Prosím o zkontrolování logu

Zpráva

readik · #1 Příspěvek od **readik** » 07 črc 2010 18:12

Opět se mi zpomalilo ztahování

Nevím, jestli to je tím, že dnes mi aktivovali internet, nebo něákou havětí

Logfile of random's system information tool 1.07 (written by random/random)
Run by readik at 2010-07-07 19:08:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 155 GB (81%) free of 191 GB
Total RAM: 2047 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:09:03, on 7.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\readik\My Documents\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\readik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 6971 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-08 399424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-12-08 399424]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-03 45056]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-13 155648]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-28 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-08 716800]
"FlashGet"=C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe [2008-08-19 1795656]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-20 26192680]
"Steam"=c:\program files\steam\steam.exe [2011-05-10 1238352]

C:\Documents and Settings\readik\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Counter-strike\hl.exe"="C:\Program Files\Counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\THQ\Titan Quest Immortal Throne\Tqit.exe"="C:\Program Files\THQ\Titan Quest Immortal Throne\Tqit.exe:*:Enabled:Tqit"
"C:\SIERRA\Half-Life\hl.exe"="C:\SIERRA\Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Ubisoft\Heroes of Might and Magic V\Demo\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V\Demo\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\1C\AIM\mmserv.exe"="C:\Program Files\1C\AIM\mmserv.exe:*:Enabled:mmserv"
"C:\Program Files\1C\AIM\aim.exe"="C:\Program Files\1C\AIM\aim.exe:*:Enabled:A.I.M. Game"
"C:\Documents and Settings\readik\Desktop\SAMP-SERVER\samp-server.exe"="C:\Documents and Settings\readik\Desktop\SAMP-SERVER\samp-server.exe:*:Enabled:samp-server"
"C:\Documents and Settings\readik\Desktop\55kill\samp-server.exe"="C:\Documents and Settings\readik\Desktop\55kill\samp-server.exe:*:Enabled:SA-MP dedicated server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\CS_NORMAL\hl.exe"="C:\Program Files\CS_NORMAL\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-05-09 17:49:34 ----A---- C:\WINDOWS\system32\SNWValid.dll
2011-05-09 17:49:34 ----A---- C:\WINDOWS\system32\SierraNW.dll
2011-05-09 17:48:30 ----A---- C:\WINDOWS\SIERRA.INI
2011-05-09 17:48:27 ----A---- C:\WINDOWS\IsUn0407.exe
2011-05-09 17:43:46 ----D---- C:\Program Files\Steam
2011-05-04 23:56:24 ----HD---- C:\WINDOWS\PIF
2011-05-04 23:54:38 ----N---- C:\WINDOWS\UniFISH.exe
2011-05-04 22:44:59 ----A---- C:\WINDOWS\system32\wpa.bak
2011-05-04 03:34:07 ----D---- C:\Documents and Settings\readik\Application Data\Skype
2011-05-04 03:33:23 ----D---- C:\Program Files\Common Files\Skype
2011-05-04 03:33:22 ----RD---- C:\Program Files\Skype
2011-05-04 03:33:16 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-04-30 01:26:58 ----A---- C:\WINDOWS\system32\apache.dll
2011-04-30 01:21:28 ----D---- C:\WINDOWS\system32\appmgmt
2011-04-28 01:30:50 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-04-28 01:30:40 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-04-26 03:57:32 ----D---- C:\Program Files\Valve
2011-04-25 23:13:27 ----D---- C:\Documents and Settings\readik\Application Data\WinRAR
2011-04-25 23:12:31 ----D---- C:\Program Files\WinRAR
2011-04-23 16:23:30 ----A---- C:\WINDOWS\system32\msvcr71.dll
2011-04-23 16:23:26 ----A---- C:\WINDOWS\IsUn0405.exe
2011-04-23 16:22:19 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2011-04-23 16:22:08 ----D---- C:\Program Files\CanonBJ
2011-04-23 16:19:49 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ
2011-04-23 16:19:33 ----A---- C:\WINDOWS\system32\CNMLM81.DLL
2011-04-23 16:19:23 ----D---- C:\Program Files\Canon
2011-04-22 06:36:17 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-04-22 06:36:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-04-22 06:36:16 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-04-21 03:02:14 ----A---- C:\WINDOWS\system32\d3dx9.dll
2011-04-21 03:02:14 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2011-04-21 03:02:08 ----D---- C:\Program Files\Cheat Engine
2011-04-20 23:54:06 ----D---- C:\Program Files\ICQ6Toolbar
2011-04-20 23:54:03 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2011-04-20 23:52:47 ----D---- C:\Documents and Settings\readik\Application Data\ICQ
2011-04-20 23:52:15 ----D---- C:\Program Files\ICQ6.5
2011-04-20 16:06:37 ----D---- C:\Program Files\EterniaGames
2011-04-20 05:11:49 ----D---- C:\Documents and Settings\readik\Application Data\BITS
2011-04-20 05:11:06 ----D---- C:\profiles
2011-04-20 05:10:51 ----D---- C:\Program Files\FlashGet Network
2011-04-20 04:59:41 ----D---- C:\Documents and Settings\readik\Application Data\Macromedia
2011-04-20 04:59:41 ----D---- C:\Documents and Settings\readik\Application Data\Adobe
2011-04-20 04:58:05 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2011-04-20 04:48:34 ----D---- C:\Documents and Settings\readik\Application Data\Mozilla
2011-04-20 04:48:30 ----D---- C:\Program Files\Mozilla Firefox
2011-04-20 04:27:56 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2011-04-20 04:26:31 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-04-20 04:25:35 ----D---- C:\WINDOWS\OPTIONS
2011-04-20 04:25:35 ----D---- C:\Program Files\Realtek
2011-04-20 04:21:50 ----RA---- C:\WINDOWS\system32\PostProc.dll
2011-04-20 04:21:50 ----RA---- C:\WINDOWS\system32\a3d.dll
2011-04-20 04:21:37 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2011-04-20 04:21:36 ----N---- C:\WINDOWS\system32\SMMedia.dll
2011-04-20 04:21:32 ----D---- C:\Program Files\Analog Devices
2011-04-20 04:21:32 ----A---- C:\WINDOWS\system32\DSndUp.exe
2011-04-20 04:21:31 ----N---- C:\WINDOWS\system32\CleanUp.exe
2011-04-20 04:15:26 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-04-20 04:15:18 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2011-04-20 04:11:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-04-20 04:11:05 ----D---- C:\Program Files\Intel
2011-04-20 01:29:01 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-20 01:21:01 ----A---- C:\WINDOWS\system32\WMErrCSY.dll
2011-04-20 01:20:59 ----D---- C:\temp
2011-04-20 01:20:37 ----D---- C:\Program Files\Windows XP MUI Pack
2011-04-20 01:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2011-04-20 01:10:51 ----HDC---- C:\WINDOWS\$NtUninstallKB902841$
2011-04-20 01:10:39 ----HDC---- C:\WINDOWS\$NtUninstallKB888795$
2011-04-20 01:10:31 ----HDC---- C:\WINDOWS\$NtUninstallKB899510$
2011-04-20 01:10:22 ----HDC---- C:\WINDOWS\$NtUninstallKB899337$
2011-04-20 01:10:20 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2011-04-20 01:10:13 ----HDC---- C:\WINDOWS\$NtUninstallKB895961$
2011-04-20 01:10:06 ----HDC---- C:\WINDOWS\$NtUninstallKB891593$
2011-04-20 01:09:55 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-04-20 01:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2011-04-20 00:46:27 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-04-20 00:33:21 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-04-20 00:33:21 ----A---- C:\WINDOWS\system32\irclass.dll
2011-04-20 00:33:06 ----RA---- C:\WINDOWS\SET31.tmp
2011-04-20 00:33:04 ----RA---- C:\WINDOWS\SET25.tmp
2011-04-20 00:33:04 ----RA---- C:\WINDOWS\SET22.tmp
2011-04-20 00:20:42 ----A---- C:\WINDOWS\UPGRADE.TXT
2011-04-20 00:20:39 ----D---- C:\WINDOWS\setup.pss
2011-04-20 00:08:33 ----D---- C:\Documents and Settings\readik\Application Data\Ahead
2011-04-20 00:06:43 ----D---- C:\Program Files\Nero
2011-04-20 00:06:43 ----D---- C:\Program Files\Common Files\Ahead
2011-04-20 00:06:31 ----D---- C:\WINDOWS\RegisteredPackages
2011-04-20 00:04:38 ----D---- C:\Program Files\Yahoo!
2011-04-19 23:56:09 ----SHD---- C:\RECYCLER
2011-04-19 06:18:53 ----A---- C:\WINDOWS\Ascd_tmp.ini
2011-04-19 06:17:49 ----D---- C:\Documents and Settings\readik\Application Data\ATI
2011-04-19 06:16:43 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-04-19 06:14:26 ----A---- C:\WINDOWS\system32\ati2sgag.exe
2011-04-19 06:14:22 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2011-04-19 06:14:00 ----D---- C:\Program Files\ATI Technologies
2011-04-19 04:52:27 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-04-19 04:52:21 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2011-04-19 04:52:21 ----A---- C:\WINDOWS\system32\mfc71.dll
2011-04-19 04:46:20 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-19 04:41:07 ----D---- C:\WINDOWS\system32\URTTemp
2011-04-19 04:27:38 ----D---- C:\Program Files\Common Files\InstallShield
2011-04-19 04:17:18 ----D---- C:\Documents and Settings\readik\Application Data\Identities
2011-04-19 04:17:15 ----D---- C:\Program Files\Uninstall Information
2011-04-19 04:17:10 ----ASH---- C:\Documents and Settings\readik\Application Data\desktop.ini
2011-04-19 04:17:09 ----SD---- C:\Documents and Settings\readik\Application Data\Microsoft
2011-04-19 04:15:15 ----D---- C:\WINDOWS\SoftwareDistribution
2011-04-19 04:15:12 ----SD---- C:\WINDOWS\system32\Microsoft
2011-04-19 04:15:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-19 04:12:04 ----D---- C:\WINDOWS\system32\xircom
2011-04-19 04:12:04 ----D---- C:\Program Files\xerox
2011-04-19 04:12:04 ----D---- C:\Program Files\microsoft frontpage
2011-04-19 04:11:36 ----A---- C:\WINDOWS\OEWABLog.txt
2011-04-19 04:11:33 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-04-19 04:10:28 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-04-19 04:10:28 ----RD---- C:\WINDOWS\Offline Web Pages
2011-04-19 04:10:21 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-04-19 04:10:17 ----D---- C:\Program Files\WindowsUpdate
2011-04-19 04:09:54 ----D---- C:\WINDOWS\system32\DirectX
2011-04-19 04:09:23 ----A---- C:\WINDOWS\system32\atrace.dll
2011-04-19 04:09:21 ----A---- C:\WINDOWS\system32\desktop.ini
2011-04-19 04:09:21 ----A---- C:\WINDOWS\desktop.ini
2011-04-19 04:09:13 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-04-19 04:09:12 ----A---- C:\WINDOWS\system32\acctres.dll
2011-04-19 04:09:11 ----D---- C:\Program Files\Common Files\Services
2011-04-19 04:09:08 ----SD---- C:\WINDOWS\Tasks
2011-04-19 04:09:08 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-04-19 04:09:06 ----D---- C:\Program Files\Common Files\MSSoap
2011-04-19 04:09:02 ----D---- C:\WINDOWS\system32\Macromed
2011-04-19 04:09:02 ----D---- C:\WINDOWS\srchasst
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wups.dll
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuaueng.dll.wusetup.225250.bak
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuaucpl.cpl.wusetup.225140.bak
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuauclt.exe.wusetup.225031.bak
2011-04-19 04:08:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-04-19 04:08:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-04-19 04:08:56 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-04-19 04:08:56 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-04-19 04:08:56 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-04-19 04:08:56 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-04-19 04:08:47 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-04-19 04:08:47 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-04-19 04:08:47 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-04-19 04:08:47 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-04-19 04:08:44 ----A---- C:\WINDOWS\system32\fltmc.exe
2011-04-19 04:08:44 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-04-19 04:08:43 ----D---- C:\WINDOWS\system32\Restore
2011-04-19 04:08:43 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-04-19 04:08:43 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-04-19 04:08:43 ----A---- C:\WINDOWS\system32\srclient.dll
2011-04-19 04:08:42 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-04-19 04:08:42 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-04-19 04:08:42 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-04-19 04:08:42 ----A---- C:\WINDOWS\system32\ils.dll
2011-04-19 04:08:41 ----A---- C:\WINDOWS\system32\msconf.dll
2011-04-19 04:08:41 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-04-19 04:08:39 ----D---- C:\Program Files\NetMeeting
2011-04-19 04:08:39 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-04-19 04:08:38 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-04-19 04:08:37 ----A---- C:\WINDOWS\system32\inetres.dll
2011-04-19 04:08:37 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-04-19 04:08:35 ----D---- C:\Program Files\Outlook Express
2011-04-19 04:08:35 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-04-19 04:08:35 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-04-19 04:08:35 ----A---- C:\WINDOWS\system32\mstask.dll
2011-04-19 04:08:34 ----A---- C:\WINDOWS\system32\isign32.dll
2011-04-19 04:08:34 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-04-19 04:08:34 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-04-19 04:08:34 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-04-19 04:08:27 ----D---- C:\Program Files\Common Files\System
2011-04-19 04:08:26 ----D---- C:\Program Files\Internet Explorer
2011-04-19 04:06:31 ----RSD---- C:\WINDOWS\assembly
2011-04-19 04:06:01 ----D---- C:\Program Files\ComPlus Applications
2011-04-19 04:06:00 ----A---- C:\WINDOWS\vbaddin.ini
2011-04-19 04:06:00 ----A---- C:\WINDOWS\vb.ini
2011-04-19 04:05:56 ----D---- C:\WINDOWS\Registration
2011-04-19 04:05:50 ----D---- C:\Program Files\Online Services
2011-04-19 04:05:37 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-19 04:05:30 ----D---- C:\Program Files\Windows Media Player
2011-04-19 04:05:15 ----D---- C:\Program Files\Windows Plus
2011-04-19 04:05:04 ----A---- C:\WINDOWS\system32\mhn.dll
2011-04-19 04:05:04 ----A---- C:\WINDOWS\system32\igdetect.dll
2011-04-19 04:05:01 ----D---- C:\Program Files\Movie Maker
2011-04-19 04:02:10 ----D---- C:\Program Files\Messenger
2011-04-19 04:02:05 ----D---- C:\Program Files\MSN Gaming Zone
2011-04-19 04:02:05 ----A---- C:\WINDOWS\system32\write.exe
2011-04-19 04:01:53 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-04-19 04:01:53 ----A---- C:\WINDOWS\system32\hticons.dll
2011-04-19 04:01:53 ----A---- C:\WINDOWS\system32\avwav.dll
2011-04-19 04:01:53 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-04-19 04:01:53 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-04-19 04:01:52 ----A---- C:\WINDOWS\system32\winchat.exe
2011-04-19 04:01:44 ----A---- C:\WINDOWS\system32\charmap.exe
2011-04-19 04:01:44 ----A---- C:\WINDOWS\system32\getuname.dll
2011-04-19 04:01:43 ----A---- C:\WINDOWS\system32\winmine.exe
2011-04-19 04:01:43 ----A---- C:\WINDOWS\system32\sol.exe
2011-04-19 04:01:43 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-04-19 04:01:43 ----A---- C:\WINDOWS\system32\calc.exe
2011-04-19 04:01:42 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-04-19 04:01:42 ----A---- C:\WINDOWS\system32\tskill.exe
2011-04-19 04:01:42 ----A---- C:\WINDOWS\system32\reset.exe
2011-04-19 04:01:42 ----A---- C:\WINDOWS\system32\freecell.exe
2011-04-19 04:01:41 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-04-19 04:01:41 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-04-19 04:01:41 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-04-19 04:01:41 ----A---- C:\WINDOWS\system32\tscon.exe
2011-04-19 04:01:41 ----A---- C:\WINDOWS\system32\shadow.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\regini.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\msg.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\logoff.exe
2011-04-19 04:01:40 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-04-19 04:01:39 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-04-19 04:01:39 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-04-19 04:01:39 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-04-19 04:01:38 ----A---- C:\WINDOWS\system32\stclient.dll
2011-04-19 04:01:38 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-04-19 04:01:38 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-04-19 04:01:38 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-04-19 04:01:38 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-04-19 04:01:32 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-04-19 04:01:21 ----D---- C:\Program Files\MSN
2011-04-19 04:01:20 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-04-19 04:01:20 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-04-19 04:01:20 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-04-19 04:01:20 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-04-19 04:01:19 ----D---- C:\Program Files\Windows NT
2011-04-19 04:01:19 ----A---- C:\WINDOWS\system32\spider.exe
2011-04-19 04:01:19 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-04-19 04:01:19 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-04-19 04:01:18 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-04-19 04:01:18 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-04-19 04:01:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-04-19 04:01:18 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-04-19 04:01:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-04-19 04:01:16 ----D---- C:\WINDOWS\system32\MsDtc
2011-04-19 04:01:16 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-04-19 04:01:16 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-04-19 04:01:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-04-19 04:01:16 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-04-19 04:01:16 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-04-19 04:01:15 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-04-19 04:01:15 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-04-19 04:01:15 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-04-19 04:01:15 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-04-19 04:01:14 ----D---- C:\WINDOWS\system32\Com
2011-04-19 04:01:14 ----A---- C:\WINDOWS\system32\colbact.dll
2011-04-19 04:01:14 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-04-19 04:01:14 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-04-19 04:01:14 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-04-19 04:01:14 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-04-19 04:01:13 ----A---- C:\WINDOWS\system32\comuid.dll
2011-04-19 04:01:13 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-04-19 04:01:13 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-04-19 04:01:07 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-04-19 04:01:06 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-04-19 04:01:06 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-04-19 04:01:06 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-04-18 21:00:19 ----A---- C:\WINDOWS\system32\h323log.txt
2011-04-18 20:56:44 ----A---- C:\WINDOWS\imsins.BAK
2011-04-18 20:56:41 ----SHD---- C:\WINDOWS\Installer
2011-04-18 20:56:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-18 20:56:40 ----D---- C:\Program Files\Common Files\ODBC
2011-04-18 20:56:40 ----A---- C:\WINDOWS\ODBCINST.INI
2011-04-18 20:56:37 ----RD---- C:\Program Files
2011-04-18 20:56:37 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-04-18 20:56:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-18 20:56:37 ----D---- C:\Program Files\Common Files
2011-04-18 20:56:21 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-04-18 20:56:21 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-04-18 20:56:18 ----A---- C:\WINDOWS\system32\CONFIG.TMP
2011-04-18 20:56:17 ----A---- C:\WINDOWS\system32\storprop.dll
2011-04-18 20:56:10 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2011-04-18 20:56:05 ----RA---- C:\WINDOWS\SET8.tmp
2011-04-18 20:56:03 ----RA---- C:\WINDOWS\SET4.tmp
2011-04-18 20:56:03 ----RA---- C:\WINDOWS\SET3.tmp
2011-04-18 20:55:58 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-18 20:55:58 ----D---- C:\WINDOWS\system32\CatRoot
2011-04-18 20:55:52 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-04-18 20:49:52 ----A---- C:\WINDOWS\setuplog.txt
2011-04-18 20:49:49 ----SHD---- C:\System Volume Information
2011-04-18 20:49:49 ----D---- C:\Documents and Settings
2011-04-18 20:28:34 ----SH---- C:\boot.ini
2011-04-18 20:18:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-18 20:18:37 ----RSD---- C:\WINDOWS\Fonts
2011-04-18 20:18:37 ----RD---- C:\WINDOWS\Web
2011-04-18 20:18:37 ----HD---- C:\WINDOWS\inf
2011-04-18 20:18:37 ----D---- C:\WINDOWS\WinSxS
2011-04-18 20:18:37 ----D---- C:\WINDOWS\twain_32
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Temp
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\wins
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\wbem
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\usmt
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\spool
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\ShellExt
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\Setup
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\ras
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\oobe
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\npp
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\mui
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\inetsrv
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\IME
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\icsxml
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\ias
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\export
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\drivers
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\dhcp
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\config
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\3com_dmi
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\3076
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\2052
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1054
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1042
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1041
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1037
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1033
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1031
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1028
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32\1025
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system32
2011-04-18 20:18:37 ----D---- C:\WINDOWS\system
2011-04-18 20:18:37 ----D---- C:\WINDOWS\security
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Resources
2011-04-18 20:18:37 ----D---- C:\WINDOWS\repair
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Provisioning
2011-04-18 20:18:37 ----D---- C:\WINDOWS\pchealth
2011-04-18 20:18:37 ----D---- C:\WINDOWS\PeerNet
2011-04-18 20:18:37 ----D---- C:\WINDOWS\mui
2011-04-18 20:18:37 ----D---- C:\WINDOWS\msapps
2011-04-18 20:18:37 ----D---- C:\WINDOWS\msagent
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Media
2011-04-18 20:18:37 ----D---- C:\WINDOWS\java
2011-04-18 20:18:37 ----D---- C:\WINDOWS\ime
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Help
2011-04-18 20:18:37 ----D---- C:\WINDOWS\ehome
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Driver Cache
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Debug
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Cursors
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Connection Wizard
2011-04-18 20:18:37 ----D---- C:\WINDOWS\Config
2011-04-18 20:18:37 ----D---- C:\WINDOWS\AppPatch
2011-04-18 20:18:37 ----D---- C:\WINDOWS\addins
2011-04-18 20:18:37 ----D---- C:\WINDOWS
2010-07-07 17:00:41 ----D---- C:\Program Files\CS_NORMAL
2010-07-03 18:58:38 ----SHD---- C:\Config.Msi
2010-07-01 16:18:01 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2010-07-01 16:18:01 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-07-01 16:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-07-01 09:20:49 ----D---- C:\WINDOWS\system32\Adobe
2010-06-29 18:06:47 ----D---- C:\Documents and Settings\readik\Application Data\MilkShape 3D 1.x.x
2010-06-20 21:13:24 ----D---- C:\Documents and Settings\readik\Application Data\Facebook
2010-06-16 17:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-06-16 17:47:37 ----D---- C:\Program Files\Common Files\Adobe
2010-06-16 17:47:37 ----D---- C:\Program Files\Adobe
2010-06-13 21:39:20 ----D---- C:\Bestgames
2010-06-13 21:05:43 ----D---- C:\Documents and Settings\readik\Application Data\Google
2010-06-13 21:05:11 ----D---- C:\Program Files\Google
2010-06-10 06:46:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 06:46:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-06-10 06:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 06:45:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 06:43:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 06:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 06:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-10 06:38:58 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-06-09 15:47:36 ----D---- C:\rsit
2010-06-09 15:47:36 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 months======

2011-04-20 01:21:41 ----A---- C:\WINDOWS\system.ini
2011-04-20 00:46:14 ----A---- C:\WINDOWS\win.ini
2010-07-07 19:09:03 ----D---- C:\WINDOWS\Prefetch
2010-07-07 16:46:44 ----D---- C:\Documents and Settings\readik\Application Data\skypePM
2010-06-27 22:47:36 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-06-15 16:33:30 ----D---- C:\Program Files\Pivot Stickfigure Animator
2010-06-10 20:56:10 ----D---- C:\Program Files\DaemonicMU
2010-06-10 06:46:02 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-06 81664]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 DBKDRVR54;DBKDRVR54; \??\C:\Program Files\Cheat Engine\dbk32.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-25 25280]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-28 145920]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-08 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-23 208896]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 07 črc 2010 22:02

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

HJT najdeš zde :

C:\Program Files\trend micro\readik.exe

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

NBService

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !

Doinstaluj antivir, projeď s ním PC a nakonec použij Mbam z mého podpisu.

readik · #3 Příspěvek od **readik** » 07 črc 2010 22:25

Díky moc

, dělám na tom.

readik · #4 Příspěvek od **readik** » 08 črc 2010 07:48

Ty soubory sem FIXNUL,

Cleanerem sem to vyčistil,

Projel sem to Nodem, - našlo to jen 3 infekce, o kterejch vim, že je všechny antiviry chybně identifikujou jako infekce.
(Byl to jeden Hack na CS 1.6 (ECC v5.2), kterej jsem uložil do truhly a 2 soubory, z jedné hry=o kterejch vim, že je všechny antiviry chybně identifikujou jako infekce

MBAM nic nenašel a po dalším restartu počítače bylo všechno v pořádku.

Díky moc Roli

#5 Příspěvek od **Roli** » 08 črc 2010 21:30

Ještě to trochu promázneme.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

VIRY.CZ

Prosím o zkontrolování logu

Prosím o zkontrolování logu

Re: Prosím o zkontrolování logu

Re: Prosím o zkontrolování logu

Re: Prosím o zkontrolování logu

Re: Prosím o zkontrolování logu