOWS\system32\SET2EE.tmp
2010-04-19 08:41:31 ----A---- C:\WINDOWS\system32\SET2EB.tmp
2010-04-19 08:41:31 ----A---- C:\WINDOWS\system32\SET2E7.tmp
2010-04-19 08:41:28 ----A---- C:\WINDOWS\system32\SET2D7.tmp
2010-04-19 08:41:27 ----A---- C:\WINDOWS\system32\SET2CD.tmp
2010-04-19 08:41:27 ----A---- C:\WINDOWS\system32\SET2C5.tmp
2010-04-19 08:41:27 ----A---- C:\WINDOWS\system32\SET2C3.tmp
2010-04-19 08:41:26 ----A---- C:\WINDOWS\system32\SET2BD.tmp
2010-04-19 08:41:26 ----A---- C:\WINDOWS\system32\SET2BC.tmp
2010-04-19 08:41:25 ----A---- C:\WINDOWS\system32\SET2BA.tmp
2010-04-19 08:41:23 ----A---- C:\WINDOWS\system32\SET2A8.tmp
2010-04-19 08:41:23 ----A---- C:\WINDOWS\system32\SET2A7.tmp
2010-04-19 08:41:23 ----A---- C:\WINDOWS\system32\SET2A6.tmp
2010-04-19 08:41:22 ----A---- C:\WINDOWS\system32\SET2A4.tmp
2010-04-19 08:41:22 ----A---- C:\WINDOWS\system32\SET2A0.tmp
2010-04-19 08:41:21 ----A---- C:\WINDOWS\system32\SET295.tmp
2010-04-19 08:41:20 ----A---- C:\WINDOWS\system32\SET28A.tmp
2010-04-19 08:41:20 ----A---- C:\WINDOWS\system32\SET289.tmp
2010-04-19 08:41:19 ----A---- C:\WINDOWS\system32\SET280.tmp
2010-04-19 08:41:19 ----A---- C:\WINDOWS\system32\SET27D.tmp
2010-04-19 08:41:18 ----A---- C:\WINDOWS\system32\SET275.tmp
2010-04-19 08:41:18 ----A---- C:\WINDOWS\system32\SET26F.tmp
2010-04-19 08:41:17 ----A---- C:\WINDOWS\system32\SET26E.tmp
2010-04-19 08:41:17 ----A---- C:\WINDOWS\system32\SET266.tmp
2010-04-19 08:41:16 ----A---- C:\WINDOWS\system32\SET263.tmp
2010-04-19 08:41:15 ----A---- C:\WINDOWS\system32\SET25A.tmp
2010-04-19 08:41:15 ----A---- C:\WINDOWS\system32\SET259.tmp
2010-04-19 08:41:14 ----A---- C:\WINDOWS\system32\SET252.tmp
2010-04-19 08:41:14 ----A---- C:\WINDOWS\system32\SET251.tmp
2010-04-19 08:41:14 ----A---- C:\WINDOWS\system32\SET24F.tmp
2010-04-19 08:41:13 ----A---- C:\WINDOWS\system32\SET24A.tmp
2010-04-19 08:41:13 ----A---- C:\WINDOWS\system32\SET242.tmp
2010-04-19 08:41:12 ----A---- C:\WINDOWS\system32\SET241.tmp
2010-04-19 08:41:12 ----A---- C:\WINDOWS\system32\SET23E.tmp
2010-04-19 08:41:08 ----A---- C:\WINDOWS\system32\SET23D.tmp
2010-04-19 08:41:08 ----A---- C:\WINDOWS\system32\SET23A.tmp
2010-04-19 08:41:07 ----A---- C:\WINDOWS\system32\SET234.tmp
2010-04-19 08:41:07 ----A---- C:\WINDOWS\system32\SET22E.tmp
2010-04-19 08:41:05 ----A---- C:\WINDOWS\system32\SET216.tmp
2010-04-19 08:41:05 ----A---- C:\WINDOWS\system32\SET213.tmp
2010-04-19 08:41:04 ----A---- C:\WINDOWS\system32\SET212.tmp
2010-04-19 08:41:04 ----A---- C:\WINDOWS\system32\SET211.tmp
2010-04-19 08:41:04 ----A---- C:\WINDOWS\system32\SET20E.tmp
2010-04-19 08:41:03 ----A---- C:\WINDOWS\system32\SET208.tmp
2010-04-19 08:41:03 ----A---- C:\WINDOWS\system32\SET207.tmp
2010-04-19 08:41:01 ----A---- C:\WINDOWS\system32\SET1EF.tmp
2010-04-19 08:41:00 ----A---- C:\WINDOWS\system32\SET1ED.tmp
2010-04-19 08:41:00 ----A---- C:\WINDOWS\system32\SET1EB.tmp
2010-04-19 08:40:59 ----A---- C:\WINDOWS\system32\SET1E4.tmp
2010-04-19 08:40:59 ----A---- C:\WINDOWS\system32\SET1E3.tmp
2010-04-19 08:40:58 ----A---- C:\WINDOWS\system32\SET1E0.tmp
2010-04-19 08:40:58 ----A---- C:\WINDOWS\system32\SET1DD.tmp
2010-04-19 08:40:57 ----A---- C:\WINDOWS\system32\SET1D8.tmp
2010-04-19 08:40:56 ----A---- C:\WINDOWS\system32\SET1CF.tmp
2010-04-19 08:40:56 ----A---- C:\WINDOWS\system32\SET1C9.tmp
2010-04-19 08:40:55 ----A---- C:\WINDOWS\system32\SET1C4.tmp
2010-04-19 08:40:55 ----A---- C:\WINDOWS\system32\SET1C1.tmp
2010-04-19 08:40:55 ----A---- C:\WINDOWS\system32\SET1C0.tmp
2010-04-19 08:40:54 ----A---- C:\WINDOWS\system32\SET1BF.tmp
2010-04-19 08:40:54 ----A---- C:\WINDOWS\system32\SET1B8.tmp
2010-04-19 08:40:53 ----A---- C:\WINDOWS\system32\SET1B5.tmp
2010-04-19 08:40:53 ----A---- C:\WINDOWS\system32\SET1B2.tmp
2010-04-19 08:40:53 ----A---- C:\WINDOWS\system32\SET1B1.tmp
2010-04-19 08:40:52 ----A---- C:\WINDOWS\system32\SET1AF.tmp
2010-04-19 08:40:51 ----A---- C:\WINDOWS\system32\SET1A6.tmp
2010-04-19 08:40:51 ----A---- C:\WINDOWS\system32\SET1A5.tmp
2010-04-19 08:40:50 ----A---- C:\WINDOWS\system32\SET19F.tmp
2010-04-19 08:40:50 ----A---- C:\WINDOWS\system32\SET19B.tmp
2010-04-19 08:40:50 ----A---- C:\WINDOWS\system32\SET197.tmp
2010-04-19 08:40:49 ----A---- C:\WINDOWS\system32\SET195.tmp
2010-04-19 08:40:48 ----A---- C:\WINDOWS\system32\SET18B.tmp
2010-04-19 08:40:47 ----A---- C:\WINDOWS\system32\SET182.tmp
2010-04-19 08:40:47 ----A---- C:\WINDOWS\system32\SET181.tmp
2010-04-19 08:40:47 ----A---- C:\WINDOWS\system32\SET17F.tmp
2010-04-19 08:40:46 ----A---- C:\WINDOWS\system32\SET17C.tmp
2010-04-19 08:40:46 ----A---- C:\WINDOWS\system32\SET17B.tmp
2010-04-19 08:40:45 ----A---- C:\WINDOWS\system32\SET176.tmp
2010-04-19 08:40:45 ----A---- C:\WINDOWS\system32\SET173.tmp
2010-04-19 08:40:45 ----A---- C:\WINDOWS\system32\SET16F.tmp
2010-04-19 08:40:44 ----A---- C:\WINDOWS\system32\SET169.tmp
2010-04-19 08:40:44 ----A---- C:\WINDOWS\system32\SET168.tmp
2010-04-19 08:40:44 ----A---- C:\WINDOWS\system32\SET167.tmp
2010-04-19 08:40:43 ----A---- C:\WINDOWS\system32\SET15F.tmp
2010-04-19 08:40:43 ----A---- C:\WINDOWS\system32\SET15B.tmp
2010-04-19 08:40:42 ----A---- C:\WINDOWS\system32\SET159.tmp
2010-04-19 08:40:42 ----A---- C:\WINDOWS\system32\SET14E.tmp
2010-04-19 08:40:41 ----A---- C:\WINDOWS\system32\SET14B.tmp
2010-04-19 08:40:41 ----A---- C:\WINDOWS\system32\SET149.tmp
2010-04-19 08:40:41 ----A---- C:\WINDOWS\system32\SET147.tmp
2010-04-19 08:40:40 ----A---- C:\WINDOWS\system32\SET146.tmp
2010-04-19 08:40:40 ----A---- C:\WINDOWS\system32\SET145.tmp
2010-04-19 08:40:39 ----A---- C:\WINDOWS\system32\SET144.tmp
2010-04-19 08:37:43 ----A---- C:\WINDOWS\002975_.tmp
2010-04-19 08:35:21 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-19 08:33:32 ----A---- C:\WINDOWS\system32\cmd.exe
2010-04-19 08:33:32 ----A---- C:\WINDOWS\system32\cacls.exe
2010-04-19 08:33:32 ----A---- C:\WINDOWS\system32\autochk.exe
2010-04-19 08:33:32 ----A---- C:\WINDOWS\system32\autoconv.exe
2010-04-19 08:33:32 ----A---- C:\WINDOWS\system32\advapi32.dll
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\imagehlp.dll
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\ftp.exe
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\format.com
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\csrsrv.dll
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\comdlg32.dll
2010-04-19 08:33:31 ----A---- C:\WINDOWS\system32\comctl32.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\ntdll.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\nslookup.exe
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\msv1_0.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\msgsvc.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\lsasrv.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\locator.exe
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\localspl.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2010-04-19 08:33:30 ----A---- C:\WINDOWS\system32\kernel32.dll
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\perfctrs.dll
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\olecnv32.dll
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\oleaut32.dll
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\nwprovau.dll
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\ntvdm.exe
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\ntprint.dll
2010-04-19 08:33:29 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\schannel.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\scardsvr.exe
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\savedump.exe
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\samsrv.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\samlib.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\rshx32.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\rastapi.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\rasman.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\rasdlg.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\rasauto.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\rasapi32.dll
2010-04-19 08:33:28 ----A---- C:\WINDOWS\system32\printui.dll
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\syssetup.dll
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\srvsvc.dll
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\smss.exe
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\setupapi.dll
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-19 08:33:27 ----A---- C:\WINDOWS\system32\services.exe
2010-04-19 08:33:26 ----A---- C:\WINDOWS\system32\wkssvc.dll
2010-04-19 08:33:26 ----A---- C:\WINDOWS\system32\win32spl.dll
2010-04-19 08:33:26 ----A---- C:\WINDOWS\system32\userinit.exe
2010-04-19 08:33:26 ----A---- C:\WINDOWS\system32\untfs.dll
2010-04-19 08:33:26 ----A---- C:\WINDOWS\system32\ulib.dll
2010-04-19 08:33:15 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2010-04-19 08:33:15 ----A---- C:\WINDOWS\system32\hal.dll
2010-04-19 08:33:14 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-04-16 15:38:25 ----A---- C:\WINDOWS\system32\SET11EB.tmp
2010-04-16 15:38:24 ----A---- C:\WINDOWS\system32\SET11EA.tmp
2010-04-16 15:38:21 ----A---- C:\WINDOWS\system32\SET11BF.tmp
2010-04-16 15:38:19 ----A---- C:\WINDOWS\system32\SET11A4.tmp
2010-04-16 15:38:17 ----A---- C:\WINDOWS\system32\SET1198.tmp
2010-04-16 15:38:14 ----A---- C:\WINDOWS\system32\SET117B.tmp
2010-04-16 15:38:13 ----A---- C:\WINDOWS\system32\SET116D.tmp
2010-04-16 15:38:12 ----A---- C:\WINDOWS\system32\SET1168.tmp
2010-04-16 15:38:12 ----A---- C:\WINDOWS\system32\SET1166.tmp
2010-04-16 15:38:11 ----A---- C:\WINDOWS\system32\SET1162.tmp
2010-04-16 15:38:09 ----D---- C:\WINDOWS\system32\cs
2010-04-16 15:38:09 ----D---- C:\WINDOWS\l2schemas
2010-04-16 15:38:08 ----D---- C:\WINDOWS\system32\bits
2010-04-16 15:34:37 ----A---- C:\WINDOWS\system32\SET601.tmp
2010-04-16 15:34:35 ----A---- C:\WINDOWS\system32\SET5E8.tmp
2010-04-16 15:34:34 ----A---- C:\WINDOWS\system32\SET5E2.tmp
2010-04-16 15:33:45 ----A---- C:\WINDOWS\SET471.tmp
2010-04-16 15:33:42 ----A---- C:\WINDOWS\system32\SET450.tmp
2010-04-16 15:33:41 ----A---- C:\WINDOWS\system32\SET44E.tmp
2010-04-16 15:33:41 ----A---- C:\WINDOWS\system32\SET44C.tmp
2010-04-16 15:33:40 ----A---- C:\WINDOWS\system32\SET448.tmp
2010-04-16 15:33:40 ----A---- C:\WINDOWS\system32\SET445.tmp
2010-04-16 15:33:39 ----N---- C:\WINDOWS\system32\SET440.tmp
2010-04-16 15:33:39 ----A---- C:\WINDOWS\system32\SET43B.tmp
2010-04-16 15:33:38 ----A---- C:\WINDOWS\system32\SET43A.tmp
2010-04-16 15:33:38 ----A---- C:\WINDOWS\system32\SET436.tmp
2010-04-16 15:33:38 ----A---- C:\WINDOWS\system32\SET435.tmp
2010-04-16 15:33:37 ----A---- C:\WINDOWS\system32\SET432.tmp
2010-04-16 15:33:37 ----A---- C:\WINDOWS\system32\SET431.tmp
2010-04-16 15:33:36 ----A---- C:\WINDOWS\system32\SET430.tmp
2010-04-16 15:33:35 ----A---- C:\WINDOWS\system32\SET429.tmp
2010-04-16 15:33:35 ----A---- C:\WINDOWS\system32\SET427.tmp
2010-04-16 15:33:34 ----A---- C:\WINDOWS\system32\SET424.tmp
2010-04-16 15:33:34 ----A---- C:\WINDOWS\system32\SET421.tmp
2010-04-16 15:33:33 ----A---- C:\WINDOWS\system32\SET41A.tmp
2010-04-16 15:33:32 ----A---- C:\WINDOWS\system32\SET414.tmp
2010-04-16 15:33:32 ----A---- C:\WINDOWS\system32\SET40C.tmp
2010-04-16 15:33:31 ----A---- C:\WINDOWS\system32\SET40B.tmp
2010-04-16 15:33:30 ----A---- C:\WINDOWS\system32\SET406.tmp
2010-04-16 15:33:30 ----A---- C:\WINDOWS\system32\SET404.tmp
2010-04-16 15:33:29 ----A---- C:\WINDOWS\system32\SET401.tmp
2010-04-16 15:33:29 ----A---- C:\WINDOWS\system32\SET3FF.tmp
2010-04-16 15:33:28 ----A---- C:\WINDOWS\system32\SET3FE.tmp
2010-04-16 15:33:28 ----A---- C:\WINDOWS\system32\SET3FC.tmp
2010-04-16 15:33:28 ----A---- C:\WINDOWS\system32\SET3F9.tmp
2010-04-16 15:33:27 ----A---- C:\WINDOWS\system32\SET3F8.tmp
2010-04-16 15:33:27 ----A---- C:\WINDOWS\system32\SET3F7.tmp
2010-04-16 15:33:26 ----A---- C:\WINDOWS\system32\SET3F5.tmp
2010-04-16 15:33:26 ----A---- C:\WINDOWS\system32\SET3F4.tmp
2010-04-16 15:33:26 ----A---- C:\WINDOWS\system32\SET3F3.tmp
2010-04-16 15:33:25 ----A---- C:\WINDOWS\system32\SET3EC.tmp
2010-04-16 15:33:23 ----A---- C:\WINDOWS\system32\SET3DD.tmp
2010-04-16 15:33:21 ----A---- C:\WINDOWS\system32\SET3D2.tmp
2010-04-16 15:33:20 ----A---- C:\WINDOWS\system32\SET3BF.tmp
2010-04-16 15:33:19 ----A---- C:\WINDOWS\system32\SET3BE.tmp
2010-04-16 15:33:18 ----A---- C:\WINDOWS\system32\SET3AE.tmp
2010-04-16 15:33:17 ----A---- C:\WINDOWS\system32\SET3A9.tmp
2010-04-16 15:33:16 ----A---- C:\WINDOWS\system32\SET3A3.tmp
2010-04-16 15:33:16 ----A---- C:\WINDOWS\system32\SET39F.tmp
2010-04-16 15:33:14 ----A---- C:\WINDOWS\system32\SET397.tmp
2010-04-16 15:33:14 ----A---- C:\WINDOWS\system32\SET396.tmp
2010-04-16 15:33:14 ----A---- C:\WINDOWS\system32\SET395.tmp
2010-04-16 15:33:13 ----A---- C:\WINDOWS\system32\SET393.tmp
2010-04-16 15:33:12 ----A---- C:\WINDOWS\system32\SET38D.tmp
2010-04-16 15:33:11 ----A---- C:\WINDOWS\system32\SET384.tmp
2010-04-16 15:33:10 ----A---- C:\WINDOWS\system32\SET37E.tmp
2010-04-16 15:33:10 ----A---- C:\WINDOWS\system32\SET37C.tmp
2010-04-16 15:33:10 ----A---- C:\WINDOWS\system32\SET379.tmp
2010-04-16 15:33:09 ----A---- C:\WINDOWS\system32\SET372.tmp
2010-04-16 15:33:08 ----A---- C:\WINDOWS\system32\SET36E.tmp
2010-04-16 15:33:07 ----A---- C:\WINDOWS\system32\SET368.tmp
2010-04-16 15:33:07 ----A---- C:\WINDOWS\system32\SET367.tmp
2010-04-16 15:33:06 ----A---- C:\WINDOWS\system32\SET365.tmp
2010-04-16 15:33:06 ----A---- C:\WINDOWS\system32\SET35F.tmp
2010-04-16 15:33:05 ----A---- C:\WINDOWS\system32\SET35C.tmp
2010-04-16 15:33:04 ----A---- C:\WINDOWS\system32\SET34E.tmp
2010-04-16 15:33:03 ----A---- C:\WINDOWS\system32\SET34A.tmp
2010-04-16 15:33:02 ----A---- C:\WINDOWS\system32\SET344.tmp
2010-04-16 15:33:02 ----A---- C:\WINDOWS\system32\SET342.tmp
2010-04-16 15:33:01 ----A---- C:\WINDOWS\system32\SET340.tmp
2010-04-16 15:33:01 ----A---- C:\WINDOWS\system32\SET33C.tmp
2010-04-16 15:33:00 ----A---- C:\WINDOWS\system32\SET335.tmp
2010-04-16 15:32:58 ----A---- C:\WINDOWS\system32\SET321.tmp
2010-04-16 15:32:57 ----A---- C:\WINDOWS\system32\SET31F.tmp
2010-04-16 15:32:57 ----A---- C:\WINDOWS\system32\SET319.tmp
2010-04-16 15:32:56 ----A---- C:\WINDOWS\system32\SET317.tmp
2010-04-16 15:32:55 ----A---- C:\WINDOWS\system32\SET312.tmp
2010-04-16 15:32:55 ----A---- C:\WINDOWS\system32\SET310.tmp
2010-04-16 15:32:54 ----A---- C:\WINDOWS\system32\SET308.tmp
2010-04-16 15:32:53 ----A---- C:\WINDOWS\system32\SET305.tmp
2010-04-16 15:32:53 ----A---- C:\WINDOWS\system32\SET304.tmp
2010-04-16 15:32:53 ----A---- C:\WINDOWS\system32\SET303.tmp
2010-04-16 15:32:52 ----A---- C:\WINDOWS\system32\SET2FF.tmp
2010-04-16 15:32:50 ----A---- C:\WINDOWS\system32\SET2F4.tmp
2010-04-16 15:32:49 ----A---- C:\WINDOWS\system32\SET2ED.tmp
2010-04-16 15:32:49 ----A---- C:\WINDOWS\system32\SET2EC.tmp
2010-04-16 15:32:49 ----A---- C:\WINDOWS\system32\SET2EA.tmp
2010-04-16 15:32:48 ----A---- C:\WINDOWS\system32\SET2E5.tmp
2010-04-16 15:32:48 ----A---- C:\WINDOWS\system32\SET2E3.tmp
2010-04-16 15:32:47 ----A---- C:\WINDOWS\system32\SET2E1.tmp
2010-04-16 15:32:47 ----A---- C:\WINDOWS\system32\SET2E0.tmp
2010-04-16 15:32:47 ----A---- C:\WINDOWS\system32\SET2DF.tmp
2010-04-16 15:32:47 ----A---- C:\WINDOWS\system32\SET2DD.tmp
2010-04-16 15:32:45 ----A---- C:\WINDOWS\system32\SET2D3.tmp
2010-04-16 15:32:45 ----A---- C:\WINDOWS\system32\SET2D0.tmp
2010-04-16 15:32:44 ----A---- C:\WINDOWS\system32\SET2CE.tmp
2010-04-16 15:32:44 ----A---- C:\WINDOWS\system32\SET2CC.tmp
2010-04-16 15:32:44 ----A---- C:\WINDOWS\system32\SET2CB.tmp
2010-04-16 15:32:43 ----A---- C:\WINDOWS\system32\SET2CA.tmp
2010-04-16 15:32:43 ----A---- C:\WINDOWS\system32\SET2C9.tmp
2010-04-16 15:32:43 ----A---- C:\WINDOWS\system32\SET2C7.tmp
2010-04-16 15:32:42 ----A---- C:\WINDOWS\system32\SET2C2.tmp
2010-04-16 15:32:42 ----A---- C:\WINDOWS\system32\SET2C1.tmp
2010-04-16 15:32:42 ----A---- C:\WINDOWS\system32\SET2BE.tmp
2010-04-16 15:32:41 ----A---- C:\WINDOWS\system32\SET2B8.tmp
2010-04-16 15:32:41 ----A---- C:\WINDOWS\system32\SET2B7.tmp
2010-04-16 15:32:40 ----A---- C:\WINDOWS\system32\SET2B4.tmp
2010-04-16 15:32:40 ----A---- C:\WINDOWS\system32\SET2B3.tmp
2010-04-16 15:32:39 ----A---- C:\WINDOWS\system32\SET2AD.tmp
2010-04-16 15:32:38 ----A---- C:\WINDOWS\system32\SET2A9.tmp
2010-04-16 15:32:37 ----A---- C:\WINDOWS\system32\SET2A2.tmp
2010-04-16 15:32:37 ----A---- C:\WINDOWS\system32\SET2A1.tmp
2010-04-16 15:32:36 ----A---- C:\WINDOWS\system32\SET29E.tmp
2010-04-16 15:32:36 ----A---- C:\WINDOWS\system32\SET29B.tmp
2010-04-16 15:32:35 ----A---- C:\WINDOWS\system32\SET29A.tmp
2010-04-16 15:32:35 ----A---- C:\WINDOWS\system32\SET297.tmp
2010-04-16 15:32:34 ----A---- C:\WINDOWS\system32\SET296.tmp
2010-04-16 15:32:34 ----A---- C:\WINDOWS\system32\SET294.tmp
2010-04-16 15:32:33 ----A---- C:\WINDOWS\system32\SET291.tmp
2010-04-16 15:32:32 ----A---- C:\WINDOWS\system32\SET28F.tmp
2010-04-16 15:32:32 ----A---- C:\WINDOWS\system32\SET28E.tmp
2010-04-16 15:32:32 ----A---- C:\WINDOWS\system32\SET28D.tmp
2010-04-16 15:32:31 ----A---- C:\WINDOWS\system32\SET288.tmp
2010-04-16 15:32:31 ----A---- C:\WINDOWS\system32\SET287.tmp
2010-04-16 15:32:30 ----A---- C:\WINDOWS\system32\SET286.tmp
2010-04-16 15:32:29 ----A---- C:\WINDOWS\system32\SET281.tmp
2010-04-16 15:32:29 ----A---- C:\WINDOWS\system32\SET27E.tmp
2010-04-16 15:32:28 ----A---- C:\WINDOWS\system32\SET27C.tmp
2010-04-16 15:32:28 ----A---- C:\WINDOWS\system32\SET27B.tmp
2010-04-16 15:32:28 ----A---- C:\WINDOWS\system32\SET27A.tmp
2010-04-16 15:32:28 ----A---- C:\WINDOWS\system32\SET278.tmp
2010-04-16 15:32:28 ----A---- C:\WINDOWS\system32\SET277.tmp
2010-04-16 15:32:28 ----A---- C:\WINDOWS\system32\SET276.tmp
2010-04-16 15:32:27 ----A---- C:\WINDOWS\system32\SET274.tmp
2010-04-16 15:32:27 ----A---- C:\WINDOWS\system32\SET273.tmp
2010-04-16 15:32:27 ----A---- C:\WINDOWS\system32\SET272.tmp
2010-04-16 15:32:27 ----A---- C:\WINDOWS\system32\SET271.tmp
2010-04-16 15:32:27 ----A---- C:\WINDOWS\system32\SET270.tmp
2010-04-16 15:32:26 ----A---- C:\WINDOWS\system32\SET26D.tmp
2010-04-16 15:32:26 ----A---- C:\WINDOWS\system32\SET26C.tmp
2010-04-16 15:32:25 ----A---- C:\WINDOWS\system32\SET265.tmp
2010-04-16 15:32:25 ----A---- C:\WINDOWS\system32\SET264.tmp
2010-04-16 15:32:25 ----A---- C:\WINDOWS\system32\SET261.tmp
2010-04-16 15:32:23 ----A---- C:\WINDOWS\system32\SET257.tmp
2010-04-16 15:32:22 ----A---- C:\WINDOWS\system32\SET250.tmp
2010-04-16 15:32:22 ----A---- C:\WINDOWS\system32\SET24D.tmp
2010-04-16 15:32:22 ----A---- C:\WINDOWS\system32\SET24B.tmp
2010-04-16 15:32:21 ----A---- C:\WINDOWS\system32\SET248.tmp
2010-04-16 15:32:21 ----A---- C:\WINDOWS\system32\SET247.tmp
2010-04-16 15:32:21 ----A---- C:\WINDOWS\system32\SET245.tmp
2010-04-16 15:32:19 ----A---- C:\WINDOWS\system32\SET239.tmp
2010-04-16 15:32:18 ----A---- C:\WINDOWS\system32\SET238.tmp
2010-04-16 15:32:18 ----A---- C:\WINDOWS\system32\SET237.tmp
2010-04-16 15:32:18 ----A---- C:\WINDOWS\system32\SET235.tmp
2010-04-16 15:32:16 ----A---- C:\WINDOWS\system32\SET233.tmp
2010-04-16 15:32:15 ----A---- C:\WINDOWS\system32\SET22D.tmp
2010-04-16 15:32:15 ----A---- C:\WINDOWS\system32\SET227.tmp
2010-04-16 15:32:14 ----A---- C:\WINDOWS\system32\SET226.tmp
2010-04-16 15:32:14 ----A---- C:\WINDOWS\system32\SET221.tmp
2010-04-16 15:32:13 ----A---- C:\WINDOWS\system32\SET21F.tmp
2010-04-16 15:32:13 ----A---- C:\WINDOWS\system32\SET21D.tmp
2010-04-16 15:32:12 ----A---- C:\WINDOWS\system32\SET21C.tmp
2010-04-16 15:32:12 ----A---- C:\WINDOWS\system32\SET21B.tmp
2010-04-16 15:32:11 ----A---- C:\WINDOWS\system32\SET215.tmp
2010-04-16 15:32:11 ----A---- C:\WINDOWS\system32\SET214.tmp
2010-04-16 15:32:10 ----A---- C:\WINDOWS\system32\SET20D.tmp
2010-04-16 15:32:10 ----A---- C:\WINDOWS\system32\SET20C.tmp
2010-04-16 15:32:10 ----A---- C:\WINDOWS\system32\SET20B.tmp
2010-04-16 15:32:09 ----A---- C:\WINDOWS\system32\SET205.tmp
2010-04-16 15:32:09 ----A---- C:\WINDOWS\system32\SET204.tmp
2010-04-16 15:32:08 ----A---- C:\WINDOWS\system32\SET203.tmp
2010-04-16 15:32:08 ----A---- C:\WINDOWS\system32\SET200.tmp
2010-04-16 15:32:07 ----A---- C:\WINDOWS\system32\SET1FB.tmp
2010-04-16 15:32:07 ----A---- C:\WINDOWS\system32\SET1FA.tmp
2010-04-16 15:32:07 ----A---- C:\WINDOWS\system32\SET1F8.tmp
2010-04-16 15:32:06 ----A---- C:\WINDOWS\system32\SET1F7.tmp
2010-04-16 15:32:03 ----A---- C:\WINDOWS\system32\SET1F6.tmp
2010-04-16 15:32:02 ----A---- C:\WINDOWS\system32\SET1F3.tmp
2010-04-16 15:32:02 ----A---- C:\WINDOWS\system32\SET1F1.tmp
2010-04-16 15:32:01 ----A---- C:\WINDOWS\system32\SET1EC.tmp
2010-04-16 15:31:59 ----A---- C:\WINDOWS\system32\SET1DC.tmp
2010-04-16 15:31:59 ----A---- C:\WINDOWS\system32\SET1DB.tmp
2010-04-16 15:31:59 ----A---- C:\WINDOWS\system32\SET1DA.tmp
2010-04-16 15:31:59 ----A---- C:\WINDOWS\system32\SET1D9.tmp
2010-04-16 15:31:58 ----A---- C:\WINDOWS\system32\SET1D6.tmp
2010-04-16 15:31:58 ----A---- C:\WINDOWS\system32\SET1D3.tmp
2010-04-16 15:31:57 ----A---- C:\WINDOWS\system32\SET1D2.tmp
2010-04-16 15:31:56 ----A---- C:\WINDOWS\system32\SET1C8.tmp
2010-04-16 15:31:56 ----A---- C:\WINDOWS\system32\SET1C5.tmp
2010-04-16 15:31:55 ----A---- C:\WINDOWS\system32\SET1C3.tmp
2010-04-16 15:31:55 ----A---- C:\WINDOWS\system32\SET1C2.tmp
2010-04-16 15:31:54 ----A---- C:\WINDOWS\system32\SET1BB.tmp
2010-04-16 15:31:53 ----A---- C:\WINDOWS\system32\SET1BA.tmp
2010-04-16 15:31:53 ----A---- C:\WINDOWS\system32\SET1B7.tmp
2010-04-16 15:31:52 ----A---- C:\WINDOWS\system32\SET1B4.tmp
2010-04-16 15:31:52 ----A---- C:\WINDOWS\system32\SET1B3.tmp
2010-04-16 15:31:51 ----A---- C:\WINDOWS\system32\SET1AD.tmp
2010-04-16 15:31:50 ----A---- C:\WINDOWS\system32\SET1A7.tmp
2010-04-16 15:31:50 ----A---- C:\WINDOWS\system32\SET1A4.tmp
2010-04-16 15:31:50 ----A---- C:\WINDOWS\system32\SET1A3.tmp
2010-04-16 15:31:50 ----A---- C:\WINDOWS\system32\SET1A2.tmp
2010-04-16 15:31:49 ----A---- C:\WINDOWS\system32\SET1A1.tmp
2010-04-16 15:31:49 ----A---- C:\WINDOWS\system32\SET19C.tmp
2010-04-16 15:31:48 ----A---- C:\WINDOWS\system32\SET19A.tmp
2010-04-16 15:31:48 ----A---- C:\WINDOWS\system32\SET199.tmp
2010-04-16 15:31:48 ----A---- C:\WINDOWS\system32\SET198.tmp
2010-04-16 15:31:47 ----A---- C:\WINDOWS\system32\SET196.tmp
2010-04-16 15:31:46 ----A---- C:\WINDOWS\system32\SET18F.tmp
2010-04-16 15:31:46 ----A---- C:\WINDOWS\system32\SET18E.tmp
2010-04-16 15:31:45 ----A---- C:\WINDOWS\system32\SET18C.tmp
2010-04-16 15:31:45 ----A---- C:\WINDOWS\system32\SET189.tmp
2010-04-16 15:31:45 ----A---- C:\WINDOWS\system32\SET188.tmp
2010-04-16 15:31:44 ----A---- C:\WINDOWS\system32\SET187.tmp
2010-04-16 15:31:43 ----A---- C:\WINDOWS\system32\SET180.tmp
2010-04-16 15:31:42 ----A---- C:\WINDOWS\system32\SET17A.tmp
2010-04-16 15:31:42 ----A---- C:\WINDOWS\system32\SET179.tmp
2010-04-16 15:31:42 ----A---- C:\WINDOWS\system32\SET178.tmp
2010-04-16 15:31:41 ----A---- C:\WINDOWS\system32\SET175.tmp
2010-04-16 15:31:41 ----A---- C:\WINDOWS\system32\SET174.tmp
2010-04-16 15:31:40 ----A---- C:\WINDOWS\system32\SET172.tmp
2010-04-16 15:31:40 ----A---- C:\WINDOWS\system32\SET171.tmp
2010-04-16 15:31:40 ----A---- C:\WINDOWS\system32\SET170.tmp
2010-04-16 15:31:39 ----A---- C:\WINDOWS\system32\SET16D.tmp
2010-04-16 15:31:39 ----A---- C:\WINDOWS\system32\SET16C.tmp
2010-04-16 15:31:39 ----A---- C:\WINDOWS\system32\SET16B.tmp
2010-04-16 15:31:38 ----A---- C:\WINDOWS\system32\SET166.tmp
2010-04-16 15:31:38 ----A---- C:\WINDOWS\system32\SET163.tmp
2010-04-16 15:31:37 ----A---- C:\WINDOWS\system32\SET162.tmp
2010-04-16 15:31:36 ----A---- C:\WINDOWS\system32\SET15D.tmp
2010-04-16 15:31:36 ----A---- C:\WINDOWS\system32\SET15A.tmp
2010-04-16 15:31:36 ----A---- C:\WINDOWS\system32\SET158.tmp
2010-04-16 15:31:35 ----A---- C:\WINDOWS\system32\SET156.tmp
2010-04-16 15:31:35 ----A---- C:\WINDOWS\system32\SET155.tmp
2010-04-16 15:31:35 ----A---- C:\WINDOWS\system32\SET154.tmp
2010-04-16 15:31:34 ----A---- C:\WINDOWS\system32\SET153.tmp
2010-04-16 15:31:34 ----A---- C:\WINDOWS\system32\SET14F.tmp
2010-04-16 15:31:33 ----D---- C:\WINDOWS\network diagnostic
2010-04-16 15:28:32 ----A---- C:\WINDOWS\002950_.tmp
2010-04-16 15:28:30 ----A---- C:\WINDOWS\imsins.BAK
2010-04-16 10:22:00 ----A---- C:\WINDOWS\wininit.ini
2010-04-16 10:01:13 ----D---- C:\WINDOWS\system32\appmgmt
2010-04-12 17:04:42 ----D---- C:\WINDOWS\Minidump
2010-04-11 22:51:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\74319024
2010-04-09 16:09:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-09 16:09:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-09 16:08:43 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 months======

2010-04-23 13:00:16 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-04-23 13:00:06 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt
2010-04-19 16:33:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-19 12:52:26 ----A---- C:\WINDOWS\system.ini
2010-04-12 17:04:30 ----A---- C:\WINDOWS\DUMP9be2.tmp
2010-04-12 17:01:18 ----A---- C:\WINDOWS\DUMPb3bf.tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswsp;avast! Self Protection; C:\WINDOWS\system32\drivers\aswsp.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 UBHelper;MRW remapping; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-09 823296]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-22 175360]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-10 200064]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2004-12-31 6912]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-08 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-13 146304]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-10 684800]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-18 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-18 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-18 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\MIROSL~1\LOCALS~1\Temp\catchme.sys []
S3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-10-08 752093]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-18 59648]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-09 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Re: win32:rustNT awin32:qandr rtk

Napsal: 23 dub 2010 15:21
od motji
Hezké odpoledne :)

:arrow: Poprosím o tento log
C:\ComboFix.txt

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 08:06
od jurca1
Dobré ráno, zasílám ten log z combofixu.

Děkuji

ComboFix 10-04-21.01 - Miro 26.04.2010 8:43.3.1 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.510.222 [GMT 2:00]
Spuštěný z: c:\documents and settings\Miro\Plocha\ComboFix2.exe
AV: avast! antivirus 4.8.1368 [VPS 100419-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\ae63caf3.sys . . . . nemohl být smazán

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ae63caf3


((((((((((((((((((((((((( Soubory vytvořené od 2010-03-26 do 2010-04-26 )))))))))))))))))))))))))))))))
.

2010-04-23 11:02 . 2010-04-23 11:02 -------- d-----w- C:\rsit
2010-04-23 11:02 . 2010-04-23 11:02 -------- d-----w- c:\program files\trend micro
2010-04-19 06:34 . 2004-08-18 18:00 35840 ----a-w- c:\windows\system32\dllcache\iprip.dll
2010-04-19 06:33 . 2009-03-06 15:47 283648 ----a-w- c:\windows\system32\dllcache\pdh.dll
2010-04-16 13:38 . 2010-04-16 13:38 -------- d-----w- c:\windows\system32\cs
2010-04-16 13:38 . 2010-04-16 13:38 -------- d-----w- c:\windows\l2schemas
2010-04-16 13:38 . 2010-04-16 13:38 -------- d-----w- c:\windows\system32\bits
2010-04-16 13:23 . 2004-08-18 18:00 71040 ------w- c:\windows\system32\drivers\_004549_.tmp.dll
2010-04-15 14:51 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-15 14:51 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-12 15:06 . 2004-06-18 16:39 0 ----a-w- c:\windows\system32\drivers\vbeqrpop.sys
2010-04-09 14:09 . 2010-04-09 14:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-09 14:08 . 2010-04-09 14:08 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-26 06:48 . 2004-12-31 13:09 12 ----a-w- c:\windows\bthservsdp.dat
2010-04-12 15:04 . 2005-03-21 18:00 90112 ----a-w- c:\windows\DUMP9be2.tmp
2010-04-12 15:01 . 2005-03-21 18:00 90112 ----a-w- c:\windows\DUMPb3bf.tmp
2006-04-21 08:48 . 2006-04-21 08:48 180224 ----a-w- c:\program files\comm32.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-30 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 688218]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-10-08 126976]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-21 40960]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-09 344064]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-01-03 176128]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-01-04 2889216]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2004-12-09 311296]
"eRecoveryService"="c:\windows\System32\Check.exe" [2004-11-24 245760]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-22 198160]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [15.4.2010 16:51 114768]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.4.2010 16:51 20560]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3.2.2010 18:48 135664]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 16:48]

2010-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 16:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: google sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{fa9b9510-9fcb-4ca0-818c-5d0987b47c4d} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-26 08:52
Windows 5.1.2600 Service Pack 2 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\controlset004\Services\ae63caf3]
"ImagePath"="\SystemRoot\System32\drivers\ae63caf3.sys"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(908)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3556)
c:\windows\system32\msi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\acer\eManager\anbmServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\acer\eRecovery\Monitor.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-04-26 08:55:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-26 06:55
ComboFix2.txt 2010-04-19 10:56
ComboFix3.txt 2010-04-19 10:06

Před spuštěním: 5 193 940 992
Po spuštění: 5 172 183 040

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect

Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 2D8A3190FED82F6CF052928644A0D6B2

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 08:11
od motji
:arrow: Stáhněte Avenger
http://swandog46.geekstogo.com/avenger.exe

-spustíte program a potvrdíte kliknutím na ok,tím potvrzujete, že všechny činnosti s tím spojené činíte na vlastní riziko.
-Po odkliknutí se objeví hlavní okno programu,do bílého okna něj zkopírujte tento skript:

Kód: Vybrat vše

drivers to delete:
ae63caf3

Files to delete:
c:\windows\system32\drivers\ae63caf3.sys
:!: -zaškrtněte políčko scan for rootkits

a klikněte na tlačítko Execute.
-Potom se objeví okno,kde kliknutím Yes potvrdíte spuštění skriptu. Pak znovu tlačítkem yes potvrdíte restart počítače.
-Po restartu by se měl otevřít poznámkový blok s logem o vykonání skriptu, bude také uložený v C:\avenger.txt.
-Log vložte sem

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 08:41
od jurca1
tak tady to je:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "ae63caf3" deleted successfully.
File "c:\windows\system32\drivers\ae63caf3.sys" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 09:04
od motji
:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript

Kód: Vybrat vše

:processes
explorer.exe
 
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=-

:commands
[Reboot]
-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 09:43
od jurca1
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\system32\drivers\_004523_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\drivers\_004549_.tmp.dll
C:\WINDOWS\system32\drivers\_004523_.tmp.dll moved successfully.
C:\WINDOWS\system32\drivers\_004549_.tmp.dll moved successfully.
C:\WINDOWS\system32\SET2F4.tmp moved successfully.
C:\WINDOWS\system32\SET4E3.tmp moved successfully.
C:\WINDOWS\system32\SET214.tmp moved successfully.
C:\WINDOWS\system32\SET3D2.tmp moved successfully.
C:\WINDOWS\system32\SET215.tmp moved successfully.
C:\WINDOWS\system32\SET342.tmp moved successfully.
C:\WINDOWS\system32\SET2EC.tmp moved successfully.
C:\WINDOWS\system32\SET34E.tmp moved successfully.
C:\WINDOWS\system32\SET281.tmp moved successfully.
C:\WINDOWS\system32\SET259.tmp moved successfully.
C:\WINDOWS\system32\SET4DE.tmp moved successfully.
C:\WINDOWS\system32\SET21B.tmp moved successfully.
C:\WINDOWS\system32\SET21C.tmp moved successfully.
C:\WINDOWS\system32\SET21D.tmp moved successfully.
C:\WINDOWS\system32\SET21F.tmp moved successfully.
C:\WINDOWS\system32\SET367.tmp moved successfully.
C:\WINDOWS\system32\SET4DC.tmp moved successfully.
C:\WINDOWS\system32\SET221.tmp moved successfully.
C:\WINDOWS\system32\SET4D9.tmp moved successfully.
C:\WINDOWS\system32\SET226.tmp moved successfully.
C:\WINDOWS\system32\SET4D6.tmp moved successfully.
C:\WINDOWS\system32\SET227.tmp moved successfully.
C:\WINDOWS\system32\SET4D4.tmp moved successfully.
C:\WINDOWS\system32\SET4CF.tmp moved successfully.
C:\WINDOWS\system32\SET22D.tmp moved successfully.
C:\WINDOWS\system32\SET4CB.tmp moved successfully.
C:\WINDOWS\system32\SET34D.tmp moved successfully.
C:\WINDOWS\system32\SET2AD.tmp moved successfully.
C:\WINDOWS\system32\SET344.tmp moved successfully.
C:\WINDOWS\system32\SET29E.tmp moved successfully.
C:\WINDOWS\system32\SET247.tmp moved successfully.
C:\WINDOWS\system32\SET2D0.tmp moved successfully.
C:\WINDOWS\system32\SET3DD.tmp moved successfully.
C:\WINDOWS\system32\SET233.tmp moved successfully.
C:\WINDOWS\system32\SET445.tmp moved successfully.
C:\WINDOWS\system32\SET3F3.tmp moved successfully.
C:\WINDOWS\system32\SET450.tmp moved successfully.
C:\WINDOWS\system32\SET44E.tmp moved successfully.
C:\WINDOWS\system32\SET44C.tmp moved successfully.
C:\WINDOWS\system32\SET448.tmp moved successfully.
C:\WINDOWS\system32\SET4C4.tmp moved successfully.
C:\WINDOWS\system32\SET601.tmp moved successfully.
C:\WINDOWS\system32\SET4C1.tmp moved successfully.
C:\WINDOWS\system32\SET440.tmp moved successfully.
C:\WINDOWS\system32\SET235.tmp moved successfully.
C:\WINDOWS\system32\SET43A.tmp moved successfully.
C:\WINDOWS\system32\SET430.tmp moved successfully.
C:\WINDOWS\system32\SET42D.tmp moved successfully.
C:\WINDOWS\system32\SET424.tmp moved successfully.
C:\WINDOWS\system32\SET4B5.tmp moved successfully.
C:\WINDOWS\system32\SET41A.tmp moved successfully.
C:\WINDOWS\system32\SET414.tmp moved successfully.
C:\WINDOWS\system32\SET4AA.tmp moved successfully.
C:\WINDOWS\system32\SET144.tmp moved successfully.
C:\WINDOWS\system32\SET3FE.tmp moved successfully.
C:\WINDOWS\system32\SET3FC.tmp moved successfully.
C:\WINDOWS\system32\SET3F7.tmp moved successfully.
C:\WINDOWS\system32\SET3EC.tmp moved successfully.
C:\WINDOWS\system32\SET3E9.tmp moved successfully.
C:\WINDOWS\system32\SET496.tmp moved successfully.
C:\WINDOWS\system32\SET145.tmp moved successfully.
C:\WINDOWS\system32\SET146.tmp moved successfully.
C:\WINDOWS\system32\SET486.tmp moved successfully.
C:\WINDOWS\system32\SET3BE.tmp moved successfully.
C:\WINDOWS\system32\SET47B.tmp moved successfully.
C:\WINDOWS\system32\SET3AE.tmp moved successfully.
C:\WINDOWS\system32\SET3A9.tmp moved successfully.
C:\WINDOWS\system32\SET3A3.tmp moved successfully.
C:\WINDOWS\system32\SET39F.tmp moved successfully.
C:\WINDOWS\system32\SET46D.tmp moved successfully.
C:\WINDOWS\system32\SET237.tmp moved successfully.
C:\WINDOWS\system32\SET46B.tmp moved successfully.
C:\WINDOWS\system32\SET147.tmp moved successfully.
C:\WINDOWS\system32\SET395.tmp moved successfully.
C:\WINDOWS\system32\SET393.tmp moved successfully.
C:\WINDOWS\system32\SET38D.tmp moved successfully.
C:\WINDOWS\system32\SET238.tmp moved successfully.
C:\WINDOWS\system32\SET372.tmp moved successfully.
C:\WINDOWS\system32\SET446.tmp moved successfully.
C:\WINDOWS\system32\SET149.tmp moved successfully.
C:\WINDOWS\system32\SET36E.tmp moved successfully.
C:\WINDOWS\system32\SET14B.tmp moved successfully.
C:\WINDOWS\system32\SET365.tmp moved successfully.
C:\WINDOWS\system32\SET294.tmp moved successfully.
C:\WINDOWS\system32\SET465.tmp moved successfully.
C:\WINDOWS\system32\SET35F.tmp moved successfully.
C:\WINDOWS\system32\SET14E.tmp moved successfully.
C:\WINDOWS\system32\SET34A.tmp moved successfully.
C:\WINDOWS\system32\SET340.tmp moved successfully.
C:\WINDOWS\system32\SET33C.tmp moved successfully.
C:\WINDOWS\system32\SET1297.tmp moved successfully.
C:\WINDOWS\system32\SET45C.tmp moved successfully.
C:\WINDOWS\system32\SET319.tmp moved successfully.
C:\WINDOWS\system32\SET317.tmp moved successfully.
C:\WINDOWS\system32\SET239.tmp moved successfully.
C:\WINDOWS\system32\SET159.tmp moved successfully.
C:\WINDOWS\system32\SET312.tmp moved successfully.
C:\WINDOWS\system32\SET321.tmp moved successfully.
C:\WINDOWS\system32\SET310.tmp moved successfully.
C:\WINDOWS\system32\SET15B.tmp moved successfully.
C:\WINDOWS\system32\SET303.tmp moved successfully.
C:\WINDOWS\system32\SET2FF.tmp moved successfully.
C:\WINDOWS\system32\SET15F.tmp moved successfully.
C:\WINDOWS\system32\SET5E8.tmp moved successfully.
C:\WINDOWS\system32\SET167.tmp moved successfully.
C:\WINDOWS\system32\SET11A4.tmp moved successfully.
C:\WINDOWS\system32\SET2DD.tmp moved successfully.
C:\WINDOWS\system32\SET2CE.tmp moved successfully.
C:\WINDOWS\system32\SET168.tmp moved successfully.
C:\WINDOWS\system32\SET169.tmp moved successfully.
C:\WINDOWS\system32\SET2BE.tmp moved successfully.
C:\WINDOWS\system32\SET2B7.tmp moved successfully.
C:\WINDOWS\system32\SET2B3.tmp moved successfully.
C:\WINDOWS\system32\SET2A1.tmp moved successfully.
C:\WINDOWS\system32\SET16F.tmp moved successfully.
C:\WINDOWS\system32\SET29A.tmp moved successfully.
C:\WINDOWS\system32\SET296.tmp moved successfully.
C:\WINDOWS\system32\SET291.tmp moved successfully.
C:\WINDOWS\system32\SET173.tmp moved successfully.
C:\WINDOWS\system32\SET28D.tmp moved successfully.
C:\WINDOWS\system32\SET5E2.tmp moved successfully.
C:\WINDOWS\system32\SET286.tmp moved successfully.
C:\WINDOWS\system32\SET456.tmp moved successfully.
C:\WINDOWS\system32\SET27E.tmp moved successfully.
C:\WINDOWS\system32\SET176.tmp moved successfully.
C:\WINDOWS\system32\SET27A.tmp moved successfully.
C:\WINDOWS\system32\SET276.tmp moved successfully.
C:\WINDOWS\system32\SET270.tmp moved successfully.
C:\WINDOWS\system32\SET17B.tmp moved successfully.
C:\WINDOWS\system32\SET17C.tmp moved successfully.
C:\WINDOWS\system32\SET261.tmp moved successfully.
C:\WINDOWS\system32\SET454.tmp moved successfully.
C:\WINDOWS\system32\SET257.tmp moved successfully.
C:\WINDOWS\system32\SET250.tmp moved successfully.
C:\WINDOWS\system32\SET2CD.tmp moved successfully.
C:\WINDOWS\system32\SET24B.tmp moved successfully.
C:\WINDOWS\system32\SET451.tmp moved successfully.
C:\WINDOWS\system32\SET245.tmp moved successfully.
C:\WINDOWS\system32\SET17F.tmp moved successfully.
C:\WINDOWS\system32\SET248.tmp moved successfully.
C:\WINDOWS\system32\SET24D.tmp moved successfully.
C:\WINDOWS\system32\SET181.tmp moved successfully.
C:\WINDOWS\system32\SET182.tmp moved successfully.
C:\WINDOWS\system32\SET264.tmp moved successfully.
C:\WINDOWS\system32\SET265.tmp moved successfully.
C:\WINDOWS\system32\SET26C.tmp moved successfully.
C:\WINDOWS\system32\SET26D.tmp moved successfully.
C:\WINDOWS\system32\SET271.tmp moved successfully.
C:\WINDOWS\system32\SET272.tmp moved successfully.
C:\WINDOWS\system32\SET273.tmp moved successfully.
C:\WINDOWS\system32\SET274.tmp moved successfully.
C:\WINDOWS\system32\SET277.tmp moved successfully.
C:\WINDOWS\system32\SET278.tmp moved successfully.
C:\WINDOWS\system32\SET441.tmp moved successfully.
C:\WINDOWS\system32\SET27B.tmp moved successfully.
C:\WINDOWS\system32\SET27C.tmp moved successfully.
C:\WINDOWS\system32\SET18B.tmp moved successfully.
C:\WINDOWS\system32\SET287.tmp moved successfully.
C:\WINDOWS\system32\SET288.tmp moved successfully.
C:\WINDOWS\system32\SET6BA.tmp moved successfully.
C:\WINDOWS\system32\SET28E.tmp moved successfully.
C:\WINDOWS\system32\SET28F.tmp moved successfully.
C:\WINDOWS\system32\SET297.tmp moved successfully.
C:\WINDOWS\system32\SET29B.tmp moved successfully.
C:\WINDOWS\system32\SET1E3.tmp moved successfully.
C:\WINDOWS\system32\SET2A2.tmp moved successfully.
C:\WINDOWS\system32\SET437.tmp moved successfully.
C:\WINDOWS\system32\SET2A9.tmp moved successfully.
C:\WINDOWS\system32\SET433.tmp moved successfully.
C:\WINDOWS\system32\SET2B4.tmp moved successfully.
C:\WINDOWS\system32\SET2B8.tmp moved successfully.
C:\WINDOWS\system32\SET356.tmp moved successfully.
C:\WINDOWS\system32\SET2C1.tmp moved successfully.
C:\WINDOWS\system32\SET195.tmp moved successfully.
C:\WINDOWS\system32\SET2C2.tmp moved successfully.
C:\WINDOWS\system32\SET19F.tmp moved successfully.
C:\WINDOWS\system32\SET197.tmp moved successfully.
C:\WINDOWS\system32\SET19B.tmp moved successfully.
C:\WINDOWS\system32\SET2C7.tmp moved successfully.
C:\WINDOWS\system32\SET2C9.tmp moved successfully.
C:\WINDOWS\system32\SET2CA.tmp moved successfully.
C:\WINDOWS\system32\SET2CB.tmp moved successfully.
C:\WINDOWS\system32\SET2CC.tmp moved successfully.
C:\WINDOWS\system32\SET2DF.tmp moved successfully.
C:\WINDOWS\system32\SET1A5.tmp moved successfully.
C:\WINDOWS\system32\SET2D3.tmp moved successfully.
C:\WINDOWS\system32\SET1A6.tmp moved successfully.
C:\WINDOWS\system32\SET428.tmp moved successfully.
C:\WINDOWS\system32\SET11BF.tmp moved successfully.
C:\WINDOWS\system32\SET127C.tmp moved successfully.
C:\WINDOWS\system32\SET2E0.tmp moved successfully.
C:\WINDOWS\system32\SET2E1.tmp moved successfully.
C:\WINDOWS\system32\SET2EA.tmp moved successfully.
C:\WINDOWS\system32\SET2E5.tmp moved successfully.
C:\WINDOWS\system32\SET2E3.tmp moved successfully.
C:\WINDOWS\system32\SET423.tmp moved successfully.
C:\WINDOWS\system32\SET2ED.tmp moved successfully.
C:\WINDOWS\system32\SET404.tmp moved successfully.
C:\WINDOWS\system32\SET116D.tmp moved successfully.
C:\WINDOWS\system32\SET412.tmp moved successfully.
C:\WINDOWS\system32\SET40E.tmp moved successfully.
C:\WINDOWS\system32\SET405.tmp moved successfully.
C:\WINDOWS\system32\SET435.tmp moved successfully.
C:\WINDOWS\system32\SET335.tmp moved successfully.
C:\WINDOWS\system32\SET35C.tmp moved successfully.
C:\WINDOWS\system32\SET402.tmp moved successfully.
C:\WINDOWS\system32\SET3FD.tmp moved successfully.
C:\WINDOWS\system32\SET304.tmp moved successfully.
C:\WINDOWS\system32\SET305.tmp moved successfully.
C:\WINDOWS\system32\SET308.tmp moved successfully.
C:\WINDOWS\system32\SET31F.tmp moved successfully.
C:\WINDOWS\system32\SET3F2.tmp moved successfully.
C:\WINDOWS\system32\SET1166.tmp moved successfully.
C:\WINDOWS\system32\SET1AF.tmp moved successfully.
C:\WINDOWS\system32\SET3EA.tmp moved successfully.
C:\WINDOWS\system32\SET1B1.tmp moved successfully.
C:\WINDOWS\system32\SET1B2.tmp moved successfully.
C:\WINDOWS\system32\SET384.tmp moved successfully.
C:\WINDOWS\system32\SET1B5.tmp moved successfully.
C:\WINDOWS\system32\SET37E.tmp moved successfully.
C:\WINDOWS\system32\SET37C.tmp moved successfully.
C:\WINDOWS\system32\SET1B8.tmp moved successfully.
C:\WINDOWS\system32\SET379.tmp moved successfully.
C:\WINDOWS\system32\SET3D4.tmp moved successfully.
C:\WINDOWS\system32\SET3D1.tmp moved successfully.
C:\WINDOWS\system32\SET3CB.tmp moved successfully.
C:\WINDOWS\system32\SET429.tmp moved successfully.
C:\WINDOWS\system32\SET3C9.tmp moved successfully.
C:\WINDOWS\system32\SET3C4.tmp moved successfully.
C:\WINDOWS\system32\SET3C2.tmp moved successfully.
C:\WINDOWS\system32\SET1BF.tmp moved successfully.
C:\WINDOWS\system32\SET3B8.tmp moved successfully.
C:\WINDOWS\system32\SET1C0.tmp moved successfully.
C:\WINDOWS\system32\SET3B3.tmp moved successfully.
C:\WINDOWS\system32\SET3AF.tmp moved successfully.
C:\WINDOWS\system32\SET1C1.tmp moved successfully.
C:\WINDOWS\system32\SET3A1.tmp moved successfully.
C:\WINDOWS\system32\SET398.tmp moved successfully.
C:\WINDOWS\system32\SET6C0.tmp moved successfully.
C:\WINDOWS\system32\SET427.tmp moved successfully.
C:\WINDOWS\system32\SET392.tmp moved successfully.
C:\WINDOWS\system32\SET38C.tmp moved successfully.
C:\WINDOWS\system32\SET38A.tmp moved successfully.
C:\WINDOWS\system32\SET1C4.tmp moved successfully.
C:\WINDOWS\system32\SET406.tmp moved successfully.
C:\WINDOWS\system32\SET386.tmp moved successfully.
C:\WINDOWS\system32\SET40B.tmp moved successfully.
C:\WINDOWS\system32\SET368.tmp moved successfully.
C:\WINDOWS\system32\SET383.tmp moved successfully.
C:\WINDOWS\system32\SET376.tmp moved successfully.
C:\WINDOWS\system32\SET1C9.tmp moved successfully.
C:\WINDOWS\system32\SET373.tmp moved successfully.
C:\WINDOWS\system32\SET370.tmp moved successfully.
C:\WINDOWS\system32\SET36A.tmp moved successfully.
C:\WINDOWS\system32\SET366.tmp moved successfully.
C:\WINDOWS\system32\SET35E.tmp moved successfully.
C:\WINDOWS\system32\SET421.tmp moved successfully.
C:\WINDOWS\system32\SET396.tmp moved successfully.
C:\WINDOWS\system32\SET35A.tmp moved successfully.
C:\WINDOWS\system32\SET397.tmp moved successfully.
C:\WINDOWS\system32\SET353.tmp moved successfully.
C:\WINDOWS\system32\SET3BF.tmp moved successfully.
C:\WINDOWS\system32\SET347.tmp moved successfully.
C:\WINDOWS\system32\SET341.tmp moved successfully.
C:\WINDOWS\system32\SET337.tmp moved successfully.
C:\WINDOWS\system32\SET333.tmp moved successfully.
C:\WINDOWS\system32\SET3F4.tmp moved successfully.
C:\WINDOWS\system32\SET3F5.tmp moved successfully.
C:\WINDOWS\system32\SET32F.tmp moved successfully.
C:\WINDOWS\system32\SET3F8.tmp moved successfully.
C:\WINDOWS\system32\SET3F9.tmp moved successfully.
C:\WINDOWS\system32\SET32B.tmp moved successfully.
C:\WINDOWS\system32\SET3FF.tmp moved successfully.
C:\WINDOWS\system32\SET329.tmp moved successfully.
C:\WINDOWS\system32\SET401.tmp moved successfully.
C:\WINDOWS\system32\SET326.tmp moved successfully.
C:\WINDOWS\system32\SET40C.tmp moved successfully.
C:\WINDOWS\system32\SET322.tmp moved successfully.
C:\WINDOWS\system32\SET318.tmp moved successfully.
C:\WINDOWS\system32\SET311.tmp moved successfully.
C:\WINDOWS\system32\SET30D.tmp moved successfully.
C:\WINDOWS\system32\SET1CF.tmp moved successfully.
C:\WINDOWS\system32\SET309.tmp moved successfully.
C:\WINDOWS\system32\SET431.tmp moved successfully.
C:\WINDOWS\system32\SET432.tmp moved successfully.
C:\WINDOWS\system32\SET1D8.tmp moved successfully.
C:\WINDOWS\system32\SET436.tmp moved successfully.
C:\WINDOWS\system32\SET1DD.tmp moved successfully.
C:\WINDOWS\system32\SET117B.tmp moved successfully.
C:\WINDOWS\system32\SET43B.tmp moved successfully.
C:\WINDOWS\system32\SET301.tmp moved successfully.
C:\WINDOWS\system32\SET2FA.tmp moved successfully.
C:\WINDOWS\system32\SET2F6.tmp moved successfully.
C:\WINDOWS\system32\SET2EB.tmp moved successfully.
C:\WINDOWS\system32\SET1E0.tmp moved successfully.
C:\WINDOWS\system32\SET1168.tmp moved successfully.
C:\WINDOWS\system32\SET1162.tmp moved successfully.
C:\WINDOWS\system32\SET2E7.tmp moved successfully.
C:\WINDOWS\system32\SET1E4.tmp moved successfully.
C:\WINDOWS\system32\SET2D7.tmp moved successfully.
C:\WINDOWS\system32\SET2C5.tmp moved successfully.
C:\WINDOWS\system32\SET2C3.tmp moved successfully.
C:\WINDOWS\system32\SET2BC.tmp moved successfully.
C:\WINDOWS\system32\SET2BA.tmp moved successfully.
C:\WINDOWS\system32\SET2A6.tmp moved successfully.
C:\WINDOWS\system32\SET2A4.tmp moved successfully.
C:\WINDOWS\system32\SET2A0.tmp moved successfully.
C:\WINDOWS\system32\SET295.tmp moved successfully.
C:\WINDOWS\system32\SET289.tmp moved successfully.
C:\WINDOWS\system32\SET280.tmp moved successfully.
C:\WINDOWS\system32\SET27D.tmp moved successfully.
C:\WINDOWS\system32\SET26E.tmp moved successfully.
C:\WINDOWS\system32\SET1198.tmp moved successfully.
C:\WINDOWS\system32\SET263.tmp moved successfully.
C:\WINDOWS\system32\SET24F.tmp moved successfully.
C:\WINDOWS\system32\SET24A.tmp moved successfully.
C:\WINDOWS\system32\SET241.tmp moved successfully.
C:\WINDOWS\system32\SET23D.tmp moved successfully.
C:\WINDOWS\system32\SET23A.tmp moved successfully.
C:\WINDOWS\system32\SET234.tmp moved successfully.
C:\WINDOWS\system32\SET22E.tmp moved successfully.
C:\WINDOWS\system32\SET211.tmp moved successfully.
C:\WINDOWS\system32\SET14F.tmp moved successfully.
C:\WINDOWS\system32\SET20E.tmp moved successfully.
C:\WINDOWS\system32\SET153.tmp moved successfully.
C:\WINDOWS\system32\SET154.tmp moved successfully.
C:\WINDOWS\system32\SET207.tmp moved successfully.
C:\WINDOWS\system32\SET155.tmp moved successfully.
C:\WINDOWS\system32\SET156.tmp moved successfully.
C:\WINDOWS\system32\SET158.tmp moved successfully.
C:\WINDOWS\system32\SET15A.tmp moved successfully.
C:\WINDOWS\system32\SET15D.tmp moved successfully.
C:\WINDOWS\system32\SET1EB.tmp moved successfully.
C:\WINDOWS\system32\SET1EF.tmp moved successfully.
C:\WINDOWS\system32\SET162.tmp moved successfully.
C:\WINDOWS\system32\SET163.tmp moved successfully.
C:\WINDOWS\system32\SET1ED.tmp moved successfully.
C:\WINDOWS\system32\SET208.tmp moved successfully.
C:\WINDOWS\system32\SET166.tmp moved successfully.
C:\WINDOWS\system32\SET212.tmp moved successfully.
C:\WINDOWS\system32\SET213.tmp moved successfully.
C:\WINDOWS\system32\SET216.tmp moved successfully.
C:\WINDOWS\system32\SET16B.tmp moved successfully.
C:\WINDOWS\system32\SET16C.tmp moved successfully.
C:\WINDOWS\system32\SET16D.tmp moved successfully.
C:\WINDOWS\system32\SET23E.tmp moved successfully.
C:\WINDOWS\system32\SET170.tmp moved successfully.
C:\WINDOWS\system32\SET171.tmp moved successfully.
C:\WINDOWS\system32\SET172.tmp moved successfully.
C:\WINDOWS\system32\SET242.tmp moved successfully.
C:\WINDOWS\system32\SET174.tmp moved successfully.
C:\WINDOWS\system32\SET175.tmp moved successfully.
C:\WINDOWS\system32\SET251.tmp moved successfully.
C:\WINDOWS\system32\SET178.tmp moved successfully.
C:\WINDOWS\system32\SET252.tmp moved successfully.
C:\WINDOWS\system32\SET179.tmp moved successfully.
C:\WINDOWS\system32\SET17A.tmp moved successfully.
C:\WINDOWS\system32\SET25A.tmp moved successfully.
C:\WINDOWS\system32\SET266.tmp moved successfully.
C:\WINDOWS\system32\SET180.tmp moved successfully.
C:\WINDOWS\system32\SET26F.tmp moved successfully.
C:\WINDOWS\system32\SET275.tmp moved successfully.
C:\WINDOWS\system32\SET28A.tmp moved successfully.
C:\WINDOWS\system32\SET187.tmp moved successfully.
C:\WINDOWS\system32\SET188.tmp moved successfully.
C:\WINDOWS\system32\SET189.tmp moved successfully.
C:\WINDOWS\system32\SET2A7.tmp moved successfully.
C:\WINDOWS\system32\SET18C.tmp moved successfully.
C:\WINDOWS\system32\SET2A8.tmp moved successfully.
C:\WINDOWS\system32\SET18E.tmp moved successfully.
C:\WINDOWS\system32\SET18F.tmp moved successfully.
C:\WINDOWS\system32\SET2BD.tmp moved successfully.
C:\WINDOWS\system32\SET196.tmp moved successfully.
C:\WINDOWS\system32\SET198.tmp moved successfully.
C:\WINDOWS\system32\SET199.tmp moved successfully.
C:\WINDOWS\system32\SET2EE.tmp moved successfully.
C:\WINDOWS\system32\SET19A.tmp moved successfully.
C:\WINDOWS\system32\SET1245.tmp moved successfully.
C:\WINDOWS\system32\SET19C.tmp moved successfully.
C:\WINDOWS\system32\SET2F7.tmp moved successfully.
C:\WINDOWS\system32\SET1240.tmp moved successfully.
C:\WINDOWS\system32\SET1A1.tmp moved successfully.
C:\WINDOWS\system32\SET2FB.tmp moved successfully.
C:\WINDOWS\system32\SET1A2.tmp moved successfully.
C:\WINDOWS\system32\SET2FC.tmp moved successfully.
C:\WINDOWS\system32\SET1A3.tmp moved successfully.
C:\WINDOWS\system32\SET2FD.tmp moved successfully.
C:\WINDOWS\system32\SET1A4.tmp moved successfully.
C:\WINDOWS\system32\SET2FE.tmp moved successfully.
C:\WINDOWS\system32\SET1A7.tmp moved successfully.
C:\WINDOWS\system32\SET123E.tmp moved successfully.
C:\WINDOWS\system32\SET1253.tmp moved successfully.
C:\WINDOWS\system32\SET302.tmp moved successfully.
C:\WINDOWS\system32\SET1AD.tmp moved successfully.
C:\WINDOWS\system32\SET306.tmp moved successfully.
C:\WINDOWS\system32\SET30A.tmp moved successfully.
C:\WINDOWS\system32\SET30B.tmp moved successfully.
C:\WINDOWS\system32\SET1B3.tmp moved successfully.
C:\WINDOWS\system32\SET1B4.tmp moved successfully.
C:\WINDOWS\system32\SET1B7.tmp moved successfully.
C:\WINDOWS\system32\SET31A.tmp moved successfully.
C:\WINDOWS\system32\SET31B.tmp moved successfully.
C:\WINDOWS\system32\SET323.tmp moved successfully.
C:\WINDOWS\system32\SET324.tmp moved successfully.
C:\WINDOWS\system32\SET1BA.tmp moved successfully.
C:\WINDOWS\system32\SET1BB.tmp moved successfully.
C:\WINDOWS\system32\SET32C.tmp moved successfully.
C:\WINDOWS\system32\SET330.tmp moved successfully.
C:\WINDOWS\system32\SET338.tmp moved successfully.
C:\WINDOWS\system32\SET34F.tmp moved successfully.
C:\WINDOWS\system32\SET350.tmp moved successfully.
C:\WINDOWS\system32\SET1C2.tmp moved successfully.
C:\WINDOWS\system32\SET1C3.tmp moved successfully.
C:\WINDOWS\system32\SET354.tmp moved successfully.
C:\WINDOWS\system32\SET1C5.tmp moved successfully.
C:\WINDOWS\system32\SET360.tmp moved successfully.
C:\WINDOWS\system32\SET36B.tmp moved successfully.
C:\WINDOWS\system32\SET1C8.tmp moved successfully.
C:\WINDOWS\system32\SET36C.tmp moved successfully.
C:\WINDOWS\system32\SET36D.tmp moved successfully.
C:\WINDOWS\system32\SET387.tmp moved successfully.
C:\WINDOWS\system32\SET388.tmp moved successfully.
C:\WINDOWS\system32\SET38E.tmp moved successfully.
C:\WINDOWS\system32\SET399.tmp moved successfully.
C:\WINDOWS\system32\SET3B4.tmp moved successfully.
C:\WINDOWS\system32\SET1D2.tmp moved successfully.
C:\WINDOWS\system32\SET3B5.tmp moved successfully.
C:\WINDOWS\system32\SET1D3.tmp moved successfully.
C:\WINDOWS\system32\SET1D6.tmp moved successfully.
C:\WINDOWS\system32\SET1D9.tmp moved successfully.
C:\WINDOWS\system32\SET1DA.tmp moved successfully.
C:\WINDOWS\system32\SET1DB.tmp moved successfully.
C:\WINDOWS\system32\SET1DC.tmp moved successfully.
C:\WINDOWS\system32\SET438.tmp moved successfully.
C:\WINDOWS\system32\SET46E.tmp moved successfully.
C:\WINDOWS\system32\SET46F.tmp moved successfully.
C:\WINDOWS\system32\SET497.tmp moved successfully.
C:\WINDOWS\system32\SET4CC.tmp moved successfully.
C:\WINDOWS\system32\SET4CD.tmp moved successfully.
C:\WINDOWS\system32\SET4D0.tmp moved successfully.
C:\WINDOWS\system32\SET4D1.tmp moved successfully.
C:\WINDOWS\system32\SET1EC.tmp moved successfully.
C:\WINDOWS\system32\SET4D7.tmp moved successfully.
C:\WINDOWS\system32\SET4E4.tmp moved successfully.
C:\WINDOWS\system32\SET1F1.tmp moved successfully.
C:\WINDOWS\system32\SET1F3.tmp moved successfully.
C:\WINDOWS\system32\SET4EC.tmp moved successfully.
C:\WINDOWS\system32\SET1F6.tmp moved successfully.
C:\WINDOWS\system32\SET1F7.tmp moved successfully.
C:\WINDOWS\system32\SET1F8.tmp moved successfully.
C:\WINDOWS\system32\SET4F2.tmp moved successfully.
C:\WINDOWS\system32\SET1FA.tmp moved successfully.
C:\WINDOWS\system32\SET1FB.tmp moved successfully.
C:\WINDOWS\system32\SET4F9.tmp moved successfully.
C:\WINDOWS\system32\SET4FC.tmp moved successfully.
C:\WINDOWS\system32\SET200.tmp moved successfully.
C:\WINDOWS\system32\SET4FF.tmp moved successfully.
C:\WINDOWS\system32\SET501.tmp moved successfully.
C:\WINDOWS\system32\SET203.tmp moved successfully.
C:\WINDOWS\system32\SET204.tmp moved successfully.
C:\WINDOWS\system32\SET205.tmp moved successfully.
C:\WINDOWS\system32\SET505.tmp moved successfully.
C:\WINDOWS\system32\SET508.tmp moved successfully.
C:\WINDOWS\system32\SET509.tmp moved successfully.
C:\WINDOWS\system32\SET50D.tmp moved successfully.
C:\WINDOWS\system32\SET50E.tmp moved successfully.
C:\WINDOWS\system32\SET20B.tmp moved successfully.
C:\WINDOWS\system32\SET20C.tmp moved successfully.
C:\WINDOWS\system32\SET20D.tmp moved successfully.
C:\WINDOWS\system32\SET512.tmp moved successfully.
C:\WINDOWS\system32\SET513.tmp moved successfully.
C:\WINDOWS\system32\SET518.tmp moved successfully.
C:\WINDOWS\system32\SET51D.tmp moved successfully.
C:\WINDOWS\system32\SET520.tmp moved successfully.
C:\WINDOWS\system32\SET524.tmp moved successfully.
C:\WINDOWS\system32\SET526.tmp moved successfully.
C:\WINDOWS\system32\SET528.tmp moved successfully.
C:\WINDOWS\system32\SET11EA.tmp moved successfully.
C:\WINDOWS\system32\SET11EB.tmp moved successfully.
C:\WINDOWS\system32\SET1270.tmp moved successfully.
C:\WINDOWS\system32\SET12C2.tmp moved successfully.
C:\WINDOWS\system32\SET12C3.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET490.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET491.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET492.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET493.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET494.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET495.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET496.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET497.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET498.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET499.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET49A.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET49B.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET49C.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET605.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET122E.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET122F.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET568.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET569.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET56A.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET56B.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET56C.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET56D.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET56E.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET56F.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET570.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET571.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET572.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET573.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET574.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET6DD.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1306.tmp moved successfully.
C:\WINDOWS\system32\Setup\SET1307.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET49D.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET49E.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4A0.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4A1.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4A2.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4AF.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4B0.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4B2.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4B4.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4B6.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4BB.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4BE.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4BF.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4C0.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4C3.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET4C5.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET575.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET576.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET578.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET579.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET57A.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET587.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET58A.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET58C.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET58E.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET593.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET596.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET597.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET598.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET59B.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET59D.tmp moved successfully.
C:\WINDOWS\DUMP9be2.tmp moved successfully.
C:\WINDOWS\DUMPb3bf.tmp moved successfully.
C:\WINDOWS\002950_.tmp moved successfully.
C:\WINDOWS\002975_.tmp moved successfully.
C:\WINDOWS\SET471.tmp moved successfully.
C:\WINDOWS\SET549.tmp moved successfully.
C:\WINDOWS\AppPatch\SET607.tmp moved successfully.
C:\WINDOWS\AppPatch\SET608.tmp moved successfully.
C:\WINDOWS\AppPatch\SET609.tmp moved successfully.
C:\WINDOWS\AppPatch\SET60A.tmp moved successfully.
C:\WINDOWS\AppPatch\SET60B.tmp moved successfully.
C:\WINDOWS\AppPatch\SET60C.tmp moved successfully.
C:\WINDOWS\AppPatch\SET60D.tmp moved successfully.
C:\WINDOWS\AppPatch\set52f.tmp moved successfully.
C:\WINDOWS\AppPatch\set530.tmp moved successfully.
C:\WINDOWS\AppPatch\set531.tmp moved successfully.
C:\WINDOWS\AppPatch\set532.tmp moved successfully.
C:\WINDOWS\AppPatch\set533.tmp moved successfully.
C:\WINDOWS\AppPatch\set534.tmp moved successfully.
C:\WINDOWS\AppPatch\set535.tmp moved successfully.
C:\WINDOWS\Fonts\SET477.tmp moved successfully.
C:\WINDOWS\Fonts\SET478.tmp moved successfully.
C:\WINDOWS\Fonts\SET479.tmp moved successfully.
C:\WINDOWS\Fonts\SET47A.tmp moved successfully.
C:\WINDOWS\Fonts\SET47B.tmp moved successfully.
C:\WINDOWS\Fonts\SET47C.tmp moved successfully.
C:\WINDOWS\Fonts\SET47D.tmp moved successfully.
C:\WINDOWS\Fonts\SET54F.tmp moved successfully.
C:\WINDOWS\Fonts\SET550.tmp moved successfully.
C:\WINDOWS\Fonts\SET551.tmp moved successfully.
C:\WINDOWS\Fonts\SET552.tmp moved successfully.
C:\WINDOWS\Fonts\SET553.tmp moved successfully.
C:\WINDOWS\Fonts\SET554.tmp moved successfully.
C:\WINDOWS\Fonts\SET555.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET594.tmp moved successfully.
C:\WINDOWS\pchealth\helpctr\binaries\SET66C.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\LaunchApp deleted successfully.
========== COMMANDS ==========

OTM by OldTimer - Version 3.1.11.0 log created on 04262010_103525

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 09:45
od motji
Fajn, jak to vypadá s počítačem? :)

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 10:01
od jurca1
Běží. Nic nehlásí. Tak snad dobrý :) .
Moc děkuju

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 11:54
od motji
:arrow: Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



:arrow: Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

:arrow: Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 13:17
od jurca1
Mám problém s uninstalem ComboFixu, píše soubor nenalezen. Zbytek jsem provedl a zde je log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Miro at 2010-04-26 14:12:36
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (31%) free of 27 GB
Total RAM: 510 MB (40% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\toolbaru.dll [2006-10-10 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-03-22 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-03 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-03 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2006-10-10 701952]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-03 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-08 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-08 688218]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-10-08 126976]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-21 40960]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-09 344064]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-01-03 176128]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-01-04 2889216]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-12-09 311296]
"eRecoveryService"=C:\Windows\System32\Check.exe [2004-11-24 245760]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-03-22 198160]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-03-09 37888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-30 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-11-09 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-10-08 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-26 14:12:36 ----D---- C:\rsit
2010-04-26 14:12:36 ----D---- C:\Program Files\trend micro
2010-04-26 13:41:24 ----SHD---- C:\Recycled
2010-04-26 13:08:16 ----D---- C:\WINDOWS\Prefetch
2010-04-26 12:27:41 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-26 12:25:57 ----A---- C:\WINDOWS\system32\cmd.exe
2010-04-26 12:25:57 ----A---- C:\WINDOWS\system32\cacls.exe
2010-04-26 12:25:57 ----A---- C:\WINDOWS\system32\autochk.exe
2010-04-26 12:25:57 ----A---- C:\WINDOWS\system32\autoconv.exe
2010-04-26 12:25:57 ----A---- C:\WINDOWS\system32\advapi32.dll
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\imagehlp.dll
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\ftp.exe
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\format.com
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\csrsrv.dll
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\comdlg32.dll
2010-04-26 12:25:56 ----A---- C:\WINDOWS\system32\comctl32.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\ntdll.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\nslookup.exe
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\msv1_0.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\msgsvc.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\lsasrv.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\locator.exe
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\localspl.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2010-04-26 12:25:55 ----A---- C:\WINDOWS\system32\kernel32.dll
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\printui.dll
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\perfctrs.dll
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\olecnv32.dll
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\oleaut32.dll
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\nwprovau.dll
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\ntvdm.exe
2010-04-26 12:25:54 ----A---- C:\WINDOWS\system32\ntprint.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\savedump.exe
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\samsrv.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\samlib.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\rshx32.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\rastapi.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\rasman.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\rasdlg.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\rasauto.dll
2010-04-26 12:25:53 ----A---- C:\WINDOWS\system32\rasapi32.dll
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\syssetup.dll
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\srvsvc.dll
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\smss.exe
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\schannel.dll
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\setupapi.dll
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\services.exe
2010-04-26 12:25:52 ----A---- C:\WINDOWS\system32\scardsvr.exe
2010-04-26 12:25:51 ----A---- C:\WINDOWS\system32\wkssvc.dll
2010-04-26 12:25:51 ----A---- C:\WINDOWS\system32\win32spl.dll
2010-04-26 12:25:51 ----A---- C:\WINDOWS\system32\userinit.exe
2010-04-26 12:25:51 ----A---- C:\WINDOWS\system32\untfs.dll
2010-04-26 12:25:51 ----A---- C:\WINDOWS\system32\ulib.dll
2010-04-26 12:25:51 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2010-04-26 12:25:40 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2010-04-26 12:25:40 ----A---- C:\WINDOWS\system32\hal.dll
2010-04-26 12:25:39 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2010-04-26 08:41:40 ----A---- C:\Boot.bak
2010-04-26 08:41:36 ----RASHD---- C:\cmdcons
2010-04-16 15:38:09 ----D---- C:\WINDOWS\system32\cs
2010-04-16 15:38:09 ----D---- C:\WINDOWS\l2schemas
2010-04-16 15:38:08 ----D---- C:\WINDOWS\system32\bits
2010-04-16 15:31:33 ----D---- C:\WINDOWS\network diagnostic
2010-04-16 10:22:00 ----A---- C:\WINDOWS\wininit.ini
2010-04-16 10:01:13 ----D---- C:\WINDOWS\system32\appmgmt
2010-04-12 17:04:42 ----D---- C:\WINDOWS\Minidump
2010-04-11 22:51:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\74319024
2010-04-09 16:09:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-09 16:09:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-09 16:08:43 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 months======

2010-04-26 14:08:16 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-04-26 14:08:00 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt
2010-04-26 14:05:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-26 13:29:32 ----A---- C:\WINDOWS\system.ini
2010-04-26 08:41:42 ----RASH---- C:\BOOT.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswsp;avast! Self Protection; C:\WINDOWS\system32\drivers\aswsp.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 UBHelper;MRW remapping; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-11-09 823296]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-22 175360]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-10 200064]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2004-12-31 6912]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-08 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-13 146304]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-18 57600]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-10 684800]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-18 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-18 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-18 18944]
S3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-10-08 752093]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-18 59648]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-11-09 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 14:19
od motji
Combofix nikde nevidím, T-cleaner ho určitě smazal :)

:arrow: Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980

:arrow: Nemáte sp3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100

:arrow: Pokud nejsou problémy, je to vše :)

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 15:14
od jurca1
Super. Díky moc

Re: win32:rustNT awin32:qandr rtk

Napsal: 26 dub 2010 15:15
od motji
Není zač :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz