VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pro Vyosek

https://forum.viry.cz:443/viewtopic.php?t=109817

Stránka 1 z 2

Pro Vyosek

Napsal: 25 úno 2011 16:57
od Junfan
Opět zdravím,
mohl bych poprosit o kontrolu? Na tomhle PC je pomalý start (Win.7 Pro) a zastavit zbytečné služby... Děkujiiii
Nedaří se mi to sem vložit - překročený limit znaků... Posílám na 2x




Logfile of random's system information tool 1.08 (written by random/random)
Run by Vlastik at 2011-02-25 15:37:43
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 184 GB (60%) free of 305 GB
Total RAM: 2046 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:37:50, on 25.2.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Vlastik\Desktop\Nemazat!!!!!!!!!!!!!\RSIT.exe
C:\Program Files\trend micro\Vlastik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe

--
End of file - 5546 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-20 6711840]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2424560]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-24 15:19:18 ----D---- C:\Windows\system32\SPReview
2011-02-24 15:18:21 ----D---- C:\Windows\system32\EventProviders
2011-02-24 15:16:15 ----A---- C:\Windows\system32\dfshim.dll
2011-02-24 15:16:11 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-02-24 15:16:11 ----A---- C:\Windows\system32\mstscax.dll
2011-02-24 15:16:11 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-02-24 15:16:08 ----A---- C:\Windows\system32\d3d10warp.dll
2011-02-24 15:16:07 ----A---- C:\Windows\system32\mfc40u.dll
2011-02-24 15:16:07 ----A---- C:\Windows\system32\mfc40.dll
2011-02-24 15:16:05 ----A---- C:\Windows\system32\sysmain.dll
2011-02-24 15:16:04 ----A---- C:\Windows\system32\secproc_isv.dll
2011-02-24 15:16:04 ----A---- C:\Windows\system32\d2d1.dll
2011-02-24 15:16:03 ----A---- C:\Windows\system32\shell32.dll
2011-02-24 15:16:02 ----A---- C:\Windows\system32\secproc.dll
2011-02-24 15:16:02 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-02-24 15:16:01 ----A---- C:\Windows\system32\ieframe.dll
2011-02-24 15:16:00 ----A---- C:\Windows\system32\RMActivate.exe
2011-02-24 15:15:58 ----A---- C:\Windows\system32\spwizui.dll
2011-02-24 15:15:58 ----A---- C:\Windows\system32\mscoree.dll
2011-02-24 15:15:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-24 15:15:56 ----A---- C:\Windows\system32\mf.dll
2011-02-24 15:15:56 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-02-24 15:15:55 ----A---- C:\Windows\system32\mssrch.dll
2011-02-24 15:15:55 ----A---- C:\Windows\system32\iertutil.dll
2011-02-24 15:15:55 ----A---- C:\Windows\system32\CertEnroll.dll
2011-02-24 15:15:53 ----A---- C:\Windows\system32\wmp.dll
2011-02-24 15:15:53 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-02-24 15:15:53 ----A---- C:\Windows\system32\PresentationHost.exe
2011-02-24 15:15:53 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-02-24 15:15:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-24 15:15:52 ----A---- C:\Windows\system32\esent.dll
2011-02-24 15:15:52 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2011-02-24 15:15:51 ----A---- C:\Windows\system32\tquery.dll
2011-02-24 15:15:51 ----A---- C:\Windows\system32\schedsvc.dll
2011-02-24 15:15:51 ----A---- C:\Windows\system32\RacEngn.dll
2011-02-24 15:15:49 ----A---- C:\Windows\system32\ntdll.dll
2011-02-24 15:15:49 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-02-24 15:15:48 ----A---- C:\Windows\system32\rdpdd.dll
2011-02-24 15:15:48 ----A---- C:\Windows\system32\qmgr.dll
2011-02-24 15:15:47 ----A---- C:\Windows\system32\wininet.dll
2011-02-24 15:15:47 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-02-24 15:15:46 ----A---- C:\Windows\system32\wevtsvc.dll
2011-02-24 15:15:46 ----A---- C:\Windows\system32\urlmon.dll
2011-02-24 15:15:46 ----A---- C:\Windows\system32\ole32.dll
2011-02-24 15:15:46 ----A---- C:\Windows\system32\CPFilters.dll
2011-02-24 15:15:45 ----A---- C:\Windows\system32\vssapi.dll
2011-02-24 15:15:45 ----A---- C:\Windows\system32\SearchFolder.dll
2011-02-24 15:15:45 ----A---- C:\Windows\system32\DWrite.dll
2011-02-24 15:15:45 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-02-24 15:15:45 ----A---- C:\Windows\system32\d3d9.dll
2011-02-24 15:15:44 ----A---- C:\Windows\system32\taskschd.dll
2011-02-24 15:15:44 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-02-24 15:15:44 ----A---- C:\Windows\explorer.exe
2011-02-24 15:15:43 ----A---- C:\Windows\system32\spreview.exe
2011-02-24 15:15:43 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2011-02-24 15:15:43 ----A---- C:\Windows\system32\mstsc.exe
2011-02-24 15:15:43 ----A---- C:\Windows\system32\kernel32.dll
2011-02-24 15:15:43 ----A---- C:\Windows\system32\FntCache.dll
2011-02-24 15:15:43 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-02-24 15:15:43 ----A---- C:\Windows\system32\crypt32.dll
2011-02-24 15:15:42 ----A---- C:\Windows\system32\wer.dll
2011-02-24 15:15:42 ----A---- C:\Windows\system32\termsrv.dll
2011-02-24 15:15:42 ----A---- C:\Windows\system32\spinstall.exe
2011-02-24 15:15:42 ----A---- C:\Windows\system32\rpcrt4.dll
2011-02-24 15:15:42 ----A---- C:\Windows\system32\certcli.dll
2011-02-24 15:15:41 ----A---- C:\Windows\system32\msxml6.dll
2011-02-24 15:15:41 ----A---- C:\Windows\system32\lsasrv.dll
2011-02-24 15:15:41 ----A---- C:\Windows\system32\gpsvc.dll
2011-02-24 15:15:41 ----A---- C:\Windows\system32\dwmcore.dll
2011-02-24 15:15:40 ----A---- C:\Windows\system32\wbengine.exe
2011-02-24 15:15:40 ----A---- C:\Windows\system32\odbc32.dll
2011-02-24 15:15:40 ----A---- C:\Windows\system32\MPSSVC.dll
2011-02-24 15:15:40 ----A---- C:\Windows\system32\diagperf.dll
2011-02-24 15:15:39 ----A---- C:\Windows\system32\WinSAT.exe
2011-02-24 15:15:39 ----A---- C:\Windows\system32\umrdp.dll
2011-02-24 15:15:39 ----A---- C:\Windows\system32\scavengeui.dll
2011-02-24 15:15:39 ----A---- C:\Windows\system32\quartz.dll
2011-02-24 15:15:39 ----A---- C:\Windows\system32\mstime.dll
2011-02-24 15:15:38 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-02-24 15:15:38 ----A---- C:\Windows\system32\tsmf.dll
2011-02-24 15:15:38 ----A---- C:\Windows\system32\localspl.dll
2011-02-24 15:15:38 ----A---- C:\Windows\system32\dot3api.dll
2011-02-24 15:15:37 ----A---- C:\Windows\system32\winhttp.dll
2011-02-24 15:15:37 ----A---- C:\Windows\system32\setupapi.dll
2011-02-24 15:15:37 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-24 15:15:37 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-24 15:15:37 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-02-24 15:15:37 ----A---- C:\Windows\system32\apphelp.dll
2011-02-24 15:15:36 ----A---- C:\Windows\system32\VSSVC.exe
2011-02-24 15:15:36 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-02-24 15:15:36 ----A---- C:\Windows\system32\dbgeng.dll
2011-02-24 15:15:35 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-02-24 15:15:35 ----A---- C:\Windows\system32\user32.dll
2011-02-24 15:15:35 ----A---- C:\Windows\system32\netlogon.dll
2011-02-24 15:15:35 ----A---- C:\Windows\system32\netcfgx.dll
2011-02-24 15:15:35 ----A---- C:\Windows\system32\d3d11.dll
2011-02-24 15:15:34 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-02-24 15:15:34 ----A---- C:\Windows\system32\winlogon.exe
2011-02-24 15:15:34 ----A---- C:\Windows\system32\webio.dll
2011-02-24 15:15:34 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-02-24 15:15:33 ----A---- C:\Windows\system32\WsmSvc.dll
2011-02-24 15:15:33 ----A---- C:\Windows\system32\upnp.dll
2011-02-24 15:15:33 ----A---- C:\Windows\system32\Query.dll
2011-02-24 15:15:33 ----A---- C:\Windows\system32\gpprefcl.dll
2011-02-24 15:15:33 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-02-24 15:15:33 ----A---- C:\Windows\system32\drivers\srv.sys
2011-02-24 15:15:33 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-02-24 15:15:33 ----A---- C:\Windows\system32\advapi32.dll
2011-02-24 15:15:32 ----A---- C:\Windows\system32\schannel.dll
2011-02-24 15:15:32 ----A---- C:\Windows\system32\netfxperf.dll
2011-02-24 15:15:32 ----A---- C:\Windows\system32\msv1_0.dll
2011-02-24 15:15:32 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-02-24 15:15:32 ----A---- C:\Windows\system32\lsm.exe
2011-02-24 15:15:32 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-02-24 15:15:31 ----A---- C:\Windows\system32\sppobjs.dll
2011-02-24 15:15:31 ----A---- C:\Windows\system32\SessEnv.dll
2011-02-24 15:15:31 ----A---- C:\Windows\system32\msdrm.dll
2011-02-24 15:15:31 ----A---- C:\Windows\system32\imapi2fs.dll
2011-02-24 15:15:31 ----A---- C:\Windows\system32\drivers\csc.sys
2011-02-24 15:15:31 ----A---- C:\Windows\system32\authui.dll
2011-02-24 15:15:30 ----A---- C:\Windows\system32\usp10.dll
2011-02-24 15:15:30 ----A---- C:\Windows\system32\shlwapi.dll
2011-02-24 15:15:30 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-02-24 15:15:30 ----A---- C:\Windows\system32\mcbuilder.exe
2011-02-24 15:15:30 ----A---- C:\Windows\system32\KernelBase.dll
2011-02-24 15:15:29 ----A---- C:\Windows\system32\winload.exe
2011-02-24 15:15:29 ----A---- C:\Windows\system32\userenv.dll
2011-02-24 15:15:29 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-02-24 15:15:29 ----A---- C:\Windows\system32\certmgr.dll
2011-02-24 15:15:28 ----A---- C:\Windows\system32\xpsservices.dll
2011-02-24 15:15:28 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-24 15:15:28 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-02-24 15:15:28 ----A---- C:\Windows\system32\comdlg32.dll
2011-02-24 15:15:28 ----A---- C:\Windows\system32\audiosrv.dll
2011-02-24 15:15:27 ----A---- C:\Windows\system32\sppwinob.dll
2011-02-24 15:15:27 ----A---- C:\Windows\system32\rpcss.dll
2011-02-24 15:15:27 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-02-24 15:15:27 ----A---- C:\Windows\system32\cmd.exe
2011-02-24 15:15:26 ----A---- C:\Windows\system32\Wldap32.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\win32spl.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\propsys.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\nlasvc.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\mfds.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\framedynos.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\dnsapi.dll
2011-02-24 15:15:26 ----A---- C:\Windows\system32\BFE.DLL
2011-02-24 15:15:25 ----A---- C:\Windows\system32\wuaueng.dll
2011-02-24 15:15:25 ----A---- C:\Windows\system32\winresume.exe
2011-02-24 15:15:25 ----A---- C:\Windows\system32\samsrv.dll
2011-02-24 15:15:25 ----A---- C:\Windows\system32\rdpendp.dll
2011-02-24 15:15:25 ----A---- C:\Windows\system32\profsvc.dll
2011-02-24 15:15:25 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-02-24 15:15:25 ----A---- C:\Windows\system32\drivers\netio.sys
2011-02-24 15:15:25 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-02-24 15:15:25 ----A---- C:\Windows\system32\cscsvc.dll
2011-02-24 15:15:24 ----A---- C:\Windows\system32\wucltux.dll
2011-02-24 15:15:24 ----A---- C:\Windows\system32\werconcpl.dll
2011-02-24 15:15:24 ----A---- C:\Windows\system32\rdpclip.exe
2011-02-24 15:15:24 ----A---- C:\Windows\system32\ncsi.dll
2011-02-24 15:15:24 ----A---- C:\Windows\system32\azroles.dll
2011-02-24 15:15:24 ----A---- C:\Windows\system32\appmgr.dll
2011-02-24 15:15:23 ----A---- C:\Windows\system32\themeui.dll
2011-02-24 15:15:23 ----A---- C:\Windows\system32\taskeng.exe
2011-02-24 15:15:23 ----A---- C:\Windows\system32\spp.dll
2011-02-24 15:15:23 ----A---- C:\Windows\system32\mswsock.dll
2011-02-24 15:15:23 ----A---- C:\Windows\system32\drivers\storport.sys
2011-02-24 15:15:23 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-02-24 15:15:23 ----A---- C:\Windows\system32\dhcpcore.dll
2011-02-24 15:15:23 ----A---- C:\Windows\system32\credui.dll
2011-02-24 15:15:22 ----A---- C:\Windows\system32\inetcomm.dll
2011-02-24 15:15:22 ----A---- C:\Windows\system32\drivers\http.sys
2011-02-24 15:15:21 ----A---- C:\Windows\system32\wintrust.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\taskcomp.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\msxml3.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\evr.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\dxgi.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-02-24 15:15:21 ----A---- C:\Windows\system32\dbghelp.dll
2011-02-24 15:15:21 ----A---- C:\Windows\system32\basecsp.dll
2011-02-24 15:15:20 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-02-24 15:15:20 ----A---- C:\Windows\system32\spoolsv.exe
2011-02-24 15:15:20 ----A---- C:\Windows\system32\gdi32.dll
2011-02-24 15:15:20 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-02-24 15:15:20 ----A---- C:\Windows\system32\calc.exe
2011-02-24 15:15:19 ----A---- C:\Windows\system32\vpnike.dll
2011-02-24 15:15:19 ----A---- C:\Windows\system32\srvsvc.dll
2011-02-24 15:15:19 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-02-24 15:15:19 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-02-24 15:15:19 ----A---- C:\Windows\system32\EncDec.dll
2011-02-24 15:15:19 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-02-24 15:15:18 ----A---- C:\Windows\system32\UIRibbon.dll
2011-02-24 15:15:18 ----A---- C:\Windows\system32\lpksetup.exe
2011-02-24 15:15:18 ----A---- C:\Windows\system32\fveapi.dll
2011-02-24 15:15:18 ----A---- C:\Windows\system32\cryptsvc.dll
2011-02-24 15:15:17 ----A---- C:\Windows\system32\ws2_32.dll
2011-02-24 15:15:17 ----A---- C:\Windows\system32\sxs.dll
2011-02-24 15:15:17 ----A---- C:\Windows\system32\netshell.dll
2011-02-24 15:15:17 ----A---- C:\Windows\system32\ie4uinit.exe
2011-02-24 15:15:17 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-02-24 15:15:16 ----A---- C:\Windows\system32\stobject.dll
2011-02-24 15:15:16 ----A---- C:\Windows\system32\prncache.dll
2011-02-24 15:15:16 ----A---- C:\Windows\system32\inetpp.dll
2011-02-24 15:15:16 ----A---- C:\Windows\system32\hgprint.dll
2011-02-24 15:15:16 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-02-24 15:15:16 ----A---- C:\Windows\system32\drivers\msdsm.sys
2011-02-24 15:15:16 ----A---- C:\Windows\system32\comctl32.dll
2011-02-24 15:15:15 ----A---- C:\Windows\system32\WSDApi.dll
2011-02-24 15:15:15 ----A---- C:\Windows\system32\wmpeffects.dll
2011-02-24 15:15:15 ----A---- C:\Windows\system32\rpchttp.dll
2011-02-24 15:15:15 ----A---- C:\Windows\system32\printui.dll
2011-02-24 15:15:15 ----A---- C:\Windows\system32\net1.exe
2011-02-24 15:15:15 ----A---- C:\Windows\system32\msi.dll
2011-02-24 15:15:15 ----A---- C:\Windows\system32\dps.dll
2011-02-24 15:15:14 ----A---- C:\Windows\system32\drivers\vmbus.sys
2011-02-24 15:15:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-02-24 15:15:14 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-02-24 15:15:14 ----A---- C:\Windows\system32\ci.dll
2011-02-24 15:15:14 ----A---- C:\Windows\system32\aitagent.exe
2011-02-24 15:15:14 ----A---- C:\Windows\system32\aepdu.dll
2011-02-24 15:15:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-02-24 15:15:13 ----A---- C:\Windows\system32\vds.exe
2011-02-24 15:15:13 ----A---- C:\Windows\system32\scansetting.dll
2011-02-24 15:15:13 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-02-24 15:15:13 ----A---- C:\Windows\system32\mfc42u.dll
2011-02-24 15:15:13 ----A---- C:\Windows\system32\FXSSVC.exe
2011-02-24 15:15:13 ----A---- C:\Windows\system32\drivers\pci.sys
2011-02-24 15:15:13 ----A---- C:\Windows\system32\davclnt.dll
2011-02-24 15:15:12 ----A---- C:\Windows\system32\wlangpui.dll
2011-02-24 15:15:12 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-02-24 15:15:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-02-24 15:15:12 ----A---- C:\Windows\system32\consent.exe
2011-02-24 15:15:12 ----A---- C:\Windows\system32\aaclient.dll
2011-02-24 15:15:11 ----A---- C:\Windows\system32\wpdshext.dll
2011-02-24 15:15:11 ----A---- C:\Windows\system32\webservices.dll
2011-02-24 15:15:11 ----A---- C:\Windows\system32\t2embed.dll
2011-02-24 15:15:11 ----A---- C:\Windows\system32\scrptadm.dll
2011-02-24 15:15:11 ----A---- C:\Windows\system32\pnidui.dll
2011-02-24 15:15:11 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-02-24 15:15:11 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-02-24 15:15:10 ----A---- C:\Windows\system32\tscfgwmi.dll
2011-02-24 15:15:10 ----A---- C:\Windows\system32\SyncCenter.dll
2011-02-24 15:15:10 ----A---- C:\Windows\system32\netdiagfx.dll
2011-02-24 15:15:10 ----A---- C:\Windows\system32\fde.dll
2011-02-24 15:15:10 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2011-02-24 15:15:10 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2011-02-24 15:15:10 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-02-24 15:15:09 ----A---- C:\Windows\system32\wuapi.dll
2011-02-24 15:15:09 ----A---- C:\Windows\system32\wscapi.dll
2011-02-24 15:15:09 ----A---- C:\Windows\system32\vmicsvc.exe
2011-02-24 15:15:09 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2011-02-24 15:15:09 ----A---- C:\Windows\system32\sdengin2.dll
2011-02-24 15:15:08 ----A---- C:\Windows\system32\WinSCard.dll
2011-02-24 15:15:08 ----A---- C:\Windows\system32\WFS.exe
2011-02-24 15:15:08 ----A---- C:\Windows\system32\cscobj.dll
2011-02-24 15:15:07 ----A---- C:\Windows\system32\wisptis.exe
2011-02-24 15:15:07 ----A---- C:\Windows\system32\winsta.dll
2011-02-24 15:15:07 ----A---- C:\Windows\system32\rdpcore.dll
2011-02-24 15:15:07 ----A---- C:\Windows\system32\pla.dll
2011-02-24 15:15:07 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-02-24 15:15:07 ----A---- C:\Windows\system32\msasn1.dll
2011-02-24 15:15:07 ----A---- C:\Windows\system32\mcmde.dll
2011-02-24 15:15:07 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-02-24 15:15:07 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-02-24 15:15:06 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-02-24 15:15:06 ----A---- C:\Windows\system32\wiaservc.dll
2011-02-24 15:15:06 ----A---- C:\Windows\system32\setupcl.exe
2011-02-24 15:15:06 ----A---- C:\Windows\system32\ntshrui.dll
2011-02-24 15:15:06 ----A---- C:\Windows\system32\imapi2.dll
2011-02-24 15:15:06 ----A---- C:\Windows\system32\iepeers.dll
2011-02-24 15:15:06 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2011-02-24 15:15:06 ----A---- C:\Windows\system32\conhost.exe
2011-02-24 15:15:05 ----A---- C:\Windows\system32\gameux.dll
2011-02-24 15:15:05 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-02-24 15:15:05 ----A---- C:\Windows\system32\aeinv.dll
2011-02-24 15:15:04 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-02-24 15:15:04 ----A---- C:\Windows\system32\shsvcs.dll
2011-02-24 15:15:04 ----A---- C:\Windows\system32\onex.dll
2011-02-24 15:15:04 ----A---- C:\Windows\system32\mssvp.dll
2011-02-24 15:15:04 ----A---- C:\Windows\system32\dwmredir.dll
2011-02-24 15:15:04 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-02-24 15:15:03 ----A---- C:\Windows\system32\winmm.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\vaultsvc.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\TabSvc.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\rasmans.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\netiohlp.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\Narrator.exe
2011-02-24 15:15:03 ----A---- C:\Windows\system32\hbaapi.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-02-24 15:15:03 ----A---- C:\Windows\system32\bootres.dll
2011-02-24 15:15:03 ----A---- C:\Windows\system32\autochk.exe
2011-02-24 15:15:03 ----A---- C:\Windows\system32\autofmt.exe
2011-02-24 15:15:03 ----A---- C:\Windows\system32\audiodg.exe
2011-02-24 15:15:02 ----A---- C:\Windows\system32\thumbcache.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\samcli.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\regapi.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\proquota.exe
2011-02-24 15:15:02 ----A---- C:\Windows\system32\msutb.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\msinfo32.exe
2011-02-24 15:15:02 ----A---- C:\Windows\system32\mimefilt.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-02-24 15:15:02 ----A---- C:\Windows\system32\halmacpi.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\hal.dll
2011-02-24 15:15:02 ----A---- C:\Windows\system32\autoconv.exe
2011-02-24 15:15:02 ----A---- C:\Windows\system32\AudioSes.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\wcncsvc.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\srchadmin.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\schtasks.exe
2011-02-24 15:15:01 ----A---- C:\Windows\system32\sbe.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\powercpl.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\msihnd.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\framedyn.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\eapphost.dll
2011-02-24 15:15:01 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-02-24 15:15:01 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-02-24 15:15:00 ----A---- C:\Windows\system32\sspicli.dll
2011-02-24 15:15:00 ----A---- C:\Windows\system32\mscorier.dll
2011-02-24 15:15:00 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-02-24 15:15:00 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-02-24 15:15:00 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-02-24 15:15:00 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-02-24 15:14:59 ----A---- C:\Windows\system32\wdc.dll
2011-02-24 15:14:59 ----A---- C:\Windows\system32\umpo.dll
2011-02-24 15:14:59 ----A---- C:\Windows\system32\QAGENT.DLL
2011-02-24 15:14:59 ----A---- C:\Windows\system32\netid.dll
2011-02-24 15:14:59 ----A---- C:\Windows\system32\DXP.dll
2011-02-24 15:14:59 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-02-24 15:14:59 ----A---- C:\Windows\system32\actxprxy.dll
2011-02-24 15:14:58 ----A---- C:\Windows\system32\untfs.dll
2011-02-24 15:14:58 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-02-24 15:14:58 ----A---- C:\Windows\system32\scesrv.dll
2011-02-24 15:14:58 ----A---- C:\Windows\system32\rastls.dll
2011-02-24 15:14:58 ----A---- C:\Windows\system32\oleaut32.dll
2011-02-24 15:14:58 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-02-24 15:14:57 ----A---- C:\Windows\system32\wlanpref.dll
2011-02-24 15:14:57 ----A---- C:\Windows\system32\Vault.dll
2011-02-24 15:14:57 ----A---- C:\Windows\system32\sppsvc.exe
2011-02-24 15:14:57 ----A---- C:\Windows\system32\sdclt.exe
2011-02-24 15:14:57 ----A---- C:\Windows\system32\RpcRtRemote.dll
2011-02-24 15:14:57 ----A---- C:\Windows\system32\nci.dll
2011-02-24 15:14:57 ----A---- C:\Windows\system32\ListSvc.dll
2011-02-24 15:14:57 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-24 15:14:56 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-02-24 15:14:56 ----A---- C:\Windows\system32\Robocopy.exe
2011-02-24 15:14:56 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-02-24 15:14:55 ----A---- C:\Windows\system32\taskmgr.exe
2011-02-24 15:14:55 ----A---- C:\Windows\system32\mtxclu.dll
2011-02-24 15:14:55 ----A---- C:\Windows\system32\msdri.dll
2011-02-24 15:14:55 ----A---- C:\Windows\system32\DxpTaskSync.dll
2011-02-24 15:14:55 ----A---- C:\Windows\system32\drivers\mpio.sys
2011-02-24 15:14:55 ----A---- C:\Windows\system32\Display.dll
2011-02-24 15:14:54 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-02-24 15:14:54 ----A---- C:\Windows\system32\userinit.exe
2011-02-24 15:14:54 ----A---- C:\Windows\system32\termmgr.dll
2011-02-24 15:14:54 ----A---- C:\Windows\system32\sharemediacpl.dll
2011-02-24 15:14:54 ----A---- C:\Windows\system32\puiobj.dll
2011-02-24 15:14:54 ----A---- C:\Windows\system32\mssphtb.dll
2011-02-24 15:14:54 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-02-24 15:14:54 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-02-24 15:14:54 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-02-24 15:14:54 ----A---- C:\Windows\system32\cscui.dll
2011-02-24 15:14:53 ----A---- C:\Windows\system32\eudcedit.exe
2011-02-24 15:14:53 ----A---- C:\Windows\system32\drivers\winhv.sys
2011-02-24 15:14:53 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2011-02-24 15:14:53 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-02-24 15:14:53 ----A---- C:\Windows\system32\DiagCpl.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\wiadefui.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\sppcomapi.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\shsetup.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\rasppp.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\msdtctm.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\msconfig.exe
2011-02-24 15:14:52 ----A---- C:\Windows\system32\logoncli.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\cabview.dll
2011-02-24 15:14:52 ----A---- C:\Windows\system32\biocpl.dll
2011-02-24 15:14:51 ----A---- C:\Windows\system32\themecpl.dll
2011-02-24 15:14:51 ----A---- C:\Windows\system32\SensorsCpl.dll
2011-02-24 15:14:51 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2011-02-24 15:14:51 ----A---- C:\Windows\system32\drivers\storvsc.sys
2011-02-24 15:14:50 ----A---- C:\Windows\system32\wpccpl.dll
2011-02-24 15:14:50 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2011-02-24 15:14:50 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2011-02-24 15:14:50 ----A---- C:\Windows\system32\dnscmmc.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\winsrv.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\tapisrv.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\scecli.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\mscories.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\hgcpl.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\fontext.dll
2011-02-24 15:14:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-02-24 15:14:48 ----A---- C:\Windows\system32\wkssvc.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\usercpl.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\srcore.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\SndVolSSO.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\mscms.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\mprddm.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\localsec.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\KMSVC.DLL
2011-02-24 15:14:48 ----A---- C:\Windows\system32\iasacct.dll
2011-02-24 15:14:48 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-02-24 15:14:48 ----A---- C:\Windows\system32\bcdsrv.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\wlanui.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\w32tm.exe
2011-02-24 15:14:47 ----A---- C:\Windows\system32\VAN.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\SndVol.exe
2011-02-24 15:14:47 ----A---- C:\Windows\system32\qedit.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\qdvd.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\prntvpt.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\netcenter.dll
2011-02-24 15:14:47 ----A---- C:\Windows\system32\mblctr.exe
2011-02-24 15:14:47 ----A---- C:\Windows\system32\batmeter.dll
2011-02-24 15:14:46 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-02-24 15:14:46 ----A---- C:\Windows\system32\wksprt.exe
2011-02-24 15:14:46 ----A---- C:\Windows\system32\spwizeng.dll
2011-02-24 15:14:46 ----A---- C:\Windows\system32\azroleui.dll
2011-02-24 15:14:45 ----A---- C:\Windows\system32\zipfldr.dll
2011-02-24 15:14:45 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-02-24 15:14:45 ----A---- C:\Windows\system32\fdeploy.dll
2011-02-24 15:14:45 ----A---- C:\Windows\system32\drivers\ks.sys
2011-02-24 15:14:45 ----A---- C:\Windows\system32\drivers\afd.sys
2011-02-24 15:14:45 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-02-24 15:14:44 ----A---- C:\Windows\system32\networkmap.dll
2011-02-24 15:14:44 ----A---- C:\Windows\system32\netjoin.dll
2011-02-24 15:14:44 ----A---- C:\Windows\system32\mspbda.dll
2011-02-24 15:14:44 ----A---- C:\Windows\system32\Faultrep.dll
2011-02-24 15:14:44 ----A---- C:\Windows\system32\cryptui.dll
2011-02-24 15:14:44 ----A---- C:\Windows\system32\adsldp.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\wusa.exe
2011-02-24 15:14:43 ----A---- C:\Windows\system32\sud.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\prnfldr.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\photowiz.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\msieftp.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-02-24 15:14:43 ----A---- C:\Windows\system32\ActionCenter.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\taskhost.exe
2011-02-24 15:14:42 ----A---- C:\Windows\system32\taskbarcpl.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\slui.exe
2011-02-24 15:14:42 ----A---- C:\Windows\system32\rdpcorekmts.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\iasrad.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-02-24 15:14:42 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2011-02-24 15:14:42 ----A---- C:\Windows\system32\credssp.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\wpd_ci.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\sisbkup.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\shwebsvc.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\recovery.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\odbcjt32.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\ifsutil.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\ieUnatt.exe
2011-02-24 15:14:41 ----A---- C:\Windows\system32\iesysprep.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\halacpi.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\ftp.exe
2011-02-24 15:14:41 ----A---- C:\Windows\system32\efscore.dll
2011-02-24 15:14:41 ----A---- C:\Windows\system32\dot3cfg.dll
2011-02-24 15:14:40 ----A---- C:\Windows\system32\syncui.dll
2011-02-24 15:14:40 ----A---- C:\Windows\system32\sdcpl.dll
2011-02-24 15:14:40 ----A---- C:\Windows\system32\rdpwsx.dll
2011-02-24 15:14:40 ----A---- C:\Windows\system32\DeviceCenter.dll
2011-02-24 15:14:40 ----A---- C:\Windows\system32\bcdedit.exe
2011-02-24 15:14:40 ----A---- C:\Windows\system32\autoplay.dll
2011-02-24 15:14:40 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\wmpmde.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\vdsutil.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\systemcpl.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\sppnp.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\rtutils.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\recdisc.exe
2011-02-24 15:14:39 ----A---- C:\Windows\system32\OobeFldr.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\ntprint.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\ntlanman.dll
2011-02-24 15:14:39 ----A---- C:\Windows\system32\dskquoui.dll
2011-02-24 15:14:38 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-02-24 15:14:38 ----A---- C:\Windows\system32\sethc.exe
2011-02-24 15:14:38 ----A---- C:\Windows\system32\rstrui.exe
2011-02-24 15:14:38 ----A---- C:\Windows\system32\riched20.dll
2011-02-24 15:14:38 ----A---- C:\Windows\system32\nshwfp.dll
2011-02-24 15:14:38 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-02-24 15:14:38 ----A---- C:\Windows\system32\blackbox.dll
2011-02-24 15:14:38 ----A---- C:\Windows\system32\bcdboot.exe
2011-02-24 15:14:37 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\netplwiz.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-02-24 15:14:37 ----A---- C:\Windows\system32\migisol.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\httpapi.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\fms.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-02-24 15:14:37 ----A---- C:\Windows\system32\dot3svc.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\cdosys.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\AxInstSv.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-02-24 15:14:37 ----A---- C:\Windows\system32\activeds.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\wuwebv.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\wsqmcons.exe
2011-02-24 15:14:36 ----A---- C:\Windows\system32\wlanmsm.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\wavemsp.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\ReAgent.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\nshipsec.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\nlaapi.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\msftedit.dll
2011-02-24 15:14:36 ----A---- C:\Windows\system32\isoburn.exe
2011-02-24 15:14:36 ----A---- C:\Windows\system32\asycfilt.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\wvc.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\wtsapi32.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\wimgapi.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\tzutil.exe
2011-02-24 15:14:35 ----A---- C:\Windows\system32\sysclass.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\provsvc.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\ocsetup.exe
2011-02-24 15:14:35 ----A---- C:\Windows\system32\dsuiext.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-02-24 15:14:35 ----A---- C:\Windows\system32\dot3ui.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\dfrgui.exe
2011-02-24 15:14:35 ----A---- C:\Windows\system32\appinfo.dll
2011-02-24 15:14:35 ----A---- C:\Windows\system32\AdmTmpl.dll
2011-02-24 15:14:34 ----A---- C:\Windows\system32\webcheck.dll
2011-02-24 15:14:34 ----A---- C:\Windows\system32\twext.dll
2011-02-24 15:14:34 ----A---- C:\Windows\system32\shdocvw.dll
2011-02-24 15:14:34 ----A---- C:\Windows\system32\mstask.dll
2011-02-24 15:14:34 ----A---- C:\Windows\system32\certprop.dll
2011-02-24 15:14:33 ----A---- C:\Windows\twain_32.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\wwanconn.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\uxlib.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\srrstr.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\slwga.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\setupugc.exe
2011-02-24 15:14:33 ----A---- C:\Windows\system32\qcap.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\qasf.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-02-24 15:14:33 ----A---- C:\Windows\system32\occache.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\msrating.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-24 15:14:33 ----A---- C:\Windows\system32\imm32.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\nslookup.exe
2011-02-24 15:14:32 ----A---- C:\Windows\system32\msvfw32.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\mciavi32.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\imgutil.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\clusapi.dll
2011-02-24 15:14:32 ----A---- C:\Windows\system32\audiodev.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\wimserv.exe
2011-02-24 15:14:31 ----A---- C:\Windows\system32\TSpkg.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\remotepg.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\rdpencom.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\raschap.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\perfmon.exe
2011-02-24 15:14:31 ----A---- C:\Windows\system32\msscp.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-02-24 15:14:31 ----A---- C:\Windows\system32\diskraid.exe
2011-02-24 15:14:31 ----A---- C:\Windows\system32\acppage.dll
2011-02-24 15:14:30 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2011-02-24 15:14:30 ----A---- C:\Windows\system32\sdrsvc.dll
2011-02-24 15:14:30 ----A---- C:\Windows\system32\QUTIL.DLL
2011-02-24 15:14:30 ----A---- C:\Windows\system32\odbccp32.dll
2011-02-24 15:14:30 ----A---- C:\Windows\system32\networkexplorer.dll
2011-02-24 15:14:30 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-02-24 15:14:30 ----A---- C:\Windows\system32\input.dll
2011-02-24 15:14:30 ----A---- C:\Windows\system32\browser.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\wpdwcn.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\wmpdxm.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\vpnikeapi.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\vdsbas.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\runonce.exe
2011-02-24 15:14:29 ----A---- C:\Windows\system32\onexui.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\olepro32.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\ocsetapi.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\nltest.exe
2011-02-24 15:14:29 ----A---- C:\Windows\system32\iTVData.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\inseng.dll
2011-02-24 15:14:29 ----A---- C:\Windows\system32\dxdiagn.dll
2011-02-24 15:14:29 ----A---- C:\Windows\bfsvc.exe
2011-02-24 15:14:28 ----A---- C:\Windows\system32\sspisrv.dll
2011-02-24 15:14:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-02-24 15:14:28 ----A---- C:\Windows\system32\msvidc32.dll
2011-02-24 15:14:28 ----A---- C:\Windows\system32\MFPlay.dll
2011-02-24 15:14:28 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-02-24 15:14:28 ----A---- C:\Windows\system32\logagent.exe
2011-02-24 15:14:28 ----A---- C:\Windows\system32\eapp3hst.dll
2011-02-24 15:14:28 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-02-24 15:14:27 ----A---- C:\Windows\system32\wudriver.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\wmpshell.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\unimdmat.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\sqlcese30.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\shacct.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\rdpd3d.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-02-24 15:14:27 ----A---- C:\Windows\system32\msiexec.exe
2011-02-24 15:14:27 ----A---- C:\Windows\system32\lsmproxy.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\iscsium.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\d3d10level9.dll
2011-02-24 15:14:27 ----A---- C:\Windows\system32\bitsadmin.exe
2011-02-24 15:14:26 ----A---- C:\Windows\system32\tabcal.exe
2011-02-24 15:14:26 ----A---- C:\Windows\system32\srvcli.dll
2011-02-24 15:14:26 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2011-02-24 15:14:26 ----A---- C:\Windows\system32\pdh.dll
2011-02-24 15:14:26 ----A---- C:\Windows\system32\OpcServices.dll
2011-02-24 15:14:26 ----A---- C:\Windows\system32\ncryptui.dll
2011-02-24 15:14:26 ----A---- C:\Windows\system32\mprapi.dll
2011-02-24 15:14:26 ----A---- C:\Windows\system32\logman.exe
2011-02-24 15:14:26 ----A---- C:\Windows\system32\cscapi.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\wwanprotdim.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\WPDSp.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\WMPhoto.dll

Re: Pro Vyosek

Napsal: 25 úno 2011 16:59
od Junfan
2011-02-24 15:14:25 ----A---- C:\Windows\system32\tsgqec.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-02-24 15:14:25 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\olethk32.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\odbctrac.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\MdSched.exe
2011-02-24 15:14:25 ----A---- C:\Windows\system32\mapistub.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\mapi32.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\lpremove.exe
2011-02-24 15:14:25 ----A---- C:\Windows\system32\djoin.exe
2011-02-24 15:14:25 ----A---- C:\Windows\system32\CscMig.dll
2011-02-24 15:14:25 ----A---- C:\Windows\system32\ActionQueue.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-02-24 15:14:24 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2011-02-24 15:14:24 ----A---- C:\Windows\system32\wiavideo.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\utildll.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-02-24 15:14:24 ----A---- C:\Windows\system32\takeown.exe
2011-02-24 15:14:24 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\iyuv_32.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\fphc.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\dot3msm.dll
2011-02-24 15:14:24 ----A---- C:\Windows\system32\avifil32.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-02-24 15:14:23 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\unattend.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\sqmapi.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\sppinst.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\qdv.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-02-24 15:14:23 ----A---- C:\Windows\system32\msyuv.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\msrle32.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\msnetobj.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\imagehlp.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-02-24 15:14:23 ----A---- C:\Windows\system32\cmstp.exe
2011-02-24 15:14:23 ----A---- C:\Windows\system32\cca.dll
2011-02-24 15:14:22 ----A---- C:\Windows\system32\WUDFx.dll
2011-02-24 15:14:22 ----A---- C:\Windows\system32\WUDFHost.exe
2011-02-24 15:14:22 ----A---- C:\Windows\system32\wsnmp32.dll
2011-02-24 15:14:22 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-02-24 15:14:22 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-02-24 15:14:22 ----A---- C:\Windows\system32\setupcln.dll
2011-02-24 15:14:22 ----A---- C:\Windows\system32\RelPost.exe
2011-02-24 15:14:22 ----A---- C:\Windows\system32\qprocess.exe
2011-02-24 15:14:22 ----A---- C:\Windows\system32\pdhui.dll
2011-02-24 15:14:22 ----A---- C:\Windows\system32\MuiUnattend.exe
2011-02-24 15:14:22 ----A---- C:\Windows\system32\basesrv.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\wuauclt.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\wkscli.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\WavDest.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\umb.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\tsbyuv.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\sppuinotify.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\spbcd.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\relog.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\qwinsta.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\netiougc.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\msorcl32.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\msg.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\iscsicli.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\iasrecst.dll
2011-02-24 15:14:21 ----A---- C:\Windows\system32\chglogon.exe
2011-02-24 15:14:21 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-02-24 15:14:21 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-02-24 15:14:21 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\syssetup.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\resutils.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\rastapi.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\quser.exe
2011-02-24 15:14:20 ----A---- C:\Windows\system32\nrpsrv.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\netbtugc.exe
2011-02-24 15:14:20 ----A---- C:\Windows\system32\mydocs.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\MultiDigiMon.exe
2011-02-24 15:14:20 ----A---- C:\Windows\system32\itircl.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\diskpart.exe
2011-02-24 15:14:20 ----A---- C:\Windows\system32\CertPolEng.dll
2011-02-24 15:14:20 ----A---- C:\Windows\system32\amstream.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\wuapp.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\wmpps.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\wiarpc.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\tskill.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\tsdiscon.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\tscon.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\tlscsp.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\secur32.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\rwinsta.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\ReAgentc.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\qappsrv.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\PrintBrmUi.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\netutils.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\logoff.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\chgusr.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\chgport.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\FXSTIFF.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\findstr.exe
2011-02-24 15:14:19 ----A---- C:\Windows\system32\eappgnui.dll
2011-02-24 15:14:19 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-02-24 15:14:18 ----A---- C:\Windows\system32\sppc.dll
2011-02-24 15:14:18 ----A---- C:\Windows\system32\shadow.exe
2011-02-24 15:14:18 ----A---- C:\Windows\system32\prevhost.exe
2011-02-24 15:14:18 ----A---- C:\Windows\system32\netapi32.dll
2011-02-24 15:14:18 ----A---- C:\Windows\system32\muifontsetup.dll
2011-02-24 15:14:18 ----A---- C:\Windows\system32\mobsync.exe
2011-02-24 15:14:18 ----A---- C:\Windows\system32\mciqtz32.dll
2011-02-24 15:14:18 ----A---- C:\Windows\system32\iccvid.dll
2011-02-24 15:14:18 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-02-24 15:14:18 ----A---- C:\Windows\system32\dosx.exe
2011-02-24 15:14:18 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-02-24 15:14:18 ----A---- C:\Windows\system32\cabinet.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\unlodctr.exe
2011-02-24 15:14:17 ----A---- C:\Windows\system32\spopk.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\shimgvw.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\repair-bde.exe
2011-02-24 15:14:17 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\netcfg.exe
2011-02-24 15:14:17 ----A---- C:\Windows\system32\msdmo.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\manage-bde.exe
2011-02-24 15:14:17 ----A---- C:\Windows\system32\luainstall.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-02-24 15:14:17 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2011-02-24 15:14:17 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2011-02-24 15:14:16 ----A---- C:\Windows\system32\vmstorfltres.dll
2011-02-24 15:14:16 ----A---- C:\Windows\system32\vmicres.dll
2011-02-24 15:14:16 ----A---- C:\Windows\system32\reset.exe
2011-02-24 15:14:16 ----A---- C:\Windows\system32\query.exe
2011-02-24 15:14:16 ----A---- C:\Windows\system32\inetmib1.dll
2011-02-24 15:14:16 ----A---- C:\Windows\system32\change.exe
2011-02-24 15:14:15 ----A---- C:\Windows\system32\wups.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\vmbusres.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\profprov.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\perfts.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\odbcconf.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\icaapi.dll
2011-02-24 15:14:15 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-02-24 15:14:15 ----A---- C:\Windows\system32\browcli.dll
2011-02-24 15:14:14 ----A---- C:\Windows\system32\TRAPI.dll
2011-02-24 15:14:14 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-24 15:14:14 ----A---- C:\Windows\system32\FXSMON.dll
2011-02-24 15:14:14 ----A---- C:\Windows\system32\elsTrans.dll
2011-02-24 15:14:14 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-02-24 15:14:14 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-02-24 15:14:13 ----A---- C:\Windows\system32\wshbth.dll
2011-02-24 15:14:13 ----A---- C:\Windows\system32\schedcli.dll
2011-02-24 15:14:13 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-02-24 15:14:13 ----A---- C:\Windows\system32\napdsnap.dll
2011-02-24 15:14:13 ----A---- C:\Windows\system32\LogonUI.exe
2011-02-24 15:14:13 ----A---- C:\Windows\system32\dsauth.dll
2011-02-24 15:14:13 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2011-02-24 15:14:13 ----A---- C:\Windows\system32\cscdll.dll
2011-02-24 15:14:13 ----A---- C:\Windows\system32\bitsperf.dll
2011-02-24 15:14:12 ----A---- C:\Windows\system32\wups2.dll
2011-02-24 15:14:12 ----A---- C:\Windows\system32\wsdchngr.dll
2011-02-24 15:14:12 ----A---- C:\Windows\system32\sscore.dll
2011-02-24 15:14:12 ----A---- C:\Windows\system32\shgina.dll
2011-02-24 15:14:12 ----A---- C:\Windows\system32\riched32.dll
2011-02-24 15:14:12 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-02-24 15:14:11 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-02-24 15:14:11 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-02-24 15:14:11 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2011-02-24 15:14:11 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-02-24 15:14:11 ----A---- C:\Windows\system32\drivers\appid.sys
2011-02-24 15:14:10 ----A---- C:\Windows\system32\wshirda.dll
2011-02-24 15:14:10 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2011-02-24 15:14:09 ----A---- C:\Windows\system32\vmictimeprovider.dll
2011-02-24 15:14:09 ----A---- C:\Windows\system32\VmdCoinstall.dll
2011-02-24 15:14:09 ----A---- C:\Windows\system32\vmbuspipe.dll
2011-02-24 15:14:09 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2011-02-24 15:14:09 ----A---- C:\Windows\system32\spwmp.dll
2011-02-24 15:14:09 ----A---- C:\Windows\system32\IcCoinstall.dll
2011-02-24 15:14:09 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-02-24 15:14:09 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2011-02-24 15:14:09 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2011-02-24 15:14:09 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-02-24 15:14:09 ----A---- C:\Windows\system32\browseui.dll
2011-02-24 15:14:08 ----A---- C:\Windows\system32\RDPREFDD.dll
2011-02-24 15:14:08 ----A---- C:\Windows\system32\dxmasf.dll
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\scfilter.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-02-24 15:14:08 ----A---- C:\Windows\system32\C_ISCII.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\wmploc.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\shunimpl.dll
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDUS.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDTURME.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDMON.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDMAORI.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDLT1.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDINTEL.DLL
2011-02-24 15:14:07 ----A---- C:\Windows\system32\KBDINKAN.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\tzres.dll
2011-02-24 15:14:06 ----A---- C:\Windows\system32\spwizres.dll
2011-02-24 15:14:06 ----A---- C:\Windows\system32\pifmgr.dll
2011-02-24 15:14:06 ----A---- C:\Windows\system32\nlsbres.dll
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDTUQ.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDTUF.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDSG.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDSF.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDPO.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDNEPR.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\kbdlk41a.dll
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDINTAM.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDINORI.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDINMAR.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDINHIN.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDINBEN.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDGR1.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDGKL.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDGEO.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDCZ1.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDBULG.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDBLR.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\KBDBASH.DLL
2011-02-24 15:14:06 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2011-02-24 15:14:06 ----A---- C:\Windows\system32\dpnaddr.dll
2011-02-24 15:14:06 ----A---- C:\Windows\system32\BlbEvents.dll
2011-02-24 15:13:31 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-02-24 15:13:31 ----A---- C:\Windows\system32\wbemcomn.dll
2011-02-24 15:13:19 ----A---- C:\Windows\system32\SmiEngine.dll
2011-02-24 15:13:11 ----A---- C:\Windows\system32\wdscore.dll
2011-02-24 15:13:11 ----A---- C:\Windows\system32\PkgMgr.exe
2011-02-24 15:12:34 ----A---- C:\Windows\system32\drvstore.dll
2011-02-24 15:12:34 ----A---- C:\Windows\system32\dpx.dll
2011-02-23 20:55:15 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-23 20:55:15 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-23 16:08:16 ----D---- C:\Users\Vlastik\AppData\Roaming\HD Tune Pro
2011-02-23 16:08:09 ----D---- C:\Program Files\HD Tune Pro
2011-02-23 15:40:57 ----D---- C:\Users\Vlastik\AppData\Roaming\Nokia Ovi Suite
2011-02-23 15:40:47 ----D---- C:\Users\Vlastik\AppData\Roaming\Nokia
2011-02-23 15:13:22 ----D---- C:\ProgramData\PC Suite
2011-02-23 15:13:21 ----D---- C:\Users\Vlastik\AppData\Roaming\PC Suite
2011-02-23 15:11:56 ----D---- C:\Program Files\PC Connectivity Solution
2011-02-23 15:10:31 ----D---- C:\ProgramData\NokiaInstallerCache
2011-02-23 15:08:41 ----D---- C:\ProgramData\Nokia
2011-02-23 15:03:16 ----D---- C:\Program Files\Common Files\Nokia
2011-02-23 15:02:50 ----D---- C:\ProgramData\Installations
2011-02-22 23:54:43 ----D---- C:\Users\Vlastik\AppData\Roaming\Opera
2011-02-22 19:15:02 ----D---- C:\Program Files\City Interactive
2011-02-22 12:42:10 ----A---- C:\Windows\system32\OpenCL.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvwgf2um.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvoglv32.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvgenco322040.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvdispco322090.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvd3dum.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvcuvid.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvcuda.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvcompiler.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\nvapi.dll
2011-02-22 12:42:10 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-02-22 12:42:01 ----D---- C:\Program Files\NVIDIA Corporation
2011-02-22 12:37:53 ----D---- C:\NVIDIA
2011-02-22 11:17:41 ----A---- C:\Windows\system32\DfSdkBt.exe
2011-02-20 13:02:19 ----D---- C:\Users\Vlastik\AppData\Roaming\SEGA Corporation
2011-02-20 13:02:17 ----D---- C:\ProgramData\SEGA Corporation
2011-02-20 12:47:34 ----D---- C:\Users\Vlastik\AppData\Roaming\InstallShield Installation Information
2011-02-20 12:46:57 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-02-20 12:46:57 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-02-20 12:46:57 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-02-20 11:14:41 ----D---- C:\Program Files\18 Wheels of Steel American Long Haul
2011-02-17 22:57:03 ----D---- C:\ProgramData\Sun
2011-02-17 22:57:03 ----D---- C:\Program Files\Common Files\Java
2011-02-17 22:57:01 ----D---- C:\Program Files\SystemRequirementsLab
2011-02-17 22:56:31 ----A---- C:\Windows\system32\javaws.exe
2011-02-17 22:56:31 ----A---- C:\Windows\system32\javaw.exe
2011-02-17 22:56:31 ----A---- C:\Windows\system32\java.exe
2011-02-17 22:56:31 ----A---- C:\Windows\system32\deployJava1.dll
2011-02-17 22:56:15 ----D---- C:\Program Files\Java
2011-02-17 12:45:27 ----D---- C:\ProgramData\CanonIJ
2011-02-17 12:44:38 ----HD---- C:\ProgramData\CanonIJScan
2011-02-17 12:44:13 ----D---- C:\Users\Vlastik\AppData\Roaming\Canon
2011-02-16 18:52:16 ----D---- C:\rsit
2011-02-16 18:52:16 ----D---- C:\Program Files\trend micro
2011-02-16 16:15:35 ----D---- C:\Users\Vlastik\AppData\Roaming\YouTube HD Transfer
2011-02-15 17:59:39 ----D---- C:\Program Files\Common Files\DESIGNER
2011-02-15 17:59:31 ----D---- C:\Windows\PCHEALTH
2011-02-15 17:57:33 ----D---- C:\Program Files\Microsoft Analysis Services
2011-02-15 17:56:58 ----D---- C:\Program Files\Microsoft Office
2011-02-15 17:56:57 ----D---- C:\ProgramData\Microsoft Help
2011-02-15 17:56:33 ----RHD---- C:\MSOCache
2011-02-15 02:15:19 ----D---- C:\ProgramData\Media Center Programs
2011-02-15 02:09:00 ----D---- C:\Program Files\Ubisoft
2011-02-15 00:47:29 ----D---- C:\Program Files\Team17
2011-02-15 00:15:04 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-02-15 00:15:04 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-02-15 00:15:03 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-02-15 00:15:03 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-02-15 00:15:03 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-02-15 00:15:03 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-02-15 00:15:03 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-02-15 00:15:03 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-02-15 00:15:02 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-02-15 00:15:01 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-02-15 00:15:00 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-02-15 00:14:59 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-02-15 00:14:59 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-02-15 00:14:59 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-02-15 00:14:59 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-02-15 00:14:59 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-02-15 00:14:59 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-02-15 00:14:58 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\xinput1_3.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-02-15 00:14:57 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-02-15 00:14:56 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-02-15 00:14:56 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-02-15 00:14:56 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-02-15 00:14:56 ----A---- C:\Windows\system32\d3dx10.dll
2011-02-15 00:14:55 ----A---- C:\Windows\system32\xinput1_2.dll
2011-02-15 00:14:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-02-15 00:14:55 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-02-15 00:14:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-02-15 00:14:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-02-15 00:14:55 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-02-15 00:14:54 ----A---- C:\Windows\system32\xinput1_1.dll
2011-02-15 00:14:54 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-02-15 00:14:54 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-02-15 00:14:49 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-02-15 00:14:48 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-02-15 00:14:48 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-02-15 00:11:59 ----HD---- C:\Windows\msdownld.tmp
2011-02-15 00:11:52 ----D---- C:\Windows\system32\directx
2011-02-14 23:24:50 ----D---- C:\ProgramData\InstallShield
2011-02-14 23:24:14 ----D---- C:\Program Files\THQ
2011-02-14 23:09:48 ----A---- C:\Windows\system32\drivers\sptd.sys
2011-02-14 23:08:35 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-02-14 23:08:31 ----D---- C:\Program Files\DAEMON Tools Lite
2011-02-14 23:06:04 ----D---- C:\Users\Vlastik\AppData\Roaming\DAEMON Tools Lite
2011-02-14 23:06:04 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-02-14 21:16:59 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-02-14 21:14:54 ----D---- C:\Program Files\Adobe Media Player
2011-02-14 21:13:39 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-02-14 20:58:35 ----D---- C:\ProgramData\vsosdk
2011-02-14 20:47:48 ----D---- C:\Program Files\Lavalys
2011-02-14 20:38:26 ----D---- C:\Users\Vlastik\AppData\Roaming\CD-LabelPrint
2011-02-14 20:38:25 ----HD---- C:\ProgramData\CanonIJEPPEX
2011-02-14 20:23:38 ----D---- C:\Users\Vlastik\AppData\Roaming\Vso
2011-02-14 20:22:17 ----A---- C:\Windows\system32\wvc1dmod.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\vp7vfw.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\sipr3260.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\Pncrt.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\drv43260.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\drv33260.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\drv23260.dll
2011-02-14 20:22:17 ----A---- C:\Windows\system32\cook3260.dll
2011-02-14 20:22:14 ----D---- C:\Program Files\VSO
2011-02-14 19:57:28 ----D---- C:\Program Files\Common Files\Akamai
2011-02-14 19:37:34 ----D---- C:\Users\Vlastik\AppData\Roaming\ICQ
2011-02-14 19:37:31 ----D---- C:\Program Files\ICQ7.4
2011-02-14 19:34:08 ----D---- C:\Windows\system32\appmgmt
2011-02-14 19:31:12 ----D---- C:\Users\Vlastik\AppData\Roaming\skypePM
2011-02-14 19:30:13 ----D---- C:\Program Files\Common Files\Skype
2011-02-14 19:30:12 ----RD---- C:\Program Files\Skype
2011-02-14 19:30:12 ----D---- C:\Users\Vlastik\AppData\Roaming\Skype
2011-02-14 19:30:10 ----D---- C:\ProgramData\Skype
2011-02-14 19:21:05 ----D---- C:\Program Files\Ashampoo
2011-02-14 19:20:13 ----D---- C:\Windows\system32\Macromed
2011-02-14 19:19:12 ----D---- C:\Program Files\CCleaner
2011-02-14 19:16:44 ----D---- C:\Users\Vlastik\AppData\Roaming\WinRAR
2011-02-14 19:16:14 ----D---- C:\Program Files\WinRAR
2011-02-14 19:01:39 ----D---- C:\ProgramData\NVIDIA
2011-02-14 18:57:46 ----D---- C:\Program Files\Microsoft.NET
2011-02-14 18:49:58 ----D---- C:\Program Files\Seznam CD a DVD
2011-02-14 18:37:48 ----D---- C:\ProgramData\NVIDIA Corporation
2011-02-14 18:37:04 ----D---- C:\Users\Vlastik\AppData\Roaming\ArcSoft
2011-02-14 18:36:01 ----D---- C:\ProgramData\Adobe
2011-02-14 18:35:39 ----D---- C:\Program Files\Common Files\Adobe
2011-02-14 18:35:39 ----D---- C:\Program Files\Adobe
2011-02-14 18:34:35 ----HD---- C:\ProgramData\ArcSoft
2011-02-14 18:32:10 ----A---- C:\Windows\system32\drivers\afc.sys
2011-02-14 18:31:13 ----A---- C:\Windows\system32\drivers\ArcSoftKsUFilter.sys
2011-02-14 18:31:13 ----A---- C:\Windows\system32\ArcSoftKsUFilter.dll
2011-02-14 18:28:20 ----A---- C:\Windows\system32\unicows.dll
2011-02-14 18:28:19 ----RA---- C:\Windows\system32\msvcp71.dll
2011-02-14 18:28:19 ----A---- C:\Windows\system32\msvcr71.dll
2011-02-14 18:28:16 ----D---- C:\Program Files\Common Files\ArcSoft
2011-02-14 18:28:16 ----A---- C:\Windows\system32\PCDLIB32.DLL
2011-02-14 18:28:14 ----D---- C:\Program Files\Hama
2011-02-14 18:28:14 ----A---- C:\Windows\system32\gdiplus.dll
2011-02-14 18:19:46 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2011-02-14 18:19:44 ----HD---- C:\ProgramData\CanonIJEPPEX2
2011-02-14 18:19:44 ----HD---- C:\ProgramData\CanonEPP
2011-02-14 18:19:43 ----HD---- C:\ProgramData\CanonIJMyPrinter
2011-02-14 18:19:35 ----D---- C:\ProgramData\CanonIJPLM
2011-02-14 18:18:34 ----A---- C:\Windows\system32\SET3EDE.tmp
2011-02-14 18:18:30 ----A---- C:\Windows\system32\CNHMCA.dll
2011-02-14 18:18:30 ----A---- C:\Windows\system32\CNC5200U.dll
2011-02-14 18:18:30 ----A---- C:\Windows\system32\CNC5200L.dll
2011-02-14 18:18:30 ----A---- C:\Windows\system32\CNC5200I.dll
2011-02-14 18:18:30 ----A---- C:\Windows\system32\CNC5200C.dll
2011-02-14 18:15:17 ----D---- C:\ProgramData\CanonIJMSetup
2011-02-14 18:14:27 ----D---- C:\Program Files\Common Files\CANON
2011-02-14 18:14:20 ----D---- C:\ProgramData\CanonIJWSpt
2011-02-14 18:11:12 ----HD---- C:\ProgramData\CanonBJ
2011-02-14 18:10:59 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2011-02-14 18:10:32 ----N---- C:\Windows\system32\CNMLMAE.DLL
2011-02-14 18:10:24 ----A---- C:\Windows\system32\CNMIUAE.DLL
2011-02-14 18:10:17 ----HD---- C:\Program Files\CanonBJ
2011-02-14 18:10:08 ----D---- C:\Windows\system32\STRING
2011-02-14 18:10:08 ----A---- C:\Windows\system32\CNMNPUI.DLL
2011-02-14 18:09:22 ----D---- C:\Program Files\Canon
2011-02-14 17:46:56 ----D---- C:\Windows\system32\RTCOM
2011-02-14 17:46:44 ----A---- C:\Windows\DIFxAPI.dll
2011-02-14 17:46:40 ----A---- C:\Windows\system32\WavesLib.dll
2011-02-14 17:46:39 ----A---- C:\Windows\system32\SRSWOW.dll
2011-02-14 17:46:39 ----A---- C:\Windows\system32\SRSTSXT.dll
2011-02-14 17:46:39 ----A---- C:\Windows\system32\SRSTSHD.dll
2011-02-14 17:46:39 ----A---- C:\Windows\system32\SRSHP360.dll
2011-02-14 17:46:38 ----A---- C:\Windows\system32\RtkPgExt.dll
2011-02-14 17:46:38 ----A---- C:\Windows\system32\RtkCoInst.dll
2011-02-14 17:46:38 ----A---- C:\Windows\system32\RtkApoApi.dll
2011-02-14 17:46:37 ----A---- C:\Windows\system32\RtkAPO.dll
2011-02-14 17:46:35 ----A---- C:\Windows\system32\RTPCEE32.dll
2011-02-14 17:46:34 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2011-02-14 17:46:34 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2011-02-14 17:46:33 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2011-02-14 17:46:33 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2011-02-14 17:46:31 ----D---- C:\Program Files\Realtek
2011-02-14 17:46:31 ----A---- C:\Windows\system32\FMAPO.dll
2011-02-14 17:46:31 ----A---- C:\Windows\system32\AERTARen.dll
2011-02-14 17:46:31 ----A---- C:\Windows\system32\AERTACap.dll
2011-02-14 17:46:30 ----HD---- C:\Program Files\Temp
2011-02-14 17:46:29 ----R---- C:\Windows\RtlExUpd.dll
2011-02-14 17:46:11 ----D---- C:\Program Files\Browser Configuration Utility
2011-02-14 17:46:11 ----A---- C:\Windows\system32\dvmurl.dll
2011-02-14 17:45:48 ----D---- C:\Program Files\Gigabyte
2011-02-14 17:45:47 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-14 17:45:33 ----D---- C:\Program Files\Common Files\InstallShield
2011-02-14 17:44:41 ----A---- C:\Windows\GSetup.ini
2011-02-14 17:44:40 ----A---- C:\Windows\gdrv.sys
2011-02-14 17:44:26 ----D---- C:\Users\Vlastik\AppData\Roaming\Macromedia
2011-02-14 17:44:26 ----D---- C:\Users\Vlastik\AppData\Roaming\Adobe
2011-02-14 17:37:57 ----D---- C:\Windows\system32\Wat
2011-02-14 17:30:25 ----A---- C:\Windows\system32\MRT.exe
2011-02-14 17:29:55 ----A---- C:\Windows\system32\browserchoice.exe
2011-02-14 17:27:46 ----A---- C:\Windows\system32\mshtml.dll
2011-02-14 17:27:06 ----A---- C:\Windows\system32\kerberos.dll
2011-02-14 17:27:05 ----A---- C:\Windows\system32\win32k.sys
2011-02-14 17:27:02 ----A---- C:\Windows\system32\fontsub.dll
2011-02-14 17:27:02 ----A---- C:\Windows\system32\atmlib.dll
2011-02-14 17:27:02 ----A---- C:\Windows\system32\atmfd.dll
2011-02-14 17:26:26 ----A---- C:\Windows\system32\vbscript.dll
2011-02-14 17:26:26 ----A---- C:\Windows\system32\jscript.dll
2011-02-14 17:23:00 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-14 17:23:00 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-14 17:23:00 ----A---- C:\Windows\system32\cdd.dll
2011-02-14 17:22:01 ----D---- C:\Users\Vlastik\AppData\Roaming\SUPERAntiSpyware.com
2011-02-14 17:22:01 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-02-14 17:21:54 ----D---- C:\Program Files\SUPERAntiSpyware
2011-02-14 17:19:54 ----D---- C:\Users\Vlastik\AppData\Roaming\ESET
2011-02-14 17:19:06 ----D---- C:\ProgramData\ESET
2011-02-14 17:19:06 ----D---- C:\Program Files\ESET
2011-02-14 17:17:39 ----SHD---- C:\Windows\Installer
2011-02-14 17:11:22 ----N---- C:\Windows\system32\MpSigStub.exe
2011-02-14 16:58:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-14 16:56:16 ----D---- C:\Users\Vlastik\AppData\Roaming\Identities
2011-02-14 16:56:08 ----SD---- C:\Users\Vlastik\AppData\Roaming\Microsoft
2011-02-14 16:56:08 ----D---- C:\Users\Vlastik\AppData\Roaming\Media Center Programs
2011-02-14 16:55:56 ----SHD---- C:\Recovery
2011-02-14 16:55:56 ----SHD---- C:\ProgramData\Šablony
2011-02-14 16:55:56 ----SHD---- C:\ProgramData\Plocha
2011-02-14 16:55:56 ----SHD---- C:\ProgramData\Oblíbené položky
2011-02-14 16:55:56 ----SHD---- C:\ProgramData\Nabídka Start
2011-02-14 16:55:56 ----SHD---- C:\ProgramData\Dokumenty
2011-02-14 16:55:56 ----SHD---- C:\ProgramData\Data aplikací
2011-02-14 16:50:56 ----D---- C:\Windows\SoftwareDistribution
2011-02-14 16:48:22 ----D---- C:\Windows\Prefetch
2011-02-14 16:48:02 ----ASH---- C:\pagefile.sys
2011-02-14 16:48:01 ----SHD---- C:\System Volume Information
2011-02-14 16:48:01 ----ASH---- C:\hiberfil.sys
2011-02-14 16:47:28 ----D---- C:\Windows\Panther
2011-02-14 16:47:16 ----RASH---- C:\BOOTSECT.BAK
2011-02-14 16:47:14 ----SHD---- C:\Boot

======List of files/folders modified in the last 1 months======

2011-02-25 15:37:44 ----D---- C:\Windows\Temp
2011-02-25 15:31:20 ----D---- C:\Windows\system32\config
2011-02-25 15:06:12 ----D---- C:\Windows\System32
2011-02-25 15:06:12 ----D---- C:\Windows\inf
2011-02-25 15:05:26 ----D---- C:\Windows\system32\FxsTmp
2011-02-24 15:31:47 ----D---- C:\Windows\winsxs
2011-02-24 15:30:51 ----D---- C:\Windows
2011-02-24 15:29:59 ----D---- C:\Windows\system32\DriverStore
2011-02-24 15:27:26 ----D---- C:\Program Files\Windows Sidebar
2011-02-24 15:27:26 ----D---- C:\Program Files\Windows Mail
2011-02-24 15:27:26 ----D---- C:\Program Files\DVD Maker
2011-02-24 15:27:25 ----D---- C:\Windows\servicing
2011-02-24 15:27:25 ----D---- C:\Windows\ehome
2011-02-24 15:27:25 ----D---- C:\Program Files\Windows Portable Devices
2011-02-24 15:27:25 ----D---- C:\Program Files\Windows Photo Viewer
2011-02-24 15:27:25 ----D---- C:\Program Files\Windows Media Player
2011-02-24 15:27:25 ----D---- C:\Program Files\Windows Journal
2011-02-24 15:27:25 ----D---- C:\Program Files\Windows Defender
2011-02-24 15:27:25 ----D---- C:\Program Files\Internet Explorer
2011-02-24 15:27:23 ----D---- C:\Windows\system32\sysprep
2011-02-24 15:27:23 ----D---- C:\Windows\system32\Setup
2011-02-24 15:27:23 ----D---- C:\Windows\system32\oobe
2011-02-24 15:27:23 ----D---- C:\Windows\system32\migration
2011-02-24 15:27:23 ----D---- C:\Windows\system32\en-US
2011-02-24 15:27:23 ----D---- C:\Windows\system32\da-DK
2011-02-24 15:27:23 ----D---- C:\Windows\system32\cs
2011-02-24 15:27:23 ----D---- C:\Windows\system32\AdvancedInstallers
2011-02-24 15:27:23 ----D---- C:\Windows\PolicyDefinitions
2011-02-24 15:27:22 ----D---- C:\Windows\system32\cs-CZ
2011-02-24 15:27:20 ----D---- C:\Windows\system32\sppui
2011-02-24 15:27:20 ----D---- C:\Windows\system32\manifeststore
2011-02-24 15:27:20 ----D---- C:\Windows\system32\es-ES
2011-02-24 15:27:20 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-02-24 15:27:20 ----D---- C:\Windows\system32\drivers
2011-02-24 15:27:19 ----D---- C:\Windows\system32\wbem
2011-02-24 15:27:19 ----D---- C:\Windows\system32\migwiz
2011-02-24 15:27:19 ----D---- C:\Windows\system32\Dism
2011-02-24 15:27:10 ----RSD---- C:\Windows\Fonts
2011-02-24 15:27:09 ----D---- C:\Windows\AppPatch
2011-02-24 15:27:02 ----D---- C:\Windows\system32\Boot
2011-02-24 15:24:10 ----A---- C:\Windows\system32\msclmd.dll
2011-02-24 15:06:37 ----D---- C:\Windows\system32\catroot2
2011-02-24 15:06:37 ----D---- C:\Windows\system32\catroot
2011-02-23 22:30:03 ----RSD---- C:\Windows\assembly
2011-02-23 21:14:13 ----D---- C:\Windows\Tasks
2011-02-23 21:14:13 ----D---- C:\Windows\system32\wfp
2011-02-23 21:13:28 ----D---- C:\Windows\system32\Tasks
2011-02-23 21:13:28 ----D---- C:\Windows\system32\drivers\etc
2011-02-23 21:13:27 ----D---- C:\Windows\system32\drivers\UMDF
2011-02-23 21:13:26 ----D---- C:\Windows\system32\CodeIntegrity
2011-02-23 21:13:17 ----D---- C:\Windows\registration
2011-02-23 21:12:54 ----AHD---- C:\ProgramData
2011-02-23 21:12:53 ----RD---- C:\Program Files
2011-02-23 21:12:53 ----D---- C:\Program Files\Common Files
2011-02-22 12:43:08 ----D---- C:\Windows\Help
2011-02-20 12:45:55 ----D---- C:\Program Files\Common Files\microsoft shared
2011-02-20 10:26:59 ----D---- C:\Windows\system32\wdi
2011-02-19 23:35:28 ----D---- C:\Windows\rescache
2011-02-16 17:39:04 ----D---- C:\Windows\Logs
2011-02-15 18:04:43 ----D---- C:\Windows\Microsoft.NET
2011-02-15 18:00:00 ----D---- C:\Windows\ShellNew
2011-02-15 17:59:31 ----SD---- C:\ProgramData\Microsoft
2011-02-15 17:57:46 ----A---- C:\Windows\win.ini
2011-02-15 17:57:44 ----D---- C:\Program Files\Common Files\System
2011-02-14 23:24:46 ----D---- C:\Windows\Downloaded Program Files
2011-02-14 23:14:29 ----D---- C:\Windows\debug
2011-02-14 22:44:46 ----SHD---- C:\$Recycle.Bin
2011-02-14 22:44:42 ----RD---- C:\Users
2011-02-14 22:32:28 ----HD---- C:\Windows\system32\GroupPolicyUsers
2011-02-14 22:32:28 ----HD---- C:\Windows\system32\GroupPolicy
2011-02-14 18:18:44 ----RSD---- C:\Windows\Media
2011-02-14 18:18:39 ----D---- C:\Windows\twain_32
2011-02-14 16:57:37 ----D---- C:\Windows\system32\restore
2011-02-14 16:55:56 ----D---- C:\Program Files\Windows NT
2011-02-14 16:48:45 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-14 431672]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-14 218688]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-02-25 16608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 ae12dqj0;ae12dqj0; C:\Windows\system32\drivers\ae12dqj0.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-07 608872]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 406016]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 uCamMonitor;CamMonitor; C:\Program Files\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-14 1343400]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Re: Pro Vyosek

Napsal: 25 úno 2011 20:41
od vyosek
Zdravim a pekny den preji :)

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Re: Pro Vyosek

Napsal: 25 úno 2011 23:20
od Junfan
ComboFix 11-02-24.05 - Vlastik 25.02.2011 22:49:57.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1391 [GMT 1:00]
Spuštěný z: c:\users\Vlastik\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-25 do 2011-02-25 )))))))))))))))))))))))))))))))
.

2011-02-25 21:54 . 2011-02-25 21:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-25 12:38 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{53AE771E-E16A-4457-A82D-22822FE168CF}\mpengine.dll
2011-02-24 14:19 . 2011-02-24 14:19 -------- d-----w- c:\windows\system32\SPReview
2011-02-24 14:18 . 2011-02-24 14:18 -------- d-----w- c:\windows\system32\EventProviders
2011-02-24 14:15 . 2010-11-20 12:21 253952 ----a-w- c:\windows\system32\spwizui.dll
2011-02-24 14:14 . 2010-11-20 12:21 1227776 ----a-w- c:\windows\system32\wdc.dll
2011-02-24 14:13 . 2010-11-20 12:21 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-02-24 14:13 . 2010-11-20 12:21 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-02-24 14:13 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-02-24 14:13 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-02-24 14:13 . 2010-11-20 12:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-02-24 14:13 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-02-24 14:13 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-02-24 14:12 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-02-24 14:12 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2011-02-23 19:55 . 2011-01-07 07:46 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 19:55 . 2011-01-07 07:46 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 15:08 . 2011-02-23 21:34 -------- d-----w- c:\program files\HD Tune Pro
2011-02-23 14:13 . 2011-02-23 14:30 -------- d-----w- c:\programdata\PC Suite
2011-02-23 14:11 . 2011-02-23 15:49 -------- d-----w- c:\program files\PC Connectivity Solution
2011-02-23 14:08 . 2011-02-23 14:08 -------- d-----w- c:\programdata\Nokia
2011-02-23 14:03 . 2011-02-23 15:49 -------- d-----w- c:\program files\Common Files\Nokia
2011-02-23 14:02 . 2011-02-23 14:02 -------- d-----w- c:\programdata\Installations
2011-02-22 18:15 . 2011-02-22 18:15 -------- d-----w- c:\program files\City Interactive
2011-02-22 11:37 . 2011-02-22 11:37 -------- d-----w- C:\NVIDIA
2011-02-22 10:17 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-02-20 12:02 . 2011-02-20 12:02 -------- d-----w- c:\programdata\SEGA Corporation
2011-02-20 11:46 . 2008-10-15 05:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-02-20 11:46 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-02-20 11:46 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-02-20 10:14 . 2011-02-20 10:15 -------- d-----w- c:\program files\18 Wheels of Steel American Long Haul
2011-02-17 21:57 . 2011-02-17 21:57 -------- d-----w- c:\program files\Common Files\Java
2011-02-17 21:57 . 2011-02-17 21:57 -------- d-----w- c:\program files\SystemRequirementsLab
2011-02-17 21:56 . 2011-02-17 21:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-17 21:56 . 2011-02-17 21:56 -------- d-----w- c:\program files\Java
2011-02-17 11:45 . 2011-02-17 11:45 -------- d-----w- c:\programdata\CanonIJ
2011-02-16 17:52 . 2011-02-25 14:37 -------- d-----w- C:\rsit
2011-02-16 17:52 . 2011-02-25 14:37 -------- d-----w- c:\program files\trend micro
2011-02-15 16:59 . 2011-02-15 16:59 -------- d-----w- c:\windows\PCHEALTH
2011-02-15 16:57 . 2011-02-15 16:57 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-02-15 16:56 . 2011-02-16 11:12 -------- d-----w- c:\programdata\Microsoft Help
2011-02-15 16:56 . 2011-02-15 16:56 -------- d-----r- C:\MSOCache
2011-02-15 10:49 . 2011-02-15 10:49 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-15 01:15 . 2011-02-15 01:15 -------- d-----w- c:\programdata\Media Center Programs
2011-02-15 01:09 . 2011-02-15 01:09 -------- d-----w- c:\program files\Ubisoft
2011-02-14 23:47 . 2011-02-14 23:47 -------- d-----w- c:\program files\Team17
2011-02-14 23:14 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2011-02-14 22:24 . 2011-02-14 22:24 -------- d-----w- c:\programdata\InstallShield
2011-02-14 22:24 . 2011-02-14 22:24 -------- d-----w- c:\program files\THQ
2011-02-14 22:09 . 2011-02-14 22:09 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-02-14 22:08 . 2011-02-14 22:08 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-14 22:08 . 2011-02-14 22:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-02-14 22:06 . 2011-02-14 22:06 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-14 21:44 . 2011-02-23 20:13 -------- d-----w- c:\users\Petanek
2011-02-14 21:22 . 2011-02-23 20:13 -------- d-----w- c:\users\Guest
2011-02-14 20:16 . 2011-02-14 20:16 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-02-14 20:14 . 2011-02-14 20:14 -------- d-----w- c:\program files\Adobe Media Player
2011-02-14 20:13 . 2011-02-14 20:13 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-02-14 19:58 . 2011-02-14 19:58 -------- d-----w- c:\programdata\vsosdk
2011-02-14 19:47 . 2011-02-14 19:47 -------- d-----w- c:\program files\Lavalys
2011-02-14 19:22 . 2009-09-02 11:44 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-02-14 19:22 . 2009-09-02 11:44 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-02-14 19:22 . 2009-09-02 11:44 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-02-14 19:22 . 2009-09-02 11:44 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-02-14 19:22 . 2009-09-02 11:44 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-02-14 19:22 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-02-14 19:22 . 2009-09-02 11:44 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-02-14 19:22 . 2011-02-14 19:22 -------- d-----w- c:\program files\VSO
2011-02-14 18:57 . 2011-02-25 20:43 -------- d-----w- c:\program files\Common Files\Akamai
2011-02-14 18:37 . 2011-02-14 18:38 -------- d-----w- c:\program files\ICQ7.4
2011-02-14 18:30 . 2011-02-14 18:30 -------- d-----w- c:\program files\Common Files\Skype
2011-02-14 18:30 . 2011-02-14 18:34 -------- d-----r- c:\program files\Skype
2011-02-14 18:30 . 2011-02-14 18:30 -------- d-----w- c:\programdata\Skype
2011-02-14 18:21 . 2011-02-14 18:21 -------- d-----w- c:\program files\Ashampoo
2011-02-14 18:20 . 2011-02-14 18:20 -------- d-----w- c:\windows\system32\Macromed
2011-02-14 18:20 . 2011-02-14 18:20 -------- d-----w- c:\users\Public\Vlastik
2011-02-14 18:19 . 2011-02-14 18:19 -------- d-----w- c:\program files\CCleaner
2011-02-14 18:01 . 2011-02-22 11:45 -------- d-----w- c:\programdata\NVIDIA
2011-02-14 17:57 . 2011-02-15 16:59 -------- d-----w- c:\program files\Microsoft.NET
2011-02-14 17:49 . 2011-02-14 17:50 -------- d-----w- c:\program files\Seznam CD a DVD
2011-02-14 17:37 . 2011-02-14 17:37 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-14 17:37 . 2011-02-14 17:37 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2011-02-14 17:37 . 2011-02-14 17:37 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2011-02-14 17:35 . 2011-02-14 20:15 -------- d-----w- c:\program files\Common Files\Adobe
2011-02-14 17:34 . 2011-02-20 10:38 -------- d--h--w- c:\programdata\ArcSoft
2011-02-14 17:32 . 2006-11-10 14:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2011-02-14 17:31 . 2008-04-25 05:06 55808 ----a-w- c:\windows\system32\ArcSoftKsUFilter.dll
2011-02-14 17:31 . 2008-04-24 13:06 17920 ----a-w- c:\windows\system32\drivers\ArcSoftKsUFilter.sys
2011-02-14 17:28 . 2005-04-27 15:36 245408 ----a-w- c:\windows\system32\unicows.dll
2011-02-14 17:28 . 2003-03-18 21:14 499712 ----a-r- c:\windows\system32\msvcp71.dll
2011-02-14 17:28 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-02-14 17:28 . 2011-02-14 17:32 -------- d-----w- c:\program files\Common Files\ArcSoft
2011-02-14 17:28 . 1995-07-31 12:44 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL
2011-02-14 17:28 . 2011-02-14 17:28 -------- d-----w- c:\program files\Hama
2011-02-14 17:28 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-14 17:19 . 2011-02-14 17:19 -------- d--h--w- c:\programdata\CanonEPP
2011-02-14 17:18 . 2010-08-25 04:00 290816 ----a-w- c:\windows\system32\SET3EDE.tmp
2011-02-14 17:18 . 2010-03-18 18:25 307200 ----a-w- c:\windows\system32\CNC5200L.dll
2011-02-14 17:18 . 2010-03-18 16:12 1335296 ----a-w- c:\windows\system32\CNC5200C.dll
2011-02-14 17:18 . 2010-03-18 16:12 114688 ----a-w- c:\windows\system32\CNC5200I.dll
2011-02-14 17:18 . 2010-03-18 16:11 106496 ----a-w- c:\windows\system32\CNC5200U.dll
2011-02-14 17:18 . 2008-08-25 17:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2011-02-14 17:14 . 2011-02-14 17:14 -------- d-----w- c:\program files\Common Files\CANON
2011-02-14 17:11 . 2011-02-14 17:11 -------- d--h--w- c:\programdata\CanonBJ
2011-02-14 17:11 . 2010-08-25 04:00 73216 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAE.DLL
2011-02-14 17:11 . 2010-08-25 04:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAE.DLL
2011-02-14 17:10 . 2011-02-14 17:10 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-02-14 17:10 . 2010-04-07 04:00 290816 ------w- c:\windows\system32\CNMLMAE.DLL
2011-02-14 17:10 . 2010-03-10 23:56 180224 ----a-w- c:\windows\system32\CNMIUAE.DLL
2011-02-14 17:10 . 2011-02-14 17:10 -------- d-----w- c:\windows\system32\STRING
2011-02-14 17:10 . 2010-02-05 01:37 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL
2011-02-14 17:09 . 2011-02-14 17:15 -------- d-----w- c:\program files\Canon
2011-02-14 16:45 . 2011-02-14 16:45 -------- d-----w- c:\program files\Gigabyte
2011-02-14 16:45 . 2011-02-22 10:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-02-14 16:45 . 2011-02-14 22:24 -------- d-----w- c:\program files\Common Files\InstallShield
2011-02-14 16:44 . 2011-02-25 20:43 16608 ----a-w- c:\windows\gdrv.sys
2011-02-14 16:37 . 2011-02-14 16:37 -------- d-----w- c:\windows\system32\Wat
2011-02-14 16:29 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-14 16:27 . 2011-01-07 06:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-14 16:27 . 2010-12-17 07:07 542208 ----a-w- c:\windows\system32\kerberos.dll
2011-02-14 16:27 . 2011-01-05 03:51 2330624 ----a-w- c:\windows\system32\win32k.sys
2011-02-14 16:27 . 2011-01-07 07:45 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-14 16:27 . 2011-01-07 05:43 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-02-14 16:27 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll
2011-02-14 16:26 . 2011-01-05 05:55 428032 ----a-w- c:\windows\system32\vbscript.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-24 14:24 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-01-08 03:27 . 2011-02-22 11:42 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-07 20:06 . 2011-01-07 20:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 20:06 . 2011-01-07 20:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2010-12-21 14:04 . 2010-12-21 14:04 137144 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-12-21 14:04 . 2010-12-21 14:04 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-12-21 12:47 . 2010-12-21 12:47 41336 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-12-21 12:47 . 2010-12-21 12:47 33120 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-12-21 12:47 . 2010-12-21 12:47 134000 ----a-w- c:\windows\system32\drivers\epfw.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2424560]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-20 6711840]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-20 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 05:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-20 3179520]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 80256]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-20 50176]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-13 37888]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 406016]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 28160]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 46160]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 332160]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 65536]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 233344]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [2010-11-20 130432]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 28032]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [2010-11-20 116096]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 143744]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 26624]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-13 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-13 71168]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
R3 StorSvc;Služba úložiště;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [2010-11-20 28032]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 31232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 uCamMonitor;CamMonitor;c:\program files\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 57424]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-13 86016]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
R3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\System32\drivers\vwifibus.sys [2009-07-13 19968]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-13 21632]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-14 1343400]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-20 1203200]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
R3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 22400]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 249408]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-07-14 369568]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 58448]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 194800]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14208]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-07-14 133200]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 13888]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 43088]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [2010-11-20 40704]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 32832]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-20 53120]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2009-07-14 297040]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 35328]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [2010-11-20 388096]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 32256]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 74752]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-13 48128]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 86528]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 586752]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 35328]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
S3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 69632]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-14 218688]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 728448]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 22528]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 23552]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-13 60416]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 223232]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 96768]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-13 267264]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 309248]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 114176]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 108544]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [2010-11-20 39936]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 20992]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS REG_MULTI_SZ RpcEptMapper RpcSs
defragsvc REG_MULTI_SZ defragsvc
WerSvcGroup REG_MULTI_SZ wersvc
LocalServiceNoNetwork REG_MULTI_SZ DPS PLA BFE mpssvc WwanSvc
swprv REG_MULTI_SZ swprv
LocalServicePeerNet REG_MULTI_SZ PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation REG_MULTI_SZ KtmRm
regsvc REG_MULTI_SZ RemoteRegistry
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
sdrsvc REG_MULTI_SZ sdrsvc
WbioSvcGroup REG_MULTI_SZ WbioSrvc
wcssvc REG_MULTI_SZ WcsPlugInService
AxInstSVGroup REG_MULTI_SZ AxInstSV
secsvcs REG_MULTI_SZ WinDefend
PeerDist REG_MULTI_SZ PeerDistSvc
Akamai REG_MULTI_SZ Akamai

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
schedule
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
AppMgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
StorSvc


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider

.
Obsah adresáře 'Naplánované úlohy'

2011-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001Core.job
- c:\users\Vlastik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-14 16:42]

2011-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001UA.job
- c:\users\Vlastik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-14 16:42]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-25 22:54
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_dbc0250.dll"

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_dbc0250.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-02-25 22:55:41
ComboFix-quarantined-files.txt 2011-02-25 21:55

Před spuštěním: Volných bajtů: 198 125 891 584
Po spuštění: Volných bajtů: 198 034 432 000

- - End Of File - - 66DA77D14BB2205F9CD3EF3E34BAE915

Re: Pro Vyosek

Napsal: 26 úno 2011 09:20
od vyosek
:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"netsvcs"=hex(7):41,65,4C,6F,6F,6B,75,70,53,76,63,00,41,70,\
  70,49,6E,66,6F,00,41,70,70,4D,67,6D,74,00,41,75,64,69,6F,53,72,76,00,42,\
  44,45,53,56,43,00,42,49,54,53,00,62,72,6F,77,73,65,72,00,43,65,72,74,\
  50,72,6F,70,53,76,63,00,45,61,70,48,6F,73,74,00,46,61,73,74,55,73,65,\
  72,53,77,69,74,63,68,69,6E,67,43,6F,6D,70,61,74,69,62,69,6C,69,74,79,\
  00,67,70,73,76,63,00,68,65,6C,70,73,76,63,00,68,6B,6D,73,76,63,00,49,\
  61,73,00,49,4B,45,45,58,54,00,69,70,68,6C,70,73,76,63,00,49,72,6D,6F,\
  6E,00,6C,61,6E,6D,61,6E,73,65,72,76,65,72,00,4C,6F,67,6F,6E,48,6F,75,\
  72,73,00,4D,4D,43,53,53,00,6D,73,69,73,63,73,69,00,4E,6C,61,00,4E,74,\
  6D,73,73,76,63,00,4E,57,43,57,6F,72,6B,73,74,61,74,69,6F,6E,00,4E,77,\
  73,61,70,61,67,65,6E,74,00,50,43,41,75,64,69,74,00,50,72,6F,66,53,76,\
  63,00,52,61,73,61,75,74,6F,00,52,61,73,6D,61,6E,00,52,65,6D,6F,74,65,\
  61,63,63,65,73,73,00,53,43,50,6F,6C,69,63,79,53,76,63,00,73,65,63,6C,\
  6F,67,6F,6E,00,53,45,4E,53,00,53,65,73,73,69,6F,6E,45,6E,76,00,53,68,\
  61,72,65,64,61,63,63,65,73,73,00,53,68,65,6C,6C,48,57,44,65,74,65,63,\
  74,69,6F,6E,00,73,63,68,65,64,75,6C,65,00,53,52,53,65,72,76,69,63,65,\
  00,54,61,70,69,73,72,76,00,54,65,72,6D,53,65,72,76,69,63,65,00,54,68,\
  65,6D,65,73,00,75,70,6C,6F,61,64,6D,67,72,00,77,65,72,63,70,6C,73,75,\
  70,70,6F,72,74,00,77,69,6E,6D,67,6D,74,00,57,6D,64,6D,50,6D,53,70,00,57,\
  6D,69,00,77,75,61,75,73,65,72,76,00,00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001UA.job

Folder::
c:/Program Files/Common Files/Akamai

Driver::
Akamai

NetSvc::
Akamai

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Re: Pro Vyosek

Napsal: 26 úno 2011 13:10
od Junfan
ComboFix 11-02-24.05 - Vlastik 26.02.2011 12:49:52.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1444 [GMT 1:00]
Spuštěný z: c:\users\Vlastik\Desktop\Nemazat!!!!!!!!!!!!!\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vlastik\Desktop\CFScript.txt.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý


FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001UA.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2424990020-77260593-564266777-1001UA.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Akamai


((((((((((((((((((((((((( Soubory vytvořené od 2011-01-26 do 2011-02-26 )))))))))))))))))))))))))))))))
.

2011-02-26 11:55 . 2011-02-26 11:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-25 12:38 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{53AE771E-E16A-4457-A82D-22822FE168CF}\mpengine.dll
2011-02-24 14:19 . 2011-02-24 14:19 -------- d-----w- c:\windows\system32\SPReview
2011-02-24 14:18 . 2011-02-24 14:18 -------- d-----w- c:\windows\system32\EventProviders
2011-02-24 14:15 . 2010-11-20 12:21 253952 ----a-w- c:\windows\system32\spwizui.dll
2011-02-24 14:14 . 2010-11-20 12:21 1227776 ----a-w- c:\windows\system32\wdc.dll
2011-02-24 14:13 . 2010-11-20 12:21 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-02-24 14:13 . 2010-11-20 12:21 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-02-24 14:13 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-02-24 14:13 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-02-24 14:13 . 2010-11-20 12:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-02-24 14:13 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-02-24 14:13 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-02-24 14:12 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-02-24 14:12 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2011-02-23 19:55 . 2011-01-07 07:46 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 19:55 . 2011-01-07 07:46 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 15:08 . 2011-02-23 21:34 -------- d-----w- c:\program files\HD Tune Pro
2011-02-23 14:13 . 2011-02-23 14:30 -------- d-----w- c:\programdata\PC Suite
2011-02-23 14:11 . 2011-02-23 15:49 -------- d-----w- c:\program files\PC Connectivity Solution
2011-02-23 14:08 . 2011-02-23 14:08 -------- d-----w- c:\programdata\Nokia
2011-02-23 14:02 . 2011-02-23 14:02 -------- d-----w- c:\programdata\Installations
2011-02-22 18:15 . 2011-02-22 18:15 -------- d-----w- c:\program files\City Interactive
2011-02-22 11:37 . 2011-02-22 11:37 -------- d-----w- C:\NVIDIA
2011-02-22 10:17 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-02-20 12:02 . 2011-02-20 12:02 -------- d-----w- c:\programdata\SEGA Corporation
2011-02-20 11:46 . 2008-10-15 05:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-02-20 11:46 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-02-20 11:46 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-02-20 10:14 . 2011-02-20 10:15 -------- d-----w- c:\program files\18 Wheels of Steel American Long Haul
2011-02-17 21:57 . 2011-02-17 21:57 -------- d-----w- c:\program files\Common Files\Java
2011-02-17 21:57 . 2011-02-17 21:57 -------- d-----w- c:\program files\SystemRequirementsLab
2011-02-17 21:56 . 2011-02-17 21:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-17 21:56 . 2011-02-17 21:56 -------- d-----w- c:\program files\Java
2011-02-17 11:45 . 2011-02-17 11:45 -------- d-----w- c:\programdata\CanonIJ
2011-02-16 17:52 . 2011-02-25 14:37 -------- d-----w- C:\rsit
2011-02-16 17:52 . 2011-02-25 14:37 -------- d-----w- c:\program files\trend micro
2011-02-15 16:59 . 2011-02-15 16:59 -------- d-----w- c:\windows\PCHEALTH
2011-02-15 16:57 . 2011-02-15 16:57 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-02-15 16:56 . 2011-02-16 11:12 -------- d-----w- c:\programdata\Microsoft Help
2011-02-15 16:56 . 2011-02-15 16:56 -------- d-----r- C:\MSOCache
2011-02-15 10:49 . 2011-02-15 10:49 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-15 01:15 . 2011-02-15 01:15 -------- d-----w- c:\programdata\Media Center Programs
2011-02-15 01:09 . 2011-02-15 01:09 -------- d-----w- c:\program files\Ubisoft
2011-02-14 23:47 . 2011-02-14 23:47 -------- d-----w- c:\program files\Team17
2011-02-14 23:14 . 2008-03-05 15:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2011-02-14 22:24 . 2011-02-14 22:24 -------- d-----w- c:\programdata\InstallShield
2011-02-14 22:24 . 2011-02-14 22:24 -------- d-----w- c:\program files\THQ
2011-02-14 22:09 . 2011-02-14 22:09 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-02-14 22:08 . 2011-02-14 22:08 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-14 22:08 . 2011-02-14 22:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-02-14 22:06 . 2011-02-14 22:06 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-02-14 21:22 . 2011-02-23 20:13 -------- d-----w- c:\users\Guest
2011-02-14 20:16 . 2011-02-14 20:16 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-02-14 20:14 . 2011-02-14 20:14 -------- d-----w- c:\program files\Adobe Media Player
2011-02-14 20:13 . 2011-02-14 20:13 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-02-14 19:58 . 2011-02-14 19:58 -------- d-----w- c:\programdata\vsosdk
2011-02-14 19:47 . 2011-02-14 19:47 -------- d-----w- c:\program files\Lavalys
2011-02-14 19:22 . 2009-09-02 11:44 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-02-14 19:22 . 2009-09-02 11:44 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-02-14 19:22 . 2009-09-02 11:44 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-02-14 19:22 . 2009-09-02 11:44 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-02-14 19:22 . 2009-09-02 11:44 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-02-14 19:22 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-02-14 19:22 . 2009-09-02 11:44 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-02-14 19:22 . 2011-02-14 19:22 -------- d-----w- c:\program files\VSO
2011-02-14 18:57 . 2011-02-26 11:44 -------- d-----w- c:\program files\Common Files\Akamai
2011-02-14 18:37 . 2011-02-14 18:38 -------- d-----w- c:\program files\ICQ7.4
2011-02-14 18:30 . 2011-02-14 18:30 -------- d-----w- c:\program files\Common Files\Skype
2011-02-14 18:30 . 2011-02-14 18:34 -------- d-----r- c:\program files\Skype
2011-02-14 18:30 . 2011-02-14 18:30 -------- d-----w- c:\programdata\Skype
2011-02-14 18:21 . 2011-02-14 18:21 -------- d-----w- c:\program files\Ashampoo
2011-02-14 18:20 . 2011-02-14 18:20 -------- d-----w- c:\windows\system32\Macromed
2011-02-14 18:20 . 2011-02-14 18:20 -------- d-----w- c:\users\Public\Vlastik
2011-02-14 18:19 . 2011-02-14 18:19 -------- d-----w- c:\program files\CCleaner
2011-02-14 18:01 . 2011-02-22 11:45 -------- d-----w- c:\programdata\NVIDIA
2011-02-14 17:57 . 2011-02-15 16:59 -------- d-----w- c:\program files\Microsoft.NET
2011-02-14 17:49 . 2011-02-14 17:50 -------- d-----w- c:\program files\Seznam CD a DVD
2011-02-14 17:37 . 2011-02-14 17:37 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-14 17:37 . 2011-02-14 17:37 -------- d-sh--we c:\windows\system32\config\systemprofile\Soubory cookie
2011-02-14 17:37 . 2011-02-14 17:37 -------- d-sh--we c:\windows\system32\config\systemprofile\Data aplikací
2011-02-14 17:35 . 2011-02-14 20:15 -------- d-----w- c:\program files\Common Files\Adobe
2011-02-14 17:34 . 2011-02-20 10:38 -------- d--h--w- c:\programdata\ArcSoft
2011-02-14 17:32 . 2006-11-10 14:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2011-02-14 17:31 . 2008-04-25 05:06 55808 ----a-w- c:\windows\system32\ArcSoftKsUFilter.dll
2011-02-14 17:31 . 2008-04-24 13:06 17920 ----a-w- c:\windows\system32\drivers\ArcSoftKsUFilter.sys
2011-02-14 17:28 . 2005-04-27 15:36 245408 ----a-w- c:\windows\system32\unicows.dll
2011-02-14 17:28 . 2003-03-18 21:14 499712 ----a-r- c:\windows\system32\msvcp71.dll
2011-02-14 17:28 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-02-14 17:28 . 2011-02-14 17:32 -------- d-----w- c:\program files\Common Files\ArcSoft
2011-02-14 17:28 . 1995-07-31 12:44 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL
2011-02-14 17:28 . 2011-02-14 17:28 -------- d-----w- c:\program files\Hama
2011-02-14 17:28 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-14 17:19 . 2011-02-14 17:19 -------- d--h--w- c:\programdata\CanonEPP
2011-02-14 17:18 . 2010-08-25 04:00 290816 ----a-w- c:\windows\system32\SET3EDE.tmp
2011-02-14 17:18 . 2010-03-18 18:25 307200 ----a-w- c:\windows\system32\CNC5200L.dll
2011-02-14 17:18 . 2010-03-18 16:12 1335296 ----a-w- c:\windows\system32\CNC5200C.dll
2011-02-14 17:18 . 2010-03-18 16:12 114688 ----a-w- c:\windows\system32\CNC5200I.dll
2011-02-14 17:18 . 2010-03-18 16:11 106496 ----a-w- c:\windows\system32\CNC5200U.dll
2011-02-14 17:18 . 2008-08-25 17:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2011-02-14 17:14 . 2011-02-14 17:14 -------- d-----w- c:\program files\Common Files\CANON
2011-02-14 17:11 . 2011-02-14 17:11 -------- d--h--w- c:\programdata\CanonBJ
2011-02-14 17:11 . 2010-08-25 04:00 73216 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAE.DLL
2011-02-14 17:11 . 2010-08-25 04:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAE.DLL
2011-02-14 17:10 . 2011-02-14 17:10 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-02-14 17:10 . 2010-04-07 04:00 290816 ------w- c:\windows\system32\CNMLMAE.DLL
2011-02-14 17:10 . 2010-03-10 23:56 180224 ----a-w- c:\windows\system32\CNMIUAE.DLL
2011-02-14 17:10 . 2011-02-14 17:10 -------- d-----w- c:\windows\system32\STRING
2011-02-14 17:10 . 2010-02-05 01:37 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL
2011-02-14 17:09 . 2011-02-14 17:15 -------- d-----w- c:\program files\Canon
2011-02-14 16:45 . 2011-02-14 16:45 -------- d-----w- c:\program files\Gigabyte
2011-02-14 16:45 . 2011-02-22 10:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-02-14 16:45 . 2011-02-14 22:24 -------- d-----w- c:\program files\Common Files\InstallShield
2011-02-14 16:44 . 2011-02-26 11:56 16608 ----a-w- c:\windows\gdrv.sys
2011-02-14 16:37 . 2011-02-14 16:37 -------- d-----w- c:\windows\system32\Wat
2011-02-14 16:29 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-14 16:27 . 2011-01-07 06:01 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-14 16:27 . 2010-12-17 07:07 542208 ----a-w- c:\windows\system32\kerberos.dll
2011-02-14 16:27 . 2011-01-05 03:51 2330624 ----a-w- c:\windows\system32\win32k.sys
2011-02-14 16:27 . 2011-01-07 07:45 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-14 16:27 . 2011-01-07 05:43 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-02-14 16:27 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll
2011-02-14 16:26 . 2011-01-05 05:55 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-02-14 16:23 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-14 16:23 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-24 14:24 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-01-08 03:27 . 2011-02-22 11:42 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-07 20:06 . 2011-01-07 20:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 20:06 . 2011-01-07 20:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2010-12-21 14:04 . 2010-12-21 14:04 137144 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-12-21 14:04 . 2010-12-21 14:04 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-12-21 12:47 . 2010-12-21 12:47 41336 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-12-21 12:47 . 2010-12-21 12:47 33120 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-12-21 12:47 . 2010-12-21 12:47 134000 ----a-w- c:\windows\system32\drivers\epfw.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2424560]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-20 6711840]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-20 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 80256]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-20 50176]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-13 37888]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 406016]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 28160]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 46160]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 332160]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 65536]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 233344]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [2010-11-20 130432]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 28032]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [2010-11-20 116096]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 143744]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 26624]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-13 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-13 71168]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
R3 StorSvc;Služba úložiště;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [2010-11-20 28032]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 31232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 uCamMonitor;CamMonitor;c:\program files\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 57424]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-13 86016]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
R3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\System32\drivers\vwifibus.sys [2009-07-13 19968]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-13 21632]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-14 1343400]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-20 1203200]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 22400]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 249408]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-07-14 369568]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 58448]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 194800]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14208]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-07-14 133200]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 13888]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 43088]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [2010-11-20 40704]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 32832]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-20 53120]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2009-07-14 297040]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 35328]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [2010-11-20 388096]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 32256]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 74752]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-13 48128]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 86528]
S2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 586752]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-20 3179520]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 35328]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
S3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 69632]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-14 218688]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 728448]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 22528]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 23552]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-13 60416]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 223232]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 96768]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-13 267264]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 309248]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 114176]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 108544]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [2010-11-20 39936]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 20992]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS REG_MULTI_SZ RpcEptMapper RpcSs
defragsvc REG_MULTI_SZ defragsvc
WerSvcGroup REG_MULTI_SZ wersvc
LocalServiceNoNetwork REG_MULTI_SZ DPS PLA BFE mpssvc WwanSvc
swprv REG_MULTI_SZ swprv
LocalServicePeerNet REG_MULTI_SZ PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation REG_MULTI_SZ KtmRm
regsvc REG_MULTI_SZ RemoteRegistry
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
sdrsvc REG_MULTI_SZ sdrsvc
WbioSvcGroup REG_MULTI_SZ WbioSrvc
wcssvc REG_MULTI_SZ WcsPlugInService
AxInstSVGroup REG_MULTI_SZ AxInstSV
secsvcs REG_MULTI_SZ WinDefend
PeerDist REG_MULTI_SZ PeerDistSvc
Akamai REG_MULTI_SZ Akamai

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
AppInfo
AppMgmt
AudioSrv
BDESVC
BITS
browser
CertPropSvc
EapHost
FastUserSwitchingCompatibility
gpsvc
helpsvc
hkmsvc
IKEEXT
iphlpsvc
lanmanserver
LogonHours
MMCSS
msiscsi
Nla
NWCWorkstation
PCAudit
ProfSvc
SCPolicySvc
seclogon
SessionEnv
ShellHWDetection
schedule
SRService
TermService
Themes
uploadmgr
wercplsupport
winmgmt
WmdmPmSp
Wmi
wuauserv

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
StorSvc


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider

.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-26 12:56
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-26 12:56
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-26 12:56
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-26 12:56
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-26 12:57
Windows 6.1.7601 Service Pack 1 NTFS

detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Celkový čas: 2011-02-26 12:59:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-26 11:59
ComboFix2.txt 2011-02-25 21:55

Před spuštěním: Volných bajtů: 198 675 877 888
Po spuštění: Volných bajtů: 198 467 682 304

- - End Of File - - 59915F5BD01ACBF3C9910FD598C37400

Re: Pro Vyosek

Napsal: 26 úno 2011 13:37
od vyosek
:arrow: Stahnete SPTD http://www.duplexsecure.com/en/downloads
  • Vyberte z uvedene stranky verzi dle sveho operacniho systemu (32(x86)bit ci 64(x64)bit)
  • Ulozte na plochu a spustte
  • Zvolte moznost Uninstall a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte
:arrow: Stahnete Defogger http://www.jpshortstuff.247fixes.com/Defogger.exe
  • Ulozte na plochu a spustte
  • Kliknete na Disable a restartujte PC - pokud nepujde kliknout (tlacitko bude sede), krok preskocte
:arrow: Stahnete MBR na plochu http://www2.gmer.net/mbr/mbr.exe ale nespoustejte

:arrow: Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
  • Vyskoci na Vas okenko, do ktereho zkopirujte text nize

  • Kód: Vybrat vše

    "%userprofile%\Desktop\mbr" -t
  • Kliknete na OK
  • Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte
:arrow: Dejte logy z Gmeru - viz muj podpis

Re: Pro Vyosek

Napsal: 26 úno 2011 17:35
od Junfan
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-26 15:31:56
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD322HJ rev.1AG01113
Running: gmer.exe; Driver: C:\Users\Vlastik\AppData\Local\Temp\fxddifoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 82C89339 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CC2D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\Users\Vlastik\AppData\Local\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1624] kernel32.dll!SetUnhandledExceptionFilter 76583D01 4 Bytes [C2, 04, 00, 00]
.text C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE[2900] kernel32.dll!SetUnhandledExceptionFilter 76583D01 5 Bytes JMP 697F8FA9 C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll (Microsoft Office 2010 component/Microsoft Corporation)
.text C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE[2900] ole32.dll!OleLoadFromStream 76836143 5 Bytes JMP 69D386A0 C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll (Microsoft Office 2010 component/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B32437] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B15600] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B156BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B324B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B28514] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B24CC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B2506F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B25144] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B26671] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B2826B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B287BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B2901B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B2E1BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B24BFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000050 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:1868] 95174F2E

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x28 0x1F 0x4E 0x1A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x00 0x22 0x3F 0xC7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x81 0x23 0x77 0x2F ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x28 0x1F 0x4E 0x1A ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x00 0x22 0x3F 0xC7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x81 0x23 0x77 0x2F ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlId 236
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlRetries 4
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\237
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\237@CrawlType 5
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\237@InProgress 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\237@DoneAddingCrawlSeeds 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\237@IsCatalogLevel 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\237@LogStartAddId 10
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\7@CrawlNumberInProgress 237

---- EOF - GMER 1.0.15 ----



Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: SAMSUNG_HD322HJ rev.1AG01113 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x82C8252F] -> \Device\Harddisk0\DR0[0x85A67030]
3 CLASSPNP[0x88FB459E] -> ntkrnlpa!IofCallDriver[0x82C8252F] -> [0x85999800]
5 ACPI[0x8339C3D4] -> ntkrnlpa!IofCallDriver[0x82C8252F] -> \Device\Ide\IdeDeviceP0T0L0-0[0x8597C908]
kernel: MBR read successfully
user & kernel MBR OK

Re: Pro Vyosek

Napsal: 26 úno 2011 21:06
od vyosek
:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
  • Provedte aktualizaci - treti zalozka
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Re: Pro Vyosek

Napsal: 27 úno 2011 00:14
od Junfan
log je cisty

Re: Pro Vyosek

Napsal: 27 úno 2011 08:44
od vyosek
:arrow: Stahnete OTM (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"netsvcs"=hex(7):41,65,4C,6F,6F,6B,75,70,53,76,63,00,41,70,\
  70,49,6E,66,6F,00,41,70,70,4D,67,6D,74,00,41,75,64,69,6F,53,72,76,00,42,\
  44,45,53,56,43,00,42,49,54,53,00,62,72,6F,77,73,65,72,00,43,65,72,74,\
  50,72,6F,70,53,76,63,00,45,61,70,48,6F,73,74,00,46,61,73,74,55,73,65,\
  72,53,77,69,74,63,68,69,6E,67,43,6F,6D,70,61,74,69,62,69,6C,69,74,79,\
  00,67,70,73,76,63,00,68,65,6C,70,73,76,63,00,68,6B,6D,73,76,63,00,49,\
  61,73,00,49,4B,45,45,58,54,00,69,70,68,6C,70,73,76,63,00,49,72,6D,6F,\
  6E,00,6C,61,6E,6D,61,6E,73,65,72,76,65,72,00,4C,6F,67,6F,6E,48,6F,75,\
  72,73,00,4D,4D,43,53,53,00,6D,73,69,73,63,73,69,00,4E,6C,61,00,4E,74,\
  6D,73,73,76,63,00,4E,57,43,57,6F,72,6B,73,74,61,74,69,6F,6E,00,4E,77,\
  73,61,70,61,67,65,6E,74,00,50,43,41,75,64,69,74,00,50,72,6F,66,53,76,\
  63,00,52,61,73,61,75,74,6F,00,52,61,73,6D,61,6E,00,52,65,6D,6F,74,65,\
  61,63,63,65,73,73,00,53,43,50,6F,6C,69,63,79,53,76,63,00,73,65,63,6C,\
  6F,67,6F,6E,00,53,45,4E,53,00,53,65,73,73,69,6F,6E,45,6E,76,00,53,68,\
  61,72,65,64,61,63,63,65,73,73,00,53,68,65,6C,6C,48,57,44,65,74,65,63,\
  74,69,6F,6E,00,73,63,68,65,64,75,6C,65,00,53,52,53,65,72,76,69,63,65,\
  00,54,61,70,69,73,72,76,00,54,65,72,6D,53,65,72,76,69,63,65,00,54,68,\
  65,6D,65,73,00,75,70,6C,6F,61,64,6D,67,72,00,77,65,72,63,70,6C,73,75,\
  70,70,6F,72,74,00,77,69,6E,6D,67,6D,74,00,57,6D,64,6D,50,6D,53,70,00,57,\
  6D,69,00,77,75,61,75,73,65,72,76,00,00

:services
Akamai

:files
c:/Program Files/Common Files/Akamai
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Kliknete na cervene tlacitko MoveIt!
  • Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

Re: Pro Vyosek

Napsal: 27 úno 2011 15:38
od Junfan
All processes killed
Error: Unable to interpret <c:/Program Files/Common Files/Akamai> in the current context!
Error: Unable to interpret <%windir%\system32\*.tmp.dll /s> in the current context!
Error: Unable to interpret <%windir%\system32\SET*.tmp /s> in the current context!
Error: Unable to interpret <%windir%\*.tmp /s> in the current context!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1080040 bytes
->Flash cache emptied: 41620 bytes

User: Petanek

User: Public

User: Vlastik
->Temp folder emptied: 355056 bytes
->Temporary Internet Files folder emptied: 9545663 bytes
->Java cache emptied: 485937 bytes
->Google Chrome cache emptied: 255157918 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 15016623 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 290816 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 269,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 02272011_152812

Re: Pro Vyosek

Napsal: 27 úno 2011 15:45
od vyosek
:arrow: nezkopiroval jste cely skript, musite to zkopirovat uz od toho :reg

:arrow: zopakujte tedy krok s OTM

Re: Pro Vyosek

Napsal: 27 úno 2011 18:09
od Junfan
All processes killed
Error: Unable to interpret <c:/Program Files/Common Files/Akamai> in the current context!
Error: Unable to interpret <%windir%\system32\*.tmp.dll /s> in the current context!
Error: Unable to interpret <%windir%\system32\SET*.tmp /s> in the current context!
Error: Unable to interpret <%windir%\*.tmp /s> in the current context!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Petanek

User: Public

User: Vlastik
->Temp folder emptied: 375796 bytes
->Temporary Internet Files folder emptied: 3755081 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 33156925 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1672 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 36,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 02272011_173858

Re: Pro Vyosek

Napsal: 27 úno 2011 18:10
od Junfan
vypada to stejne
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz