VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problém s virem

https://forum.viry.cz:443/viewtopic.php?t=102792

Stránka 1 z 2

Problém s virem

Napsal: 17 črc 2010 10:58
od Majky006
Zdravím,
cca. před dvěma dny mi kamarád "poslal" přes ICQ zprávu ve smyslu "podívej se, tady je moje fotka". Fotku jsme stáhl, ale nešla spustit, bohužel, jak jsem později zjistil, nebyla to fotka, ale virus, který se tvářil jako fotka (ma-fotka.jpg.scr) a teď dělá pěknou neplechu - posílá SPAM na ICQ, zapíná porno stránky, vypíná Avast, atd.
Vůbec nevím, jak se ho zbavit :(
Tady je RSIT Log, děkuji Všem.

info.txt logfile of random's system information tool 1.08 2010-07-17 11:56:56

======Uninstall list======

-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="5M0A-833C-3ZW2-TWE3-MEH5-6AT3-H0K0-63X7"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
AI Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x9
Air Video Server 2.2.7-update1-->C:\Program Files\AirVideoServer\uninst.exe
ALTools Update-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->C:\Program Files\ESTsoft\ALZip\unins000.exe
Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}
Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
ASUSUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
BlueSoleil 6.4.314.3-->MsiExec.exe /X{8AA80787-4900-4E5A-B8C1-43D32672D6F9}
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP210 series-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series /L0x0005
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ConvertXtoDVD 2.0.9b-->"C:\Program Files\vso\ConvertXtoDVD\unins000.exe"
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Google Earth-->MsiExec.exe /X{C2D129C0-7508-11DF-9F1B-005056806466}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\5.0.375.99\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Keyboard & Mouse Driver-->C:\Program Files\InstallShield Installation Information\{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}\setup.exe -runfromtemp -l0x0409
MediaCoder iPod Edition-->C:\Program Files\MediaCoder iPod Edition\uninst.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mobile Mouse Server-->MsiExec.exe /I{449801F1-65B0-46F5-B4C5-1EF464EF7214}
Mozilla Firefox (3.6.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Natural Color Pro-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC2C7405-BC58-4E11-8F51-29671BEAC06B}\setup.exe" -l0x9
Nero 7 Essentials-->MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421029}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
O&O Defrag Professional-->MsiExec.exe /I{ED6C5ECD-5AA4-4054-BF67-8F49526E5765}
Opera 10.60-->MsiExec.exe /X{1D2C96C3-A3F3-49E7-B839-95279DED837F}
PC Connectivity Solution-->MsiExec.exe /I{83258E90-1F76-4E13-9F60-A0F8ED41E76F}
PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x9
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D}
Registrace uživatele zařízení Canon MP210 series-->C:\Program Files\Canon\IJEREG\MP210 series\UNINST.EXE
ScanSoft OmniPage SE 4-->MsiExec.exe /X{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Smart-X7 7.80-->C:\Program Files\A4Tech\Mouse\Uninst32.exe
Total Commander Ultima Prime 5.1.0.0-->"C:\Program Files\TC UP\un_TC UP.exe"
Virtual Cable Tester-->MsiExec.exe /X{3D654496-9C3D-4565-858C-3E551ECDA4E2}
VLC media player 1.1.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
XnView 1.97-->"C:\Program Files\XnView\unins000.exe"

======Security center information======

AV: avast! Antivirus
AS: Windows Defender
AS: avast! Antivirus

======System event log======

Computer Name: Dostalovi
Event Code: 7036
Message: Stav služby služba Zprostředkovatel softwaru služby Stínová kopie svazků byl změněn na: Spuštěno
Record Number: 33550
Source Name: Service Control Manager
Time Written: 20100717095314.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: ?18. ?července ?2010 v 3:00):
- Definition Update for Windows Defender - KB915597 (Definition 1.85.2136.0)
- Sada Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 Language Pack
- Aktualizace pro .NET Framework 3.5 Service Pack 1 pro .NET Framework Assistant 1.0 x86 (KB963707)
- Aktualizace zabezpečení systému Windows Vista (KB950974)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 2.0 Service Pack 2 pro systém Windows Vista (KB974467)
Record Number: 33551
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20100717095313.211031-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Dostalovi
Event Code: 2002
Message: Verze modulu Windows Defender byla aktualizována.
Aktuální verze modulu: 1.1.5902.0
Předchozí verze modulu: 1.1.1603.0
Zdroj aktualizace: Uživatel
Uživatel: NT AUTHORITY\SYSTEM
Record Number: 33552
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20100717095332.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 2000
Message: Verze podpisu programu Windows Defender byla aktualizována.
Aktuální verze podpisu: 1.85.2136.0
Předchozí verze podpisu: 1.0.0.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.5902.0
Předchozí verze modulu: 1.1.1603.0
Record Number: 33553
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20100717095332.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 19
Message: Instalace dokončena: Instalování následující aktualizace bylo dokončeno úspěšně. Definition Update for Windows Defender - KB915597 (Definition 1.85.2136.0)
Record Number: 33554
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20100717095501.936031-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Dostalovi
Event Code: 8194
Message: Bod obnovení byl úspěšně vytvořen (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update).
Record Number: 1478
Source Name: System Restore
Time Written: 20100717095332.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 8219
Message: Při rozšiřování specifikace souboru \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6\Windows\softwaredistribution\Download\d7480a065993d63dcab7527fa2107fee*.* vypršel časový limit. Akce se prováděla pro odběratele WUA.

Operace:
Událost OnPostSnapshot
Událost PostSnapshot

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
Kontext spuštění: Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {dc03dfe1-2887-46e1-9de5-837eeebb3dfb}
Record Number: 1479
Source Name: VSS
Time Written: 20100717095354.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 8219
Message: Při rozšiřování specifikace souboru \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6\Windows\softwaredistribution\Download*.* vypršel časový limit. Akce se prováděla pro odběratele WUA.

Operace:
Událost OnPostSnapshot
Událost PostSnapshot

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
Kontext spuštění: Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {dc03dfe1-2887-46e1-9de5-837eeebb3dfb}
Record Number: 1480
Source Name: VSS
Time Written: 20100717095354.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 8219
Message: Při rozšiřování specifikace souboru \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6\Windows\softwaredistribution*.* vypršel časový limit. Akce se prováděla pro odběratele WUA.

Operace:
Událost OnPostSnapshot
Událost PostSnapshot

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
Kontext spuštění: Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {dc03dfe1-2887-46e1-9de5-837eeebb3dfb}
Record Number: 1481
Source Name: VSS
Time Written: 20100717095354.000000-000
Event Type: Informace
User:

Computer Name: Dostalovi
Event Code: 8220
Message: Při odstraňování souborů vypršel časový limit.

Operace:
Událost OnPostSnapshot
Událost PostSnapshot

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
Kontext spuštění: Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {dc03dfe1-2887-46e1-9de5-837eeebb3dfb}
Record Number: 1482
Source Name: VSS
Time Written: 20100717095425.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Dostalovi
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DOSTALOVI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x2d4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 1758
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100717094929.079431-000
Event Type: Úspěch auditu
User:

Computer Name: Dostalovi
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DOSTALOVI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2d4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1759
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100717094929.079431-000
Event Type: Úspěch auditu
User:

Computer Name: Dostalovi
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1760
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100717094929.079431-000
Event Type: Úspěch auditu
User:

Computer Name: Dostalovi
Event Code: 4904
Message: Došlo k pokusu zaregistrovat zdroj události zabezpečení.

Předmět :
ID zabezpečení: S-1-5-18
Název účtu: DOSTALOVI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Proces:
ID procesu: 0x118c
Název procesu: C:\Windows\System32\VSSVC.exe

Zdroj události:
Název zdroje: VSSAudit
ID zdroje události: 0x412797
Record Number: 1761
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100717095435.656031-000
Event Type: Úspěch auditu
User:

Computer Name: Dostalovi
Event Code: 4905
Message: Došlo k pokusu zrušit registraci zdroje události zabezpečení.

Předmět
ID zabezpečení: S-1-5-18
Název účtu: DOSTALOVI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Proces:
ID procesu: 0x118c
Název procesu: C:\Windows\System32\VSSVC.exe

Zdroj události:
Název zdroje: VSSAudit
ID zdroje události: 0x412797
Record Number: 1762
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100717095435.656031-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;c:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\TC UP\PLUGINS\Library;C:\Program Files\ESTsoft\ALZip;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Windows\system32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"asl.log"=Destination=file;OnFirstLog=command,environment,parent
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Re: Problém s virem

Napsal: 17 črc 2010 11:26
od Caroprd111
Zdravím :)

Obrázek Potřebuji ten druhý log z RSIT (log.txt).


Obrázek Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Re: Problém s virem

Napsal: 17 črc 2010 12:02
od Majky006
Logfile of random's system information tool 1.08 (written by random/random)
Run by Dostálovi at 2010-07-17 11:56:14
Microsoft® Windows Vista™ Home Premium
System drive C: has 203 GB (67%) free of 305 GB
Total RAM: 2047 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:55, on 17.7.2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AirVideoServer\AirVideoServer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe
C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Dostálovi\Desktop\RSIT.exe
C:\Program Files\trend micro\Dostálovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files\AirVideoServer\AirVideoServer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Air Mouse.lnk = C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 9552 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2010-07-10 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-10 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2010-07-12 1006264]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-12-26 196608]
"KMCONFIG"=C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-04-09 1423360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-07-10 149280]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2010-04-27 319574]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-07-11 1232896]
"AirVideoServer"=C:\Program Files\AirVideoServer\AirVideoServer.exe [2010-05-20 4818760]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Air Mouse.lnk - C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
NCProTray.lnk - C:\Program Files\SEC\Natural Color Pro\NCProTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-07-17 11:56:14 ----D---- C:\rsit
2010-07-17 11:56:14 ----D---- C:\Program Files\trend micro
2010-07-16 09:49:20 ----RA---- C:\Users\Dostálovi\AppData\Roaming\BA067.txt
2010-07-16 09:33:30 ----RA---- C:\Users\Dostálovi\AppData\Roaming\BhljG.txt
2010-07-15 23:32:22 ----RA---- C:\Users\Dostálovi\AppData\Roaming\imkgc.txt
2010-07-15 23:32:21 ----RA---- C:\Users\Dostálovi\AppData\Roaming\BeKD6.txt
2010-07-12 00:40:20 ----A---- C:\Windows\system32\t2embed.dll
2010-07-12 00:40:20 ----A---- C:\Windows\system32\lpk.dll
2010-07-12 00:40:20 ----A---- C:\Windows\system32\fontsub.dll
2010-07-12 00:40:20 ----A---- C:\Windows\system32\dciman32.dll
2010-07-12 00:40:20 ----A---- C:\Windows\system32\atmlib.dll
2010-07-12 00:40:20 ----A---- C:\Windows\system32\atmfd.dll
2010-07-12 00:38:51 ----A---- C:\Windows\system32\iedkcs32.dll
2010-07-12 00:38:51 ----A---- C:\Windows\system32\ieapfltr.dll
2010-07-12 00:38:51 ----A---- C:\Windows\system32\ieakui.dll
2010-07-12 00:38:51 ----A---- C:\Windows\system32\ieaksie.dll
2010-07-12 00:38:51 ----A---- C:\Windows\system32\advpack.dll
2010-07-12 00:38:51 ----A---- C:\Windows\system32\admparse.dll
2010-07-12 00:38:50 ----A---- C:\Windows\system32\wininet.dll
2010-07-12 00:38:50 ----A---- C:\Windows\system32\jsproxy.dll
2010-07-12 00:38:50 ----A---- C:\Windows\system32\dxtrans.dll
2010-07-12 00:38:49 ----A---- C:\Windows\system32\msfeeds.dll
2010-07-12 00:38:49 ----A---- C:\Windows\system32\dxtmsft.dll
2010-07-12 00:38:48 ----A---- C:\Windows\system32\ieui.dll
2010-07-12 00:38:48 ----A---- C:\Windows\system32\ieframe.dll
2010-07-12 00:38:47 ----A---- C:\Windows\system32\mshtmler.dll
2010-07-12 00:38:47 ----A---- C:\Windows\system32\mshtmled.dll
2010-07-12 00:38:47 ----A---- C:\Windows\system32\ieencode.dll
2010-07-12 00:38:46 ----A---- C:\Windows\system32\mshtml.dll
2010-07-12 00:38:45 ----A---- C:\Windows\system32\mstime.dll
2010-07-12 00:38:45 ----A---- C:\Windows\system32\icardie.dll
2010-07-12 00:38:43 ----A---- C:\Windows\system32\ieUnatt.exe
2010-07-12 00:38:42 ----A---- C:\Windows\system32\urlmon.dll
2010-07-12 00:38:42 ----A---- C:\Windows\system32\pngfilt.dll
2010-07-12 00:38:42 ----A---- C:\Windows\system32\occache.dll
2010-07-12 00:38:42 ----A---- C:\Windows\system32\iertutil.dll
2010-07-12 00:38:42 ----A---- C:\Windows\system32\iernonce.dll
2010-07-12 00:38:42 ----A---- C:\Windows\system32\ie4uinit.exe
2010-07-12 00:38:41 ----A---- C:\Windows\system32\iesetup.dll
2010-07-12 00:37:05 ----A---- C:\Windows\system32\winipsec.dll
2010-07-12 00:37:05 ----A---- C:\Windows\system32\polstore.dll
2010-07-12 00:37:05 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-07-12 00:37:05 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-07-12 00:36:07 ----A---- C:\Windows\system32\riched32.dll
2010-07-12 00:36:07 ----A---- C:\Windows\system32\riched20.dll
2010-07-12 00:36:05 ----A---- C:\Windows\system32\rasser.dll
2010-07-12 00:36:05 ----A---- C:\Windows\system32\rasmxs.dll
2010-07-12 00:36:05 ----A---- C:\Windows\system32\rasdiag.dll
2010-07-12 00:36:05 ----A---- C:\Windows\system32\rascfg.dll
2010-07-12 00:36:05 ----A---- C:\Windows\system32\drivers\wanarp.sys
2010-07-12 00:36:05 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2010-07-12 00:36:05 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2010-07-12 00:36:04 ----A---- C:\Windows\system32\netcfgx.dll
2010-07-12 00:36:04 ----A---- C:\Windows\system32\msftedit.dll
2010-07-12 00:36:04 ----A---- C:\Windows\system32\ipnathlp.dll
2010-07-12 00:36:04 ----A---- C:\Windows\system32\icsunattend.exe
2010-07-12 00:36:03 ----A---- C:\Windows\system32\wshqos.dll
2010-07-12 00:36:03 ----A---- C:\Windows\system32\traffic.dll
2010-07-12 00:36:03 ----A---- C:\Windows\system32\pacerprf.dll
2010-07-12 00:36:03 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-07-12 00:36:03 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-07-12 00:36:02 ----A---- C:\Windows\system32\dps.dll
2010-07-12 00:36:02 ----A---- C:\Windows\system32\cdd.dll
2010-07-12 00:35:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-07-12 00:35:06 ----A---- C:\Windows\system32\drivers\srv.sys
2010-07-12 00:34:08 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-07-12 00:34:08 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-07-12 00:34:08 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-07-12 00:33:10 ----A---- C:\Windows\system32\msoert2.dll
2010-07-12 00:33:10 ----A---- C:\Windows\system32\msoeacct.dll
2010-07-12 00:33:10 ----A---- C:\Windows\system32\ACCTRES.dll
2010-07-12 00:31:55 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-07-12 00:31:55 ----A---- C:\Windows\system32\ROUTE.EXE
2010-07-12 00:31:55 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-07-12 00:31:55 ----A---- C:\Windows\system32\netiohlp.dll
2010-07-12 00:31:55 ----A---- C:\Windows\system32\netevent.dll
2010-07-12 00:31:55 ----A---- C:\Windows\system32\MRINFO.EXE
2010-07-12 00:31:55 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-07-12 00:31:55 ----A---- C:\Windows\system32\finger.exe
2010-07-12 00:31:55 ----A---- C:\Windows\system32\ARP.EXE
2010-07-12 00:30:35 ----A---- C:\Windows\system32\wtsapi32.dll
2010-07-12 00:30:34 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-07-12 00:30:33 ----A---- C:\Windows\system32\sysmain.dll
2010-07-12 00:29:39 ----A---- C:\Windows\system32\WebClnt.dll
2010-07-12 00:29:39 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-07-12 00:28:45 ----A---- C:\Windows\system32\L2SecHC.dll
2010-07-12 00:28:44 ----A---- C:\Windows\system32\wlansvc.dll
2010-07-12 00:28:44 ----A---- C:\Windows\system32\wlansec.dll
2010-07-12 00:28:44 ----A---- C:\Windows\system32\wlanmsm.dll
2010-07-12 00:28:44 ----A---- C:\Windows\system32\wlanhlp.dll
2010-07-12 00:28:44 ----A---- C:\Windows\system32\wlanapi.dll
2010-07-12 00:27:41 ----A---- C:\Windows\system32\msxml3r.dll
2010-07-12 00:27:41 ----A---- C:\Windows\system32\msxml3.dll
2010-07-12 00:27:40 ----A---- C:\Windows\system32\msxml6r.dll
2010-07-12 00:27:40 ----A---- C:\Windows\system32\msxml6.dll
2010-07-12 00:26:37 ----A---- C:\Windows\system32\wdigest.dll
2010-07-12 00:26:37 ----A---- C:\Windows\system32\msv1_0.dll
2010-07-12 00:26:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2010-07-12 00:26:36 ----A---- C:\Windows\system32\secur32.dll
2010-07-12 00:26:36 ----A---- C:\Windows\system32\lsass.exe
2010-07-12 00:26:36 ----A---- C:\Windows\system32\lsasrv.dll
2010-07-12 00:25:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-07-12 00:25:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-07-12 00:25:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-07-12 00:24:44 ----A---- C:\Windows\system32\winsrv.dll
2010-07-12 00:24:44 ----A---- C:\Windows\system32\csrsrv.dll
2010-07-12 00:23:51 ----A---- C:\Windows\system32\rrinstaller.exe
2010-07-12 00:23:51 ----A---- C:\Windows\system32\mfps.dll
2010-07-12 00:23:51 ----A---- C:\Windows\system32\mfpmp.exe
2010-07-12 00:23:51 ----A---- C:\Windows\system32\mferror.dll
2010-07-12 00:23:51 ----A---- C:\Windows\system32\mf.dll
2010-07-12 00:23:50 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-07-12 00:22:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-07-12 00:22:49 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-07-12 00:20:10 ----A---- C:\Windows\system32\winhttp.dll
2010-07-12 00:19:15 ----A---- C:\Windows\system32\vbscript.dll
2010-07-12 00:18:19 ----A---- C:\Windows\system32\atl.dll
2010-07-12 00:17:26 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-07-12 00:16:36 ----A---- C:\Windows\system32\gdi32.dll
2010-07-12 00:15:45 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-07-12 00:15:45 ----A---- C:\Windows\system32\drivers\monitor.sys
2010-07-12 00:13:53 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-07-12 00:13:04 ----A---- C:\Windows\system32\xolehlp.dll
2010-07-12 00:13:04 ----A---- C:\Windows\system32\msdtcprx.dll
2010-07-12 00:12:10 ----A---- C:\Windows\system32\wkssvc.dll
2010-07-12 00:11:15 ----A---- C:\Windows\system32\tsgqec.dll
2010-07-12 00:11:15 ----A---- C:\Windows\system32\mstscax.dll
2010-07-12 00:11:15 ----A---- C:\Windows\system32\aaclient.dll
2010-07-12 00:10:18 ----A---- C:\Windows\system32\wmpeffects.dll
2010-07-12 00:08:34 ----A---- C:\Windows\system32\msscp.dll
2010-07-12 00:06:50 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-07-12 00:05:58 ----A---- C:\Windows\system32\wfapigp.dll
2010-07-12 00:05:58 ----A---- C:\Windows\system32\MPSSVC.dll
2010-07-12 00:05:58 ----A---- C:\Windows\system32\icfupgd.dll
2010-07-12 00:05:58 ----A---- C:\Windows\system32\FirewallAPI.dll
2010-07-12 00:05:58 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2010-07-12 00:05:57 ----A---- C:\Windows\system32\cmifw.dll
2010-07-12 00:05:08 ----A---- C:\Windows\system32\netapi32.dll
2010-07-12 00:02:16 ----A---- C:\Windows\system32\mcmde.dll
2010-07-12 00:02:16 ----A---- C:\Windows\system32\EncDec.dll
2010-07-12 00:02:15 ----A---- C:\Windows\system32\psisdecd.dll
2010-07-12 00:00:45 ----A---- C:\Windows\system32\shell32.dll
2010-07-11 23:59:41 ----A---- C:\Windows\system32\tzres.dll
2010-07-11 23:58:41 ----A---- C:\Windows\system32\localspl.dll
2010-07-11 23:57:01 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-07-11 23:57:00 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-07-11 23:57:00 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-07-11 23:57:00 ----A---- C:\Windows\system32\drivers\pciide.sys
2010-07-11 23:57:00 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-07-11 23:57:00 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-07-11 23:56:19 ----A---- C:\Windows\system32\DWWIN.EXE
2010-07-11 23:55:36 ----A---- C:\Windows\explorer.exe
2010-07-11 23:54:52 ----A---- C:\Windows\system32\hcrstco.dll
2010-07-11 23:54:52 ----A---- C:\Windows\system32\hccoin.dll
2010-07-11 23:54:52 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2010-07-11 23:54:52 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-07-11 23:54:52 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-07-11 23:54:52 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-07-11 23:54:52 ----A---- C:\Windows\system32\drivers\usbd.sys
2010-07-11 23:54:51 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2010-07-11 23:53:27 ----A---- C:\Windows\system32\netcfg.exe
2010-07-11 23:52:21 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2010-07-11 23:52:20 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2010-07-11 23:52:20 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2010-07-11 23:52:20 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2010-07-11 23:52:20 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2010-07-11 23:52:19 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2010-07-11 23:52:19 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2010-07-11 23:52:19 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2010-07-11 23:52:19 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2010-07-11 23:52:18 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2010-07-11 23:52:18 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2010-07-11 23:52:17 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2010-07-11 23:52:17 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2010-07-11 23:52:17 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2010-07-11 23:52:17 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2010-07-11 23:52:17 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2010-07-11 23:52:16 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2010-07-11 23:52:16 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2010-07-11 23:52:15 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-07-11 23:52:15 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-07-11 23:52:15 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2010-07-11 23:52:14 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2010-07-11 23:52:14 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2010-07-11 23:52:14 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2010-07-11 23:52:14 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2010-07-11 23:52:14 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2010-07-11 23:52:13 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2010-07-11 23:52:13 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2010-07-11 23:52:13 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2010-07-11 23:52:12 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2010-07-11 23:52:12 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2010-07-11 23:52:12 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2010-07-11 23:52:12 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2010-07-11 23:52:11 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2010-07-11 23:52:11 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2010-07-11 23:52:11 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2010-07-11 23:52:11 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2010-07-11 23:52:10 ----A---- C:\Windows\system32\NlsModels0011.dll
2010-07-11 23:52:10 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2010-07-11 23:52:10 ----A---- C:\Windows\system32\NlsData0045.dll
2010-07-11 23:52:09 ----A---- C:\Windows\system32\NlsData0049.dll
2010-07-11 23:52:09 ----A---- C:\Windows\system32\NlsData0047.dll
2010-07-11 23:52:09 ----A---- C:\Windows\system32\NlsData0046.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0039.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0027.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0026.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0024.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0022.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0021.dll
2010-07-11 23:52:08 ----A---- C:\Windows\system32\NlsData0020.dll
2010-07-11 23:52:07 ----A---- C:\Windows\system32\NlsData0018.dll
2010-07-11 23:52:07 ----A---- C:\Windows\system32\NlsData0013.dll
2010-07-11 23:52:07 ----A---- C:\Windows\system32\NlsData0011.dll
2010-07-11 23:52:07 ----A---- C:\Windows\system32\NlsData0010.dll
2010-07-11 23:52:07 ----A---- C:\Windows\system32\NlsData0000.dll
2010-07-11 23:52:06 ----A---- C:\Windows\system32\NlsData0019.dll
2010-07-11 23:52:06 ----A---- C:\Windows\system32\NlsData0009.dll
2010-07-11 23:52:06 ----A---- C:\Windows\system32\NlsData0007.dll
2010-07-11 23:52:06 ----A---- C:\Windows\system32\NlsData0003.dll
2010-07-11 23:52:06 ----A---- C:\Windows\system32\NlsData0002.dll
2010-07-11 23:52:06 ----A---- C:\Windows\system32\NlsData0001.dll
2010-07-11 23:52:05 ----A---- C:\Windows\system32\NlsData004e.dll
2010-07-11 23:52:05 ----A---- C:\Windows\system32\NlsData004c.dll
2010-07-11 23:52:05 ----A---- C:\Windows\system32\NlsData004b.dll
2010-07-11 23:52:05 ----A---- C:\Windows\system32\NlsData004a.dll
2010-07-11 23:52:04 ----A---- C:\Windows\system32\NlsData003e.dll
2010-07-11 23:52:04 ----A---- C:\Windows\system32\NlsData002a.dll
2010-07-11 23:52:04 ----A---- C:\Windows\system32\NlsData001d.dll
2010-07-11 23:52:04 ----A---- C:\Windows\system32\NlsData001b.dll
2010-07-11 23:52:04 ----A---- C:\Windows\system32\NlsData001a.dll
2010-07-11 23:52:03 ----A---- C:\Windows\system32\NlsData000f.dll
2010-07-11 23:52:03 ----A---- C:\Windows\system32\NlsData000d.dll
2010-07-11 23:52:03 ----A---- C:\Windows\system32\NlsData000c.dll
2010-07-11 23:52:03 ----A---- C:\Windows\system32\NlsData000a.dll
2010-07-11 23:52:02 ----A---- C:\Windows\system32\NlsData0416.dll
2010-07-11 23:52:02 ----A---- C:\Windows\system32\NlsData0414.dll
2010-07-11 23:52:02 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-07-11 23:52:01 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2010-07-11 23:52:01 ----A---- C:\Windows\system32\NlsData0c1a.dll
2010-07-11 23:52:01 ----A---- C:\Windows\system32\NlsData081a.dll
2010-07-11 23:52:01 ----A---- C:\Windows\system32\NlsData0816.dll
2010-07-11 23:50:13 ----A---- C:\Windows\system32\drivers\bthenum.sys
2010-07-11 23:48:51 ----A---- C:\Windows\system32\setupapi.dll
2010-07-11 23:48:26 ----A---- C:\Windows\system32\srdelayed.exe
2010-07-11 23:48:26 ----A---- C:\Windows\system32\srcore.dll
2010-07-11 23:48:26 ----A---- C:\Windows\system32\srclient.dll
2010-07-11 23:48:26 ----A---- C:\Windows\system32\rstrui.exe
2010-07-11 23:48:25 ----A---- C:\Windows\system32\wpd_ci.dll
2010-07-11 23:48:25 ----A---- C:\Windows\system32\winresume.exe
2010-07-11 23:48:25 ----A---- C:\Windows\system32\winload.exe
2010-07-11 23:48:25 ----A---- C:\Windows\system32\kd1394.dll
2010-07-11 23:48:25 ----A---- C:\Windows\system32\ci.dll
2010-07-11 23:48:24 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-07-11 23:48:24 ----A---- C:\Windows\system32\kbd106n.dll
2010-07-11 23:48:24 ----A---- C:\Windows\system32\drvinst.exe
2010-07-11 23:48:24 ----A---- C:\Windows\system32\dpx.dll
2010-07-11 23:48:24 ----A---- C:\Windows\system32\clfs.sys
2010-07-11 23:48:24 ----A---- C:\Windows\system32\cfgmgr32.dll
2010-07-11 23:48:23 ----A---- C:\Windows\system32\unlodctr.exe
2010-07-11 23:48:23 ----A---- C:\Windows\system32\prflbmsg.dll
2010-07-11 23:48:23 ----A---- C:\Windows\system32\oleaut32.dll
2010-07-11 23:48:23 ----A---- C:\Windows\system32\lodctr.exe
2010-07-11 23:48:23 ----A---- C:\Windows\system32\loadperf.dll
2010-07-11 23:48:22 ----A---- C:\Windows\system32\schedsvc.dll
2010-07-11 23:48:22 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-07-11 23:48:22 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2010-07-11 23:48:22 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\drivers\sermouse.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\drivers\mouhid.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\drivers\mouclass.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2010-07-11 23:48:21 ----A---- C:\Windows\system32\dispci.dll
2010-07-11 23:48:21 ----A---- C:\Windows\system32\batt.dll
2010-07-11 23:46:54 ----A---- C:\Windows\system32\rpcss.dll
2010-07-11 23:46:53 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-07-11 23:46:53 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-07-11 23:46:52 ----A---- C:\Windows\system32\sdohlp.dll
2010-07-11 23:46:52 ----A---- C:\Windows\system32\iasrecst.dll
2010-07-11 23:46:52 ----A---- C:\Windows\system32\iasdatastore.dll
2010-07-11 23:46:52 ----A---- C:\Windows\system32\iasads.dll
2010-07-11 23:45:15 ----A---- C:\Windows\system32\jscript.dll
2010-07-11 23:44:28 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-07-11 23:44:28 ----A---- C:\Windows\system32\drivers\tunnel.sys
2010-07-11 23:44:28 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2010-07-11 23:44:27 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-07-11 23:44:27 ----A---- C:\Windows\system32\netiougc.exe
2010-07-11 23:44:27 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-07-11 23:44:27 ----A---- C:\Windows\system32\drivers\netio.sys
2010-07-11 23:42:22 ----A---- C:\Windows\system32\WMASF.DLL
2010-07-11 23:42:22 ----A---- C:\Windows\system32\LAPRXY.DLL
2010-07-11 23:42:22 ----A---- C:\Windows\system32\asferror.dll
2010-07-11 23:41:40 ----A---- C:\Windows\system32\browserchoice.exe
2010-07-11 23:40:50 ----A---- C:\Windows\system32\kernel32.dll
2010-07-11 23:40:49 ----A---- C:\Windows\system32\apilogen.dll
2010-07-11 23:40:49 ----A---- C:\Windows\system32\amxread.dll
2010-07-11 23:40:01 ----A---- C:\Windows\system32\slwmi.dll
2010-07-11 23:40:01 ----A---- C:\Windows\system32\SLC.dll
2010-07-11 23:40:01 ----A---- C:\Windows\system32\mcbuilder.exe
2010-07-11 23:40:00 ----A---- C:\Windows\system32\SLUINotify.dll
2010-07-11 23:40:00 ----A---- C:\Windows\system32\SLUI.exe
2010-07-11 23:40:00 ----A---- C:\Windows\system32\SLLUA.exe
2010-07-11 23:40:00 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-07-11 23:39:59 ----A---- C:\Windows\system32\SLsvc.exe
2010-07-11 23:39:59 ----A---- C:\Windows\system32\slcinst.dll
2010-07-11 23:39:09 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-07-11 23:39:09 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-07-11 23:39:09 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-07-11 23:37:55 ----A---- C:\Windows\system32\ntprint.exe
2010-07-11 23:37:55 ----A---- C:\Windows\system32\ntprint.dll
2010-07-11 23:37:54 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-07-11 23:37:54 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-07-11 23:37:54 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2010-07-11 23:37:54 ----A---- C:\Windows\system32\authui.dll
2010-07-11 23:37:52 ----A---- C:\Windows\system32\sendmail.dll
2010-07-11 23:37:08 ----A---- C:\Windows\system32\win32spl.dll
2010-07-11 23:37:08 ----A---- C:\Windows\system32\printcom.dll
2010-07-11 23:36:29 ----A---- C:\Windows\system32\win32k.sys
2010-07-11 23:35:08 ----A---- C:\Windows\system32\wshrm.dll
2010-07-11 23:35:08 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-07-11 23:34:25 ----A---- C:\Windows\system32\wmpdxm.dll
2010-07-11 23:33:34 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-07-11 23:33:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-07-11 23:33:34 ----A---- C:\Windows\system32\msdrm.dll
2010-07-11 23:33:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-07-11 23:33:33 ----A---- C:\Windows\system32\secproc_isv.dll
2010-07-11 23:33:33 ----A---- C:\Windows\system32\secproc.dll
2010-07-11 23:33:33 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-07-11 23:33:33 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-07-11 23:33:33 ----A---- C:\Windows\system32\RMActivate.exe
2010-07-11 23:32:51 ----A---- C:\Windows\system32\sbunattend.exe
2010-07-11 23:31:41 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-07-11 23:31:41 ----A---- C:\Windows\system32\dnscacheugc.exe
2010-07-11 23:31:41 ----A---- C:\Windows\system32\dnsapi.dll
2010-07-11 23:31:11 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-07-11 23:30:35 ----A---- C:\Windows\system32\schannel.dll
2010-07-11 23:25:04 ----A---- C:\Windows\system32\infocardapi.dll
2010-07-11 23:25:04 ----A---- C:\Windows\system32\icardres.dll
2010-07-11 23:25:04 ----A---- C:\Windows\system32\icardagt.exe
2010-07-11 23:25:01 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-07-11 23:25:01 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-07-11 23:25:01 ----A---- C:\Windows\system32\PresentationHost.exe
2010-07-11 23:25:01 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-07-11 23:04:43 ----A---- C:\Windows\system32\netfxperf.dll
2010-07-11 23:04:43 ----A---- C:\Windows\system32\dfshim.dll
2010-07-11 23:04:42 ----A---- C:\Windows\system32\mscoree.dll
2010-07-11 23:04:41 ----A---- C:\Windows\system32\mscories.dll
2010-07-11 23:04:41 ----A---- C:\Windows\system32\mscorier.dll
2010-07-11 22:51:33 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-07-11 22:51:32 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-07-11 22:51:32 ----A---- C:\Windows\system32\gameux.dll
2010-07-11 22:51:02 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-07-11 22:51:02 ----A---- C:\Windows\system32\logagent.exe
2010-07-11 22:50:24 ----A---- C:\Windows\system32\INETRES.dll
2010-07-11 22:50:24 ----A---- C:\Windows\system32\inetcomm.dll
2010-07-11 22:50:07 ----A---- C:\Windows\system32\msasn1.dll
2010-07-11 22:49:49 ----A---- C:\Windows\system32\connect.dll
2010-07-11 22:49:35 ----A---- C:\Windows\system32\wmi.dll
2010-07-11 22:49:35 ----A---- C:\Windows\system32\imagehlp.dll
2010-07-11 22:49:35 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2010-07-11 22:49:21 ----A---- C:\Windows\system32\rpcrt4.dll
2010-07-11 22:48:42 ----A---- C:\Windows\system32\nshhttp.dll
2010-07-11 22:48:42 ----A---- C:\Windows\system32\httpapi.dll
2010-07-11 22:48:42 ----A---- C:\Windows\system32\drivers\http.sys
2010-07-11 22:47:18 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-07-11 22:47:06 ----A---- C:\Windows\system32\crypt32.dll
2010-07-11 22:46:40 ----A---- C:\Windows\system32\raschap.dll
2010-07-11 22:46:39 ----A---- C:\Windows\system32\rastls.dll
2010-07-11 22:46:23 ----A---- C:\Windows\system32\WSDApi.dll
2010-07-11 22:46:11 ----A---- C:\Windows\system32\poqexec.exe
2010-07-11 22:45:56 ----D---- C:\Program Files\MSXML 4.0
2010-07-11 22:45:47 ----A---- C:\Windows\system32\user32.dll
2010-07-11 22:44:56 ----A---- C:\Windows\system32\tsbyuv.dll
2010-07-11 22:44:56 ----A---- C:\Windows\system32\quartz.dll
2010-07-11 22:44:56 ----A---- C:\Windows\system32\msyuv.dll
2010-07-11 22:44:56 ----A---- C:\Windows\system32\iyuv_32.dll
2010-07-11 22:44:55 ----A---- C:\Windows\system32\msvidc32.dll
2010-07-11 22:44:55 ----A---- C:\Windows\system32\msvfw32.dll
2010-07-11 22:44:55 ----A---- C:\Windows\system32\msrle32.dll
2010-07-11 22:44:55 ----A---- C:\Windows\system32\mciavi32.dll
2010-07-11 22:44:55 ----A---- C:\Windows\system32\avifil32.dll
2010-07-11 22:44:55 ----A---- C:\Windows\system32\avicap32.dll
2010-07-11 22:44:20 ----A---- C:\Windows\system32\qmgr.dll
2010-07-11 22:44:10 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-07-11 22:43:48 ----A---- C:\Windows\system32\wmploc.DLL
2010-07-11 22:43:47 ----A---- C:\Windows\system32\wmp.dll
2010-07-11 22:43:47 ----A---- C:\Windows\system32\spwmp.dll
2010-07-11 22:43:46 ----A---- C:\Windows\system32\dxmasf.dll
2010-07-11 22:43:44 ----A---- C:\Windows\system32\unregmp2.exe
2010-07-11 09:27:07 ----N---- C:\Windows\system32\MpSigStub.exe
2010-07-10 23:30:12 ----D---- C:\Windows\system32\oodag
2010-07-10 22:22:13 ----D---- C:\Program Files\Mozilla Firefox
2010-07-10 22:08:45 ----A---- C:\Windows\system32\LOCALSERVICE.INI
2010-07-10 22:08:43 ----A---- C:\Windows\system32\LOCALDEVICE.INI
2010-07-10 22:07:10 ----A---- C:\Windows\system32\BSPRINT.INI
2010-07-10 22:05:57 ----D---- C:\Program Files\IVT Corporation
2010-07-10 22:04:13 ----D---- C:\Program Files\Nokia
2010-07-10 22:04:13 ----A---- C:\Windows\system32\nmwcdcls.dll
2010-07-10 22:04:08 ----D---- C:\Program Files\DIFX
2010-07-10 22:04:07 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-10 22:03:30 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-10 22:03:21 ----D---- C:\ProgramData\Installations
2010-07-10 21:52:10 ----D---- C:\Users\Dostálovi\AppData\Roaming\DAEMON Tools Pro
2010-07-10 21:51:02 ----D---- C:\Program Files\DAEMON Tools Pro
2010-07-10 21:49:17 ----D---- C:\Users\Dostálovi\AppData\Roaming\vlc
2010-07-10 21:49:15 ----D---- C:\Users\Dostálovi\AppData\Roaming\dvdcss
2010-07-10 21:48:32 ----A---- C:\Windows\NeroDigital.ini
2010-07-10 21:40:48 ----D---- C:\Users\Dostálovi\AppData\Roaming\Ahead
2010-07-10 21:39:47 ----D---- C:\ProgramData\Ahead
2010-07-10 21:35:45 ----D---- C:\Program Files\Nero
2010-07-10 21:35:45 ----D---- C:\Program Files\Common Files\Ahead
2010-07-10 21:34:46 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-07-10 21:34:45 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-07-10 20:28:33 ----A---- C:\Windows\system32\CmdLineExt.dll
2010-07-10 20:21:48 ----D---- C:\Users\Dostálovi\AppData\Roaming\VitySoft
2010-07-10 20:04:16 ----D---- C:\Program Files\Rockstar Games
2010-07-10 19:44:56 ----D---- C:\ProgramData\DVD Shrink
2010-07-10 19:22:02 ----D---- C:\ProgramData\Nero
2010-07-10 19:22:02 ----D---- C:\Program Files\Common Files\Nero
2010-07-10 19:05:33 ----D---- C:\Users\Dostálovi\AppData\Roaming\ESTsoft
2010-07-10 19:05:33 ----D---- C:\ProgramData\ESTsoft
2010-07-10 19:05:33 ----D---- C:\Program Files\ESTsoft
2010-07-10 18:53:01 ----A---- C:\Windows\system32\msonpmon.dll
2010-07-10 18:51:41 ----D---- C:\Program Files\Microsoft Works
2010-07-10 18:50:54 ----D---- C:\Program Files\Microsoft Visual Studio
2010-07-10 18:50:54 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-10 18:50:16 ----D---- C:\Windows\PCHEALTH
2010-07-10 18:50:16 ----D---- C:\Program Files\Microsoft.NET
2010-07-10 18:48:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-07-10 18:47:30 ----D---- C:\ProgramData\Microsoft Help
2010-07-10 18:47:30 ----D---- C:\Program Files\Microsoft Office
2010-07-10 18:46:16 ----RHD---- C:\MSOCache
2010-07-10 18:42:49 ----D---- C:\Users\Dostálovi\AppData\Roaming\XnView
2010-07-10 18:28:08 ----RD---- C:\ŠKOLA
2010-07-10 18:26:50 ----D---- C:\Program Files\XnView
2010-07-10 18:12:51 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-07-10 18:04:02 ----D---- C:\Users\Dostálovi\AppData\Roaming\HEXelon
2010-07-10 18:03:30 ----D---- C:\Program Files\TC UP
2010-07-10 18:00:01 ----D---- C:\Program Files\PowerISO
2010-07-10 17:57:49 ----D---- C:\Program Files\OO Software
2010-07-10 17:34:51 ----D---- C:\Users\Dostálovi\AppData\Roaming\WinRAR
2010-07-10 17:34:34 ----D---- C:\Program Files\WinRAR
2010-07-10 17:32:43 ----D---- C:\Users\Dostálovi\AppData\Roaming\Apple Computer
2010-07-10 17:32:33 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-10 17:32:33 ----A---- C:\Windows\system32\GEARAspi.dll
2010-07-10 17:32:33 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-07-10 17:31:39 ----D---- C:\Program Files\iPod
2010-07-10 17:31:37 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-10 17:31:37 ----D---- C:\Program Files\iTunes
2010-07-10 17:27:20 ----D---- C:\Windows\system32\Adobe
2010-07-10 17:27:05 ----D---- C:\Program Files\QuickTime
2010-07-10 17:27:02 ----D---- C:\ProgramData\Apple Computer
2010-07-10 17:26:43 ----D---- C:\Program Files\Apple Software Update
2010-07-10 17:21:42 ----D---- C:\Program Files\Bonjour
2010-07-10 17:21:06 ----D---- C:\Program Files\Common Files\Apple
2010-07-10 17:16:57 ----D---- C:\Program Files\VideoLAN
2010-07-10 17:12:43 ----D---- C:\Users\Dostálovi\AppData\Roaming\Opera
2010-07-10 17:12:34 ----D---- C:\Program Files\Opera
2010-07-10 17:05:48 ----D---- C:\Program Files\MediaCoder iPod Edition
2010-07-10 17:04:45 ----D---- C:\Users\Dostálovi\AppData\Roaming\Adobe
2010-07-10 17:00:02 ----D---- C:\Program Files\Google
2010-07-10 16:59:50 ----D---- C:\Program Files\CCleaner
2010-07-10 16:58:36 ----A---- C:\Windows\system32\drivers\Pcouffin.sys
2010-07-10 16:58:32 ----D---- C:\Program Files\vso
2010-07-10 16:54:01 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-07-10 16:54:01 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-07-10 16:53:59 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-07-10 16:53:57 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-07-10 16:53:54 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-07-10 16:52:51 ----A---- C:\Windows\system32\aswBoot.exe
2010-07-10 16:52:32 ----D---- C:\ProgramData\Alwil Software
2010-07-10 16:52:32 ----D---- C:\Program Files\Alwil Software
2010-07-10 16:50:29 ----A---- C:\Windows\system32\javaws.exe
2010-07-10 16:50:29 ----A---- C:\Windows\system32\javaw.exe
2010-07-10 16:50:29 ----A---- C:\Windows\system32\java.exe
2010-07-10 16:50:29 ----A---- C:\Windows\system32\deploytk.dll
2010-07-10 16:50:20 ----D---- C:\Program Files\Java
2010-07-10 16:49:03 ----HD---- C:\jexepackres
2010-07-10 16:48:56 ----D---- C:\Program Files\AirVideoServer
2010-07-10 16:47:16 ----D---- C:\ProgramData\Apple
2010-07-10 16:46:30 ----D---- C:\Program Files\Air Mouse
2010-07-10 16:45:46 ----D---- C:\Users\Dostálovi\AppData\Roaming\Skype
2010-07-10 16:44:52 ----D---- C:\Program Files\Common Files\Skype
2010-07-10 16:44:51 ----RD---- C:\Program Files\Skype
2010-07-10 16:44:44 ----D---- C:\ProgramData\Skype
2010-07-10 16:39:51 ----A---- C:\Windows\system32\drivers\MTictwl.sys
2010-07-10 16:39:36 ----D---- C:\Program Files\SEC
2010-07-10 16:38:02 ----D---- C:\Users\Dostálovi\AppData\Roaming\Macromedia
2010-07-10 16:37:54 ----D---- C:\Windows\system32\Macromed
2010-07-10 16:36:39 ----D---- C:\Windows\Panther
2010-07-10 16:36:24 ----RAS---- C:\BOOTSECT.BAK
2010-07-10 16:36:23 ----SHD---- C:\Boot
2010-07-10 16:34:42 ----D---- C:\Program Files\Marvell
2010-07-10 16:33:41 ----D---- C:\Program Files\ICQ6Toolbar
2010-07-10 16:33:39 ----D---- C:\Users\Dostálovi\AppData\Roaming\Mozilla
2010-07-10 16:33:39 ----D---- C:\ProgramData\ICQ
2010-07-10 16:33:26 ----D---- C:\Users\Dostálovi\AppData\Roaming\ICQ
2010-07-10 16:33:20 ----D---- C:\Program Files\ICQ7.2
2010-07-10 16:31:51 ----RA---- C:\Windows\system32\drivers\AsIO.sys
2010-07-10 16:31:51 ----RA---- C:\Windows\system32\AsIO.dll
2010-07-10 16:31:47 ----A---- C:\Windows\system32\drivers\AsInsHelp64.sys
2010-07-10 16:31:47 ----A---- C:\Windows\system32\drivers\AsInsHelp32.sys
2010-07-10 16:31:38 ----D---- C:\Program Files\ASUS
2010-07-10 16:30:38 ----A---- C:\Windows\Ascd_log.ini
2010-07-10 16:29:36 ----A---- C:\Windows\system32\drivers\ASACPI.sys
2010-07-10 16:29:28 ----A---- C:\Windows\Ascd_tmp.ini
2010-07-10 16:28:56 ----A---- C:\Windows\system32\drivers\ASUSHWIO.SYS
2010-07-10 16:27:21 ----D---- C:\ProgramData\CanonIJPLM
2010-07-10 16:20:42 ----D---- C:\ProgramData\InstallShield
2010-07-10 16:20:42 ----A---- C:\Windows\MAXLINK.INI
2010-07-10 16:20:37 ----D---- C:\Users\Dostálovi\AppData\Roaming\ScanSoft
2010-07-10 16:20:32 ----D---- C:\ProgramData\ScanSoft
2010-07-10 16:20:32 ----D---- C:\Program Files\Common Files\ScanSoft Shared
2010-07-10 16:20:19 ----D---- C:\Program Files\ScanSoft
2010-07-10 16:19:37 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-10 16:19:13 ----D---- C:\Program Files\Common Files\CANON
2010-07-10 16:17:30 ----HD---- C:\ProgramData\CanonBJ
2010-07-10 16:17:12 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2010-07-10 16:16:23 ----A---- C:\Windows\system32\CNMLM8S.DLL
2010-07-10 16:16:16 ----A---- C:\Windows\system32\CNC210O.DLL
2010-07-10 16:16:15 ----A---- C:\Windows\system32\CNC210L.DLL
2010-07-10 16:16:15 ----A---- C:\Windows\system32\CNC210I.DLL
2010-07-10 16:16:15 ----A---- C:\Windows\system32\CNC210C.DLL
2010-07-10 16:16:02 ----HD---- C:\Program Files\CanonBJ
2010-07-10 16:15:40 ----D---- C:\Program Files\Canon
2010-07-10 16:14:59 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-10 16:14:53 ----A---- C:\Windows\system32\drivers\KMWDFilter.SYS
2010-07-10 16:14:51 ----D---- C:\Program Files\Keyboard & Mouse Driver
2010-07-10 16:13:32 ----D---- C:\Program Files\A4Tech
2010-07-10 16:05:44 ----D---- C:\ProgramData\NVIDIA
2010-07-10 16:04:59 ----D---- C:\ProgramData\NVIDIA Corporation
2010-07-10 16:04:10 ----A---- C:\Windows\system32\OpenCL.dll
2010-07-10 16:04:10 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-07-10 16:04:10 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-07-10 16:04:08 ----A---- C:\Windows\system32\nvoglv32.dll
2010-07-10 16:04:08 ----A---- C:\Windows\system32\nvd3dum.dll
2010-07-10 16:04:08 ----A---- C:\Windows\system32\nvcuvid.dll
2010-07-10 16:04:08 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-07-10 16:04:08 ----A---- C:\Windows\system32\nvcuda.dll
2010-07-10 16:04:06 ----A---- C:\Windows\system32\nvcompiler.dll
2010-07-10 16:04:06 ----A---- C:\Windows\system32\nvcod1921.dll
2010-07-10 16:04:06 ----A---- C:\Windows\system32\nvcod.dll
2010-07-10 16:04:06 ----A---- C:\Windows\system32\nvapi.dll
2010-07-10 16:04:02 ----D---- C:\NVIDIA
2010-07-10 15:59:05 ----SHD---- C:\Windows\Installer
2010-07-10 15:59:03 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-10 15:58:29 ----A---- C:\Windows\system32\wintrust.dll
2010-07-10 15:58:11 ----A---- C:\Windows\system32\cabview.dll
2010-07-10 15:50:26 ----D---- C:\Users\Dostálovi\AppData\Roaming\Identities
2010-07-10 15:50:21 ----SD---- C:\Users\Dostálovi\AppData\Roaming\Microsoft
2010-07-10 15:50:21 ----D---- C:\Users\Dostálovi\AppData\Roaming\Media Center Programs
2010-07-10 15:50:09 ----A---- C:\Windows\system32\wups2.dll
2010-07-10 15:50:09 ----A---- C:\Windows\system32\wucltux.dll
2010-07-10 15:50:09 ----A---- C:\Windows\system32\wuauclt.exe
2010-07-10 15:50:08 ----A---- C:\Windows\system32\wuaueng.dll
2010-07-10 15:49:45 ----A---- C:\Windows\system32\wups.dll
2010-07-10 15:49:45 ----A---- C:\Windows\system32\wudriver.dll
2010-07-10 15:49:45 ----A---- C:\Windows\system32\wuapi.dll
2010-07-10 15:49:18 ----A---- C:\Windows\system32\wuwebv.dll
2010-07-10 15:49:18 ----A---- C:\Windows\system32\wuapp.exe
2010-07-10 15:48:04 ----SHD---- C:\ProgramData\Šablony
2010-07-10 15:48:04 ----SHD---- C:\ProgramData\Plocha
2010-07-10 15:48:04 ----SHD---- C:\ProgramData\Oblíbené položky
2010-07-10 15:48:04 ----SHD---- C:\ProgramData\Nabídka Start
2010-07-10 15:48:04 ----SHD---- C:\ProgramData\Dokumenty
2010-07-10 15:48:04 ----SHD---- C:\ProgramData\Data aplikací
2010-07-10 15:45:18 ----ASH---- C:\hiberfil.sys
2010-07-10 15:40:16 ----D---- C:\Windows\SoftwareDistribution
2010-07-10 15:39:03 ----D---- C:\Windows\system32\catroot2
2010-07-10 15:38:53 ----D---- C:\Windows\Debug
2010-07-10 15:37:42 ----D---- C:\Windows\Prefetch
2010-07-10 15:37:34 ----ASH---- C:\pagefile.sys
2010-07-10 15:37:33 ----SHD---- C:\System Volume Information

Re: Problém s virem

Napsal: 17 črc 2010 12:03
od Majky006
======List of files/folders modified in the last 1 months======

2010-07-17 12:40:04 ----D---- C:\Windows\system32\config
2010-07-17 12:39:26 ----D---- C:\Windows
2010-07-17 12:39:25 ----RSD---- C:\Windows\Media
2010-07-17 12:39:25 ----RSD---- C:\Windows\Fonts
2010-07-17 12:39:25 ----RD---- C:\Windows\Offline Web Pages
2010-07-17 12:39:25 ----D---- C:\Windows\twain_32
2010-07-17 12:39:25 ----D---- C:\Windows\system32\zh-TW
2010-07-17 12:39:25 ----D---- C:\Windows\system32\zh-HK
2010-07-17 12:39:25 ----D---- C:\Windows\system32\zh-CN
2010-07-17 12:39:25 ----D---- C:\Windows\system32\wbem
2010-07-17 12:39:25 ----D---- C:\Windows\system32\uk-UA
2010-07-17 12:39:25 ----D---- C:\Windows\system32\tr-TR
2010-07-17 12:39:25 ----D---- C:\Windows\system32\th-TH
2010-07-17 12:39:25 ----D---- C:\Windows\system32\sv-SE
2010-07-17 12:39:25 ----D---- C:\Windows\system32\sr-Latn-CS
2010-07-17 12:39:25 ----D---- C:\Windows\system32\SLUI
2010-07-17 12:39:25 ----D---- C:\Windows\system32\sl-SI
2010-07-17 12:39:25 ----D---- C:\Windows\system32\sk-SK
2010-07-17 12:39:25 ----D---- C:\Windows\system32\ru-RU
2010-07-17 12:39:25 ----D---- C:\Windows\system32\ras
2010-07-17 12:39:25 ----D---- C:\Windows\system32\pt-PT
2010-07-17 12:39:25 ----D---- C:\Windows\system32\pt-BR
2010-07-17 12:39:25 ----D---- C:\Windows\system32\pl-PL
2010-07-17 12:39:25 ----D---- C:\Windows\system32\oobe
2010-07-17 12:39:25 ----D---- C:\Windows\system32\nl-NL
2010-07-17 12:39:25 ----D---- C:\Windows\system32\nb-NO
2010-07-17 12:39:25 ----D---- C:\Windows\system32\migwiz
2010-07-17 12:39:25 ----D---- C:\Windows\system32\lv-LV
2010-07-17 12:39:25 ----D---- C:\Windows\system32\lt-LT
2010-07-17 12:39:25 ----D---- C:\Windows\system32\ko-KR
2010-07-17 12:39:25 ----D---- C:\Windows\system32\ja-JP
2010-07-17 12:39:25 ----D---- C:\Windows\system32\it-IT
2010-07-17 12:39:25 ----D---- C:\Windows\system32\hu-HU
2010-07-17 12:39:25 ----D---- C:\Windows\system32\hr-HR
2010-07-17 12:39:25 ----D---- C:\Windows\system32\he-IL
2010-07-17 12:39:25 ----D---- C:\Windows\system32\fr-FR
2010-07-17 12:39:25 ----D---- C:\Windows\system32\fi-FI
2010-07-17 12:39:25 ----D---- C:\Windows\system32\et-EE
2010-07-17 12:39:25 ----D---- C:\Windows\system32\es-ES
2010-07-17 12:39:25 ----D---- C:\Windows\system32\en-US
2010-07-17 12:39:25 ----D---- C:\Windows\system32\el-GR
2010-07-17 12:39:25 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-07-17 12:39:25 ----D---- C:\Windows\system32\drivers
2010-07-17 12:39:25 ----D---- C:\Windows\system32\de-DE
2010-07-17 12:39:25 ----D---- C:\Windows\system32\da-DK
2010-07-17 12:39:25 ----D---- C:\Windows\system32\cs-CZ
2010-07-17 12:39:25 ----D---- C:\Windows\system32\cs
2010-07-17 12:39:25 ----D---- C:\Windows\system32\com
2010-07-17 12:39:25 ----D---- C:\Windows\system32\bg-BG
2010-07-17 12:39:25 ----D---- C:\Windows\system32\ar-SA
2010-07-17 12:39:25 ----D---- C:\Windows\system
2010-07-17 12:39:25 ----D---- C:\Windows\ShellNew
2010-07-17 12:39:25 ----D---- C:\Windows\ehome
2010-07-17 12:39:25 ----D---- C:\Program Files\Windows Sidebar
2010-07-17 12:39:25 ----D---- C:\Program Files\Windows Media Player
2010-07-17 12:39:25 ----D---- C:\Program Files\Windows Mail
2010-07-17 12:39:25 ----D---- C:\Program Files\Windows Journal
2010-07-17 12:39:25 ----D---- C:\Program Files\Windows Collaboration
2010-07-17 12:39:25 ----D---- C:\Program Files\Movie Maker
2010-07-17 12:39:25 ----D---- C:\Program Files\Internet Explorer
2010-07-17 12:39:25 ----D---- C:\Program Files\Common Files\Services
2010-07-17 12:39:10 ----D---- C:\Windows\Tasks
2010-07-17 12:39:10 ----D---- C:\Windows\system32\spool
2010-07-17 12:39:10 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-17 12:39:10 ----D---- C:\Windows\system32\CodeIntegrity
2010-07-17 12:39:10 ----D---- C:\Windows\cs-CZ
2010-07-17 12:38:48 ----D---- C:\Windows\registration
2010-07-17 11:56:22 ----D---- C:\Windows\Temp
2010-07-17 11:56:14 ----RD---- C:\Program Files
2010-07-17 11:52:16 ----D---- C:\Windows\system32\catroot
2010-07-17 11:52:14 ----D---- C:\Windows\winsxs
2010-07-17 11:51:54 ----D---- C:\Windows\System32
2010-07-17 11:51:54 ----D---- C:\Windows\inf
2010-07-17 11:51:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-17 11:46:27 ----A---- C:\Windows\system32\bscs.ini
2010-07-17 11:22:51 ----D---- C:\Windows\system32\Tasks
2010-07-14 19:21:06 ----D---- C:\Windows\system32\WDI
2010-07-14 03:00:57 ----D---- C:\Windows\servicing
2010-07-13 11:30:31 ----SD---- C:\Windows\Downloaded Program Files
2010-07-13 03:28:24 ----D---- C:\Windows\Microsoft.NET
2010-07-13 03:28:19 ----RSD---- C:\Windows\assembly
2010-07-12 09:28:38 ----ASH---- C:\Program Files\desktop.ini
2010-07-12 09:28:16 ----D---- C:\Windows\rescache
2010-07-12 09:23:20 ----D---- C:\Windows\system32\migration
2010-07-12 09:23:19 ----D---- C:\Windows\system32\icsxml
2010-07-12 09:23:19 ----D---- C:\Windows\AppPatch
2010-07-12 09:23:19 ----D---- C:\Program Files\Windows Calendar
2010-07-12 09:23:15 ----D---- C:\Program Files\Common Files\System
2010-07-12 09:23:13 ----D---- C:\Program Files\Windows Defender
2010-07-12 09:23:07 ----D---- C:\Windows\system32\manifeststore
2010-07-12 09:23:02 ----D---- C:\Windows\system32\XPSViewer
2010-07-10 22:03:21 ----HD---- C:\ProgramData
2010-07-10 21:35:45 ----D---- C:\Program Files\Common Files
2010-07-10 20:46:01 ----D---- C:\Windows\system32\LogFiles
2010-07-10 19:08:29 ----RD---- C:\Users
2010-07-10 18:51:34 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-10 18:51:23 ----D---- C:\Program Files\MSBuild
2010-07-10 18:50:16 ----SD---- C:\ProgramData\Microsoft
2010-07-10 18:47:48 ----A---- C:\Windows\win.ini
2010-07-10 15:59:18 ----D---- C:\Windows\Help
2010-07-10 15:53:50 ----D---- C:\Windows\Logs
2010-07-10 15:50:43 ----SHD---- C:\$Recycle.Bin
2010-07-10 15:48:10 ----D---- C:\Windows\system32\restore
2010-07-10 15:48:04 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-10 685816]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2006-12-16 8704]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 NCPro;NCPro; C:\Windows\system32\drivers\MTictwl.sys [2005-10-21 13396]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2006-12-16 13824]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2009-06-17 17928]
R3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys [2010-04-06 25992]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys [2010-04-06 22024]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2010-04-19 36616]
R3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 KMWDFilter;KMWDFilter; \??\C:\Windows\System32\Drivers\KMWDFilter.SYS [2007-03-29 17024]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-06-08 10888168]
R3 Pcouffin;Low level access layer for CD devices; C:\Windows\System32\Drivers\Pcouffin.sys [2010-07-10 47360]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 abxgfnga;abxgfnga; C:\Windows\system32\drivers\abxgfnga.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2010-07-11 19456]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [2006-11-22 22416]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 MagicTune;MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [2005-10-21 13396]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2010-05-13 926208]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2010-04-27 147563]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe [2007-04-05 208896]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-07 129640]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-07 240232]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2010-04-27 102503]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-10 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]

-----------------EOF-----------------

Re: Problém s virem

Napsal: 17 črc 2010 12:15
od Caroprd111
Obrázek Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Re: Problém s virem

Napsal: 17 črc 2010 15:00
od Majky006
Program se během skenování sekne.

Re: Problém s virem

Napsal: 17 črc 2010 15:18
od Caroprd111
Zkuste dočasně vypnout antivir.

Re: Problém s virem

Napsal: 17 črc 2010 16:06
od Majky006
Bohužel, ani vypnutý antivir nepomohl. Zkoušel jsem také spustit v Režimu kompatibility s Windows XP, ale také nic.

Re: Problém s virem

Napsal: 17 črc 2010 16:17
od Caroprd111
Zkuste použít skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Re: Problém s virem

Napsal: 17 črc 2010 16:52
od Majky006
Takto už to šlo.
Omlouvám se, že to sem dávám tímto způsobem, ale jelikož je maximální počet znaků u přísvěvku 65000 znaků, musel bych sem dávat cca. 5 postů.
OTL.txt

Extras.txt
OTL Extras logfile created on: 17.7.2010 17:34:11 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\Dostálovi\Desktop
Windows XP Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 191,60 Gb Free Space | 64,28% Space Free | Partition Type: NTFS
Drive D: | 522,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOSTALOVI
Current User Name: Dostálovi
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D654496-9C3D-4565-858C-3E551ECDA4E2}" = Virtual Cable Tester
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{40be35f6-1919-462f-a65f-8d312ed2dae2}" =
"{449801F1-65B0-46F5-B4C5-1EF464EF7214}" = Mobile Mouse Server
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{8AA80787-4900-4E5A-B8C1-43D32672D6F9}" = BlueSoleil 6.4.314.3
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Essentials
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.0.9b
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ED6C5ECD-5AA4-4054-BF67-8F49526E5765}" = O&O Defrag Professional
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Air Video Server" = Air Video Server 2.2.7-update1
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip
"avast5" = avast! Free Antivirus
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver
"MediaCoder iPod Edition" = MediaCoder iPod Edition
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PowerISO" = PowerISO
"Registrace uživatele zařízení Canon MP210 series" = Registrace uživatele zařízení Canon MP210 series
"TC UP" = Total Commander Ultima Prime 5.1.0.0
"VLC media player" = VLC media player 1.1.0
"WheelMouse" = Smart-X7 7.80
"WinRAR archiver" = WinRAR
"XnView_is1" = XnView 1.97

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.7.2010 9:09:10 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13572

Error - 17.7.2010 9:09:11 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 17.7.2010 9:09:11 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14570

Error - 17.7.2010 9:09:11 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14570

Error - 17.7.2010 9:09:12 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 17.7.2010 9:09:12 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15584

Error - 17.7.2010 9:09:12 | Computer Name = Dostalovi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15584

Error - 17.7.2010 9:38:41 | Computer Name = Dostalovi | Source = Application Hang | ID = 1002
Description = Program gta_sa.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: e18 Čas zahájení: 01cb25b47734c880 Čas ukončení: 178

Error - 17.7.2010 9:59:41 | Computer Name = Dostalovi | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.9.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů. ID procesu:
1614 Čas zahájení: 01cb25b38a691fb0 Čas ukončení: 4

Error - 17.7.2010 10:34:09 | Computer Name = Dostalovi | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.9.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů. ID procesu:
1020 Čas zahájení: 01cb25bae437d480 Čas ukončení: 6

[ System Events ]
Error - 17.7.2010 5:52:11 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4375
Description = Služba Windows Servicing nedokončila proces nastavení balíčku KB950974
(Security Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4385
Description = Službě Windows Servicing se nezdařilo dokončení procesu změny aktualizace
937287-4_neutral_PACKAGE z balíčku KB937287(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4385
Description = Službě Windows Servicing se nezdařilo dokončení procesu změny aktualizace
937287-3_neutral_PACKAGE z balíčku KB937287(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4385
Description = Službě Windows Servicing se nezdařilo dokončení procesu změny aktualizace
937287-2_neutral_PACKAGE z balíčku KB937287(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4385
Description = Službě Windows Servicing se nezdařilo dokončení procesu změny aktualizace
937287-1_neutral_GDR z balíčku KB937287(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4375
Description = Služba Windows Servicing nedokončila proces nastavení balíčku KB937287
(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4375
Description = Služba Windows Servicing nedokončila proces nastavení balíčku KB937287
(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4375
Description = Služba Windows Servicing nedokončila proces nastavení balíčku KB937287
(Update) do stavu Fázování(Staging).

Error - 17.7.2010 5:52:18 | Computer Name = Dostalovi | Source = Microsoft-Windows-Servicing | ID = 4375
Description = Služba Windows Servicing nedokončila proces nastavení balíčku KB937287
(Update) do stavu Fázování(Staging).

Error - 17.7.2010 9:14:17 | Computer Name = Dostalovi | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.3 pro síťovou kartu s adresou 001D601A853B
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).


< End of report >

Re: Problém s virem

Napsal: 17 črc 2010 16:56
od Caroprd111
Log vložte normálně do příspěvku. :)

Re: Problém s virem

Napsal: 17 črc 2010 17:00
od Majky006
Bohužel to nejde :(
Obrázek

Re: Problém s virem

Napsal: 17 črc 2010 17:07
od Caroprd111
Tak ho rozdělte do více příspěvků.

Re: Problém s virem

Napsal: 17 črc 2010 17:16
od Majky006
OTL logfile created on: 17.7.2010 17:34:11 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\Dostálovi\Desktop
Windows XP Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 191,60 Gb Free Space | 64,28% Space Free | Partition Type: NTFS
Drive D: | 522,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DOSTALOVI
Current User Name: Dostálovi
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.07.17 14:40:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Dostálovi\Desktop\OTL.exe
PRC - [2010.07.12 00:21:01 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2010.07.11 23:55:36 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.07.10 16:50:21 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2010.06.30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.06.28 22:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.06.27 18:59:16 | 001,018,856 | ---- | M] () -- C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
PRC - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.05.20 19:02:28 | 004,818,760 | ---- | M] () -- C:\Program Files\AirVideoServer\AirVideoServer.exe
PRC - [2010.05.13 10:56:32 | 000,926,208 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2010.04.27 10:47:12 | 000,319,574 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2010.04.27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2010.04.27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
PRC - [2010.04.12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2009.09.12 00:34:00 | 002,524,416 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodtray.exe
PRC - [2007.06.27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.04.13 09:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.04.05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
PRC - [2007.04.04 11:30:40 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe
PRC - [2007.04.03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.03.28 00:38:48 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard & Mouse Driver\KMCONFIG.exe
PRC - [2007.03.06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe
PRC - [2007.02.04 12:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006.12.26 17:08:50 | 000,196,608 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2006.11.02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006.04.10 14:24:20 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
PRC - [2002.02.01 10:53:58 | 001,425,680 | R--- | M] () -- D:\Viewer\ppview32.exe


========== Modules (SafeList) ==========

MOD - [2010.07.17 14:40:46 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Dostálovi\Desktop\OTL.exe
MOD - [2010.07.11 23:39:09 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2010.07.11 22:51:33 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcGenral.dll
MOD - [2010.07.10 19:20:10 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
MOD - [2010.07.10 17:21:22 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2006.12.19 18:38:28 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Windows\System32\Amhooker.dll
MOD - [2006.11.02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2006.11.02 11:46:13 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2006.11.02 11:46:13 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
MOD - [2006.11.02 11:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2006.11.02 11:46:06 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2006.11.02 11:46:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2006.11.02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006.10.27 00:48:42 | 002,210,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2006.10.27 00:48:34 | 000,955,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
MOD - [2006.10.27 00:47:40 | 000,022,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveNew.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.07.12 00:21:01 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.07.11 23:25:07 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.06.28 22:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.05.13 10:56:32 | 000,926,208 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2010.04.27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2010.04.27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)
SRV - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV - [2008.09.08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.04.13 09:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.04.05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010.07.10 18:12:52 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.06.28 22:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.06.08 01:57:00 | 010,888,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.04.19 16:15:04 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.04.06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010.04.06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010.04.06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010.04.06 18:32:32 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcombus.sys -- (BTCOMBUS)
DRV - [2010.04.06 18:32:28 | 000,025,992 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcomport.sys -- (BTCOM)
DRV - [2009.06.17 14:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.03.29 15:00:16 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2006.12.16 01:09:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2006.12.16 01:09:24 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2006.11.22 13:41:18 | 000,022,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys -- (BTNetFilter)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.10.18 21:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.10.18 15:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006.01.13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2005.10.21 07:25:32 | 000,013,396 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2005.10.21 07:25:32 | 000,013,396 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3824100946-431830730-2105913087-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3824100946-431830730-2105913087-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3824100946-431830730-2105913087-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3824100946-431830730-2105913087-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3824100946-431830730-2105913087-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.10 22:22:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.10 22:22:16 | 000,000,000 | ---D | M]

[2010.07.10 22:22:54 | 000,000,000 | ---D | M] -- C:\Users\Dostálovi\AppData\Roaming\Mozilla\Extensions
[2010.07.14 11:41:26 | 000,000,000 | ---D | M] -- C:\Users\Dostálovi\AppData\Roaming\Mozilla\Firefox\Profiles\rwqbn192.default\extensions
[2010.07.13 23:03:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dostálovi\AppData\Roaming\Mozilla\Firefox\Profiles\rwqbn192.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.10 22:22:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.26 10:27:08 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.06.26 10:27:08 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.06.26 10:27:08 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.06.26 10:27:08 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.06.26 10:27:08 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3824100946-431830730-2105913087-1000..\Run: [AirVideoServer] C:\Program Files\AirVideoServer\AirVideoServer.exe ()
O4 - HKU\S-1-5-21-3824100946-431830730-2105913087-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3824100946-431830730-2105913087-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\skype4com.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dostálovi\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dostálovi\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.05.12 09:44:38 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{435619ca-8c28-11df-93a2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{435619ca-8c28-11df-93a2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Viewer\ppview32.exe agaxzs\auto.ppt -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.iac2 - C:\Windows\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)

Re: Problém s virem

Napsal: 17 črc 2010 17:17
od Majky006
========== Files/Folders - Created Within 30 Days ==========

[2010.07.17 14:40:46 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Dostálovi\Desktop\OTL.exe
[2010.07.17 11:56:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.07.17 11:56:14 | 000,000,000 | ---D | C] -- C:\rsit
[2010.07.14 09:28:26 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\Desktop\District.9.CZ.2009.avi
[2010.07.12 00:40:20 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.07.12 00:40:20 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.07.12 00:40:20 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.07.12 00:40:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.07.12 00:40:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010.07.12 00:38:51 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010.07.12 00:38:51 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.07.12 00:38:51 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.07.12 00:38:51 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.07.12 00:38:51 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010.07.12 00:38:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010.07.12 00:38:50 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010.07.12 00:38:50 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.07.12 00:38:49 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.07.12 00:38:49 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010.07.12 00:38:48 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.07.12 00:38:47 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.07.12 00:38:47 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.07.12 00:38:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010.07.12 00:38:46 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.07.12 00:38:45 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.07.12 00:38:44 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.07.12 00:38:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.07.12 00:38:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.07.12 00:38:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010.07.12 00:38:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.07.12 00:38:41 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.07.12 00:37:05 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010.07.12 00:37:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010.07.12 00:37:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010.07.12 00:36:07 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010.07.12 00:36:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010.07.12 00:36:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kmddsp.tsp
[2010.07.12 00:36:05 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010.07.12 00:36:05 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010.07.12 00:36:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndptsp.tsp
[2010.07.12 00:36:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2010.07.12 00:36:05 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2010.07.12 00:36:04 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010.07.12 00:36:04 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010.07.12 00:36:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010.07.12 00:36:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2010.07.12 00:36:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2010.07.12 00:36:03 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2010.07.12 00:36:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010.07.12 00:34:08 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010.07.12 00:34:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010.07.12 00:34:08 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010.07.12 00:33:10 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010.07.12 00:33:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010.07.12 00:33:10 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2010.07.12 00:31:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010.07.12 00:31:55 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010.07.12 00:31:55 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010.07.12 00:31:55 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010.07.12 00:31:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.07.12 00:31:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010.07.12 00:31:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010.07.12 00:31:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010.07.12 00:31:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010.07.12 00:30:36 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010.07.12 00:30:35 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010.07.12 00:28:45 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010.07.12 00:28:44 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010.07.12 00:28:44 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010.07.12 00:28:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010.07.12 00:28:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010.07.12 00:27:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010.07.12 00:27:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010.07.12 00:26:36 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.07.12 00:24:44 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010.07.12 00:24:44 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010.07.12 00:23:51 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.07.12 00:23:51 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010.07.12 00:23:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010.07.12 00:23:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010.07.12 00:23:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010.07.12 00:23:50 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010.07.12 00:22:49 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.07.12 00:22:49 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.07.12 00:19:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.07.12 00:13:53 | 000,374,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010.07.12 00:13:04 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010.07.12 00:13:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010.07.12 00:11:15 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010.07.12 00:11:15 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010.07.12 00:10:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010.07.12 00:08:34 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010.07.12 00:07:45 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010.07.12 00:06:50 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010.07.12 00:05:58 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010.07.12 00:05:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010.07.12 00:05:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010.07.12 00:05:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010.07.12 00:02:16 | 001,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2010.07.12 00:02:16 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010.07.12 00:02:16 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2010.07.12 00:02:16 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.07.12 00:02:16 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.07.12 00:02:16 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2010.07.12 00:02:15 | 000,292,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.07.12 00:02:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2010.07.11 23:59:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.07.11 23:58:41 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010.07.11 23:57:00 | 000,109,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010.07.11 23:57:00 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010.07.11 23:56:19 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010.07.11 23:55:36 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.07.11 23:54:52 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010.07.11 23:54:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2010.07.11 23:54:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2010.07.11 23:54:52 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2010.07.11 23:53:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010.07.11 23:52:21 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010.07.11 23:52:20 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010.07.11 23:52:20 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010.07.11 23:52:20 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010.07.11 23:52:20 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010.07.11 23:52:19 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010.07.11 23:52:19 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010.07.11 23:52:19 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010.07.11 23:52:19 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010.07.11 23:52:18 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010.07.11 23:52:18 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010.07.11 23:52:17 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010.07.11 23:52:17 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010.07.11 23:52:17 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010.07.11 23:52:17 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010.07.11 23:52:17 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010.07.11 23:52:16 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010.07.11 23:52:16 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010.07.11 23:52:15 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010.07.11 23:52:15 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010.07.11 23:52:15 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010.07.11 23:52:14 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010.07.11 23:52:14 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010.07.11 23:52:14 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010.07.11 23:52:14 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010.07.11 23:52:14 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010.07.11 23:52:13 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010.07.11 23:52:13 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010.07.11 23:52:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010.07.11 23:52:12 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010.07.11 23:52:12 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010.07.11 23:52:12 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010.07.11 23:52:12 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010.07.11 23:52:11 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010.07.11 23:52:11 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010.07.11 23:52:11 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010.07.11 23:52:11 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010.07.11 23:52:10 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010.07.11 23:52:10 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010.07.11 23:52:10 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010.07.11 23:52:09 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010.07.11 23:52:09 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010.07.11 23:52:09 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010.07.11 23:52:08 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010.07.11 23:52:08 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010.07.11 23:52:08 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010.07.11 23:52:08 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010.07.11 23:52:08 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010.07.11 23:52:08 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010.07.11 23:52:08 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010.07.11 23:52:07 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010.07.11 23:52:07 | 003,464,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010.07.11 23:52:07 | 002,655,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010.07.11 23:52:07 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010.07.11 23:52:07 | 001,523,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010.07.11 23:52:06 | 004,874,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010.07.11 23:52:06 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010.07.11 23:52:06 | 002,597,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010.07.11 23:52:06 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010.07.11 23:52:06 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010.07.11 23:52:06 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010.07.11 23:52:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010.07.11 23:52:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010.07.11 23:52:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010.07.11 23:52:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010.07.11 23:52:04 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010.07.11 23:52:04 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010.07.11 23:52:04 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010.07.11 23:52:04 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010.07.11 23:52:04 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010.07.11 23:52:03 | 009,845,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010.07.11 23:52:03 | 002,641,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010.07.11 23:52:03 | 002,340,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010.07.11 23:52:03 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010.07.11 23:52:02 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010.07.11 23:52:02 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010.07.11 23:52:02 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010.07.11 23:52:01 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010.07.11 23:52:01 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010.07.11 23:52:01 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010.07.11 23:52:01 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010.07.11 23:48:26 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010.07.11 23:48:26 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010.07.11 23:48:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010.07.11 23:48:25 | 000,944,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.07.11 23:48:25 | 000,905,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.07.11 23:48:25 | 000,620,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010.07.11 23:48:25 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010.07.11 23:48:25 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010.07.11 23:48:24 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010.07.11 23:48:24 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010.07.11 23:48:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010.07.11 23:48:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010.07.11 23:48:23 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010.07.11 23:48:23 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010.07.11 23:48:23 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010.07.11 23:48:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2010.07.11 23:48:22 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.07.11 23:48:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010.07.11 23:48:21 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010.07.11 23:48:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010.07.11 23:46:53 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010.07.11 23:46:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010.07.11 23:46:52 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010.07.11 23:46:52 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010.07.11 23:46:52 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010.07.11 23:46:52 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010.07.11 23:46:01 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.07.11 23:46:01 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.07.11 23:45:15 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.07.11 23:44:27 | 000,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010.07.11 23:44:27 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010.07.11 23:44:27 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010.07.11 23:42:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010.07.11 23:42:22 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2010.07.11 23:42:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2010.07.11 23:41:40 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.07.11 23:40:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010.07.11 23:40:49 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010.07.11 23:40:01 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010.07.11 23:40:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010.07.11 23:40:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010.07.11 23:40:00 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010.07.11 23:40:00 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010.07.11 23:40:00 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010.07.11 23:39:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010.07.11 23:39:09 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010.07.11 23:39:09 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010.07.11 23:39:09 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010.07.11 23:37:55 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010.07.11 23:37:55 | 000,061,440 | ---- | C] (Společnost Microsoft) -- C:\Windows\System32\ntprint.exe
[2010.07.11 23:37:54 | 001,984,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010.07.11 23:37:54 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010.07.11 23:37:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2010.07.11 23:37:52 | 008,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010.07.11 23:37:08 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010.07.11 23:37:08 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010.07.11 23:36:29 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.07.11 23:35:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010.07.11 23:35:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010.07.11 23:34:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010.07.11 23:34:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010.07.11 23:33:34 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.07.11 23:33:34 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.07.11 23:33:34 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.07.11 23:33:33 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.07.11 23:33:33 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.07.11 23:33:33 | 000,473,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.07.11 23:33:33 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.07.11 23:33:33 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.07.11 23:33:33 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.07.11 23:32:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010.07.11 23:31:41 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010.07.11 23:25:04 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010.07.11 23:25:04 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010.07.11 23:25:04 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010.07.11 23:25:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010.07.11 23:25:01 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010.07.11 23:25:01 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.07.11 23:25:01 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010.07.11 23:25:01 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.07.11 23:04:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.07.11 23:04:41 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010.07.11 23:04:41 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010.07.11 22:51:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.07.11 22:51:32 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.07.11 22:51:32 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.07.11 22:51:02 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010.07.11 22:51:02 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010.07.11 22:50:24 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010.07.11 22:49:49 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010.07.11 22:49:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmi.dll
[2010.07.11 22:48:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.07.11 22:48:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.07.11 22:46:40 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010.07.11 22:46:39 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010.07.11 22:46:23 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010.07.11 22:46:11 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2010.07.11 22:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.07.11 22:44:56 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.07.11 22:44:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010.07.11 22:44:55 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.07.11 22:44:55 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.07.11 22:44:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010.07.11 22:44:10 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.07.11 22:43:48 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.07.11 22:43:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010.07.11 22:43:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010.07.11 22:43:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010.07.11 22:43:44 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010.07.11 21:40:31 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\Desktop\alka
[2010.07.11 11:43:40 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\Desktop\Cop Out
[2010.07.11 09:27:07 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.07.10 23:30:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\oodag
[2010.07.10 22:22:40 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Local\Mozilla
[2010.07.10 22:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.07.10 22:08:45 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\Documents\Bluetooth
[2010.07.10 22:08:39 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Local\bluesoleil
[2010.07.10 22:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\IVT Corporation
[2010.07.10 22:04:13 | 000,090,624 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2010.07.10 22:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010.07.10 22:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010.07.10 22:04:07 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.07.10 22:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.07.10 22:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010.07.10 21:52:10 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\DAEMON Tools Pro
[2010.07.10 21:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2010.07.10 21:49:17 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\vlc
[2010.07.10 21:49:15 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\dvdcss
[2010.07.10 21:47:09 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Local\Ahead
[2010.07.10 21:47:03 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Local\Scansoft
[2010.07.10 21:40:48 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\Ahead
[2010.07.10 21:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010.07.10 21:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010.07.10 21:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010.07.10 21:34:46 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.07.10 21:34:45 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.07.10 20:31:12 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\Documents\GTA San Andreas User Files
[2010.07.10 20:28:33 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.07.10 20:21:48 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\VitySoft
[2010.07.10 20:18:42 | 466,961,946 | ---- | C] (Adobe Systems, Incorporated) -- C:\Users\Dostálovi\Desktop\Adobe Photoshop CS4.exe
[2010.07.10 20:11:56 | 000,000,000 | R--D | C] -- C:\Users\Dostálovi\Desktop\Hry
[2010.07.10 20:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.07.10 19:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2010.07.10 19:38:53 | 000,000,000 | R--D | C] -- C:\Users\Dostálovi\Desktop\MP3_ALL
[2010.07.10 19:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.07.10 19:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010.07.10 19:05:33 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\ESTsoft
[2010.07.10 19:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ESTsoft
[2010.07.10 19:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESTsoft
[2010.07.10 18:58:15 | 000,000,000 | R--D | C] -- C:\Users\Dostálovi\Desktop\Weby
[2010.07.10 18:53:01 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010.07.10 18:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010.07.10 18:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.07.10 18:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.07.10 18:50:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.07.10 18:50:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.07.10 18:48:15 | 000,000,000 | R--D | C] -- C:\Users\Dostálovi\Desktop\iPhone
[2010.07.10 18:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010.07.10 18:47:33 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Local\Microsoft Help
[2010.07.10 18:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.07.10 18:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.07.10 18:46:16 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.07.10 18:42:49 | 000,000,000 | ---D | C] -- C:\Users\Dostálovi\AppData\Roaming\XnView
[2010.07.10 18:28:08 | 000,000,000 | R--D | C] -- C:\ŠKOLA
[2010.07.10 18:27:19 | 000,000,000 | R--D | C] -- C:\Users\Dostálovi\Desktop\Michal
[2010.07.10 18:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\XnView
[2010.07.10 18:19:05 | 000,000,000 | R--D | C] -- C:\Users\Dostálovi\Desktop\FOTOvšech
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz