VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

preventivni kontrola

https://forum.viry.cz:443/viewtopic.php?t=104271

Stránka 1 z 2

preventivni kontrola

Napsal: 01 zář 2010 13:38
od Jan Strnad
Dobry den, prosim o preventivni kontrolu logu. Dekuji

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jan Strnad at 2010-09-01 14:26:38
Microsoft® Windows Vista™ Business Service Pack 1
System drive C: has 4 GB (4%) free of 113 GB
Total RAM: 2943 MB (44% free)


======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3836460684-2097525497-2832479325-1006Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3836460684-2097525497-2832479325-1006UA.job
C:\Windows\tasks\User_Feed_Synchronization-{7252510C-F76C-4D1A-B5BB-4E0AC960E661}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-03-13 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21 71192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-03-13 2403392]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-05-02 163840]
"CognizanceTS"=C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2003-12-22 17920]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-15 1097728]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 730600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
"Google Update"=C:\Users\Jan Strnad\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-02 133104]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-09-01 14:19:17 ----D---- C:\Program Files\trend micro
2010-09-01 14:18:49 ----D---- C:\rsit
2010-08-31 21:44:53 ----D---- C:\Users\Jan Strnad\AppData\Roaming\Thunderbird
2010-08-31 21:44:41 ----D---- C:\Program Files\Mozilla Thunderbird
2010-08-31 21:20:51 ----D---- C:\ProgramData\Sun
2010-08-31 21:20:27 ----A---- C:\Windows\system32\javaws.exe
2010-08-31 21:20:27 ----A---- C:\Windows\system32\javaw.exe
2010-08-31 21:20:27 ----A---- C:\Windows\system32\java.exe
2010-08-31 21:20:27 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-31 21:17:00 ----D---- C:\Users\Jan Strnad\AppData\Roaming\CheckPoint
2010-08-31 21:16:29 ----D---- C:\Program Files\Conduit
2010-08-31 21:16:28 ----D---- C:\Program Files\ZoneAlarm
2010-08-31 21:16:08 ----D---- C:\Program Files\CheckPoint
2010-08-31 21:16:00 ----A---- C:\Windows\system32\vsregexp.dll
2010-08-31 21:15:24 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-08-31 21:15:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-31 21:15:24 ----A---- C:\Windows\system32\drivers\netio.sys
2010-08-31 21:15:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2010-08-31 21:15:23 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-08-31 21:15:23 ----A---- C:\Windows\system32\BFE.DLL
2010-08-31 21:14:59 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-08-31 21:14:59 ----A---- C:\Windows\system32\netiougc.exe
2010-08-31 21:14:49 ----A---- C:\Windows\system32\zlcommdb.dll
2010-08-31 21:14:49 ----A---- C:\Windows\system32\zlcomm.dll
2010-08-31 21:14:44 ----A---- C:\Windows\system32\vswmi.dll
2010-08-31 21:14:42 ----A---- C:\Windows\system32\zpeng25.dll
2010-08-31 21:14:42 ----A---- C:\Windows\system32\vsxml.dll
2010-08-31 21:14:41 ----A---- C:\Windows\system32\vspubapi.dll
2010-08-31 21:14:41 ----A---- C:\Windows\system32\vsmonapi.dll
2010-08-31 21:14:40 ----A---- C:\Windows\system32\vsdata.dll
2010-08-31 21:14:30 ----A---- C:\Windows\system32\drivers\vsdatant.sys
2010-08-31 21:14:29 ----D---- C:\Windows\system32\ZoneLabs
2010-08-31 21:14:29 ----D---- C:\Program Files\Zone Labs
2010-08-31 21:13:25 ----A---- C:\Windows\system32\vsutil.dll
2010-08-31 21:13:25 ----A---- C:\Windows\system32\vsinit.dll
2010-08-31 20:12:04 ----D---- C:\PerfLogs
2010-08-31 19:42:50 ----A---- C:\Windows\system32\SPWizUI.dll
2010-08-31 19:42:50 ----A---- C:\Windows\system32\SPReview.exe
2010-08-31 19:13:56 ----A---- C:\Windows\system32\sdspres.dll
2010-08-31 19:13:48 ----A---- C:\Windows\system32\recdisc.exe
2010-08-31 19:12:45 ----A---- C:\Windows\system32\vsp1cln.exe
2010-08-31 19:12:14 ----A---- C:\Windows\system32\spp.dll
2010-08-31 19:12:10 ----A---- C:\Windows\system32\sxproxy.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\mstask.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\mssvp.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msstrc.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\mssrch.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\mssitlb.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\mssha.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msscp.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msscntrs.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msscb.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msrepl40.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msrdc.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msrd3x40.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msrating.dll
2010-08-31 19:03:22 ----A---- C:\Windows\system32\msra.exe
2010-08-31 19:03:22 ----A---- C:\Windows\system32\drivers\mstee.sys
2010-08-31 19:03:22 ----A---- C:\Windows\system32\drivers\msrpc.sys
2010-08-31 19:03:21 ----A---- C:\Windows\system32\NAPMONTR.DLL
2010-08-31 19:03:21 ----A---- C:\Windows\system32\napipsec.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\NapiNSP.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\NAPHLPR.DLL
2010-08-31 19:03:21 ----A---- C:\Windows\system32\napdsnap.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mydocs.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mycomput.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\MuiUnattend.exe
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mtxoci.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mtxlegih.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mtxdm.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mtxclu.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mtstocom.exe
2010-08-31 19:03:21 ----A---- C:\Windows\system32\msvbvm60.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\msutb.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mstlsapi.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mssprxy.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mssphtb.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\mssph.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\msshsq.dll
2010-08-31 19:03:21 ----A---- C:\Windows\system32\drivers\mup.sys
2010-08-31 19:03:21 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2010-08-31 19:03:21 ----A---- C:\Windows\system32\drivers\mspqm.sys
2010-08-31 19:03:21 ----A---- C:\Windows\system32\drivers\mspclock.sys
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msxbde40.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\mswsock.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\mswmdm.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msvcrt.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\mstsc.exe
2010-08-31 19:03:20 ----A---- C:\Windows\system32\mstext40.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msftedit.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msexcl40.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\msdtcuiu.dll
2010-08-31 19:03:20 ----A---- C:\Windows\system32\drivers\msfs.sys
2010-08-31 19:03:19 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2010-08-31 19:03:19 ----A---- C:\Windows\system32\msdtctm.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\mshtmled.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\mshta.exe
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msg.exe
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdtclog.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdtckrm.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdtc.exe
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdt.exe
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdt.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdmo.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdelta.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdart.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msdadiag.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\msctfui.dll
2010-08-31 19:03:17 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\mspbde40.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\mspatcha.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\mspaint.exe
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msorcl32.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msoert2.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msoeacct.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msobjs.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msnetobj.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msmmsp.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msltus40.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msls31.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msjtes40.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msihnd.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msiexec.exe
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msieftp.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msidle.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msident.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msidcrl30.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\msi.dll
2010-08-31 19:03:16 ----A---- C:\Windows\system32\drivers\mskssrv.sys
2010-08-31 19:03:14 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2010-08-31 19:03:14 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2010-08-31 19:03:13 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-08-31 19:03:13 ----A---- C:\Windows\system32\msjet40.dll
2010-08-31 19:03:13 ----A---- C:\Windows\system32\msisip.dll
2010-08-31 19:03:13 ----A---- C:\Windows\system32\msinfo32.exe
2010-08-31 19:03:13 ----A---- C:\Windows\system32\msimtf.dll
2010-08-31 19:03:10 ----A---- C:\Windows\system32\notepad.exe
2010-08-31 19:03:10 ----A---- C:\Windows\system32\Nlsdl.dll
2010-08-31 19:03:10 ----A---- C:\Windows\system32\drivers\npfs.sys
2010-08-31 19:03:10 ----A---- C:\Windows\notepad.exe
2010-08-31 19:03:09 ----A---- C:\Windows\system32\nlsbres.dll
2010-08-31 19:03:09 ----A---- C:\Windows\system32\nlmgp.dll
2010-08-31 19:03:09 ----A---- C:\Windows\system32\nlhtml.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\offfilt.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbctrac.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbcjt32.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbccu32.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbccr32.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbccp32.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbcconf.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbcbcp.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\odbc32.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\ocsetup.exe
2010-08-31 19:03:07 ----A---- C:\Windows\system32\objsel.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\ntdsapi.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\ntdll.dll
2010-08-31 19:03:07 ----A---- C:\Windows\system32\nslookup.exe
2010-08-31 19:03:07 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ntvdm.exe
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ntshrui.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ntprint.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ntmarta.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ntlanman.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\nsisvc.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\nsi.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\nshipsec.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netid.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netdiagfx.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netcorehc.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netcfgx.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netcfg.exe
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netcenter.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\netbtugc.exe
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ncsi.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ncryptui.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ncrypt.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\ncobjapi.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\nci.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\NcdProp.dll
2010-08-31 19:03:06 ----A---- C:\Windows\system32\nbtstat.exe
2010-08-31 19:03:06 ----A---- C:\Windows\system32\NAPSTAT.EXE
2010-08-31 19:03:06 ----A---- C:\Windows\system32\drivers\null.sys
2010-08-31 19:03:06 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-08-31 19:03:06 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2010-08-31 19:03:06 ----A---- C:\Windows\system32\drivers\netbt.sys
2010-08-31 19:03:06 ----A---- C:\Windows\system32\drivers\netbios.sys
2010-08-31 19:03:05 ----A---- C:\Windows\system32\newdev.dll
2010-08-31 19:03:05 ----A---- C:\Windows\system32\net1.exe
2010-08-31 19:03:05 ----A---- C:\Windows\system32\net.exe
2010-08-31 19:03:05 ----A---- C:\Windows\system32\ndfetw.dll
2010-08-31 19:03:05 ----A---- C:\Windows\system32\ndfapi.dll
2010-08-31 19:03:05 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2010-08-31 19:03:05 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2010-08-31 19:03:05 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2010-08-31 19:03:05 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2010-08-31 19:03:05 ----A---- C:\Windows\system32\drivers\ndis.sys
2010-08-31 19:03:04 ----A---- C:\Windows\system32\nlasvc.dll
2010-08-31 19:03:04 ----A---- C:\Windows\system32\nlaapi.dll
2010-08-31 19:03:04 ----A---- C:\Windows\system32\networkmap.dll
2010-08-31 19:03:04 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-08-31 19:03:04 ----A---- C:\Windows\system32\networkexplorer.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\netshell.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\NetProjW.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\netprofm.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\netprof.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\Netplwiz.exe
2010-08-31 19:03:03 ----A---- C:\Windows\system32\netplwiz.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\netman.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\netlogon.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\makecab.exe
2010-08-31 19:03:03 ----A---- C:\Windows\system32\lsmproxy.dll
2010-08-31 19:03:03 ----A---- C:\Windows\system32\lsm.exe
2010-08-31 19:03:02 ----A---- C:\Windows\system32\mblctr.exe
2010-08-31 19:03:02 ----A---- C:\Windows\system32\luainstall.dll
2010-08-31 19:03:02 ----A---- C:\Windows\system32\logman.exe
2010-08-31 19:03:02 ----A---- C:\Windows\system32\loghours.dll
2010-08-31 19:03:02 ----A---- C:\Windows\system32\lodctr.exe
2010-08-31 19:03:02 ----A---- C:\Windows\system32\localui.dll
2010-08-31 19:03:02 ----A---- C:\Windows\system32\localsec.dll
2010-08-31 19:03:02 ----A---- C:\Windows\system32\drivers\luafv.sys
2010-08-31 19:03:00 ----A---- C:\Windows\system32\mfplat.dll
2010-08-31 19:03:00 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-08-31 19:03:00 ----A---- C:\Windows\system32\lpremove.exe
2010-08-31 19:03:00 ----A---- C:\Windows\system32\lpksetup.exe
2010-08-31 19:03:00 ----A---- C:\Windows\system32\LogonUI.exe
2010-08-31 19:03:00 ----A---- C:\Windows\system32\logoff.exe
2010-08-31 19:02:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2010-08-31 19:02:59 ----A---- C:\Windows\system32\mfvdsp.dll
2010-08-31 19:02:59 ----A---- C:\Windows\system32\mfcsubs.dll
2010-08-31 19:02:58 ----A---- C:\Windows\system32\mfc42u.dll
2010-08-31 19:02:58 ----A---- C:\Windows\system32\mfc42.dll
2010-08-31 19:02:58 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-08-31 19:02:58 ----A---- C:\Windows\system32\mcbuilder.exe
2010-08-31 19:02:58 ----A---- C:\Windows\system32\drivers\mcd.sys
2010-08-31 19:02:57 ----A---- C:\Windows\system32\MdSched.exe
2010-08-31 19:02:57 ----A---- C:\Windows\system32\mdminst.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\McxDriv.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\itss.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\iscsiwmi.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\iscsium.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\iscsilog.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\iscsiexe.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\iscsied.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\ipnathlp.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\IPBusEnum.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\inseng.dll
2010-08-31 19:02:57 ----A---- C:\Windows\system32\drivers\irenum.sys
2010-08-31 19:02:57 ----A---- C:\Windows\system32\drivers\irda.sys
2010-08-31 19:02:57 ----A---- C:\Windows\system32\drivers\ipnat.sys
2010-08-31 19:02:56 ----A---- C:\Windows\system32\loadperf.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\lnkstub.exe
2010-08-31 19:02:56 ----A---- C:\Windows\system32\lltdsvc.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\lltdapi.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\licmgr10.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\l2nacp.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\l2gpstore.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\ktmw32.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\ktmutil.exe
2010-08-31 19:02:56 ----A---- C:\Windows\system32\korwbrkr.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\KMSVC.DLL
2010-08-31 19:02:56 ----A---- C:\Windows\system32\keymgr.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\iprtrmgr.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\iprtprio.dll
2010-08-31 19:02:56 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-08-31 19:02:56 ----A---- C:\Windows\system32\ipconfig.exe
2010-08-31 19:02:56 ----A---- C:\Windows\system32\drivers\lltdio.sys
2010-08-31 19:02:56 ----A---- C:\Windows\system32\drivers\ks.sys
2010-08-31 19:02:56 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2010-08-31 19:02:56 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys
2010-08-31 19:02:55 ----A---- C:\Windows\system32\mprmsg.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\mprdim.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\mprddm.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\mprapi.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\mpr.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\kdusb.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\kdcom.dll
2010-08-31 19:02:55 ----A---- C:\Windows\system32\KBDKOR.DLL
2010-08-31 19:02:55 ----A---- C:\Windows\system32\KBDJPN.DLL
2010-08-31 19:02:55 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2010-08-31 19:02:55 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2010-08-31 19:02:54 ----A---- C:\Windows\system32\MPSSVC.dll
2010-08-31 19:02:54 ----A---- C:\Windows\system32\mountvol.exe
2010-08-31 19:02:54 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2010-08-31 19:02:54 ----A---- C:\Windows\system32\drivers\mouhid.sys
2010-08-31 19:02:54 ----A---- C:\Windows\system32\drivers\mouclass.sys
2010-08-31 19:02:54 ----A---- C:\Windows\system32\drivers\monitor.sys
2010-08-31 19:02:53 ----A---- C:\Windows\system32\MPG4DECD.DLL
2010-08-31 19:02:52 ----A---- C:\Windows\system32\mscandui.dll
2010-08-31 19:02:52 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-08-31 19:02:52 ----A---- C:\Windows\system32\MP43DECD.DLL
2010-08-31 19:02:52 ----A---- C:\Windows\system32\MP3DMOD.DLL
2010-08-31 19:02:50 ----A---- C:\Windows\system32\msctf.dll
2010-08-31 19:02:50 ----A---- C:\Windows\system32\msconfig.exe
2010-08-31 19:02:50 ----A---- C:\Windows\system32\mscms.dll
2010-08-31 19:02:50 ----A---- C:\Windows\system32\msacm32.dll
2010-08-31 19:02:50 ----A---- C:\Windows\system32\msaatext.dll
2010-08-31 19:02:50 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-08-31 19:02:49 ----A---- C:\Windows\system32\modemui.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mobsync.exe
2010-08-31 19:02:49 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mmcss.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mmcshext.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mmcbase.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mmc.exe
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mlang.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\mimefilt.dll
2010-08-31 19:02:49 ----A---- C:\Windows\system32\drivers\modem.sys
2010-08-31 19:02:48 ----A---- C:\Windows\system32\midimap.dll
2010-08-31 19:02:47 ----A---- C:\Windows\system32\milcore.dll
2010-08-31 19:02:47 ----A---- C:\Windows\system32\migisol.dll
2010-08-31 19:02:47 ----A---- C:\Windows\system32\MigAutoPlay.exe
2010-08-31 19:02:44 ----A---- C:\Windows\system32\shrink.dll
2010-08-31 19:02:44 ----A---- C:\Windows\system32\shlwapi.dll
2010-08-31 19:02:44 ----A---- C:\Windows\system32\shimgvw.dll
2010-08-31 19:02:44 ----A---- C:\Windows\system32\shgina.dll
2010-08-31 19:02:44 ----A---- C:\Windows\system32\secpol.msc
2010-08-31 19:02:44 ----A---- C:\Windows\system32\seclogon.dll
2010-08-31 19:02:44 ----A---- C:\Windows\system32\SecEdit.exe
2010-08-31 19:02:44 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-08-31 19:02:44 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-08-31 19:02:44 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-08-31 19:02:44 ----A---- C:\Windows\system32\sdshext.dll
2010-08-31 19:02:44 ----A---- C:\Windows\system32\sdrsvc.dll
2010-08-31 19:02:43 ----A---- C:\Windows\system32\SnippingTool.exe
2010-08-31 19:02:43 ----A---- C:\Windows\system32\SndVol.exe
2010-08-31 19:02:43 ----A---- C:\Windows\system32\smss.exe
2010-08-31 19:02:43 ----A---- C:\Windows\system32\SmiInstaller.dll
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shwebsvc.dll
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shutdown.exe
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shsvcs.dll
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shsetup.dll
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shrpubw.exe
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shdocvw.dll
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shadow.exe
2010-08-31 19:02:43 ----A---- C:\Windows\system32\shacct.dll
2010-08-31 19:02:42 ----A---- C:\Windows\system32\softkbd.dll
2010-08-31 19:02:41 ----A---- C:\Windows\system32\slwmi.dll
2010-08-31 19:02:41 ----A---- C:\Windows\system32\slwga.dll
2010-08-31 19:02:41 ----A---- C:\Windows\system32\SLUINotify.dll
2010-08-31 19:02:41 ----A---- C:\Windows\system32\SLUI.exe
2010-08-31 19:02:41 ----A---- C:\Windows\system32\SLsvc.exe
2010-08-31 19:02:41 ----A---- C:\Windows\system32\slmgr.vbs
2010-08-31 19:02:41 ----A---- C:\Windows\system32\SLLUA.exe
2010-08-31 19:02:40 ----A---- C:\Windows\system32\SmiEngine.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\slcinst.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\SLCExt.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\slcc.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\SLC.dll
2010-08-31 19:02:40 ----A---- C:\Windows\system32\drivers\smclib.sys
2010-08-31 19:02:40 ----A---- C:\Windows\system32\drivers\smb.sys
2010-08-31 19:02:39 ----A---- C:\Windows\system32\SessEnv.dll
2010-08-31 19:02:39 ----A---- C:\Windows\system32\services.exe
2010-08-31 19:02:39 ----A---- C:\Windows\system32\serialui.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\sfc_os.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\sfc.exe
2010-08-31 19:02:38 ----A---- C:\Windows\system32\setupugc.exe
2010-08-31 19:02:38 ----A---- C:\Windows\system32\setupSNK.exe
2010-08-31 19:02:38 ----A---- C:\Windows\system32\setupcln.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\setupcl.exe
2010-08-31 19:02:38 ----A---- C:\Windows\system32\setupapi.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\sethc.exe
2010-08-31 19:02:38 ----A---- C:\Windows\system32\Sens.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\sendmail.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\ppcsnap.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\powrprof.dll
2010-08-31 19:02:38 ----A---- C:\Windows\system32\drivers\sermouse.sys
2010-08-31 19:02:37 ----A---- C:\Windows\system32\puiobj.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PSHED.DLL
2010-08-31 19:02:37 ----A---- C:\Windows\system32\psbase.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\provthrd.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\propsys.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\propdefs.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\powercpl.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pots.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pnrpnsp.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PnPutil.exe
2010-08-31 19:02:37 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pnpui.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pnpts.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pnpsetup.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pnidui.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\pngfilt.dll
2010-08-31 19:02:37 ----A---- C:\Windows\system32\drivers\portcls.sys
2010-08-31 19:02:36 ----A---- C:\Windows\system32\QAGENT.DLL
2010-08-31 19:02:36 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2010-08-31 19:02:36 ----A---- C:\Windows\system32\puiapi.dll
2010-08-31 19:02:36 ----A---- C:\Windows\system32\psisdecd.dll
2010-08-31 19:02:36 ----A---- C:\Windows\system32\PrintBrmUi.exe
2010-08-31 19:02:36 ----A---- C:\Windows\system32\prevhost.exe
2010-08-31 19:02:36 ----A---- C:\Windows\system32\PresentationSettings.exe
2010-08-31 19:02:35 ----A---- C:\Windows\system32\profsvc.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\profprov.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\procinst.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\prntvpt.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\prnntfy.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\printui.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\p2psvc.dll
2010-08-31 19:02:35 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-08-31 19:02:34 ----A---- C:\Windows\system32\pcaui.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\pcasvc.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\pcadm.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\p2pnetsh.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\p2phost.exe
2010-08-31 19:02:34 ----A---- C:\Windows\system32\P2PGraph.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\p2pcollab.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\P2P.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\olethk32.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\olesvr32.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\olepro32.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\oleprn.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\oledlg.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\olecli32.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\ogldrv.dll
2010-08-31 19:02:34 ----A---- C:\Windows\system32\drivers\pciide.sys
2010-08-31 19:02:34 ----A---- C:\Windows\system32\drivers\pci.sys
2010-08-31 19:02:34 ----A---- C:\Windows\system32\drivers\partmgr.sys
2010-08-31 19:02:32 ----A---- C:\Windows\system32\osblprov.dll
2010-08-31 19:02:32 ----A---- C:\Windows\system32\osbaseln.dll
2010-08-31 19:02:32 ----A---- C:\Windows\system32\OptionalFeatures.exe
2010-08-31 19:02:32 ----A---- C:\Windows\system32\oobefldr.dll
2010-08-31 19:02:32 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-31 19:02:32 ----A---- C:\Windows\system32\oleacc.dll
2010-08-31 19:02:32 ----A---- C:\Windows\system32\ole32.dll
2010-08-31 19:02:31 ----A---- C:\Windows\system32\pmcsnap.dll
2010-08-31 19:02:31 ----A---- C:\Windows\system32\PlaySndSrv.dll
2010-08-31 19:02:31 ----A---- C:\Windows\system32\pla.dll
2010-08-31 19:02:31 ----A---- C:\Windows\system32\PkgMgr.exe
2010-08-31 19:02:31 ----A---- C:\Windows\system32\PING.EXE
2010-08-31 19:02:31 ----A---- C:\Windows\system32\pidgenx.dll
2010-08-31 19:02:31 ----A---- C:\Windows\system32\photowiz.dll
2010-08-31 19:02:31 ----A---- C:\Windows\system32\onex.dll
2010-08-31 19:02:30 ----A---- C:\Windows\system32\perfts.dll
2010-08-31 19:02:30 ----A---- C:\Windows\system32\perfnet.dll
2010-08-31 19:02:30 ----A---- C:\Windows\system32\perfmon.msc
2010-08-31 19:02:30 ----A---- C:\Windows\system32\perfmon.exe
2010-08-31 19:02:30 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-08-31 19:02:30 ----A---- C:\Windows\system32\pdhui.dll
2010-08-31 19:02:30 ----A---- C:\Windows\system32\pdh.dll
2010-08-31 19:02:30 ----A---- C:\Windows\system32\drivers\rspndr.sys
2010-08-31 19:02:30 ----A---- C:\Windows\system32\drivers\pcmcia.sys
2010-08-31 19:02:30 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-08-31 19:02:29 ----A---- C:\Windows\system32\samsrv.dll
2010-08-31 19:02:29 ----A---- C:\Windows\system32\samlib.dll
2010-08-31 19:02:29 ----A---- C:\Windows\system32\rwinsta.exe
2010-08-31 19:02:29 ----A---- C:\Windows\system32\runonce.exe
2010-08-31 19:02:29 ----A---- C:\Windows\system32\rtffilt.dll
2010-08-31 19:02:29 ----A---- C:\Windows\system32\RstrtMgr.dll
2010-08-31 19:02:29 ----A---- C:\Windows\system32\rshx32.dll
2010-08-31 19:02:29 ----A---- C:\Windows\system32\rsaenh.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\schtasks.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\schedsvc.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\sdchange.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\sdengin2.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\sdclt.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scrrun.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scrptadm.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scrobj.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scksp.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scesrv.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scecli.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\SCardSvr.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\scansetting.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\sbunattend.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\rtm.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\rpchttp.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\RpcPing.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\Robocopy.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\riched32.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\riched20.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\rgb9rast.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\resutils.dll
2010-08-31 19:02:28 ----A---- C:\Windows\system32\reset.exe
2010-08-31 19:02:28 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2010-08-31 19:02:28 ----A---- C:\Windows\system32\drivers\scsiport.sys
2010-08-31 19:02:28 ----A---- C:\Windows\system32\drivers\rootmdm.sys
2010-08-31 19:02:28 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2010-08-31 19:02:28 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2010-08-31 19:02:27 ----A---- C:\Windows\system32\sbeio.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\sbe.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\rasdlg.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\rasdiag.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\rasctrs.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\rascfg.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\rasauto.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\rasapi32.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\RacEngn.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\RacAgent.exe
2010-08-31 19:02:27 ----A---- C:\Windows\system32\qwinsta.exe
2010-08-31 19:02:27 ----A---- C:\Windows\system32\qedit.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\qdvd.dll
2010-08-31 19:02:27 ----A---- C:\Windows\system32\drivers\rasacd.sys
2010-08-31 19:02:27 ----A---- C:\Windows\system32\drivers\qwavedrv.sys
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qwave.dll
2010-08-31 19:02:26 ----A---- C:\Windows\system32\QUTIL.DLL
2010-08-31 19:02:26 ----A---- C:\Windows\system32\quser.exe
2010-08-31 19:02:26 ----A---- C:\Windows\system32\query.exe
2010-08-31 19:02:26 ----A---- C:\Windows\system32\Query.dll
2010-08-31 19:02:26 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2010-08-31 19:02:26 ----A---- C:\Windows\system32\QSHVHOST.DLL
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qprocess.exe
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qmgr.dll
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qdv.dll
2010-08-31 19:02:26 ----A---- C:\Windows\system32\QCLIPROV.DLL
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qcap.dll
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qasf.dll
2010-08-31 19:02:26 ----A---- C:\Windows\system32\qappsrv.exe
2010-08-31 19:02:26 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-08-31 19:02:25 ----A---- C:\Windows\system32\rdrleakdiag.exe
2010-08-31 19:02:25 ----A---- C:\Windows\system32\rdpwsx.dll
2010-08-31 19:02:24 ----A---- C:\Windows\system32\remotepg.dll
2010-08-31 19:02:24 ----A---- C:\Windows\system32\rekeywiz.exe
2010-08-31 19:02:24 ----A---- C:\Windows\system32\regsvc.dll
2010-08-31 19:02:24 ----A---- C:\Windows\system32\regini.exe
2010-08-31 19:02:24 ----A---- C:\Windows\system32\rdpendp.dll
2010-08-31 19:02:24 ----A---- C:\Windows\system32\rdpencom.dll
2010-08-31 19:02:24 ----A---- C:\Windows\system32\RDPENCDD.dll
2010-08-31 19:02:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2010-08-31 19:02:24 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys
2010-08-31 19:02:24 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\RelMon.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\RegCtrl.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\regapi.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\reg.exe
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rdpdd.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rdpclip.exe
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rdpcfgex.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rastapi.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasqec.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasppp.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasplap.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasphone.exe
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasmontr.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\RASMM.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasmans.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasman.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\rasgcw.dll
2010-08-31 19:02:23 ----A---- C:\Windows\system32\raserver.exe
2010-08-31 19:02:23 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\drivers\rdbss.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\drivers\rassstp.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\drivers\raspptp.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2010-08-31 19:02:23 ----A---- C:\Windows\system32\d3d10core.dll
2010-08-31 19:02:23 ----A---- C:\Windows\regedit.exe
2010-08-31 19:02:22 ----A---- C:\Windows\system32\drivers\csc.sys
2010-08-31 19:02:22 ----A---- C:\Windows\system32\devenum.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\Defrag.exe
2010-08-31 19:02:22 ----A---- C:\Windows\system32\ddraw.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\dbnetlib.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\dbghelp.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\dbgeng.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3dxof.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3dim700.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3dim.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3d9.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3d8.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3d10_1.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\d3d10.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\cscapi.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\cryptui.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\cryptsvc.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\cryptnet.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\cryptdll.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\crypt32.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\credui.dll
2010-08-31 19:02:22 ----A---- C:\Windows\system32\credssp.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-08-31 19:02:21 ----A---- C:\Windows\system32\drivers\disk.sys
2010-08-31 19:02:21 ----A---- C:\Windows\system32\drivers\dfsc.sys
2010-08-31 19:02:21 ----A---- C:\Windows\system32\dispex.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\dispdiag.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\dispci.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\diskraid.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\diskpart.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\dinput8.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\dimsroam.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\dimsjob.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\diantz.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\DfrgNtfs.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\csrstub.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\csrss.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\csrsrv.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\cscui.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\cscsvc.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\cscript.exe
2010-08-31 19:02:21 ----A---- C:\Windows\system32\cscobj.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\CscMig.dll
2010-08-31 19:02:21 ----A---- C:\Windows\system32\cscdll.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\drivers\CmBatt.sys
2010-08-31 19:02:20 ----A---- C:\Windows\system32\diagperf.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dhcpsapi.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\DHCPQEC.DLL
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\DfsShlEx.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dfsr.exe
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dfrgui.exe
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dfrgifc.exe
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dfrgfat.exe
2010-08-31 19:02:20 ----A---- C:\Windows\system32\DFDWiz.exe
2010-08-31 19:02:20 ----A---- C:\Windows\system32\dfdts.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\devmgr.dll
2010-08-31 19:02:20 ----A---- C:\Windows\system32\cmcfg32.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmmon32.exe
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmlua.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmipnpinstall.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmifw.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmicryptinstall.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmdl32.exe
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmdial32.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cmd.exe
2010-08-31 19:02:19 ----A---- C:\Windows\system32\clusapi.dll
2010-08-31 19:02:19 ----A---- C:\Windows\system32\cipher.exe
2010-08-31 19:02:18 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2010-08-31 19:02:18 ----A---- C:\Windows\system32\drivers\compbatt.sys
2010-08-31 19:02:18 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2010-08-31 19:02:18 ----A---- C:\Windows\system32\corpol.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\convert.exe
2010-08-31 19:02:18 ----A---- C:\Windows\system32\comuid.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\comsvcs.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\comsnap.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\comres.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\comrepl.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\ComputerDefaults.exe
2010-08-31 19:02:18 ----A---- C:\Windows\system32\compstui.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2010-08-31 19:02:18 ----A---- C:\Windows\system32\CompatUI.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\clfsw32.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\clfs.sys
2010-08-31 19:02:18 ----A---- C:\Windows\system32\clbcatq.dll
2010-08-31 19:02:18 ----A---- C:\Windows\system32\cic.dll
2010-08-31 19:02:17 ----A---- C:\Windows\system32\consent.exe
2010-08-31 19:02:17 ----A---- C:\Windows\system32\conime.exe
2010-08-31 19:02:17 ----A---- C:\Windows\system32\cofiredm.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\els.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\comdlg32.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\comctl32.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\colorui.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\COLORCNV.DLL
2010-08-31 19:02:16 ----A---- C:\Windows\system32\colbact.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\cmutil.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\cmstplua.dll
2010-08-31 19:02:16 ----A---- C:\Windows\system32\cmstp.exe
2010-08-31 19:02:16 ----A---- C:\Windows\system32\cmpbk32.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fmifs.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\filemgmt.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\feclient.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fdWSD.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fdWCN.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fdSSDP.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fdPHost.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fdeploy.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\fde.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\esentutl.exe
2010-08-31 19:02:15 ----A---- C:\Windows\system32\esentprf.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\esent.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\EncDump.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\EncDec.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\emdmgmt.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\efsadu.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\eapsvc.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\EAPQEC.DLL
2010-08-31 19:02:15 ----A---- C:\Windows\system32\eappprxy.dll
2010-08-31 19:02:15 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2010-08-31 19:02:15 ----A---- C:\Windows\system32\drivers\filetrace.sys
2010-08-31 19:02:15 ----A---- C:\Windows\system32\drivers\fileinfo.sys
2010-08-31 19:02:15 ----A---- C:\Windows\system32\drivers\ecache.sys
2010-08-31 19:02:14 ----A---- C:\Windows\system32\fontext.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\FirewallAPI.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\findstr.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\findnetprinters.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\Faultrep.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\extrac32.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\extmgr.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\expand.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\evr.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\eventcls.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\drmv2clt.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\drivers\fastfat.sys
2010-08-31 19:02:14 ----A---- C:\Windows\system32\drivers\exfat.sys
2010-08-31 19:02:14 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2010-08-31 19:02:14 ----A---- C:\Windows\system32\drivers\drmk.sys
2010-08-31 19:02:14 ----A---- C:\Windows\system32\driverquery.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dpx.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dps.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dpnet.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\DpiScaling.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dpapimig.exe
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3ui.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3svc.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3msm.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3gpui.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3gpclnt.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3dlg.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3cfg.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dot3api.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmsynth.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmscript.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmocx.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmloader.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmime.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmdskres2.dll
2010-08-31 19:02:14 ----A---- C:\Windows\system32\dmdskmgr.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\eapphost.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\eappgnui.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\eappcfg.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\eapp3hst.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dxva2.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dxtrans.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dxtmsft.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dxgi.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dxdiagn.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dxdiag.exe
2010-08-31 19:02:13 ----A---- C:\Windows\system32\DWWIN.EXE
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dwmredir.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dwmapi.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dwm.exe
2010-08-31 19:02:13 ----A---- C:\Windows\system32\duser.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dsuiext.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dssenh.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dssec.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dsquery.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dsprop.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dsound.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dskquoui.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dskquota.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dsdmo.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dsauth.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\drvstore.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\drvinst.exe
2010-08-31 19:02:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-08-31 19:02:13 ----A---- C:\Windows\system32\drivers\dxg.sys
2010-08-31 19:02:13 ----A---- C:\Windows\system32\drivers\dxapi.sys
2010-08-31 19:02:13 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dnshc.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dnscacheugc.exe
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dnsapi.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dmvdsitf.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dmutil.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dmusic.dll
2010-08-31 19:02:13 ----A---- C:\Windows\system32\dmdlgs.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\drivers\battc.sys
2010-08-31 19:02:11 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-08-31 19:02:11 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-08-31 19:02:11 ----A---- C:\Windows\system32\drivers\asyncmac.sys
2010-08-31 19:02:11 ----A---- C:\Windows\system32\bcdedit.exe
2010-08-31 19:02:11 ----A---- C:\Windows\system32\batt.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\basesrv.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\basecsp.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\AuthFWGP.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\authfwcfg.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\auditpol.exe
2010-08-31 19:02:11 ----A---- C:\Windows\system32\audiosrv.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\AudioSes.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\AUDIOKSE.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\AudioEng.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\audiodg.exe
2010-08-31 19:02:11 ----A---- C:\Windows\system32\audiodev.dll
2010-08-31 19:02:11 ----A---- C:\Windows\system32\AtBroker.exe
2010-08-31 19:02:11 ----A---- C:\Windows\system32\at.exe
2010-08-31 19:02:11 ----A---- C:\Windows\bfsvc.exe
2010-08-31 19:02:10 ----A---- C:\Windows\system32\drivers\beep.sys
2010-08-31 19:02:10 ----A---- C:\Windows\system32\drivers\bdasup.sys
2010-08-31 19:02:10 ----A---- C:\Windows\system32\bitsadmin.exe
2010-08-31 19:02:10 ----A---- C:\Windows\system32\bcrypt.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\bcdsrv.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\bcdprov.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\AzSqlExt.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\azroleui.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\azroles.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\avrt.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\autoplay.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\autochk.exe
2010-08-31 19:02:10 ----A---- C:\Windows\system32\autofmt.exe
2010-08-31 19:02:10 ----A---- C:\Windows\system32\autoconv.exe
2010-08-31 19:02:10 ----A---- C:\Windows\system32\authz.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\authui.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\ACW.exe
2010-08-31 19:02:10 ----A---- C:\Windows\system32\actxprxy.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\activeds.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2010-08-31 19:02:10 ----A---- C:\Windows\system32\ActionQueue.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\drivers\amdk8.sys
2010-08-31 19:02:09 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-08-31 19:02:09 ----A---- C:\Windows\system32\apss.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\appmgr.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\appmgmts.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\appinfo.dll

Re: preventivni kontrola

Napsal: 01 zář 2010 13:39
od Jan Strnad
pokracovani logu:

2010-08-31 19:02:09 ----A---- C:\Windows\system32\apphelp.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\apircl.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\apds.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\amstream.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\advpack.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\advapi32.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\adtschema.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\adsnt.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\adsmsext.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\adsldpc.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\adsldp.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\aclui.dll
2010-08-31 19:02:09 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-08-31 19:02:08 ----A---- C:\Windows\system32\drivers\afd.sys
2010-08-31 19:02:08 ----A---- C:\Windows\system32\catsrvut.dll
2010-08-31 19:02:08 ----A---- C:\Windows\system32\catsrv.dll
2010-08-31 19:02:08 ----A---- C:\Windows\system32\cacls.exe
2010-08-31 19:02:08 ----A---- C:\Windows\system32\cabinet.dll
2010-08-31 19:02:08 ----A---- C:\Windows\system32\btpanui.dll
2010-08-31 19:02:08 ----A---- C:\Windows\system32\alg.exe
2010-08-31 19:02:07 ----A---- C:\Windows\system32\chglogon.exe
2010-08-31 19:02:07 ----A---- C:\Windows\system32\drivers\cdrom.sys
2010-08-31 19:02:07 ----A---- C:\Windows\system32\drivers\bthpan.sys
2010-08-31 19:02:07 ----A---- C:\Windows\system32\drivers\bthmodem.sys
2010-08-31 19:02:07 ----A---- C:\Windows\system32\drivers\bridge.sys
2010-08-31 19:02:07 ----A---- C:\Windows\system32\drivers\bowser.sys
2010-08-31 19:02:07 ----A---- C:\Windows\system32\certutil.exe
2010-08-31 19:02:07 ----A---- C:\Windows\system32\certreq.exe
2010-08-31 19:02:07 ----A---- C:\Windows\system32\certprop.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\certmgr.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2010-08-31 19:02:07 ----A---- C:\Windows\system32\CertEnroll.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\certcli.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\capisp.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\bthci.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\browseui.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\browser.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\bridgeunattend.exe
2010-08-31 19:02:07 ----A---- C:\Windows\system32\brcplsiw.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\brcplsdw.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\brcpl.dll
2010-08-31 19:02:07 ----A---- C:\Windows\system32\BOOTVID.DLL
2010-08-31 19:02:07 ----A---- C:\Windows\system32\bootstr.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\chtbrkr.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\chsbrkr.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\chgusr.exe
2010-08-31 19:02:06 ----A---- C:\Windows\system32\chgport.exe
2010-08-31 19:02:06 ----A---- C:\Windows\system32\change.exe
2010-08-31 19:02:06 ----A---- C:\Windows\system32\drivers\cdfs.sys
2010-08-31 19:02:06 ----A---- C:\Windows\system32\cfgmgr32.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\cfgbkend.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\cewmdm.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\cdosys.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\cdd.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\bootcfg.exe
2010-08-31 19:02:06 ----A---- C:\Windows\system32\BlbEvents.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\blb_ps.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\blackbox.dll
2010-08-31 19:02:06 ----A---- C:\Windows\system32\bitsigd.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\inetppui.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\inetpp.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\inetmib1.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-08-31 19:02:00 ----A---- C:\Windows\system32\imgutil.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\imapi2fs.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\imapi2.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\imapi.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\imagesp1.dll
2010-08-31 19:02:00 ----A---- C:\Windows\system32\imagehlp.dll
2010-08-31 19:01:59 ----A---- C:\Windows\system32\input.dll
2010-08-31 19:01:59 ----A---- C:\Windows\system32\InkEd.dll
2010-08-31 19:01:59 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2010-08-31 19:01:58 ----A---- C:\Windows\system32\imm32.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\iassvcs.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\iassdo.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\iassam.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\iashlpr.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\iasacct.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\ias.dll
2010-08-31 19:01:58 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2010-08-31 19:01:57 ----A---- C:\Windows\system32\ifsutil.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\ifmon.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\iexpress.exe
2010-08-31 19:01:57 ----A---- C:\Windows\system32\iesetup.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\iernonce.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\ieakeng.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-31 19:01:57 ----A---- C:\Windows\system32\icsunattend.exe
2010-08-31 19:01:57 ----A---- C:\Windows\system32\icsfiltr.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\icm32.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\icaapi.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\iasrad.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\iaspolcy.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\iasnap.dll
2010-08-31 19:01:57 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\idndl.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\icfupgd.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\icardie.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\icacls.exe
2010-08-31 19:01:56 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\hnetmon.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\hnetcfg.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\hlink.dll
2010-08-31 19:01:56 ----A---- C:\Windows\system32\drivers\hidusb.sys
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSXP32.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSUTILITY.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSUNATD.exe
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSTIFF.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXST30.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSSVC.exe
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSST.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSROUTE.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSRESM.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSMON.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSEXT32.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSCOVER.exe
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSCOMPOSE.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSCOMEX.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSCOM.dll
2010-08-31 19:01:55 ----A---- C:\Windows\system32\FXSAPI.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\hbaapi.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\GuidedHelp.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\fwcfg.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\fundisc.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\ftp.exe
2010-08-31 19:01:54 ----A---- C:\Windows\system32\fsutil.exe
2010-08-31 19:01:54 ----A---- C:\Windows\system32\fsmgmt.msc
2010-08-31 19:01:54 ----A---- C:\Windows\system32\framedynos.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\framedyn.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\framebuf.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\fphc.dll
2010-08-31 19:01:54 ----A---- C:\Windows\system32\drivers\hidparse.sys
2010-08-31 19:01:54 ----A---- C:\Windows\system32\drivers\hidclass.sys
2010-08-31 19:01:54 ----A---- C:\Windows\system32\drivers\hidbth.sys
2010-08-31 19:01:54 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2010-08-31 19:01:54 ----A---- C:\Windows\fveupdate.exe
2010-08-31 19:01:53 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\graftabl.com
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpupdate.exe
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpsvc.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpscript.exe
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpscript.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpresult.exe
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpprnext.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpedit.msc
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpedit.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gpapi.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\getmac.exe
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2010-08-31 19:01:53 ----A---- C:\Windows\system32\gacinstall.dll
2010-08-31 19:01:53 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-08-31 19:01:53 ----A---- C:\Windows\HelpPane.exe
2010-08-31 19:01:49 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiashext.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiascanprofiles.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiarpc.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiadss.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiadefui.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiaaut.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wiaacmgr.exe
2010-08-31 19:01:49 ----A---- C:\Windows\system32\whealogr.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\WFS.exe
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wfapigp.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wextract.exe
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wevtutil.exe
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wevtsvc.dll
2010-08-31 19:01:49 ----A---- C:\Windows\system32\wevtfwd.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WLanConn.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\wlancfg.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\wisptis.exe
2010-08-31 19:01:48 ----A---- C:\Windows\system32\winusb.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\winsta.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\winsrv.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WINSRPC.DLL
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WinSCard.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WinSATAPI.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WinSAT.exe
2010-08-31 19:01:48 ----A---- C:\Windows\system32\winrsmgr.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\winrm.vbs
2010-08-31 19:01:48 ----A---- C:\Windows\system32\wininit.exe
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-08-31 19:01:48 ----A---- C:\Windows\system32\WinFax.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\winethc.dll
2010-08-31 19:01:48 ----A---- C:\Windows\system32\wiaservc.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\winrshost.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\winrscmd.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\winrs.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\winnsi.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\winmm.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\winlogon.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wevtapi.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wersvc.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wermgr.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\WerFault.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\werdiagcontroller.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\webcheck.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\WebClnt.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wdscore.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wbemcomn.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wbadmin.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\wavemsp.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\WavDest.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\waitfor.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\w32tm.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\w32time.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\VSSVC.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\vsstrace.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\vssapi.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\vssadmin.exe
2010-08-31 19:01:47 ----A---- C:\Windows\system32\vss_ps.dll
2010-08-31 19:01:47 ----A---- C:\Windows\system32\drivers\watchdog.sys
2010-08-31 19:01:47 ----A---- C:\Windows\system32\drivers\wanarp.sys
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wercplsupport.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wercon.exe
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wer.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wecutil.exe
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wecsvc.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wecapi.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wdi.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wdc.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wcnwiz.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wcncsvc.dll
2010-08-31 19:01:46 ----A---- C:\Windows\system32\wbengine.exe
2010-08-31 19:01:46 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2010-08-31 19:01:46 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2010-08-31 19:01:45 ----A---- C:\Windows\system32\WSDMon.dll
2010-08-31 19:01:45 ----A---- C:\Windows\system32\wscsvc.dll
2010-08-31 19:01:45 ----A---- C:\Windows\system32\wscript.exe
2010-08-31 19:01:45 ----A---- C:\Windows\system32\wscproxystub.dll
2010-08-31 19:01:45 ----A---- C:\Windows\system32\wscntfy.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\XPSSHHDR.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\xmlprovi.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\xmllite.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\xmlfilter.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\xcopy.exe
2010-08-31 19:01:44 ----A---- C:\Windows\system32\xactsrv.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wship6.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wshext.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wshcon.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wsepno.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wsecedit.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wscmisetup.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wscisvif.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wscapi.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\ws2_32.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wpnpinst.exe
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wpdwcn.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\WPDSp.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wpdshext.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\WpdConns.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\wpd_ci.dll
2010-08-31 19:01:44 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys
2010-08-31 19:01:44 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2010-08-31 19:01:43 ----A---- C:\Windows\system32\xwizards.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\xpssvcs.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wzcdlg.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wvc.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wusa.exe
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WUDFx.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WUDFSvc.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WUDFPlatform.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WUDFHost.exe
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wtsapi32.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wsqmcons.exe
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wsock32.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wsnmp32.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WsmSvc.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WsmRes.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WsmProv.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WsmCl.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WsmAuto.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-08-31 19:01:43 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2010-08-31 19:01:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-08-31 19:01:43 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2010-08-31 19:01:43 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2010-08-31 19:01:43 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wmpshell.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wmidx.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wmdrmnet.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wmdrmdev.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\WMASF.DLL
2010-08-31 19:01:42 ----A---- C:\Windows\system32\WMADMOE.DLL
2010-08-31 19:01:42 ----A---- C:\Windows\system32\WMADMOD.DLL
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\Wldap32.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wlanui.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wlanpref.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\WlanMmHC.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\WlanMM.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\WLanHC.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wlangpui.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wlanext.exe
2010-08-31 19:01:42 ----A---- C:\Windows\system32\wlandlg.dll
2010-08-31 19:01:42 ----A---- C:\Windows\system32\drivers\wmilib.sys
2010-08-31 19:01:41 ----A---- C:\Windows\system32\wow32.dll
2010-08-31 19:01:41 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-08-31 19:01:41 ----A---- C:\Windows\system32\WMVSENCD.DLL
2010-08-31 19:01:41 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-08-31 19:01:41 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-08-31 19:01:41 ----A---- C:\Windows\system32\wmvdspa.dll
2010-08-31 19:01:41 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2010-08-31 19:01:41 ----A---- C:\Windows\system32\wmpsrcwp.dll
2010-08-31 19:01:41 ----A---- C:\Windows\system32\wmpmde.dll
2010-08-31 19:01:40 ----A---- C:\Windows\system32\WMVDECOD.DLL
2010-08-31 19:01:40 ----A---- C:\Windows\system32\WMPhoto.dll
2010-08-31 19:01:40 ----A---- C:\Windows\system32\wmiprop.dll
2010-08-31 19:01:39 ----A---- C:\Windows\system32\WMPEncEn.dll
2010-08-31 19:01:39 ----A---- C:\Windows\system32\wmpcm.dll
2010-08-31 19:01:38 ----A---- C:\Windows\system32\Tabbtn.dll
2010-08-31 19:01:38 ----A---- C:\Windows\system32\systeminfo.exe
2010-08-31 19:01:38 ----A---- C:\Windows\system32\systemcpl.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tdh.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tcpmon.ini
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tcpmon.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tbssvc.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tbs.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\taskschd.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\taskmgr.exe
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tasklist.exe
2010-08-31 19:01:36 ----A---- C:\Windows\system32\taskkill.exe
2010-08-31 19:01:36 ----A---- C:\Windows\system32\taskeng.exe
2010-08-31 19:01:36 ----A---- C:\Windows\system32\taskcomp.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tapisrv.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\takeown.exe
2010-08-31 19:01:36 ----A---- C:\Windows\system32\tabcal.exe
2010-08-31 19:01:36 ----A---- C:\Windows\system32\TabbtnEx.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\srrstr.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\srchadmin.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\sqmapi.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\sqlcese30.dll
2010-08-31 19:01:36 ----A---- C:\Windows\system32\drivers\tdx.sys
2010-08-31 19:01:36 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2010-08-31 19:01:36 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2010-08-31 19:01:36 ----A---- C:\Windows\system32\drivers\tdi.sys
2010-08-31 19:01:36 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2010-08-31 19:01:36 ----A---- C:\Windows\system32\drivers\tape.sys
2010-08-31 19:01:35 ----A---- C:\Windows\system32\sstpsvc.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\SSShim.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\ssdpsrv.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\srwmi.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\srvsvc.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\sqlceqp30.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\spwizres.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\spwizeng.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\spoolsv.exe
2010-08-31 19:01:35 ----A---- C:\Windows\system32\spoolss.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\spbcd.dll
2010-08-31 19:01:35 ----A---- C:\Windows\system32\SoundRecorder.exe
2010-08-31 19:01:35 ----A---- C:\Windows\system32\drivers\spsys.sys
2010-08-31 19:01:35 ----A---- C:\Windows\system32\drivers\spldr.sys
2010-08-31 19:01:34 ----A---- C:\Windows\system32\syssetup.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sysmain.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\syskey.exe
2010-08-31 19:01:34 ----A---- C:\Windows\system32\syncui.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\synceng.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\SyncCenter.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sxstrace.exe
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sxsstore.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sxs.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\swprv.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\svchost.exe
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sud.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\Storprop.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\stobject.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sti_ci.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\spwizimg.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\sppnp.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\spopk.dll
2010-08-31 19:01:34 ----A---- C:\Windows\system32\drivers\swenum.sys
2010-08-31 19:01:34 ----A---- C:\Windows\system32\drivers\Storport.sys
2010-08-31 19:01:33 ----A---- C:\Windows\system32\zipfldr.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\xwtpw32.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\usp10.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\userinit.exe
2010-08-31 19:01:33 ----A---- C:\Windows\system32\userenv.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\usercpl.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\user32.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\usbui.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\usbperf.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\usbmon.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\url.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\upnphost.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\upnpcont.exe
2010-08-31 19:01:33 ----A---- C:\Windows\system32\upnp.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\untfs.dll
2010-08-31 19:01:33 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-08-31 19:01:33 ----A---- C:\Windows\system32\drivers\usbport.sys
2010-08-31 19:01:33 ----A---- C:\Windows\system32\drivers\usbohci.sys
2010-08-31 19:01:33 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-08-31 19:01:33 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-08-31 19:01:33 ----A---- C:\Windows\system32\drivers\stream.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\VIDRESZR.DLL
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vga64k.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vga256.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vga.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vfwwdm32.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\version.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\verifier.exe
2010-08-31 19:01:32 ----A---- C:\Windows\system32\verifier.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vdsutil.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vdsldr.exe
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vdsdyn.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vdsbas.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vds_ps.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vds.exe
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vdmredir.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\vdmdbg.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\VAN.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\uxtheme.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\uxsms.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\uudf.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\Utilman.exe
2010-08-31 19:01:32 ----A---- C:\Windows\system32\utildll.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\trkwks.dll
2010-08-31 19:01:32 ----A---- C:\Windows\system32\tracerpt.exe
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\volmgr.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\videoprt.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\vga.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\usbd.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2010-08-31 19:01:32 ----A---- C:\Windows\system32\drivers\usb8023.sys
2010-08-31 19:01:31 ----A---- C:\Windows\system32\unlodctr.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\unbcl.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\unattendedjoin.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\unattend.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\umrdp.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\umb.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\ulib.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\UIHub.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\ucsvc.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\txfw32.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\TSTheme.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\TSpkg.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tskill.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tsdiscon.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tsddd.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tscupgrd.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tscon.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tscfgwmi.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\tquery.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\TpmInit.exe
2010-08-31 19:01:31 ----A---- C:\Windows\system32\TMM.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\thumbcache.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\themeui.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\themecpl.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\termsrv.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\termmgr.dll
2010-08-31 19:01:31 ----A---- C:\Windows\system32\drivers\umpass.sys
2010-08-31 19:01:31 ----A---- C:\Windows\system32\drivers\umbus.sys
2010-08-31 19:01:31 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2010-08-31 19:01:31 ----A---- C:\Windows\system32\drivers\termdd.sys
2010-08-31 19:01:30 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-08-31 19:01:30 ----A---- C:\Windows\system32\UI0Detect.exe
2010-08-31 19:01:30 ----A---- C:\Windows\system32\ufat.dll
2010-08-31 19:01:30 ----A---- C:\Windows\system32\uexfat.dll
2010-08-31 19:01:30 ----A---- C:\Windows\system32\uDWM.dll
2010-08-31 19:01:30 ----A---- C:\Windows\system32\txflog.dll
2010-08-31 19:01:30 ----A---- C:\Windows\system32\twext.dll
2010-08-31 19:01:30 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-08-31 19:01:30 ----A---- C:\Windows\system32\drivers\udfs.sys
2010-08-31 18:59:27 ----A---- C:\Windows\system32\cbsra.exe
2010-08-30 21:51:07 ----A---- C:\Windows\system32\t2embed.dll
2010-08-30 21:51:07 ----A---- C:\Windows\system32\lpk.dll
2010-08-30 21:51:07 ----A---- C:\Windows\system32\fontsub.dll
2010-08-30 21:51:07 ----A---- C:\Windows\system32\dciman32.dll
2010-08-30 21:51:07 ----A---- C:\Windows\system32\atmlib.dll
2010-08-30 21:51:07 ----A---- C:\Windows\system32\atmfd.dll
2010-08-30 21:49:30 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-30 21:49:30 ----A---- C:\Windows\system32\ieaksie.dll
2010-08-30 21:49:30 ----A---- C:\Windows\system32\admparse.dll
2010-08-30 21:49:29 ----A---- C:\Windows\system32\ieapfltr.dll
2010-08-30 21:49:29 ----A---- C:\Windows\system32\ieakui.dll
2010-08-30 21:49:28 ----A---- C:\Windows\system32\wininet.dll
2010-08-30 21:49:28 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-30 21:49:28 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-30 21:49:28 ----A---- C:\Windows\system32\iepeers.dll
2010-08-30 21:49:27 ----A---- C:\Windows\system32\ieui.dll
2010-08-30 21:49:26 ----A---- C:\Windows\system32\ieframe.dll
2010-08-30 21:49:24 ----A---- C:\Windows\system32\mshtmler.dll
2010-08-30 21:49:24 ----A---- C:\Windows\system32\ieencode.dll
2010-08-30 21:49:23 ----A---- C:\Windows\system32\mshtml.dll
2010-08-30 21:49:20 ----A---- C:\Windows\system32\mstime.dll
2010-08-30 21:49:20 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-30 21:49:19 ----A---- C:\Windows\system32\occache.dll
2010-08-30 21:49:18 ----A---- C:\Windows\system32\urlmon.dll
2010-08-30 21:49:18 ----A---- C:\Windows\system32\iertutil.dll
2010-08-30 21:47:46 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-30 21:47:46 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-30 21:47:04 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-08-30 21:47:04 ----A---- C:\Windows\system32\netiohlp.dll
2010-08-30 21:47:04 ----A---- C:\Windows\system32\netevent.dll
2010-08-30 21:47:04 ----A---- C:\Windows\system32\MRINFO.EXE
2010-08-30 21:47:04 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-08-30 21:47:03 ----A---- C:\Windows\system32\ROUTE.EXE
2010-08-30 21:47:03 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-08-30 21:47:03 ----A---- C:\Windows\system32\finger.exe
2010-08-30 21:47:03 ----A---- C:\Windows\system32\ARP.EXE
2010-08-30 21:46:12 ----A---- C:\Windows\system32\L2SecHC.dll
2010-08-30 21:46:11 ----A---- C:\Windows\system32\wlansvc.dll
2010-08-30 21:46:11 ----A---- C:\Windows\system32\wlanmsm.dll
2010-08-30 21:46:11 ----A---- C:\Windows\system32\wlanhlp.dll
2010-08-30 21:46:11 ----A---- C:\Windows\system32\wlanapi.dll
2010-08-30 21:46:10 ----A---- C:\Windows\system32\wlansec.dll
2010-08-30 21:46:10 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2010-08-30 21:45:37 ----A---- C:\Windows\system32\msxml3r.dll
2010-08-30 21:45:37 ----A---- C:\Windows\system32\msxml3.dll
2010-08-30 21:45:36 ----A---- C:\Windows\system32\msxml6r.dll
2010-08-30 21:45:36 ----A---- C:\Windows\system32\msxml6.dll
2010-08-30 21:45:02 ----A---- C:\Windows\system32\msv1_0.dll
2010-08-30 21:44:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-08-30 21:44:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-08-30 21:44:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-08-30 21:44:00 ----A---- C:\Windows\system32\rrinstaller.exe
2010-08-30 21:44:00 ----A---- C:\Windows\system32\mfps.dll
2010-08-30 21:44:00 ----A---- C:\Windows\system32\mferror.dll
2010-08-30 21:44:00 ----A---- C:\Windows\system32\mf.dll
2010-08-30 21:43:59 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-08-30 21:43:59 ----A---- C:\Windows\system32\mfpmp.exe
2010-08-30 21:43:28 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-30 21:43:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-30 21:43:00 ----A---- C:\Windows\system32\vbscript.dll
2010-08-30 21:42:35 ----A---- C:\Windows\system32\atl.dll
2010-08-30 21:41:27 ----A---- C:\Windows\system32\wkssvc.dll
2010-08-30 21:41:00 ----A---- C:\Windows\system32\tsgqec.dll
2010-08-30 21:41:00 ----A---- C:\Windows\system32\aaclient.dll
2010-08-30 21:40:59 ----A---- C:\Windows\system32\mstscax.dll
2010-08-30 21:40:34 ----A---- C:\Windows\system32\es.dll
2010-08-30 21:40:13 ----A---- C:\Windows\system32\wmpeffects.dll
2010-08-30 21:37:50 ----A---- C:\Windows\system32\tzres.dll
2010-08-30 21:37:04 ----A---- C:\Windows\system32\wintrust.dll
2010-08-30 21:36:37 ----A---- C:\Windows\system32\kerberos.dll
2010-08-30 21:36:36 ----A---- C:\Windows\system32\wdigest.dll
2010-08-30 21:36:36 ----A---- C:\Windows\system32\secur32.dll
2010-08-30 21:36:36 ----A---- C:\Windows\system32\lsass.exe
2010-08-30 21:36:36 ----A---- C:\Windows\system32\lsasrv.dll
2010-08-30 21:36:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2010-08-30 21:36:35 ----A---- C:\Windows\system32\schannel.dll
2010-08-30 21:34:51 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2010-08-30 21:34:51 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2010-08-30 21:34:50 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2010-08-30 21:34:50 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2010-08-30 21:34:50 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2010-08-30 21:34:50 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2010-08-30 21:34:49 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2010-08-30 21:34:49 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2010-08-30 21:34:48 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2010-08-30 21:34:47 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2010-08-30 21:34:47 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2010-08-30 21:34:46 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2010-08-30 21:34:46 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2010-08-30 21:34:44 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2010-08-30 21:34:44 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2010-08-30 21:34:44 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2010-08-30 21:34:43 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2010-08-30 21:34:42 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2010-08-30 21:34:41 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2010-08-30 21:34:40 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2010-08-30 21:34:40 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-08-30 21:34:40 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-08-30 21:34:39 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2010-08-30 21:34:39 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2010-08-30 21:34:39 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2010-08-30 21:34:38 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2010-08-30 21:34:38 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2010-08-30 21:34:38 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2010-08-30 21:34:37 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2010-08-30 21:34:37 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2010-08-30 21:34:36 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2010-08-30 21:34:35 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2010-08-30 21:34:35 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2010-08-30 21:34:34 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2010-08-30 21:34:34 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2010-08-30 21:34:33 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2010-08-30 21:34:33 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2010-08-30 21:34:32 ----A---- C:\Windows\system32\NlsModels0011.dll
2010-08-30 21:34:32 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2010-08-30 21:34:32 ----A---- C:\Windows\system32\NlsData0045.dll
2010-08-30 21:34:31 ----A---- C:\Windows\system32\NlsData0049.dll
2010-08-30 21:34:31 ----A---- C:\Windows\system32\NlsData0047.dll
2010-08-30 21:34:31 ----A---- C:\Windows\system32\NlsData0046.dll
2010-08-30 21:34:30 ----A---- C:\Windows\system32\NlsData0039.dll
2010-08-30 21:34:30 ----A---- C:\Windows\system32\NlsData0022.dll
2010-08-30 21:34:30 ----A---- C:\Windows\system32\NlsData0021.dll
2010-08-30 21:34:30 ----A---- C:\Windows\system32\NlsData0020.dll
2010-08-30 21:34:29 ----A---- C:\Windows\system32\NlsData0027.dll
2010-08-30 21:34:29 ----A---- C:\Windows\system32\NlsData0026.dll
2010-08-30 21:34:29 ----A---- C:\Windows\system32\NlsData0024.dll
2010-08-30 21:34:29 ----A---- C:\Windows\system32\NlsData0010.dll
2010-08-30 21:34:28 ----A---- C:\Windows\system32\NlsData0018.dll
2010-08-30 21:34:28 ----A---- C:\Windows\system32\NlsData0013.dll
2010-08-30 21:34:28 ----A---- C:\Windows\system32\NlsData0011.dll
2010-08-30 21:34:28 ----A---- C:\Windows\system32\NlsData0000.dll
2010-08-30 21:34:27 ----A---- C:\Windows\system32\NlsData0019.dll
2010-08-30 21:34:27 ----A---- C:\Windows\system32\NlsData0002.dll
2010-08-30 21:34:27 ----A---- C:\Windows\system32\NlsData0001.dll
2010-08-30 21:34:26 ----A---- C:\Windows\system32\NlsData004a.dll
2010-08-30 21:34:26 ----A---- C:\Windows\system32\NlsData0009.dll
2010-08-30 21:34:26 ----A---- C:\Windows\system32\NlsData0007.dll
2010-08-30 21:34:26 ----A---- C:\Windows\system32\NlsData0003.dll
2010-08-30 21:34:25 ----A---- C:\Windows\system32\NlsData004e.dll
2010-08-30 21:34:25 ----A---- C:\Windows\system32\NlsData004c.dll
2010-08-30 21:34:25 ----A---- C:\Windows\system32\NlsData004b.dll
2010-08-30 21:34:24 ----A---- C:\Windows\system32\NlsData003e.dll
2010-08-30 21:34:24 ----A---- C:\Windows\system32\NlsData002a.dll
2010-08-30 21:34:24 ----A---- C:\Windows\system32\NlsData001b.dll
2010-08-30 21:34:24 ----A---- C:\Windows\system32\NlsData001a.dll
2010-08-30 21:34:23 ----A---- C:\Windows\system32\NlsData001d.dll
2010-08-30 21:34:22 ----A---- C:\Windows\system32\NlsData000c.dll
2010-08-30 21:34:22 ----A---- C:\Windows\system32\NlsData000a.dll
2010-08-30 21:34:21 ----A---- C:\Windows\system32\NlsData0416.dll
2010-08-30 21:34:21 ----A---- C:\Windows\system32\NlsData0414.dll
2010-08-30 21:34:21 ----A---- C:\Windows\system32\NlsData000f.dll
2010-08-30 21:34:21 ----A---- C:\Windows\system32\NlsData000d.dll
2010-08-30 21:34:20 ----A---- C:\Windows\system32\NlsData081a.dll
2010-08-30 21:34:20 ----A---- C:\Windows\system32\NlsData0816.dll
2010-08-30 21:34:20 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-08-30 21:34:19 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2010-08-30 21:34:19 ----A---- C:\Windows\system32\NlsData0c1a.dll
2010-08-30 21:32:48 ----A---- C:\Windows\system32\jscript.dll
2010-08-30 21:32:24 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-08-30 21:32:24 ----A---- C:\Windows\system32\drivers\tunnel.sys
2010-08-30 21:32:24 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2010-08-30 21:31:57 ----N---- C:\Windows\system32\MpSigStub.exe
2010-08-30 21:31:40 ----A---- C:\Windows\system32\browserchoice.exe
2010-08-30 21:31:07 ----A---- C:\Windows\system32\cabview.dll
2010-08-30 21:28:19 ----A---- C:\Windows\system32\win32k.sys
2010-08-30 21:26:24 ----A---- C:\Windows\system32\wmpdxm.dll
2010-08-30 21:25:17 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-08-30 21:25:17 ----A---- C:\Windows\system32\msdrm.dll
2010-08-30 21:25:16 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-08-30 21:25:16 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-08-30 21:25:16 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-08-30 21:25:15 ----A---- C:\Windows\system32\secproc.dll
2010-08-30 21:25:15 ----A---- C:\Windows\system32\RMActivate.exe
2010-08-30 21:25:14 ----A---- C:\Windows\system32\secproc_isv.dll
2010-08-30 21:25:14 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-08-30 21:23:42 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-08-30 21:23:40 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-08-30 21:23:39 ----A---- C:\Windows\system32\gameux.dll
2010-08-30 21:22:35 ----A---- C:\Windows\system32\msasn1.dll
2010-08-30 21:21:48 ----A---- C:\Windows\system32\httpapi.dll
2010-08-30 21:21:48 ----A---- C:\Windows\system32\drivers\http.sys
2010-08-30 21:21:47 ----A---- C:\Windows\system32\nshhttp.dll
2010-08-30 21:20:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-30 21:20:09 ----A---- C:\Windows\system32\rastls.dll
2010-08-30 21:20:09 ----A---- C:\Windows\system32\raschap.dll
2010-08-30 21:19:54 ----A---- C:\Windows\system32\WSDApi.dll
2010-08-30 21:19:05 ----A---- C:\Windows\system32\quartz.dll
2010-08-30 21:19:05 ----A---- C:\Windows\system32\avicap32.dll
2010-08-30 21:19:04 ----A---- C:\Windows\system32\msyuv.dll
2010-08-30 21:19:04 ----A---- C:\Windows\system32\msvidc32.dll
2010-08-30 21:19:04 ----A---- C:\Windows\system32\msvfw32.dll
2010-08-30 21:19:04 ----A---- C:\Windows\system32\msrle32.dll
2010-08-30 21:19:04 ----A---- C:\Windows\system32\mciavi32.dll
2010-08-30 21:19:04 ----A---- C:\Windows\system32\avifil32.dll
2010-08-30 21:19:03 ----A---- C:\Windows\system32\tsbyuv.dll
2010-08-30 21:19:03 ----A---- C:\Windows\system32\iyuv_32.dll
2010-08-30 21:18:33 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-08-30 21:17:55 ----A---- C:\Windows\system32\wmploc.DLL
2010-08-30 21:17:55 ----A---- C:\Windows\system32\wmp.dll
2010-08-30 21:17:54 ----A---- C:\Windows\system32\spwmp.dll
2010-08-30 21:17:54 ----A---- C:\Windows\system32\dxmasf.dll
2010-08-30 21:17:50 ----A---- C:\Windows\system32\unregmp2.exe
2010-08-30 20:33:41 ----A---- C:\Windows\system32\wups2.dll
2010-08-30 20:33:41 ----A---- C:\Windows\system32\wucltux.dll
2010-08-30 20:33:40 ----A---- C:\Windows\system32\wuaueng.dll
2010-08-30 20:33:40 ----A---- C:\Windows\system32\wuauclt.exe
2010-08-30 20:33:00 ----A---- C:\Windows\system32\wups.dll
2010-08-30 20:33:00 ----A---- C:\Windows\system32\wudriver.dll
2010-08-30 20:33:00 ----A---- C:\Windows\system32\wuapi.dll
2010-08-30 20:32:31 ----A---- C:\Windows\system32\wuwebv.dll
2010-08-30 20:32:31 ----A---- C:\Windows\system32\wuapp.exe
2010-08-27 09:05:13 ----D---- C:\Program Files\GHostOne
2010-08-26 23:31:38 ----D---- C:\Windows\Eurobattle.net
2010-08-26 23:31:17 ----A---- C:\Windows\Eurobattle.net Setup Log.txt
2010-08-26 23:25:30 ----A---- C:\Windows\War3Unin.pif
2010-08-26 23:25:30 ----A---- C:\Windows\War3Unin.exe

======List of files/folders modified in the last 1 months======

2010-09-01 14:26:51 ----D---- C:\Windows\Internet Logs
2010-09-01 14:26:44 ----D---- C:\Windows\Temp
2010-09-01 14:19:17 ----RD---- C:\Program Files
2010-09-01 14:00:53 ----SHD---- C:\System Volume Information
2010-09-01 14:00:24 ----D---- C:\Windows\Logs
2010-09-01 13:21:04 ----D---- C:\Windows\System32
2010-09-01 13:21:04 ----D---- C:\Windows\inf
2010-09-01 13:21:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-01 13:05:04 ----D---- C:\Windows\system32\drivers
2010-08-31 23:18:44 ----D---- C:\Windows\system32\catroot2
2010-08-31 21:21:36 ----D---- C:\Windows\system32\migration
2010-08-31 21:20:51 ----SHD---- C:\Windows\Installer
2010-08-31 21:20:51 ----HD---- C:\ProgramData
2010-08-31 21:20:50 ----D---- C:\Program Files\Common Files\Java
2010-08-31 21:20:25 ----D---- C:\Program Files\Java
2010-08-31 21:16:52 ----D---- C:\Program Files\Mozilla Firefox
2010-08-31 21:15:52 ----D---- C:\Windows
2010-08-31 21:15:42 ----D---- C:\Windows\winsxs
2010-08-31 21:15:38 ----D---- C:\Windows\system32\catroot
2010-08-31 20:34:12 ----D---- C:\Windows\rescache
2010-08-31 20:32:03 ----D---- C:\Windows\Microsoft.NET
2010-08-31 20:31:57 ----RSD---- C:\Windows\assembly
2010-08-31 20:24:17 ----SHD---- C:\boot
2010-08-31 20:24:05 ----ASH---- C:\Program Files\desktop.ini
2010-08-31 20:13:05 ----D---- C:\Program Files\Windows Calendar
2010-08-31 20:13:04 ----D---- C:\Program Files\Windows Sidebar
2010-08-31 20:13:04 ----D---- C:\Program Files\Windows Photo Gallery
2010-08-31 20:13:04 ----D---- C:\Program Files\Windows Media Player
2010-08-31 20:13:04 ----D---- C:\Program Files\Windows Mail
2010-08-31 20:13:04 ----D---- C:\Program Files\Windows Journal
2010-08-31 20:13:04 ----D---- C:\Program Files\Windows Collaboration
2010-08-31 20:13:04 ----D---- C:\Program Files\Movie Maker
2010-08-31 20:13:04 ----D---- C:\Program Files\Internet Explorer
2010-08-31 20:12:58 ----D---- C:\Windows\servicing
2010-08-31 20:12:58 ----D---- C:\Windows\MSAgent
2010-08-31 20:12:58 ----D---- C:\Program Files\Windows Defender
2010-08-31 20:12:58 ----D---- C:\Program Files\Common Files\System
2010-08-31 20:12:57 ----D---- C:\Windows\L2Schemas
2010-08-31 20:12:57 ----D---- C:\Windows\IME
2010-08-31 20:12:57 ----D---- C:\Windows\DigitalLocker
2010-08-31 20:12:56 ----D---- C:\Windows\system32\ko-KR
2010-08-31 20:12:56 ----D---- C:\Windows\system32\en-US
2010-08-31 20:12:56 ----D---- C:\Windows\system32\da-DK
2010-08-31 20:12:56 ----D---- C:\Windows\system32\com
2010-08-31 20:12:56 ----D---- C:\Windows\PolicyDefinitions
2010-08-31 20:12:55 ----D---- C:\Windows\system32\sysprep
2010-08-31 20:12:55 ----D---- C:\Windows\system32\oobe
2010-08-31 20:12:55 ----D---- C:\Windows\system32\it-IT
2010-08-31 20:12:55 ----D---- C:\Windows\system32\el-GR
2010-08-31 20:12:55 ----D---- C:\Windows\system32\de-DE
2010-08-31 20:12:53 ----D---- C:\Windows\system32\sv-SE
2010-08-31 20:12:53 ----D---- C:\Windows\system32\setup
2010-08-31 20:12:53 ----D---- C:\Windows\system32\ru-RU
2010-08-31 20:12:53 ----D---- C:\Windows\system32\ias
2010-08-31 20:12:53 ----D---- C:\Windows\system32\he-IL
2010-08-31 20:12:53 ----D---- C:\Windows\system32\fr-FR
2010-08-31 20:12:53 ----D---- C:\Windows\system32\fi-FI
2010-08-31 20:12:53 ----D---- C:\Windows\system32\cs-CZ
2010-08-31 20:12:53 ----D---- C:\Windows\system32\cs
2010-08-31 20:12:53 ----D---- C:\Windows\system32\AdvancedInstallers
2010-08-31 20:12:51 ----D---- C:\Windows\system32\SLUI
2010-08-31 20:12:51 ----D---- C:\Windows\system32\pt-PT
2010-08-31 20:12:51 ----D---- C:\Windows\system32\hu-HU
2010-08-31 20:12:46 ----D---- C:\Windows\system32\zh-TW
2010-08-31 20:12:46 ----D---- C:\Windows\system32\zh-CN
2010-08-31 20:12:46 ----D---- C:\Windows\system32\ro-RO
2010-08-31 20:12:46 ----D---- C:\Windows\system32\pl-PL
2010-08-31 20:12:46 ----D---- C:\Windows\system32\manifeststore
2010-08-31 20:12:46 ----D---- C:\Windows\system32\ja-JP
2010-08-31 20:12:46 ----D---- C:\Windows\system32\es-ES
2010-08-31 20:12:46 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-08-31 20:12:45 ----D---- C:\Windows\system32\tr-TR
2010-08-31 20:12:44 ----D---- C:\Windows\system32\wbem
2010-08-31 20:12:43 ----D---- C:\Windows\system32\nl-NL
2010-08-31 20:12:43 ----D---- C:\Windows\system32\nb-NO
2010-08-31 20:12:43 ----D---- C:\Windows\system32\ar-SA
2010-08-31 20:12:41 ----D---- C:\Windows\system32\pt-BR
2010-08-31 20:12:41 ----D---- C:\Windows\system32\migwiz
2010-08-31 20:12:13 ----D---- C:\Windows\AppPatch
2010-08-31 20:12:05 ----D---- C:\Windows\Boot
2010-08-31 20:12:04 ----D---- C:\Windows\system32\Boot
2010-08-31 20:07:36 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-31 19:54:48 ----A---- C:\Windows\system32\ifxcardm.dll
2010-08-31 19:54:24 ----A---- C:\Windows\system32\axaltocm.dll
2010-08-31 19:42:52 ----D---- C:\Windows\system32\zh-HK
2010-08-31 19:42:52 ----D---- C:\Windows\system32\uk-UA
2010-08-31 19:42:52 ----D---- C:\Windows\system32\th-TH
2010-08-31 19:42:52 ----D---- C:\Windows\system32\sr-Latn-CS
2010-08-31 19:42:51 ----D---- C:\Windows\system32\sl-SI
2010-08-31 19:42:51 ----D---- C:\Windows\system32\sk-SK
2010-08-31 19:42:51 ----D---- C:\Windows\system32\lv-LV
2010-08-31 19:42:51 ----D---- C:\Windows\system32\lt-LT
2010-08-31 19:42:50 ----D---- C:\Windows\system32\hr-HR
2010-08-31 19:42:50 ----D---- C:\Windows\system32\et-EE
2010-08-31 19:42:50 ----D---- C:\Windows\system32\bg-BG
2010-08-30 21:56:47 ----D---- C:\Windows\Prefetch
2010-08-30 21:52:26 ----RSD---- C:\Windows\Fonts
2010-08-30 21:29:11 ----D---- C:\Users\Jan Strnad\AppData\Roaming\OpenOffice.org2
2010-08-30 21:27:44 ----D---- C:\Hry
2010-08-27 12:43:50 ----D---- C:\ProgramData\Roxio
2010-08-11 00:44:11 ----D---- C:\Users\Jan Strnad\AppData\Roaming\Mumble
2010-08-03 17:12:30 ----D---- C:\Users\Jan Strnad\AppData\Roaming\uTorrent
2010-08-03 11:09:32 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-03-21 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 457304]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-03-09 309248]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-04-16 1161152]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-02-26 3520512]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-26 179712]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-13 534016]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-06-26 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-26 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-05-11 79664]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-05-11 81200]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-05-11 16432]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-18 49664]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-12 181432]
S2 IgorPlug;IgorPlug-USB Driver; C:\Windows\System32\Drivers\IgorPlug.sys [2003-01-02 18244]
S3 aixcd5pf;aixcd5pf; C:\Windows\system32\drivers\aixcd5pf.sys []
S3 ATSWPDRV;(****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-04-10 140808]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-13 534016]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-06-26 220160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-02-26 3520512]
S3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-04-16 9216]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-02-26 655360]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
R2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-13 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-06 887544]
S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

Re: preventivni kontrola

Napsal: 01 zář 2010 23:03
od motji
Dobrý večer :)
Máte s počítačem nějaké problémy?

Re: preventivni kontrola

Napsal: 01 zář 2010 23:21
od Jan Strnad
Snad jen ze obcas zlobi firewall. Pouzivam ZA a nekdy jakoby z niceho nic nechtel zadny program pustit na internet. Tzn nenacte se nova stranka v prohlizeci, pokud vypnu komnikator qip, tak uz se znova nepripoji apod. Staci restartovat pocitac, nebo vypnout firewall a vse funguje.

Re: preventivni kontrola

Napsal: 02 zář 2010 09:37
od motji
Můžu se pro jistotu podívat po breberkách, ale to bude spíš chyba firewallu. Kterou verzi máte?

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: preventivni kontrola

Napsal: 02 zář 2010 11:23
od Jan Strnad
ZoneAlarm version:9.2.057.000


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4528

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

2.9.2010 12:21:33
mbam-log-2010-09-02 (12-21-33).txt

Typ skenu: Úplný sken (C:\|E:\|)
Skenované objekty: 303317
Uplynulý čas: 1 hodina(y), 18 minuta(y), 13 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Jan Strnad\AppData\Local\9E12BE000842A13EA3ACD88726C8F484.EXE (FakeMS) -> No action taken.
C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> No action taken.

Re: preventivni kontrola

Napsal: 02 zář 2010 12:27
od motji
Co našel mbam, smažte.


:arrow: Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe



- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna :!:

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Re: preventivni kontrola

Napsal: 02 zář 2010 14:01
od Jan Strnad
Co nasel mbam jsem smazal.

A tady je log:
ComboFix 10-09-01.04 - Jan Strnad 02.09.2010 14:27:57.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.2943.1980 [GMT 2:00]
Spuštěný z: c:\users\Jan Strnad\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090630-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1296 [VPS 090630-0] *enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
Tyto soubory byly během aplikování deaktivovány:
c:\windows\system32\APSHook.dll


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Jan Strnad\AppData\Local\1F6A32D949E6BC5C752458292FF1943F.EXE
c:\users\Jan Strnad\AppData\Local\522B0B90E830E09CE0E387C1A6ED0F59.EXE
c:\users\Jan Strnad\AppData\Local\B39886898AF032F6FE8627A5810C1557.EXE
c:\windows\IMAGE.EXE.LOG
c:\windows\system32\drivers\etc\lmhosts

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-02 do 2010-09-02 )))))))))))))))))))))))))))))))
.

2010-09-02 12:39 . 2010-09-02 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-02 09:49 . 2010-01-21 19:59 81920 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Thunderbird\Profiles\0sjih0uu.default\extensions\mintrayr@tn123.ath.cx\components\trayToolkit.dll
2010-09-02 08:56 . 2010-09-02 08:56 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\Malwarebytes
2010-09-02 08:56 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-02 08:56 . 2010-09-02 08:56 -------- d-----w- c:\programdata\Malwarebytes
2010-09-02 08:56 . 2010-09-02 08:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-02 08:56 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-01 22:03 . 2010-09-01 22:03 -------- d-----w- c:\programdata\NOS
2010-09-01 22:03 . 2010-09-01 22:03 -------- d-----w- c:\program files\NOS
2010-09-01 22:03 . 2010-08-13 07:13 35136 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2010-09-01 22:03 . 2010-08-13 07:13 32032 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2010-09-01 12:19 . 2010-09-01 12:27 -------- d-----w- c:\program files\trend micro
2010-09-01 12:18 . 2010-09-01 12:23 -------- d-----w- C:\rsit
2010-08-31 19:44 . 2010-08-31 19:44 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\Thunderbird
2010-08-31 19:44 . 2010-08-31 19:44 -------- d-----w- c:\users\Jan Strnad\AppData\Local\Thunderbird
2010-08-31 19:44 . 2010-08-31 19:44 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-08-31 19:20 . 2010-07-17 03:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-31 19:17 . 2010-08-31 19:17 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\CheckPoint
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\Conduit
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\ZoneAlarm
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\CheckPoint
2010-08-31 19:15 . 2010-04-05 17:03 902024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-31 19:15 . 2010-04-05 17:02 220040 ----a-w- c:\windows\system32\drivers\netio.sys
2010-08-31 19:15 . 2010-04-05 17:02 98184 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2010-08-31 19:15 . 2010-04-05 16:29 438272 ----a-w- c:\windows\system32\IKEEXT.DLL
2010-08-31 19:15 . 2010-04-05 16:29 595456 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2010-08-31 19:15 . 2010-04-05 16:28 328704 ----a-w- c:\windows\system32\BFE.DLL
2010-08-31 18:12 . 2010-08-31 18:12 -------- d-----w- C:\PerfLogs
2010-08-31 17:42 . 2010-08-31 16:54 47560 ----a-w- c:\windows\system32\SPReview.exe
2010-08-31 17:42 . 2010-08-31 16:54 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2010-08-31 17:13 . 2008-01-18 21:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2010-08-31 17:13 . 2008-01-18 21:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2010-08-31 17:12 . 2008-01-18 21:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe
2010-08-31 17:12 . 2008-01-18 21:36 142336 ----a-w- c:\windows\system32\spp.dll
2010-08-31 17:12 . 2008-01-18 21:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2010-08-31 17:02 . 2008-01-18 21:34 62464 ----a-w- c:\windows\system32\mfvdsp.dll
2010-08-31 17:01 . 2008-01-18 21:34 217600 ----a-w- c:\windows\system32\InkEd.dll
2010-08-31 16:59 . 2008-01-18 21:33 44032 ----a-w- c:\windows\system32\cbsra.exe
2010-08-30 19:51 . 2010-08-30 19:51 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-08-30 19:51 . 2010-08-30 19:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-08-30 19:51 . 2010-08-30 19:51 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-08-30 19:51 . 2010-08-30 19:51 23552 ----a-w- c:\windows\system32\lpk.dll
2010-08-30 19:51 . 2010-08-30 19:51 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-08-30 19:51 . 2010-08-30 19:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-08-30 19:47 . 2010-08-30 19:47 98304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-30 19:47 . 2010-08-30 19:47 301568 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-30 19:47 . 2010-08-30 19:47 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-08-30 19:47 . 2010-08-30 19:47 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-08-30 19:47 . 2010-08-30 19:47 17920 ----a-w- c:\windows\system32\netevent.dll
2010-08-30 19:47 . 2010-08-30 19:47 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-08-30 19:47 . 2010-08-30 19:47 104960 ----a-w- c:\windows\system32\netiohlp.dll
2010-08-30 19:47 . 2010-08-30 19:47 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-08-30 19:47 . 2010-08-30 19:47 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-08-30 19:47 . 2010-08-30 19:47 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-08-30 19:47 . 2010-08-30 19:47 10240 ----a-w- c:\windows\system32\finger.exe
2010-08-30 19:46 . 2010-08-30 19:46 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-08-30 19:46 . 2010-08-30 19:46 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-08-30 19:46 . 2010-08-30 19:46 64512 ----a-w- c:\windows\system32\wlanapi.dll
2010-08-30 19:46 . 2010-08-30 19:46 513024 ----a-w- c:\windows\system32\wlansvc.dll
2010-08-30 19:46 . 2010-08-30 19:46 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-08-30 19:46 . 2010-08-30 19:46 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-08-30 19:46 . 2010-08-30 19:46 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2010-08-30 19:45 . 2010-08-30 19:45 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-08-30 19:45 . 2010-08-30 19:45 1257472 ----a-w- c:\windows\system32\msxml3.dll
2010-08-30 19:45 . 2010-08-30 19:45 1399296 ----a-w- c:\windows\system32\msxml6.dll
2010-08-30 19:45 . 2010-08-30 19:45 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-08-30 19:45 . 2010-08-30 19:45 213504 ----a-w- c:\windows\system32\msv1_0.dll
2010-08-30 19:44 . 2010-08-30 19:44 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-08-30 19:44 . 2010-08-30 19:44 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-08-30 19:44 . 2010-08-30 19:44 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-08-30 19:44 . 2010-08-30 19:44 98816 ----a-w- c:\windows\system32\mfps.dll
2010-08-30 19:44 . 2010-08-30 19:44 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-08-30 19:44 . 2010-08-30 19:44 2868224 ----a-w- c:\windows\system32\mf.dll
2010-08-30 19:44 . 2010-08-30 19:44 2048 ----a-w- c:\windows\system32\mferror.dll
2010-08-30 19:43 . 2010-08-30 19:43 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-08-30 19:43 . 2010-08-30 19:43 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-08-30 19:43 . 2010-08-30 19:43 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-30 19:43 . 2010-08-30 19:43 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-08-30 19:42 . 2010-08-30 19:42 71680 ----a-w- c:\windows\system32\atl.dll
2010-08-30 19:41 . 2010-08-30 19:41 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-08-30 19:41 . 2010-08-30 19:41 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-08-30 19:41 . 2010-08-30 19:41 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-08-30 19:40 . 2010-08-30 19:41 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-08-30 19:40 . 2010-08-30 19:40 269312 ----a-w- c:\windows\system32\es.dll
2010-08-30 19:40 . 2010-08-30 19:40 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2010-08-30 19:37 . 2010-08-30 19:37 2048 ----a-w- c:\windows\system32\tzres.dll
2010-08-30 19:37 . 2010-08-30 19:37 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-08-30 19:36 . 2010-08-30 19:36 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-08-30 19:36 . 2010-08-30 19:36 9728 ----a-w- c:\windows\system32\lsass.exe
2010-08-30 19:36 . 2010-08-30 19:36 72704 ----a-w- c:\windows\system32\secur32.dll
2010-08-30 19:36 . 2010-08-30 19:36 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-08-30 19:36 . 2010-08-30 19:36 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-08-30 19:36 . 2010-08-30 19:36 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2010-08-30 19:36 . 2010-08-30 19:36 270848 ----a-w- c:\windows\system32\schannel.dll
2010-08-30 19:32 . 2010-08-30 19:32 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-08-30 19:32 . 2010-08-30 19:32 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-08-30 19:32 . 2010-08-30 19:32 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-08-30 19:31 . 2010-05-21 12:14 221568 ----a-w- c:\windows\system32\MpSigStub.exe
2010-08-30 19:31 . 2010-08-30 19:31 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-08-30 19:31 . 2010-08-30 19:31 98304 ----a-w- c:\windows\system32\cabview.dll
2010-08-30 19:28 . 2010-08-30 19:28 2035712 ----a-w- c:\windows\system32\win32k.sys
2010-08-30 19:26 . 2010-08-30 19:26 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-08-30 19:25 . 2010-08-30 19:25 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-08-30 19:25 . 2010-08-30 19:25 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-08-30 19:25 . 2010-08-30 19:25 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-08-30 19:25 . 2010-08-30 19:25 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-08-30 19:25 . 2010-08-30 19:25 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-08-30 19:25 . 2010-08-30 19:25 472064 ----a-w- c:\windows\system32\secproc.dll
2010-08-30 19:25 . 2010-08-30 19:25 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-08-30 19:25 . 2010-08-30 19:25 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-08-30 19:25 . 2010-08-30 19:25 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-08-30 19:23 . 2010-08-30 19:23 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-08-30 19:23 . 2010-08-30 19:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-08-30 19:23 . 2010-08-30 19:23 1695744 ----a-w- c:\windows\system32\gameux.dll
2010-08-30 19:22 . 2010-08-30 19:22 61440 ----a-w- c:\windows\system32\msasn1.dll
2010-08-30 19:21 . 2010-08-30 19:21 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-08-30 19:21 . 2010-08-30 19:21 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-30 19:21 . 2010-08-30 19:21 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-30 19:20 . 2010-08-30 19:20 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-30 19:20 . 2010-08-30 19:20 281600 ----a-w- c:\windows\system32\raschap.dll
2010-08-30 19:20 . 2010-08-30 19:20 244224 ----a-w- c:\windows\system32\rastls.dll
2010-08-30 19:19 . 2010-08-30 19:19 351232 ----a-w- c:\windows\system32\WSDApi.dll
2010-08-30 19:19 . 2010-08-30 19:19 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-08-30 19:19 . 2010-08-30 19:19 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-08-30 19:19 . 2010-08-30 19:19 123904 ----a-w- c:\windows\system32\msvfw32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-02 12:40 . 2007-02-12 11:00 836 ----a-w- c:\windows\bthservsdp.dat
2010-09-02 12:29 . 2007-01-08 21:12 653910 ----a-w- c:\windows\system32\perfh005.dat
2010-09-02 12:29 . 2007-01-08 21:12 137126 ----a-w- c:\windows\system32\perfc005.dat
2010-09-02 12:09 . 2008-07-02 07:33 -------- d-----w- c:\program files\ICQToolbar
2010-09-02 07:30 . 2008-03-12 17:15 -------- d-----w- c:\program files\Google
2010-09-01 22:54 . 2008-03-13 23:16 1 ----a-w- c:\users\Jan Strnad\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-09-01 22:54 . 2008-03-13 23:15 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\OpenOffice.org2
2010-09-01 15:14 . 2007-07-13 03:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-31 19:20 . 2007-07-13 05:03 -------- d-----w- c:\program files\Common Files\Java
2010-08-31 19:20 . 2007-07-13 05:03 -------- d-----w- c:\program files\Java
2010-08-31 19:17 . 2010-08-31 19:14 421442 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2010-08-31 19:17 . 2010-08-31 19:17 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\CheckPoint
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\CheckPoint
2010-08-31 19:14 . 2010-08-31 19:14 -------- d-----w- c:\program files\Zone Labs
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-31 18:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-31 18:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-31 18:12 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-31 17:54 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-08-31 17:54 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-08-30 19:58 . 2008-03-12 17:27 122160 ----a-w- c:\users\Jan Strnad\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-30 19:49 . 2010-08-30 19:49 72704 ----a-w- c:\windows\system32\admparse.dll
2010-08-30 19:49 . 2010-08-30 19:49 833024 ----a-w- c:\windows\system32\wininet.dll
2010-08-30 19:49 . 2010-08-30 19:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-08-30 19:49 . 2010-08-30 19:49 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-08-30 19:49 . 2010-08-30 19:49 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-08-30 19:36 . 2010-08-30 19:36 270848 ----a-w- c:\windows\system32\schannel.dll
2010-08-30 19:23 . 2010-08-30 19:23 2560 ----a-w- c:\windows\AppPatch\AcRes.dll
2010-08-30 19:23 . 2010-08-30 19:23 2153984 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-08-30 19:23 . 2010-08-30 19:23 541696 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-08-30 19:23 . 2010-08-30 19:23 459776 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-08-30 19:23 . 2010-08-30 19:23 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-08-27 10:43 . 2007-07-13 04:36 -------- d-----w- c:\programdata\Roxio
2010-08-10 22:44 . 2010-04-01 16:48 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\Mumble
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\tf2.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\l4d2.dll
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\gmod.dll
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\dods.dll
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\css.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\bfbc2.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\bf2.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\arma2.dll
2010-08-03 15:12 . 2008-03-23 15:56 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\uTorrent
2010-07-27 18:00 . 2010-04-01 16:52 24744 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\wow.dll
2010-07-27 18:00 . 2010-06-06 11:28 22696 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\borderlands.dll
2010-07-14 21:31 . 2009-10-20 17:24 680 ----a-w- c:\users\Jan Strnad\AppData\Local\d3d9caps.dat
2010-06-23 11:51 . 2010-08-31 19:14 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-06-23 11:51 . 2010-08-31 19:14 69120 ----a-w- c:\windows\system32\zlcomm.dll
2010-06-23 11:51 . 2010-08-31 19:14 103936 ----a-w- c:\windows\system32\zlcommdb.dll
2010-06-06 11:28 . 2010-04-22 17:55 21672 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\cs.dll
2010-06-06 11:28 . 2010-04-01 16:52 21672 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\lotro.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ----a-w- c:\program files\ZoneAlarm\tbZone.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-15 1097728]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-3-12 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 IgorPlug;IgorPlug-USB Driver;c:\windows\system32\Drivers\IgorPlug.sys [2003-01-02 18244]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-18 21504]
R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-03-21 717296]
S1 aswSP;avast! Self Protection; [x]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-18 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-18 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-26 179712]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-09-02 c:\windows\Tasks\User_Feed_Synchronization-{7252510C-F76C-4D1A-B5BB-4E0AC960E661}.job
- c:\windows\system32\msfeedssync.exe [2010-08-31 21:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {A3051930-4C5D-4E36-A4F5-312FD735A2E5} = 192.168.1.61
FF - ProfilePath - c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.idnes.cz
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-02 14:47
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\windows\TEMP\TMP00000043A333287A4F70EEFC 524288 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
Binary file raw_enum.dat matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{09ecb546-97ca-4d36-bb8e-7bfba96a9924}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:15020054
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2805e90c-341c-495d-8d89-0c1a790bfd7c}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:06001422
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2ad64e8e-7dd5-4b9a-bacb-222874d08211}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:11001641
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{35651d03-cf59-49d5-9ff6-1a870d591db5}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0d0017a4
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{3f343453-ecf9-4aa8-bdc0-6a0044b37778}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:1b000000
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{58edd655-febc-4d4b-9a6e-a0c0a48a7c19}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0f001a4b
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{5a4b8a90-be4a-4747-95e8-b8bd7c78b39e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:10001641
"Dhcpv6State"=dword:00000000
"NameServer"=""
"Domain"=""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{630066ce-051d-413a-8df6-74e7fe462d2c}]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{7264167c-9e01-4d92-8270-e625fe51c842}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:1c000000
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{7da5a327-a1bd-44ee-aae3-f450eda0b81d}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:11001a73
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{91878f2e-7c70-41fc-8591-38450073c120}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:1d000000
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{a3051930-4c5d-4e36-a4f5-312fd735a2e5}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c001a4b
"Dhcpv6State"=dword:00000000
"NameServer"=""
"Domain"=""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{bc034e1f-1e50-4edb-abad-13e0243a8137}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c0002a5
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ca3dcfaf-ecd4-4958-be8c-9b9526b71007}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:1c000000
"Dhcpv6State"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{d3ba23f9-c26f-4d8d-869f-0d939430e473}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0f001a73
"Dhcpv6State"=dword:00000002
"NameServer"=""
"Domain"=""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f8b9ab0c-f9e8-47f4-ba0b-9ddcc01bffb2}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:07001422
"Dhcpv6State"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(676)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'Explorer.exe'(5244)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\btmmhook.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\windows\system32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Celkový čas: 2010-09-02 14:53:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-02 12:53

Před spuštěním: 8 070 008 832
Po spuštění: 9 420 554 240

- - End Of File - - 130304ED4D08CE1F0B2347902A155E8A

Re: preventivni kontrola

Napsal: 02 zář 2010 15:41
od motji
:arrow: Otestujte na www.virustotal.com

c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\cs.dll
c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\lotro.dll



-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.

Re: preventivni kontrola

Napsal: 02 zář 2010 16:00
od Jan Strnad
http://www.virustotal.com/file-scan/rep ... 1283439349
http://www.virustotal.com/file-scan/rep ... 1283439511

Re: preventivni kontrola

Napsal: 02 zář 2010 20:42
od motji
-Následně se pc restartuje.
- Log vložte zde :)


:arrow: Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Reglock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{09ecb546-97ca-4d36-bb8e-7bfba96a9924}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2805e90c-341c-495d-8d89-0c1a790bfd7c}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2ad64e8e-7dd5-4b9a-bacb-222874d08211}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{35651d03-cf59-49d5-9ff6-1a870d591db5}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{3f343453-ecf9-4aa8-bdc0-6a0044b37778}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{58edd655-febc-4d4b-9a6e-a0c0a48a7c19}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{5a4b8a90-be4a-4747-95e8-b8bd7c78b39e}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{630066ce-051d-413a-8df6-74e7fe462d2c}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{7264167c-9e01-4d92-8270-e625fe51c842}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{7da5a327-a1bd-44ee-aae3-f450eda0b81d}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{91878f2e-7c70-41fc-8591-38450073c120}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{a3051930-4c5d-4e36-a4f5-312fd735a2e5}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{bc034e1f-1e50-4edb-abad-13e0243a8137}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ca3dcfaf-ecd4-4958-be8c-9b9526b71007}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{d3ba23f9-c26f-4d8d-869f-0d939430e473}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f8b9ab0c-f9e8-47f4-ba0b-9ddcc01bffb2}]

Collect::
c:\windows\TEMP\TMP00000043A333287A4F70EEFC

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek


-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Re: preventivni kontrola

Napsal: 02 zář 2010 21:16
od Jan Strnad
ComboFix 10-09-01.04 - Jan Strnad 02.09.2010 21:56:43.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.2943.1860 [GMT 2:00]
Spuštěný z: c:\users\Jan Strnad\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jan Strnad\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090630-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1296 [VPS 090630-0] *enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-08-02 do 2010-09-02 )))))))))))))))))))))))))))))))
.

2010-09-02 20:06 . 2010-09-02 20:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-02 20:06 . 2010-09-02 20:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-02 09:49 . 2010-01-21 19:59 81920 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Thunderbird\Profiles\0sjih0uu.default\extensions\mintrayr@tn123.ath.cx\components\trayToolkit.dll
2010-09-02 08:56 . 2010-09-02 08:56 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\Malwarebytes
2010-09-02 08:56 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-02 08:56 . 2010-09-02 08:56 -------- d-----w- c:\programdata\Malwarebytes
2010-09-02 08:56 . 2010-09-02 08:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-02 08:56 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-01 22:03 . 2010-09-01 22:03 -------- d-----w- c:\programdata\NOS
2010-09-01 22:03 . 2010-09-01 22:03 -------- d-----w- c:\program files\NOS
2010-09-01 22:03 . 2010-08-13 07:13 35136 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2010-09-01 22:03 . 2010-08-13 07:13 32032 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2010-09-01 12:19 . 2010-09-01 12:27 -------- d-----w- c:\program files\trend micro
2010-09-01 12:18 . 2010-09-01 12:23 -------- d-----w- C:\rsit
2010-08-31 19:44 . 2010-08-31 19:44 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\Thunderbird
2010-08-31 19:44 . 2010-08-31 19:44 -------- d-----w- c:\users\Jan Strnad\AppData\Local\Thunderbird
2010-08-31 19:44 . 2010-08-31 19:44 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-08-31 19:20 . 2010-07-17 03:00 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-31 19:17 . 2010-08-31 19:17 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\CheckPoint
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\Conduit
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\ZoneAlarm
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\CheckPoint
2010-08-31 19:15 . 2010-04-05 17:03 902024 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-31 19:15 . 2010-04-05 17:02 220040 ----a-w- c:\windows\system32\drivers\netio.sys
2010-08-31 19:15 . 2010-04-05 17:02 98184 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2010-08-31 19:15 . 2010-04-05 16:29 438272 ----a-w- c:\windows\system32\IKEEXT.DLL
2010-08-31 19:15 . 2010-04-05 16:29 595456 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2010-08-31 19:15 . 2010-04-05 16:28 328704 ----a-w- c:\windows\system32\BFE.DLL
2010-08-31 18:12 . 2010-08-31 18:12 -------- d-----w- C:\PerfLogs
2010-08-31 17:42 . 2010-08-31 16:54 47560 ----a-w- c:\windows\system32\SPReview.exe
2010-08-31 17:42 . 2010-08-31 16:54 152576 ----a-w- c:\windows\system32\SPWizUI.dll
2010-08-31 17:13 . 2008-01-18 21:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2010-08-31 17:13 . 2008-01-18 21:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2010-08-31 17:12 . 2008-01-18 21:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe
2010-08-31 17:12 . 2008-01-18 21:36 142336 ----a-w- c:\windows\system32\spp.dll
2010-08-31 17:12 . 2008-01-18 21:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2010-08-31 17:02 . 2008-01-18 21:34 62464 ----a-w- c:\windows\system32\mfvdsp.dll
2010-08-31 17:01 . 2008-01-18 21:34 217600 ----a-w- c:\windows\system32\InkEd.dll
2010-08-31 16:59 . 2008-01-18 21:33 44032 ----a-w- c:\windows\system32\cbsra.exe
2010-08-30 19:51 . 2010-08-30 19:51 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-08-30 19:51 . 2010-08-30 19:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-08-30 19:51 . 2010-08-30 19:51 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-08-30 19:51 . 2010-08-30 19:51 23552 ----a-w- c:\windows\system32\lpk.dll
2010-08-30 19:51 . 2010-08-30 19:51 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-08-30 19:51 . 2010-08-30 19:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-08-30 19:47 . 2010-08-30 19:47 98304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-30 19:47 . 2010-08-30 19:47 301568 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-30 19:47 . 2010-08-30 19:47 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-08-30 19:47 . 2010-08-30 19:47 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-08-30 19:47 . 2010-08-30 19:47 17920 ----a-w- c:\windows\system32\netevent.dll
2010-08-30 19:47 . 2010-08-30 19:47 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-08-30 19:47 . 2010-08-30 19:47 104960 ----a-w- c:\windows\system32\netiohlp.dll
2010-08-30 19:47 . 2010-08-30 19:47 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-08-30 19:47 . 2010-08-30 19:47 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-08-30 19:47 . 2010-08-30 19:47 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-08-30 19:47 . 2010-08-30 19:47 10240 ----a-w- c:\windows\system32\finger.exe
2010-08-30 19:46 . 2010-08-30 19:46 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-08-30 19:46 . 2010-08-30 19:46 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-08-30 19:46 . 2010-08-30 19:46 64512 ----a-w- c:\windows\system32\wlanapi.dll
2010-08-30 19:46 . 2010-08-30 19:46 513024 ----a-w- c:\windows\system32\wlansvc.dll
2010-08-30 19:46 . 2010-08-30 19:46 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-08-30 19:46 . 2010-08-30 19:46 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-08-30 19:46 . 2010-08-30 19:46 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2010-08-30 19:45 . 2010-08-30 19:45 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-08-30 19:45 . 2010-08-30 19:45 1257472 ----a-w- c:\windows\system32\msxml3.dll
2010-08-30 19:45 . 2010-08-30 19:45 1399296 ----a-w- c:\windows\system32\msxml6.dll
2010-08-30 19:45 . 2010-08-30 19:45 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-08-30 19:45 . 2010-08-30 19:45 213504 ----a-w- c:\windows\system32\msv1_0.dll
2010-08-30 19:44 . 2010-08-30 19:44 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-08-30 19:44 . 2010-08-30 19:44 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-08-30 19:44 . 2010-08-30 19:44 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-08-30 19:44 . 2010-08-30 19:44 98816 ----a-w- c:\windows\system32\mfps.dll
2010-08-30 19:44 . 2010-08-30 19:44 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-08-30 19:44 . 2010-08-30 19:44 2868224 ----a-w- c:\windows\system32\mf.dll
2010-08-30 19:44 . 2010-08-30 19:44 2048 ----a-w- c:\windows\system32\mferror.dll
2010-08-30 19:43 . 2010-08-30 19:43 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-08-30 19:43 . 2010-08-30 19:43 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-08-30 19:43 . 2010-08-30 19:43 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-30 19:43 . 2010-08-30 19:43 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-08-30 19:42 . 2010-08-30 19:42 71680 ----a-w- c:\windows\system32\atl.dll
2010-08-30 19:41 . 2010-08-30 19:41 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-08-30 19:41 . 2010-08-30 19:41 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-08-30 19:41 . 2010-08-30 19:41 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-08-30 19:40 . 2010-08-30 19:41 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-08-30 19:40 . 2010-08-30 19:40 269312 ----a-w- c:\windows\system32\es.dll
2010-08-30 19:40 . 2010-08-30 19:40 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2010-08-30 19:37 . 2010-08-30 19:37 2048 ----a-w- c:\windows\system32\tzres.dll
2010-08-30 19:37 . 2010-08-30 19:37 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-08-30 19:36 . 2010-08-30 19:36 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-08-30 19:36 . 2010-08-30 19:36 9728 ----a-w- c:\windows\system32\lsass.exe
2010-08-30 19:36 . 2010-08-30 19:36 72704 ----a-w- c:\windows\system32\secur32.dll
2010-08-30 19:36 . 2010-08-30 19:36 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-08-30 19:36 . 2010-08-30 19:36 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-08-30 19:36 . 2010-08-30 19:36 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2010-08-30 19:36 . 2010-08-30 19:36 270848 ----a-w- c:\windows\system32\schannel.dll
2010-08-30 19:32 . 2010-08-30 19:32 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-08-30 19:32 . 2010-08-30 19:32 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-08-30 19:32 . 2010-08-30 19:32 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-08-30 19:31 . 2010-05-21 12:14 221568 ----a-w- c:\windows\system32\MpSigStub.exe
2010-08-30 19:31 . 2010-08-30 19:31 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-08-30 19:31 . 2010-08-30 19:31 98304 ----a-w- c:\windows\system32\cabview.dll
2010-08-30 19:28 . 2010-08-30 19:28 2035712 ----a-w- c:\windows\system32\win32k.sys
2010-08-30 19:26 . 2010-08-30 19:26 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-08-30 19:25 . 2010-08-30 19:25 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-08-30 19:25 . 2010-08-30 19:25 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-08-30 19:25 . 2010-08-30 19:25 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-08-30 19:25 . 2010-08-30 19:25 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-08-30 19:25 . 2010-08-30 19:25 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-08-30 19:25 . 2010-08-30 19:25 472064 ----a-w- c:\windows\system32\secproc.dll
2010-08-30 19:25 . 2010-08-30 19:25 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-08-30 19:25 . 2010-08-30 19:25 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-08-30 19:25 . 2010-08-30 19:25 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-08-30 19:23 . 2010-08-30 19:23 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-08-30 19:23 . 2010-08-30 19:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-08-30 19:23 . 2010-08-30 19:23 1695744 ----a-w- c:\windows\system32\gameux.dll
2010-08-30 19:22 . 2010-08-30 19:22 61440 ----a-w- c:\windows\system32\msasn1.dll
2010-08-30 19:21 . 2010-08-30 19:21 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-08-30 19:21 . 2010-08-30 19:21 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-08-30 19:21 . 2010-08-30 19:21 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-30 19:20 . 2010-08-30 19:20 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-30 19:20 . 2010-08-30 19:20 281600 ----a-w- c:\windows\system32\raschap.dll
2010-08-30 19:20 . 2010-08-30 19:20 244224 ----a-w- c:\windows\system32\rastls.dll
2010-08-30 19:19 . 2010-08-30 19:19 351232 ----a-w- c:\windows\system32\WSDApi.dll
2010-08-30 19:19 . 2010-08-30 19:19 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-08-30 19:19 . 2010-08-30 19:19 1314816 ----a-w- c:\windows\system32\quartz.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-02 16:58 . 2008-03-13 23:15 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\OpenOffice.org2
2010-09-02 16:38 . 2007-01-08 21:12 653910 ----a-w- c:\windows\system32\perfh005.dat
2010-09-02 16:38 . 2007-01-08 21:12 137126 ----a-w- c:\windows\system32\perfc005.dat
2010-09-02 16:36 . 2010-09-02 16:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-09-02 16:29 . 2008-03-13 23:16 1 ----a-w- c:\users\Jan Strnad\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-09-02 13:42 . 2007-02-12 11:00 836 ----a-w- c:\windows\bthservsdp.dat
2010-09-02 12:09 . 2008-07-02 07:33 -------- d-----w- c:\program files\ICQToolbar
2010-09-02 07:30 . 2008-03-12 17:15 -------- d-----w- c:\program files\Google
2010-09-01 15:14 . 2007-07-13 03:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-31 19:20 . 2007-07-13 05:03 -------- d-----w- c:\program files\Common Files\Java
2010-08-31 19:20 . 2007-07-13 05:03 -------- d-----w- c:\program files\Java
2010-08-31 19:17 . 2010-08-31 19:14 421442 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2010-08-31 19:17 . 2010-08-31 19:17 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\CheckPoint
2010-08-31 19:16 . 2010-08-31 19:16 -------- d-----w- c:\program files\CheckPoint
2010-08-31 19:14 . 2010-08-31 19:14 -------- d-----w- c:\program files\Zone Labs
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-08-31 18:13 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-31 18:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-31 18:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-31 18:12 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-31 17:54 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-08-31 17:54 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-08-30 19:58 . 2008-03-12 17:27 122160 ----a-w- c:\users\Jan Strnad\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-30 19:49 . 2010-08-30 19:49 72704 ----a-w- c:\windows\system32\admparse.dll
2010-08-30 19:49 . 2010-08-30 19:49 833024 ----a-w- c:\windows\system32\wininet.dll
2010-08-30 19:49 . 2010-08-30 19:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-08-30 19:49 . 2010-08-30 19:49 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-08-30 19:49 . 2010-08-30 19:49 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-08-30 19:36 . 2010-08-30 19:36 270848 ----a-w- c:\windows\system32\schannel.dll
2010-08-30 19:23 . 2010-08-30 19:23 2560 ----a-w- c:\windows\AppPatch\AcRes.dll
2010-08-30 19:23 . 2010-08-30 19:23 2153984 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-08-30 19:23 . 2010-08-30 19:23 541696 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-08-30 19:23 . 2010-08-30 19:23 459776 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-08-30 19:23 . 2010-08-30 19:23 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-08-27 10:43 . 2007-07-13 04:36 -------- d-----w- c:\programdata\Roxio
2010-08-10 22:44 . 2010-04-01 16:48 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\Mumble
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\tf2.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\l4d2.dll
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\gmod.dll
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\dods.dll
2010-08-03 18:03 . 2010-04-01 16:52 25256 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\css.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\bfbc2.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\bf2.dll
2010-08-03 18:03 . 2010-04-01 16:52 21160 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\arma2.dll
2010-08-03 15:12 . 2008-03-23 15:56 -------- d-----w- c:\users\Jan Strnad\AppData\Roaming\uTorrent
2010-07-27 18:00 . 2010-04-01 16:52 24744 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\wow.dll
2010-07-27 18:00 . 2010-06-06 11:28 22696 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\borderlands.dll
2010-07-14 21:31 . 2009-10-20 17:24 680 ----a-w- c:\users\Jan Strnad\AppData\Local\d3d9caps.dat
2010-06-23 11:51 . 2010-08-31 19:14 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-06-23 11:51 . 2010-08-31 19:14 69120 ----a-w- c:\windows\system32\zlcomm.dll
2010-06-23 11:51 . 2010-08-31 19:14 103936 ----a-w- c:\windows\system32\zlcommdb.dll
2010-06-06 11:28 . 2010-04-22 17:55 21672 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\cs.dll
2010-06-06 11:28 . 2010-04-01 16:52 21672 ----a-w- c:\users\Jan Strnad\AppData\Roaming\Mumble\Plugins\lotro.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ----a-w- c:\program files\ZoneAlarm\tbZone.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-15 1097728]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-3-12 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

R2 IgorPlug;IgorPlug-USB Driver;c:\windows\system32\Drivers\IgorPlug.sys [2003-01-02 18244]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-18 21504]
R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-03-21 717296]
S1 aswSP;avast! Self Protection; [x]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-18 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-18 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2007-05-08 540448]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-26 179712]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-09-02 c:\windows\Tasks\User_Feed_Synchronization-{7252510C-F76C-4D1A-B5BB-4E0AC960E661}.job
- c:\windows\system32\msfeedssync.exe [2010-08-31 21:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {A3051930-4C5D-4E36-A4F5-312FD735A2E5} = 192.168.1.61
FF - ProfilePath - c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.idnes.cz
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\Jan Strnad\AppData\Roaming\Mozilla\Firefox\Profiles\2ocmctco.novy5\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-02 22:06
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
Binary file raw_enum.dat matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(680)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'Explorer.exe'(5928)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\APSHook.dll
c:\windows\system32\btmmhook.dll
.
Celkový čas: 2010-09-02 22:10:25
ComboFix-quarantined-files.txt 2010-09-02 20:10
ComboFix2.txt 2010-09-02 12:53

Před spuštěním: Volných bajtů: 11 648 839 680
Po spuštění: Volných bajtů: 11 514 683 392

- - End Of File - - E88E1D85040592839A061C2209F682E1

Re: preventivni kontrola

Napsal: 02 zář 2010 21:22
od motji
Jak to vypadá s počítačem?

Re: preventivni kontrola

Napsal: 02 zář 2010 21:24
od Jan Strnad
Asi v poradku, nic nestandardniho nepozoruju:)

Re: preventivni kontrola

Napsal: 02 zář 2010 21:30
od motji
:arrow: Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



:arrow: Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

:arrow: Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz