Prosim o kontrolu logu.Vytěžuje net.

[bivoj]

Prosim o kontrolu logu. Kdyz se pripojim k netu pres notbook tak strasne vytezuje net a pritom nic nestahuju.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Hulasek at 2011-03-19 11:37:11
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 16 GB (32%) free of 51 GB
Total RAM: 3070 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:37:42, on 19.3.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\System32\rundll32.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Digsby\lib\digsby-app.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Digsby\lib\aspell\bin\aspell.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hulasek\Downloads\RSIT.exe
C:\Program Files\trend micro\Hulasek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Hulasek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [WLSync] "C:\Program Files\Windows Live\Mesh\WLSync.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Digsby.lnk = C:\Program Files\Digsby\digsby.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

--
End of file - 7174 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2868282008-844033957-2709302122-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2868282008-844033957-2709302122-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-02-04 2166784]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-06-14 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-06-14 8433664]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-06-14 81920]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2007-06-14 67584]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-05-10 36864]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2010-09-05 1655296]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-11-30 74752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-02-04 3037696]
"Google Update"=C:\Users\Hulasek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-06 136176]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"WLSync"=C:\Program Files\Windows Live\Mesh\WLSync.exe [2010-09-23 1448800]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

C:\Users\Hulasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Digsby.lnk - C:\Program Files\Digsby\digsby.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-03-19 11:37:11 ----D---- C:\rsit
2011-03-19 11:37:11 ----D---- C:\Program Files\trend micro
2011-03-15 15:50:51 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-03-15 15:50:42 ----DC---- C:\Windows\system32\DRVSTORE
2011-03-15 15:50:42 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-03-09 16:40:17 ----A---- C:\Windows\system32\FntCache.dll
2011-03-09 16:40:16 ----A---- C:\Windows\system32\DWrite.dll
2011-03-09 16:40:16 ----A---- C:\Windows\system32\d2d1.dll
2011-03-09 16:40:14 ----A---- C:\Windows\system32\CPFilters.dll
2011-03-09 16:40:13 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 16:40:13 ----A---- C:\Windows\system32\EncDec.dll
2011-03-06 16:37:18 ----D---- C:\Program Files\PSPad
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\zh-TW
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\zh-CN
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\tr-TR
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\th-TH
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\sv-SE
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\ru-RU
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\ro-RO
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\pt-PT
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\pt-BR
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\pl-PL
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\nl-NL
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\nb-NO
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\ko-KR
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\ja-JP
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\it-IT
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\hu-HU
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\he-IL
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\fr-FR
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\fi-FI
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\es-ES
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\el-GR
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\de-DE
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\da-DK
2011-03-06 13:54:33 ----D---- C:\Windows\system32\drivers\ar-SA
2011-03-06 13:54:33 ----D---- C:\Program Files\Windows Virtual PC
2011-03-06 13:51:33 ----D---- C:\Program Files\Windows XP Mode
2011-03-06 13:29:27 ----A---- C:\Windows\system32\VPCWizard.exe
2011-03-06 13:29:27 ----A---- C:\Windows\system32\drivers\vpcnfltr.sys
2011-03-06 13:29:25 ----A---- C:\Windows\system32\drivers\vpchbus.sys
2011-03-06 13:29:25 ----A---- C:\Windows\system32\drivers\vpcvmm.sys
2011-03-06 13:29:25 ----A---- C:\Windows\system32\drivers\vpcusb.sys
2011-03-06 13:29:24 ----A---- C:\Windows\system32\vpchbuspipe.dll
2011-03-06 13:29:18 ----A---- C:\Windows\system32\VPCSettings.exe
2011-03-06 13:29:18 ----A---- C:\Windows\system32\VMCPropertyHandler.dll
2011-03-06 13:29:05 ----A---- C:\Windows\system32\VMWindow.exe
2011-03-06 13:29:05 ----A---- C:\Windows\system32\vmsal.exe
2011-03-06 13:29:02 ----A---- C:\Windows\system32\vpc.exe
2011-03-01 10:16:23 ----A---- C:\Windows\system32\d3d10_1.dll
2011-03-01 09:18:56 ----D---- C:\Users\Hulasek\AppData\Roaming\SQL Developer
2011-03-01 09:18:18 ----D---- C:\Program Files\Oracle
2011-02-23 13:55:01 ----D---- C:\Windows\system32\SPReview
2011-02-23 13:53:46 ----D---- C:\Windows\system32\EventProviders
2011-02-23 13:51:52 ----A---- C:\Windows\system32\dfshim.dll
2011-02-23 13:51:48 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-02-23 13:51:48 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-02-23 13:51:47 ----A---- C:\Windows\system32\mstscax.dll
2011-02-23 13:51:44 ----A---- C:\Windows\system32\d3d10warp.dll
2011-02-23 13:51:43 ----A---- C:\Windows\system32\mfc40u.dll
2011-02-23 13:51:43 ----A---- C:\Windows\system32\mfc40.dll
2011-02-23 13:51:41 ----A---- C:\Windows\system32\sysmain.dll
2011-02-23 13:51:40 ----A---- C:\Windows\system32\secproc_isv.dll
2011-02-23 13:51:39 ----A---- C:\Windows\system32\shell32.dll
2011-02-23 13:51:38 ----A---- C:\Windows\system32\secproc.dll
2011-02-23 13:51:38 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-02-23 13:51:37 ----A---- C:\Windows\system32\ieframe.dll
2011-02-23 13:51:36 ----A---- C:\Windows\system32\RMActivate.exe
2011-02-23 13:51:35 ----A---- C:\Windows\system32\spwizui.dll
2011-02-23 13:51:34 ----A---- C:\Windows\system32\mscoree.dll
2011-02-23 13:51:32 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-23 13:51:32 ----A---- C:\Windows\system32\mf.dll
2011-02-23 13:51:31 ----A---- C:\Windows\system32\mssrch.dll
2011-02-23 13:51:31 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-02-23 13:51:31 ----A---- C:\Windows\system32\iertutil.dll
2011-02-23 13:51:31 ----A---- C:\Windows\system32\CertEnroll.dll
2011-02-23 13:51:30 ----A---- C:\Windows\system32\wmp.dll
2011-02-23 13:51:29 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-02-23 13:51:29 ----A---- C:\Windows\system32\PresentationHost.exe
2011-02-23 13:51:29 ----A---- C:\Windows\system32\esent.dll
2011-02-23 13:51:29 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-02-23 13:51:28 ----A---- C:\Windows\system32\schedsvc.dll
2011-02-23 13:51:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-23 13:51:28 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2011-02-23 13:51:27 ----A---- C:\Windows\system32\tquery.dll
2011-02-23 13:51:27 ----A---- C:\Windows\system32\RacEngn.dll
2011-02-23 13:51:26 ----A---- C:\Windows\system32\ntdll.dll
2011-02-23 13:51:26 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-02-23 13:51:25 ----A---- C:\Windows\system32\rdpdd.dll
2011-02-23 13:51:24 ----A---- C:\Windows\system32\wininet.dll
2011-02-23 13:51:24 ----A---- C:\Windows\system32\qmgr.dll
2011-02-23 13:51:24 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-02-23 13:51:23 ----A---- C:\Windows\system32\wevtsvc.dll
2011-02-23 13:51:23 ----A---- C:\Windows\system32\urlmon.dll
2011-02-23 13:51:23 ----A---- C:\Windows\system32\ole32.dll
2011-02-23 13:51:22 ----A---- C:\Windows\system32\vssapi.dll
2011-02-23 13:51:22 ----A---- C:\Windows\system32\SearchFolder.dll
2011-02-23 13:51:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-02-23 13:51:22 ----A---- C:\Windows\system32\d3d9.dll
2011-02-23 13:51:21 ----A---- C:\Windows\system32\taskschd.dll
2011-02-23 13:51:21 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-02-23 13:51:21 ----A---- C:\Windows\explorer.exe
2011-02-23 13:51:20 ----A---- C:\Windows\system32\kernel32.dll
2011-02-23 13:51:20 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-02-23 13:51:20 ----A---- C:\Windows\system32\crypt32.dll
2011-02-23 13:51:19 ----A---- C:\Windows\system32\spreview.exe
2011-02-23 13:51:19 ----A---- C:\Windows\system32\spinstall.exe
2011-02-23 13:51:19 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2011-02-23 13:51:19 ----A---- C:\Windows\system32\mstsc.exe
2011-02-23 13:51:18 ----A---- C:\Windows\system32\wer.dll
2011-02-23 13:51:18 ----A---- C:\Windows\system32\termsrv.dll
2011-02-23 13:51:18 ----A---- C:\Windows\system32\rpcrt4.dll
2011-02-23 13:51:18 ----A---- C:\Windows\system32\certcli.dll
2011-02-23 13:51:17 ----A---- C:\Windows\system32\msxml6.dll
2011-02-23 13:51:17 ----A---- C:\Windows\system32\lsasrv.dll
2011-02-23 13:51:17 ----A---- C:\Windows\system32\gpsvc.dll
2011-02-23 13:51:17 ----A---- C:\Windows\system32\dwmcore.dll
2011-02-23 13:51:16 ----A---- C:\Windows\system32\wbengine.exe
2011-02-23 13:51:16 ----A---- C:\Windows\system32\odbc32.dll
2011-02-23 13:51:16 ----A---- C:\Windows\system32\MPSSVC.dll
2011-02-23 13:51:16 ----A---- C:\Windows\system32\diagperf.dll
2011-02-23 13:51:15 ----A---- C:\Windows\system32\WinSAT.exe
2011-02-23 13:51:15 ----A---- C:\Windows\system32\umrdp.dll
2011-02-23 13:51:15 ----A---- C:\Windows\system32\scavengeui.dll
2011-02-23 13:51:15 ----A---- C:\Windows\system32\mstime.dll
2011-02-23 13:51:14 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-02-23 13:51:14 ----A---- C:\Windows\system32\tsmf.dll
2011-02-23 13:51:14 ----A---- C:\Windows\system32\quartz.dll
2011-02-23 13:51:14 ----A---- C:\Windows\system32\localspl.dll
2011-02-23 13:51:14 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-23 13:51:14 ----A---- C:\Windows\system32\dot3api.dll
2011-02-23 13:51:13 ----A---- C:\Windows\system32\winhttp.dll
2011-02-23 13:51:13 ----A---- C:\Windows\system32\setupapi.dll
2011-02-23 13:51:13 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-23 13:51:13 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-02-23 13:51:13 ----A---- C:\Windows\system32\apphelp.dll
2011-02-23 13:51:12 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-02-23 13:51:12 ----A---- C:\Windows\system32\VSSVC.exe
2011-02-23 13:51:12 ----A---- C:\Windows\system32\netlogon.dll
2011-02-23 13:51:12 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-02-23 13:51:12 ----A---- C:\Windows\system32\dbgeng.dll
2011-02-23 13:51:12 ----A---- C:\Windows\system32\d3d11.dll
2011-02-23 13:51:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-02-23 13:51:11 ----A---- C:\Windows\system32\winlogon.exe
2011-02-23 13:51:11 ----A---- C:\Windows\system32\user32.dll
2011-02-23 13:51:11 ----A---- C:\Windows\system32\netcfgx.dll
2011-02-23 13:51:10 ----A---- C:\Windows\system32\WsmSvc.dll
2011-02-23 13:51:10 ----A---- C:\Windows\system32\webio.dll
2011-02-23 13:51:10 ----A---- C:\Windows\system32\Query.dll
2011-02-23 13:51:10 ----A---- C:\Windows\system32\gpprefcl.dll
2011-02-23 13:51:10 ----A---- C:\Windows\system32\drivers\srv.sys
2011-02-23 13:51:10 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-02-23 13:51:10 ----A---- C:\Windows\system32\advapi32.dll
2011-02-23 13:51:09 ----A---- C:\Windows\system32\upnp.dll
2011-02-23 13:51:09 ----A---- C:\Windows\system32\schannel.dll
2011-02-23 13:51:09 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-02-23 13:51:09 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-02-23 13:51:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-02-23 13:51:09 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-02-23 13:51:08 ----A---- C:\Windows\system32\netfxperf.dll
2011-02-23 13:51:08 ----A---- C:\Windows\system32\msv1_0.dll
2011-02-23 13:51:08 ----A---- C:\Windows\system32\msdrm.dll
2011-02-23 13:51:08 ----A---- C:\Windows\system32\lsm.exe
2011-02-23 13:51:08 ----A---- C:\Windows\system32\imapi2fs.dll
2011-02-23 13:51:08 ----A---- C:\Windows\system32\drivers\csc.sys
2011-02-23 13:51:08 ----A---- C:\Windows\system32\authui.dll
2011-02-23 13:51:07 ----A---- C:\Windows\system32\sppobjs.dll
2011-02-23 13:51:07 ----A---- C:\Windows\system32\shlwapi.dll
2011-02-23 13:51:07 ----A---- C:\Windows\system32\SessEnv.dll
2011-02-23 13:51:07 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-02-23 13:51:07 ----A---- C:\Windows\system32\KernelBase.dll
2011-02-23 13:51:06 ----A---- C:\Windows\system32\usp10.dll
2011-02-23 13:51:06 ----A---- C:\Windows\system32\mcbuilder.exe
2011-02-23 13:51:05 ----A---- C:\Windows\system32\xpsservices.dll
2011-02-23 13:51:05 ----A---- C:\Windows\system32\winload.exe
2011-02-23 13:51:05 ----A---- C:\Windows\system32\userenv.dll
2011-02-23 13:51:05 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-02-23 13:51:05 ----A---- C:\Windows\system32\certmgr.dll
2011-02-23 13:51:04 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-23 13:51:04 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-02-23 13:51:04 ----A---- C:\Windows\system32\sppwinob.dll
2011-02-23 13:51:04 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-02-23 13:51:04 ----A---- C:\Windows\system32\comdlg32.dll
2011-02-23 13:51:04 ----A---- C:\Windows\system32\audiosrv.dll
2011-02-23 13:51:03 ----A---- C:\Windows\system32\rpcss.dll
2011-02-23 13:51:03 ----A---- C:\Windows\system32\cmd.exe
2011-02-23 13:51:02 ----A---- C:\Windows\system32\Wldap32.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\win32spl.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\propsys.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\nlasvc.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\mfds.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\framedynos.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-02-23 13:51:02 ----A---- C:\Windows\system32\dnsapi.dll
2011-02-23 13:51:02 ----A---- C:\Windows\system32\BFE.DLL
2011-02-23 13:51:01 ----A---- C:\Windows\system32\wuaueng.dll
2011-02-23 13:51:01 ----A---- C:\Windows\system32\samsrv.dll
2011-02-23 13:51:01 ----A---- C:\Windows\system32\rdpendp.dll
2011-02-23 13:51:01 ----A---- C:\Windows\system32\profsvc.dll
2011-02-23 13:51:01 ----A---- C:\Windows\system32\drivers\netio.sys
2011-02-23 13:51:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-02-23 13:51:01 ----A---- C:\Windows\system32\cscsvc.dll
2011-02-23 13:51:00 ----A---- C:\Windows\system32\wucltux.dll
2011-02-23 13:51:00 ----A---- C:\Windows\system32\winresume.exe
2011-02-23 13:51:00 ----A---- C:\Windows\system32\werconcpl.dll
2011-02-23 13:51:00 ----A---- C:\Windows\system32\rdpclip.exe
2011-02-23 13:51:00 ----A---- C:\Windows\system32\ncsi.dll
2011-02-23 13:51:00 ----A---- C:\Windows\system32\azroles.dll
2011-02-23 13:51:00 ----A---- C:\Windows\system32\appmgr.dll
2011-02-23 13:50:59 ----A---- C:\Windows\system32\themeui.dll
2011-02-23 13:50:59 ----A---- C:\Windows\system32\taskeng.exe
2011-02-23 13:50:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-02-23 13:50:59 ----A---- C:\Windows\system32\credui.dll
2011-02-23 13:50:58 ----A---- C:\Windows\system32\wintrust.dll
2011-02-23 13:50:58 ----A---- C:\Windows\system32\spp.dll
2011-02-23 13:50:58 ----A---- C:\Windows\system32\mswsock.dll
2011-02-23 13:50:58 ----A---- C:\Windows\system32\inetcomm.dll
2011-02-23 13:50:58 ----A---- C:\Windows\system32\drivers\storport.sys
2011-02-23 13:50:58 ----A---- C:\Windows\system32\drivers\http.sys
2011-02-23 13:50:58 ----A---- C:\Windows\system32\dhcpcore.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\taskcomp.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\msxml3.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\evr.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\dxgi.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-02-23 13:50:57 ----A---- C:\Windows\system32\dbghelp.dll
2011-02-23 13:50:57 ----A---- C:\Windows\system32\basecsp.dll
2011-02-23 13:50:56 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-02-23 13:50:56 ----A---- C:\Windows\system32\spoolsv.exe
2011-02-23 13:50:56 ----A---- C:\Windows\system32\gdi32.dll
2011-02-23 13:50:56 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-02-23 13:50:56 ----A---- C:\Windows\system32\calc.exe
2011-02-23 13:50:55 ----A---- C:\Windows\system32\vpnike.dll
2011-02-23 13:50:55 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-02-23 13:50:55 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-02-23 13:50:55 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-02-23 13:50:54 ----A---- C:\Windows\system32\UIRibbon.dll
2011-02-23 13:50:54 ----A---- C:\Windows\system32\srvsvc.dll
2011-02-23 13:50:54 ----A---- C:\Windows\system32\lpksetup.exe
2011-02-23 13:50:54 ----A---- C:\Windows\system32\fveapi.dll
2011-02-23 13:50:53 ----A---- C:\Windows\system32\sxs.dll
2011-02-23 13:50:53 ----A---- C:\Windows\system32\netshell.dll
2011-02-23 13:50:53 ----A---- C:\Windows\system32\ie4uinit.exe
2011-02-23 13:50:53 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-02-23 13:50:53 ----A---- C:\Windows\system32\cryptsvc.dll
2011-02-23 13:50:52 ----A---- C:\Windows\system32\ws2_32.dll
2011-02-23 13:50:52 ----A---- C:\Windows\system32\stobject.dll
2011-02-23 13:50:52 ----A---- C:\Windows\system32\hgprint.dll
2011-02-23 13:50:52 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-02-23 13:50:52 ----A---- C:\Windows\system32\drivers\msdsm.sys
2011-02-23 13:50:52 ----A---- C:\Windows\system32\comctl32.dll
2011-02-23 13:50:51 ----A---- C:\Windows\system32\prncache.dll
2011-02-23 13:50:51 ----A---- C:\Windows\system32\printui.dll
2011-02-23 13:50:51 ----A---- C:\Windows\system32\msi.dll
2011-02-23 13:50:51 ----A---- C:\Windows\system32\inetpp.dll
2011-02-23 13:50:51 ----A---- C:\Windows\system32\dps.dll
2011-02-23 13:50:50 ----A---- C:\Windows\system32\WSDApi.dll
2011-02-23 13:50:50 ----A---- C:\Windows\system32\wmpeffects.dll
2011-02-23 13:50:50 ----A---- C:\Windows\system32\rpchttp.dll
2011-02-23 13:50:50 ----A---- C:\Windows\system32\net1.exe
2011-02-23 13:50:50 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-02-23 13:50:50 ----A---- C:\Windows\system32\ci.dll
2011-02-23 13:50:50 ----A---- C:\Windows\system32\aitagent.exe
2011-02-23 13:50:50 ----A---- C:\Windows\system32\aepdu.dll
2011-02-23 13:50:49 ----A---- C:\Windows\system32\vds.exe
2011-02-23 13:50:49 ----A---- C:\Windows\system32\scansetting.dll
2011-02-23 13:50:49 ----A---- C:\Windows\system32\mfc42u.dll
2011-02-23 13:50:49 ----A---- C:\Windows\system32\FXSSVC.exe
2011-02-23 13:50:49 ----A---- C:\Windows\system32\drivers\vmbus.sys
2011-02-23 13:50:49 ----A---- C:\Windows\system32\drivers\pci.sys
2011-02-23 13:50:49 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-02-23 13:50:48 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-02-23 13:50:48 ----A---- C:\Windows\system32\wlangpui.dll
2011-02-23 13:50:48 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-02-23 13:50:48 ----A---- C:\Windows\system32\davclnt.dll
2011-02-23 13:50:47 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-02-23 13:50:47 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-02-23 13:50:47 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-02-23 13:50:47 ----A---- C:\Windows\system32\consent.exe
2011-02-23 13:50:47 ----A---- C:\Windows\system32\aaclient.dll
2011-02-23 13:50:46 ----A---- C:\Windows\system32\wpdshext.dll
2011-02-23 13:50:46 ----A---- C:\Windows\system32\webservices.dll
2011-02-23 13:50:46 ----A---- C:\Windows\system32\t2embed.dll
2011-02-23 13:50:46 ----A---- C:\Windows\system32\scrptadm.dll
2011-02-23 13:50:46 ----A---- C:\Windows\system32\pnidui.dll
2011-02-23 13:50:46 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-02-23 13:50:45 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2011-02-23 13:50:45 ----A---- C:\Windows\system32\tscfgwmi.dll
2011-02-23 13:50:45 ----A---- C:\Windows\system32\SyncCenter.dll
2011-02-23 13:50:45 ----A---- C:\Windows\system32\netdiagfx.dll
2011-02-23 13:50:45 ----A---- C:\Windows\system32\fde.dll
2011-02-23 13:50:45 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2011-02-23 13:50:45 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2011-02-23 13:50:45 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-02-23 13:50:44 ----A---- C:\Windows\system32\wuapi.dll
2011-02-23 13:50:44 ----A---- C:\Windows\system32\wscapi.dll
2011-02-23 13:50:44 ----A---- C:\Windows\system32\vmicsvc.exe
2011-02-23 13:50:44 ----A---- C:\Windows\system32\sdengin2.dll
2011-02-23 13:50:43 ----A---- C:\Windows\system32\wisptis.exe
2011-02-23 13:50:43 ----A---- C:\Windows\system32\WinSCard.dll
2011-02-23 13:50:43 ----A---- C:\Windows\system32\WFS.exe
2011-02-23 13:50:43 ----A---- C:\Windows\system32\pla.dll
2011-02-23 13:50:43 ----A---- C:\Windows\system32\msasn1.dll
2011-02-23 13:50:43 ----A---- C:\Windows\system32\mcmde.dll
2011-02-23 13:50:43 ----A---- C:\Windows\system32\cscobj.dll
2011-02-23 13:50:42 ----A---- C:\Windows\system32\winsta.dll
2011-02-23 13:50:42 ----A---- C:\Windows\system32\rdpcore.dll
2011-02-23 13:50:42 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-02-23 13:50:42 ----A---- C:\Windows\system32\iepeers.dll
2011-02-23 13:50:42 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-02-23 13:50:42 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-02-23 13:50:42 ----A---- C:\Windows\system32\conhost.exe
2011-02-23 13:50:41 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-02-23 13:50:41 ----A---- C:\Windows\system32\wiaservc.dll
2011-02-23 13:50:41 ----A---- C:\Windows\system32\setupcl.exe
2011-02-23 13:50:41 ----A---- C:\Windows\system32\ntshrui.dll
2011-02-23 13:50:41 ----A---- C:\Windows\system32\imapi2.dll
2011-02-23 13:50:41 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2011-02-23 13:50:41 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-02-23 13:50:41 ----A---- C:\Windows\system32\aeinv.dll
2011-02-23 13:50:40 ----A---- C:\Windows\system32\gameux.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\winmm.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\shsvcs.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\rasmans.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\onex.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\mssvp.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\dwmredir.dll
2011-02-23 13:50:39 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-02-23 13:50:39 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-02-23 13:50:38 ----A---- C:\Windows\system32\vaultsvc.dll
2011-02-23 13:50:38 ----A---- C:\Windows\system32\TabSvc.dll
2011-02-23 13:50:38 ----A---- C:\Windows\system32\netiohlp.dll
2011-02-23 13:50:38 ----A---- C:\Windows\system32\Narrator.exe
2011-02-23 13:50:38 ----A---- C:\Windows\system32\hbaapi.dll
2011-02-23 13:50:38 ----A---- C:\Windows\system32\bootres.dll
2011-02-23 13:50:38 ----A---- C:\Windows\system32\autofmt.exe
2011-02-23 13:50:38 ----A---- C:\Windows\system32\audiodg.exe
2011-02-23 13:50:37 ----A---- C:\Windows\system32\thumbcache.dll
2011-02-23 13:50:37 ----A---- C:\Windows\system32\samcli.dll
2011-02-23 13:50:37 ----A---- C:\Windows\system32\proquota.exe
2011-02-23 13:50:37 ----A---- C:\Windows\system32\msutb.dll
2011-02-23 13:50:37 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-02-23 13:50:37 ----A---- C:\Windows\system32\halmacpi.dll
2011-02-23 13:50:37 ----A---- C:\Windows\system32\hal.dll
2011-02-23 13:50:37 ----A---- C:\Windows\system32\autochk.exe
2011-02-23 13:50:37 ----A---- C:\Windows\system32\autoconv.exe
2011-02-23 13:50:37 ----A---- C:\Windows\system32\AudioSes.dll
2011-02-23 13:50:36 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-02-23 13:50:36 ----A---- C:\Windows\system32\srchadmin.dll
2011-02-23 13:50:36 ----A---- C:\Windows\system32\schtasks.exe
2011-02-23 13:50:36 ----A---- C:\Windows\system32\regapi.dll
2011-02-23 13:50:36 ----A---- C:\Windows\system32\msinfo32.exe
2011-02-23 13:50:36 ----A---- C:\Windows\system32\mimefilt.dll
2011-02-23 13:50:36 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\wcncsvc.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\sspicli.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\powercpl.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\msihnd.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-02-23 13:50:35 ----A---- C:\Windows\system32\framedyn.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\eapphost.dll
2011-02-23 13:50:35 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-02-23 13:50:35 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-02-23 13:50:34 ----A---- C:\Windows\system32\QAGENT.DLL
2011-02-23 13:50:34 ----A---- C:\Windows\system32\mscorier.dll
2011-02-23 13:50:34 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-02-23 13:50:34 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-02-23 13:50:34 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-02-23 13:50:33 ----A---- C:\Windows\system32\umpo.dll
2011-02-23 13:50:33 ----A---- C:\Windows\system32\netid.dll
2011-02-23 13:50:33 ----A---- C:\Windows\system32\DXP.dll
2011-02-23 13:50:33 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-02-23 13:50:33 ----A---- C:\Windows\system32\actxprxy.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\wdc.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\untfs.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\scesrv.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\rastls.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\oleaut32.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\nci.dll
2011-02-23 13:50:32 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-02-23 13:50:31 ----A---- C:\Windows\system32\wlanpref.dll
2011-02-23 13:50:31 ----A---- C:\Windows\system32\Vault.dll
2011-02-23 13:50:31 ----A---- C:\Windows\system32\sppsvc.exe
2011-02-23 13:50:31 ----A---- C:\Windows\system32\sdclt.exe
2011-02-23 13:50:31 ----A---- C:\Windows\system32\ListSvc.dll
2011-02-23 13:50:30 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-02-23 13:50:30 ----A---- C:\Windows\system32\RpcRtRemote.dll
2011-02-23 13:50:30 ----A---- C:\Windows\system32\Robocopy.exe
2011-02-23 13:50:30 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-23 13:50:30 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-02-23 13:50:29 ----A---- C:\Windows\system32\taskmgr.exe
2011-02-23 13:50:29 ----A---- C:\Windows\system32\DxpTaskSync.dll
2011-02-23 13:50:28 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-02-23 13:50:28 ----A---- C:\Windows\system32\userinit.exe
2011-02-23 13:50:28 ----A---- C:\Windows\system32\sharemediacpl.dll
2011-02-23 13:50:28 ----A---- C:\Windows\system32\mtxclu.dll
2011-02-23 13:50:28 ----A---- C:\Windows\system32\mssphtb.dll
2011-02-23 13:50:28 ----A---- C:\Windows\system32\msdri.dll
2011-02-23 13:50:28 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-02-23 13:50:28 ----A---- C:\Windows\system32\drivers\mpio.sys
2011-02-23 13:50:28 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-02-23 13:50:28 ----A---- C:\Windows\system32\Display.dll
2011-02-23 13:50:27 ----A---- C:\Windows\system32\termmgr.dll
2011-02-23 13:50:27 ----A---- C:\Windows\system32\puiobj.dll
2011-02-23 13:50:27 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-02-23 13:50:27 ----A---- C:\Windows\system32\DiagCpl.dll
2011-02-23 13:50:27 ----A---- C:\Windows\system32\cscui.dll
2011-02-23 13:50:26 ----A---- C:\Windows\system32\logoncli.dll
2011-02-23 13:50:26 ----A---- C:\Windows\system32\eudcedit.exe
2011-02-23 13:50:26 ----A---- C:\Windows\system32\drivers\winhv.sys
2011-02-23 13:50:26 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2011-02-23 13:50:26 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-02-23 13:50:25 ----A---- C:\Windows\system32\wiadefui.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\sppcomapi.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\shsetup.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\rasppp.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\msdtctm.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\msconfig.exe
2011-02-23 13:50:25 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\cabview.dll
2011-02-23 13:50:25 ----A---- C:\Windows\system32\biocpl.dll
2011-02-23 13:50:24 ----A---- C:\Windows\system32\SensorsCpl.dll
2011-02-23 13:50:24 ----A---- C:\Windows\system32\drivers\storvsc.sys
2011-02-23 13:50:23 ----A---- C:\Windows\system32\wpccpl.dll
2011-02-23 13:50:23 ----A---- C:\Windows\system32\themecpl.dll
2011-02-23 13:50:23 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2011-02-23 13:50:23 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2011-02-23 13:50:23 ----A---- C:\Windows\system32\dnscmmc.dll
2011-02-23 13:50:22 ----A---- C:\Windows\system32\scecli.dll
2011-02-23 13:50:22 ----A---- C:\Windows\system32\hgcpl.dll
2011-02-23 13:50:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-02-23 13:50:21 ----A---- C:\Windows\system32\winsrv.dll
2011-02-23 13:50:21 ----A---- C:\Windows\system32\tapisrv.dll
2011-02-23 13:50:21 ----A---- C:\Windows\system32\mscories.dll
2011-02-23 13:50:21 ----A---- C:\Windows\system32\mscms.dll
2011-02-23 13:50:21 ----A---- C:\Windows\system32\mprddm.dll
2011-02-23 13:50:21 ----A---- C:\Windows\system32\localsec.dll
2011-02-23 13:50:21 ----A---- C:\Windows\system32\fontext.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\wlanui.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\wkssvc.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\usercpl.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\srcore.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\SndVolSSO.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\qedit.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\KMSVC.DLL
2011-02-23 13:50:20 ----A---- C:\Windows\system32\iasacct.dll
2011-02-23 13:50:20 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-02-23 13:50:20 ----A---- C:\Windows\system32\bcdsrv.dll
2011-02-23 13:50:19 ----A---- C:\Windows\system32\w32tm.exe
2011-02-23 13:50:19 ----A---- C:\Windows\system32\VAN.dll
2011-02-23 13:50:19 ----A---- C:\Windows\system32\SndVol.exe
2011-02-23 13:50:19 ----A---- C:\Windows\system32\qdvd.dll
2011-02-23 13:50:19 ----A---- C:\Windows\system32\prntvpt.dll
2011-02-23 13:50:19 ----A---- C:\Windows\system32\netcenter.dll
2011-02-23 13:50:19 ----A---- C:\Windows\system32\mblctr.exe
2011-02-23 13:50:19 ----A---- C:\Windows\system32\batmeter.dll
2011-02-23 13:50:18 ----A---- C:\Windows\system32\zipfldr.dll
2011-02-23 13:50:18 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-02-23 13:50:18 ----A---- C:\Windows\system32\wksprt.exe
2011-02-23 13:50:18 ----A---- C:\Windows\system32\spwizeng.dll
2011-02-23 13:50:18 ----A---- C:\Windows\system32\fdeploy.dll
2011-02-23 13:50:18 ----A---- C:\Windows\system32\drivers\ks.sys
2011-02-23 13:50:18 ----A---- C:\Windows\system32\drivers\afd.sys
2011-02-23 13:50:18 ----A---- C:\Windows\system32\azroleui.dll
2011-02-23 13:50:18 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-02-23 13:50:17 ----A---- C:\Windows\system32\netjoin.dll
2011-02-23 13:50:17 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-02-23 13:50:17 ----A---- C:\Windows\system32\cryptui.dll
2011-02-23 13:50:16 ----A---- C:\Windows\system32\wusa.exe
2011-02-23 13:50:16 ----A---- C:\Windows\system32\networkmap.dll
2011-02-23 13:50:16 ----A---- C:\Windows\system32\mspbda.dll
2011-02-23 13:50:16 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2011-02-23 13:50:16 ----A---- C:\Windows\system32\Faultrep.dll
2011-02-23 13:50:16 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-02-23 13:50:16 ----A---- C:\Windows\system32\adsldp.dll
2011-02-23 13:50:15 ----A---- C:\Windows\system32\sud.dll
2011-02-23 13:50:15 ----A---- C:\Windows\system32\prnfldr.dll
2011-02-23 13:50:15 ----A---- C:\Windows\system32\photowiz.dll
2011-02-23 13:50:15 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2011-02-23 13:50:15 ----A---- C:\Windows\system32\msieftp.dll
2011-02-23 13:50:15 ----A---- C:\Windows\system32\ActionCenter.dll
2011-02-23 13:50:14 ----A---- C:\Windows\system32\taskhost.exe
2011-02-23 13:50:14 ----A---- C:\Windows\system32\taskbarcpl.dll
2011-02-23 13:50:14 ----A---- C:\Windows\system32\slui.exe
2011-02-23 13:50:14 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-02-23 13:50:14 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-02-23 13:50:14 ----A---- C:\Windows\system32\iasrad.dll
2011-02-23 13:50:14 ----A---- C:\Windows\system32\credssp.dll
2011-02-23 13:50:13 ----A---- C:\Windows\system32\rdpcorekmts.dll
2011-02-23 13:50:13 ----A---- C:\Windows\system32\halacpi.dll
2011-02-23 13:50:13 ----A---- C:\Windows\system32\ftp.exe
2011-02-23 13:50:13 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-02-23 13:50:13 ----A---- C:\Windows\system32\dot3cfg.dll
2011-02-23 13:50:13 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\wpd_ci.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\sisbkup.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\shwebsvc.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\recovery.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\odbcjt32.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\ifsutil.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\ieUnatt.exe
2011-02-23 13:50:12 ----A---- C:\Windows\system32\iesysprep.dll
2011-02-23 13:50:12 ----A---- C:\Windows\system32\efscore.dll
2011-02-23 13:50:11 ----A---- C:\Windows\system32\syncui.dll
2011-02-23 13:50:11 ----A---- C:\Windows\system32\sdcpl.dll
2011-02-23 13:50:11 ----A---- C:\Windows\system32\rdpwsx.dll
2011-02-23 13:50:11 ----A---- C:\Windows\system32\bcdedit.exe
2011-02-23 13:50:11 ----A---- C:\Windows\system32\autoplay.dll
2011-02-23 13:50:11 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2011-02-23 13:50:10 ----A---- C:\Windows\system32\wmpmde.dll
2011-02-23 13:50:10 ----A---- C:\Windows\system32\sppnp.dll
2011-02-23 13:50:10 ----A---- C:\Windows\system32\rtutils.dll
2011-02-23 13:50:10 ----A---- C:\Windows\system32\ntlanman.dll
2011-02-23 13:50:10 ----A---- C:\Windows\system32\dskquoui.dll
2011-02-23 13:50:10 ----A---- C:\Windows\system32\DeviceCenter.dll
2011-02-23 13:50:09 ----A---- C:\Windows\system32\vdsutil.dll
2011-02-23 13:50:09 ----A---- C:\Windows\system32\systemcpl.dll
2011-02-23 13:50:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-02-23 13:50:09 ----A---- C:\Windows\system32\recdisc.exe
2011-02-23 13:50:09 ----A---- C:\Windows\system32\OobeFldr.dll
2011-02-23 13:50:09 ----A---- C:\Windows\system32\ntprint.dll
2011-02-23 13:50:09 ----A---- C:\Windows\system32\bcdboot.exe
2011-02-23 13:50:08 ----A---- C:\Windows\system32\sethc.exe
2011-02-23 13:50:08 ----A---- C:\Windows\system32\rstrui.exe
2011-02-23 13:50:08 ----A---- C:\Windows\system32\riched20.dll
2011-02-23 13:50:08 ----A---- C:\Windows\system32\nshwfp.dll
2011-02-23 13:50:08 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-02-23 13:50:08 ----A---- C:\Windows\system32\blackbox.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\netplwiz.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-02-23 13:50:07 ----A---- C:\Windows\system32\migisol.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\httpapi.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\fms.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-02-23 13:50:07 ----A---- C:\Windows\system32\AxInstSv.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-02-23 13:50:07 ----A---- C:\Windows\system32\activeds.dll
2011-02-23 13:50:06 ----A---- C:\Windows\system32\wsqmcons.exe
2011-02-23 13:50:06 ----A---- C:\Windows\system32\nshipsec.dll
2011-02-23 13:50:06 ----A---- C:\Windows\system32\nlaapi.dll
2011-02-23 13:50:06 ----A---- C:\Windows\system32\isoburn.exe
2011-02-23 13:50:06 ----A---- C:\Windows\system32\dot3svc.dll
2011-02-23 13:50:06 ----A---- C:\Windows\system32\cdosys.dll
2011-02-23 13:50:06 ----A---- C:\Windows\system32\asycfilt.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\wuwebv.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\wlanmsm.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\wavemsp.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\ReAgent.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\provsvc.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\msftedit.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\dot3ui.dll
2011-02-23 13:50:05 ----A---- C:\Windows\system32\dfrgui.exe
2011-02-23 13:50:04 ----A---- C:\Windows\system32\wvc.dll
2011-02-23 13:50:04 ----A---- C:\Windows\system32\wtsapi32.dll
2011-02-23 13:50:04 ----A---- C:\Windows\system32\wimgapi.dll
2011-02-23 13:50:04 ----A---- C:\Windows\system32\tzutil.exe
2011-02-23 13:50:04 ----A---- C:\Windows\system32\sysclass.dll
2011-02-23 13:50:04 ----A---- C:\Windows\system32\ocsetup.exe
2011-02-23 13:50:04 ----A---- C:\Windows\system32\dsuiext.dll
2011-02-23 13:50:04 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-02-23 13:50:04 ----A---- C:\Windows\system32\appinfo.dll
2011-02-23 13:50:04 ----A---- C:\Windows\system32\AdmTmpl.dll
2011-02-23 13:50:03 ----A---- C:\Windows\system32\webcheck.dll
2011-02-23 13:50:03 ----A---- C:\Windows\system32\twext.dll
2011-02-23 13:50:03 ----A---- C:\Windows\system32\shdocvw.dll
2011-02-23 13:50:03 ----A---- C:\Windows\system32\mstask.dll
2011-02-23 13:50:03 ----A---- C:\Windows\system32\certprop.dll
2011-02-23 13:50:02 ----A---- C:\Windows\twain_32.dll
2011-02-23 13:50:02 ----A---- C:\Windows\system32\uxlib.dll
2011-02-23 13:50:02 ----A---- C:\Windows\system32\setupugc.exe
2011-02-23 13:50:02 ----A---- C:\Windows\system32\qcap.dll
2011-02-23 13:50:02 ----A---- C:\Windows\system32\qasf.dll
2011-02-23 13:50:02 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-02-23 13:50:02 ----A---- C:\Windows\system32\occache.dll
2011-02-23 13:50:02 ----A---- C:\Windows\system32\msrating.dll
2011-02-23 13:50:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-23 13:50:01 ----A---- C:\Windows\system32\wwanconn.dll
2011-02-23 13:50:01 ----A---- C:\Windows\system32\srrstr.dll
2011-02-23 13:50:01 ----A---- C:\Windows\system32\slwga.dll
2011-02-23 13:50:01 ----A---- C:\Windows\system32\msvfw32.dll
2011-02-23 13:50:01 ----A---- C:\Windows\system32\imm32.dll
2011-02-23 13:50:01 ----A---- C:\Windows\system32\imgutil.dll
2011-02-23 13:50:00 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-02-23 13:50:00 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-02-23 13:50:00 ----A---- C:\Windows\system32\nslookup.exe
2011-02-23 13:50:00 ----A---- C:\Windows\system32\mciavi32.dll
2011-02-23 13:50:00 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2011-02-23 13:50:00 ----A---- C:\Windows\system32\clusapi.dll
2011-02-23 13:50:00 ----A---- C:\Windows\system32\audiodev.dll
2011-02-23 13:49:59 ----A---- C:\Windows\system32\wimserv.exe
2011-02-23 13:49:59 ----A---- C:\Windows\system32\TSpkg.dll
2011-02-23 13:49:59 ----A---- C:\Windows\system32\remotepg.dll
2011-02-23 13:49:59 ----A---- C:\Windows\system32\rdpencom.dll
2011-02-23 13:49:59 ----A---- C:\Windows\system32\perfmon.exe
2011-02-23 13:49:59 ----A---- C:\Windows\system32\msscp.dll
2011-02-23 13:49:59 ----A---- C:\Windows\system32\diskraid.exe
2011-02-23 13:49:59 ----A---- C:\Windows\system32\acppage.dll
2011-02-23 13:49:58 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2011-02-23 13:49:58 ----A---- C:\Windows\system32\sdrsvc.dll
2011-02-23 13:49:58 ----A---- C:\Windows\system32\raschap.dll
2011-02-23 13:49:58 ----A---- C:\Windows\system32\QUTIL.DLL
2011-02-23 13:49:58 ----A---- C:\Windows\system32\odbccp32.dll
2011-02-23 13:49:58 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-02-23 13:49:58 ----A---- C:\Windows\system32\input.dll
2011-02-23 13:49:58 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-02-23 13:49:58 ----A---- C:\Windows\system32\browser.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\wmpdxm.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\vpnikeapi.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\onexui.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\olepro32.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\ocsetapi.dll
2011-02-23 13:49:57 ----A---- C:\Windows\system32\nltest.exe
2011-02-23 13:49:57 ----A---- C:\Windows\system32\networkexplorer.dll
2011-02-23 13:49:56 ----A---- C:\Windows\system32\wpdwcn.dll
2011-02-23 13:49:56 ----A---- C:\Windows\system32\vdsbas.dll
2011-02-23 13:49:56 ----A---- C:\Windows\system32\runonce.exe
2011-02-23 13:49:56 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-02-23 13:49:56 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-02-23 13:49:56 ----A---- C:\Windows\system32\iTVData.dll
2011-02-23 13:49:56 ----A---- C:\Windows\system32\inseng.dll
2011-02-23 13:49:56 ----A---- C:\Windows\system32\dxdiagn.dll
2011-02-23 13:49:56 ----A---- C:\Windows\bfsvc.exe
2011-02-23 13:49:55 ----A---- C:\Windows\system32\sspisrv.dll
2011-02-23 13:49:55 ----A---- C:\Windows\system32\msvidc32.dll
2011-02-23 13:49:55 ----A---- C:\Windows\system32\MFPlay.dll
2011-02-23 13:49:55 ----A---- C:\Windows\system32\logagent.exe
2011-02-23 13:49:55 ----A---- C:\Windows\system32\eapp3hst.dll
2011-02-23 13:49:55 ----A---- C:\Windows\system32\drivers\sdbus.sys
2011-02-23 13:49:54 ----A---- C:\Windows\system32\wmpshell.dll
2011-02-23 13:49:54 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-02-23 13:49:54 ----A---- C:\Windows\system32\shacct.dll
2011-02-23 13:49:54 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-02-23 13:49:54 ----A---- C:\Windows\system32\msiexec.exe
2011-02-23 13:49:54 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-02-23 13:49:54 ----A---- C:\Windows\system32\d3d10level9.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\wudriver.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\unimdmat.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\tabcal.exe
2011-02-23 13:49:52 ----A---- C:\Windows\system32\sqlcese30.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\rdpd3d.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\lsmproxy.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\iscsium.dll
2011-02-23 13:49:52 ----A---- C:\Windows\system32\bitsadmin.exe
2011-02-23 13:49:51 ----A---- C:\Windows\system32\WPDSp.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\srvcli.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\pdh.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\OpcServices.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\ncryptui.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\mprapi.dll
2011-02-23 13:49:51 ----A---- C:\Windows\system32\logman.exe
2011-02-23 13:49:51 ----A---- C:\Windows\system32\cscapi.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\wwanprotdim.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\tsgqec.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-02-23 13:49:50 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\olethk32.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\odbctrac.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\MdSched.exe
2011-02-23 13:49:50 ----A---- C:\Windows\system32\lpremove.exe
2011-02-23 13:49:50 ----A---- C:\Windows\system32\djoin.exe
2011-02-23 13:49:50 ----A---- C:\Windows\system32\CscMig.dll
2011-02-23 13:49:50 ----A---- C:\Windows\system32\ActionQueue.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\WMPhoto.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-02-23 13:49:49 ----A---- C:\Windows\system32\wiavideo.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\utildll.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\mapistub.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\mapi32.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\fphc.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2011-02-23 13:49:49 ----A---- C:\Windows\system32\dot3msm.dll
2011-02-23 13:49:49 ----A---- C:\Windows\system32\avifil32.dll
2011-02-23 13:49:48 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-02-23 13:49:48 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-02-23 13:49:48 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2011-02-23 13:49:48 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-02-23 13:49:48 ----A---- C:\Windows\system32\takeown.exe
2011-02-23 13:49:48 ----A---- C:\Windows\system32\sqmapi.dll
2011-02-23 13:49:48 ----A---- C:\Windows\system32\iyuv_32.dll
2011-02-23 13:49:48 ----A---- C:\Windows\system32\imagehlp.dll
2011-02-23 13:49:47 ----A---- C:\Windows\system32\sppinst.dll
2011-02-23 13:49:47 ----A---- C:\Windows\system32\qdv.dll
2011-02-23 13:49:47 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-02-23 13:49:47 ----A---- C:\Windows\system32\msyuv.dll
2011-02-23 13:49:47 ----A---- C:\Windows\system32\msrle32.dll
2011-02-23 13:49:47 ----A---- C:\Windows\system32\msnetobj.dll
2011-02-23 13:49:47 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-02-23 13:49:46 ----A---- C:\Windows\system32\WUDFx.dll
2011-02-23 13:49:46 ----A---- C:\Windows\system32\WUDFHost.exe
2011-02-23 13:49:46 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-02-23 13:49:46 ----A---- C:\Windows\system32\unattend.dll
2011-02-23 13:49:46 ----A---- C:\Windows\system32\RelPost.exe
2011-02-23 13:49:46 ----A---- C:\Windows\system32\qprocess.exe
2011-02-23 13:49:46 ----A---- C:\Windows\system32\pdhui.dll
2011-02-23 13:49:46 ----A---- C:\Windows\system32\MuiUnattend.exe
2011-02-23 13:49:46 ----A---- C:\Windows\system32\cmstp.exe
2011-02-23 13:49:46 ----A---- C:\Windows\system32\cca.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\wuauclt.exe
2011-02-23 13:49:45 ----A---- C:\Windows\system32\wsnmp32.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-02-23 13:49:45 ----A---- C:\Windows\system32\umb.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\tsbyuv.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\setupcln.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\msorcl32.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\msg.exe
2011-02-23 13:49:45 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-02-23 13:49:45 ----A---- C:\Windows\system32\basesrv.dll
2011-02-23 13:49:45 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-02-23 13:49:44 ----A---- C:\Windows\system32\relog.exe
2011-02-23 13:49:44 ----A---- C:\Windows\system32\qwinsta.exe
2011-02-23 13:49:44 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2011-02-23 13:49:44 ----A---- C:\Windows\system32\netiougc.exe
2011-02-23 13:49:44 ----A---- C:\Windows\system32\iscsicli.exe
2011-02-23 13:49:44 ----A---- C:\Windows\system32\iasrecst.dll
2011-02-23 13:49:44 ----A---- C:\Windows\system32\chglogon.exe
2011-02-23 13:49:44 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-02-23 13:49:43 ----A---- C:\Windows\system32\wkscli.dll
2011-02-23 13:49:43 ----A---- C:\Windows\system32\WavDest.dll
2011-02-23 13:49:43 ----A---- C:\Windows\system32\sppuinotify.dll
2011-02-23 13:49:43 ----A---- C:\Windows\system32\spbcd.dll
2011-02-23 13:49:43 ----A---- C:\Windows\system32\quser.exe
2011-02-23 13:49:43 ----A---- C:\Windows\system32\mydocs.dll
2011-02-23 13:49:43 ----A---- C:\Windows\system32\diskpart.exe
2011-02-23 13:49:43 ----A---- C:\Windows\system32\amstream.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\wmpps.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\syssetup.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\resutils.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\rastapi.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\nrpsrv.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\netbtugc.exe
2011-02-23 13:49:42 ----A---- C:\Windows\system32\MultiDigiMon.exe
2011-02-23 13:49:42 ----A---- C:\Windows\system32\itircl.dll
2011-02-23 13:49:42 ----A---- C:\Windows\system32\CertPolEng.dll
2011-02-23 13:49:41 ----A---- C:\Windows\system32\wuapp.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\tsdiscon.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\tscon.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\secur32.dll
2011-02-23 13:49:41 ----A---- C:\Windows\system32\qappsrv.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\PrintBrmUi.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\chgusr.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\chgport.exe
2011-02-23 13:49:41 ----A---- C:\Windows\system32\FXSTIFF.dll
2011-02-23 13:49:41 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-02-23 13:49:40 ----A---- C:\Windows\system32\wiarpc.dll
2011-02-23 13:49:40 ----A---- C:\Windows\system32\tskill.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\tlscsp.dll
2011-02-23 13:49:40 ----A---- C:\Windows\system32\rwinsta.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\ReAgentc.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\netutils.dll
2011-02-23 13:49:40 ----A---- C:\Windows\system32\logoff.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\findstr.exe
2011-02-23 13:49:40 ----A---- C:\Windows\system32\eappgnui.dll
2011-02-23 13:49:39 ----A---- C:\Windows\system32\sppc.dll
2011-02-23 13:49:39 ----A---- C:\Windows\system32\shadow.exe
2011-02-23 13:49:39 ----A---- C:\Windows\system32\netapi32.dll
2011-02-23 13:49:39 ----A---- C:\Windows\system32\muifontsetup.dll
2011-02-23 13:49:39 ----A---- C:\Windows\system32\mobsync.exe
2011-02-23 13:49:39 ----A---- C:\Windows\system32\mciqtz32.dll
2011-02-23 13:49:39 ----A---- C:\Windows\system32\iccvid.dll
2011-02-23 13:49:39 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-02-23 13:49:39 ----A---- C:\Windows\system32\cabinet.dll
2011-02-23 13:49:38 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2011-02-23 13:49:38 ----A---- C:\Windows\system32\unlodctr.exe
2011-02-23 13:49:38 ----A---- C:\Windows\system32\spopk.dll
2011-02-23 13:49:38 ----A---- C:\Windows\system32\shimgvw.dll
2011-02-23 13:49:38 ----A---- C:\Windows\system32\repair-bde.exe
2011-02-23 13:49:38 ----A---- C:\Windows\system32\prevhost.exe
2011-02-23 13:49:38 ----A---- C:\Windows\system32\luainstall.dll
2011-02-23 13:49:38 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-02-23 13:49:38 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2011-02-23 13:49:38 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-02-23 13:49:38 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2011-02-23 13:49:38 ----A---- C:\Windows\system32\dosx.exe
2011-02-23 13:49:37 ----A---- C:\Windows\system32\vmstorfltres.dll
2011-02-23 13:49:37 ----A---- C:\Windows\system32\vmicres.dll
2011-02-23 13:49:37 ----A---- C:\Windows\system32\reset.exe
2011-02-23 13:49:37 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2011-02-23 13:49:37 ----A---- C:\Windows\system32\query.exe
2011-02-23 13:49:37 ----A---- C:\Windows\system32\netcfg.exe
2011-02-23 13:49:37 ----A---- C:\Windows\system32\msdmo.dll
2011-02-23 13:49:37 ----A---- C:\Windows\system32\manage-bde.exe
2011-02-23 13:49:37 ----A---- C:\Windows\system32\inetmib1.dll
2011-02-23 13:49:37 ----A---- C:\Windows\system32\change.exe
2011-02-23 13:49:36 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-02-23 13:49:36 ----A---- C:\Windows\system32\vmbusres.dll
2011-02-23 13:49:36 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-02-23 13:49:36 ----A---- C:\Windows\system32\profprov.dll
2011-02-23 13:49:36 ----A---- C:\Windows\system32\odbcconf.dll
2011-02-23 13:49:36 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-02-23 13:49:36 ----A---- C:\Windows\system32\browcli.dll
2011-02-23 13:49:35 ----A---- C:\Windows\system32\wups.dll
2011-02-23 13:49:35 ----A---- C:\Windows\system32\perfts.dll
2011-02-23 13:49:35 ----A---- C:\Windows\system32\icaapi.dll
2011-02-23 13:49:34 ----A---- C:\Windows\system32\TRAPI.dll
2011-02-23 13:49:34 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-23 13:49:34 ----A---- C:\Windows\system32\FXSMON.dll
2011-02-23 13:49:34 ----A---- C:\Windows\system32\elsTrans.dll
2011-02-23 13:49:34 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-02-23 13:49:34 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-02-23 13:49:33 ----A---- C:\Windows\system32\wshbth.dll
2011-02-23 13:49:33 ----A---- C:\Windows\system32\schedcli.dll
2011-02-23 13:49:33 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-02-23 13:49:33 ----A---- C:\Windows\system32\napdsnap.dll
2011-02-23 13:49:33 ----A---- C:\Windows\system32\LogonUI.exe
2011-02-23 13:49:33 ----A---- C:\Windows\system32\dsauth.dll
2011-02-23 13:49:33 ----A---- C:\Windows\system32\cscdll.dll
2011-02-23 13:49:33 ----A---- C:\Windows\system32\bitsperf.dll
2011-02-23 13:49:32 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2011-02-23 13:49:31 ----A---- C:\Windows\system32\wups2.dll
2011-02-23 13:49:31 ----A---- C:\Windows\system32\wsdchngr.dll
2011-02-23 13:49:31 ----A---- C:\Windows\system32\sscore.dll
2011-02-23 13:49:31 ----A---- C:\Windows\system32\shgina.dll
2011-02-23 13:49:31 ----A---- C:\Windows\system32\riched32.dll
2011-02-23 13:49:31 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-02-23 13:49:30 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-02-23 13:49:30 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2011-02-23 13:49:30 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-02-23 13:49:29 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-02-23 13:49:29 ----A---- C:\Windows\system32\drivers\appid.sys
2011-02-23 13:49:28 ----A---- C:\Windows\system32\wshirda.dll
2011-02-23 13:49:28 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2011-02-23 13:49:27 ----A---- C:\Windows\system32\vmictimeprovider.dll
2011-02-23 13:49:27 ----A---- C:\Windows\system32\VmdCoinstall.dll
2011-02-23 13:49:27 ----A---- C:\Windows\system32\vmbuspipe.dll
2011-02-23 13:49:27 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2011-02-23 13:49:27 ----A---- C:\Windows\system32\spwmp.dll
2011-02-23 13:49:27 ----A---- C:\Windows\system32\IcCoinstall.dll
2011-02-23 13:49:27 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-02-23 13:49:27 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2011-02-23 13:49:27 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2011-02-23 13:49:27 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-02-23 13:49:27 ----A---- C:\Windows\system32\browseui.dll
2011-02-23 13:49:26 ----A---- C:\Windows\system32\RDPREFDD.dll
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-02-23 13:49:26 ----A---- C:\Windows\system32\C_ISCII.DLL
2011-02-23 13:49:25 ----A---- C:\Windows\system32\shunimpl.dll
2011-02-23 13:49:25 ----A---- C:\Windows\system32\dxmasf.dll
2011-02-23 13:49:25 ----A---- C:\Windows\system32\drivers\scfilter.sys
2011-02-23 13:49:25 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2011-02-23 13:49:24 ----A---- C:\Windows\system32\wmploc.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDUS.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDTURME.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDMON.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDMAORI.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDLT1.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDINTEL.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDINORI.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDINKAN.DLL
2011-02-23 13:49:24 ----A---- C:\Windows\system32\KBDGEO.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\tzres.dll
2011-02-23 13:49:23 ----A---- C:\Windows\system32\spwizres.dll
2011-02-23 13:49:23 ----A---- C:\Windows\system32\pifmgr.dll
2011-02-23 13:49:23 ----A---- C:\Windows\system32\nlsbres.dll
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDTUQ.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDTUF.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDSG.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDSF.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDPO.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDNEPR.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\kbdlk41a.dll
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDINTAM.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDINMAR.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDINHIN.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDINBEN.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDGR1.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDGKL.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDCZ1.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDBULG.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDBLR.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\KBDBASH.DLL
2011-02-23 13:49:23 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2011-02-23 13:49:23 ----A---- C:\Windows\system32\dpnaddr.dll
2011-02-23 13:49:23 ----A---- C:\Windows\system32\BlbEvents.dll
2011-02-23 13:48:54 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-02-23 13:48:54 ----A---- C:\Windows\system32\wbemcomn.dll
2011-02-23 13:48:43 ----A---- C:\Windows\system32\SmiEngine.dll
2011-02-23 13:48:37 ----A---- C:\Windows\system32\wdscore.dll
2011-02-23 13:48:37 ----A---- C:\Windows\system32\PkgMgr.exe
2011-02-23 13:48:10 ----A---- C:\Windows\system32\drvstore.dll
2011-02-23 13:48:09 ----A---- C:\Windows\system32\dpx.dll
2011-02-23 08:34:00 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-23 08:33:59 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-21 11:13:49 ----D---- C:\Windows\cs

[bivoj]

Musim na 2x. moc znaku.

======List of files/folders modified in the last 1 months======

2011-03-19 11:37:41 ----D---- C:\Windows\Prefetch
2011-03-19 11:37:11 ----RD---- C:\Program Files
2011-03-19 11:36:30 ----D---- C:\Windows\Temp
2011-03-19 11:12:37 ----D---- C:\Users\Hulasek\AppData\Roaming\Winamp
2011-03-19 11:04:08 ----D---- C:\Windows\system32\config
2011-03-19 11:03:44 ----D---- C:\Users\Hulasek\AppData\Roaming\uTorrent
2011-03-19 08:47:54 ----SHD---- C:\System Volume Information
2011-03-18 11:31:48 ----D---- C:\Windows\System32
2011-03-18 11:31:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-18 11:31:47 ----D---- C:\Windows\inf
2011-03-18 11:25:31 ----D---- C:\ProgramData\Spyware Terminator
2011-03-18 09:39:29 ----D---- C:\Users\Hulasek\AppData\Roaming\KeePass
2011-03-17 22:41:53 ----D---- C:\Program Files\FreeRapid-0.83u1
2011-03-17 15:35:31 ----D---- C:\Users\Hulasek\AppData\Roaming\Spyware Terminator
2011-03-16 09:48:44 ----D---- C:\Program Files\Eclipse
2011-03-15 15:51:36 ----SHD---- C:\Windows\Installer
2011-03-15 15:51:18 ----D---- C:\Windows\system32\drivers
2011-03-15 15:51:18 ----D---- C:\Windows\system32\catroot
2011-03-15 15:51:15 ----D---- C:\Windows\system32\DriverStore
2011-03-15 15:36:13 ----D---- C:\Program Files\MIPS Assembler and Simulator
2011-03-11 18:04:17 ----D---- C:\Program Files\Digsby
2011-03-10 17:10:55 ----D---- C:\Program Files\Spyware Terminator
2011-03-10 12:25:21 ----D---- C:\Windows\winsxs
2011-03-09 16:41:42 ----D---- C:\Windows\debug
2011-03-09 16:41:40 ----A---- C:\Windows\system32\MRT.exe
2011-03-09 16:41:21 ----D---- C:\ProgramData\Microsoft Help
2011-03-09 16:40:05 ----D---- C:\Windows\system32\catroot2
2011-03-08 15:23:02 ----D---- C:\Windows
2011-03-08 12:46:53 ----D---- C:\Windows\rescache
2011-03-07 20:55:54 ----D---- C:\Users\Hulasek\AppData\Roaming\Skype
2011-03-07 20:04:33 ----D---- C:\Users\Hulasek\AppData\Roaming\skypePM
2011-03-06 13:54:40 ----D---- C:\Windows\system32\zh-TW
2011-03-06 13:54:40 ----D---- C:\Windows\system32\tr-TR
2011-03-06 13:54:40 ----D---- C:\Windows\system32\ro-RO
2011-03-06 13:54:40 ----D---- C:\Windows\system32\pt-PT
2011-03-06 13:54:40 ----D---- C:\Windows\system32\pt-BR
2011-03-06 13:54:40 ----D---- C:\Windows\system32\nl-NL
2011-03-06 13:54:40 ----D---- C:\Windows\system32\nb-NO
2011-03-06 13:54:40 ----D---- C:\Windows\system32\ja-JP
2011-03-06 13:54:40 ----D---- C:\Windows\system32\it-IT
2011-03-06 13:54:40 ----D---- C:\Windows\system32\fr-FR
2011-03-06 13:54:40 ----D---- C:\Windows\system32\fi-FI
2011-03-06 13:54:40 ----D---- C:\Windows\system32\en-US
2011-03-06 13:54:40 ----D---- C:\Windows\system32\el-GR
2011-03-06 13:54:40 ----D---- C:\Windows\system32\de-DE
2011-03-06 13:54:40 ----D---- C:\Windows\system32\cs-CZ
2011-03-06 13:54:39 ----D---- C:\Windows\system32\pl-PL
2011-03-06 13:54:39 ----D---- C:\Windows\system32\ko-KR
2011-03-06 13:54:39 ----D---- C:\Windows\system32\drivers\en-US
2011-03-06 13:54:39 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-03-06 13:54:39 ----D---- C:\Windows\system32\ar-SA
2011-03-06 13:54:37 ----D---- C:\Windows\system32\zh-CN
2011-03-06 13:54:37 ----D---- C:\Windows\system32\th-TH
2011-03-06 13:54:37 ----D---- C:\Windows\system32\sv-SE
2011-03-06 13:54:37 ----D---- C:\Windows\system32\ru-RU
2011-03-06 13:54:37 ----D---- C:\Windows\system32\hu-HU
2011-03-06 13:54:37 ----D---- C:\Windows\system32\he-IL
2011-03-06 13:54:37 ----D---- C:\Windows\system32\es-ES
2011-03-06 13:54:37 ----D---- C:\Windows\system32\da-DK
2011-02-25 14:00:31 ----D---- C:\Windows\system32\wdi
2011-02-23 15:52:46 ----D---- C:\Windows\Microsoft.NET
2011-02-23 15:52:19 ----RSD---- C:\Windows\assembly
2011-02-23 15:37:42 ----SHD---- C:\Boot
2011-02-23 15:34:29 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-23 15:32:29 ----D---- C:\Program Files\Windows Sidebar
2011-02-23 15:32:29 ----D---- C:\Program Files\Windows Mail
2011-02-23 15:32:29 ----D---- C:\Program Files\DVD Maker
2011-02-23 15:32:28 ----D---- C:\Program Files\Windows Portable Devices
2011-02-23 15:32:28 ----D---- C:\Program Files\Windows Photo Viewer
2011-02-23 15:32:28 ----D---- C:\Program Files\Windows Media Player
2011-02-23 15:32:28 ----D---- C:\Program Files\Windows Journal
2011-02-23 15:32:28 ----D---- C:\Program Files\Internet Explorer
2011-02-23 15:32:26 ----D---- C:\Windows\servicing
2011-02-23 15:32:26 ----D---- C:\Windows\ehome
2011-02-23 15:32:26 ----D---- C:\Program Files\Windows Defender
2011-02-23 15:32:21 ----D---- C:\Windows\system32\sysprep
2011-02-23 15:32:21 ----D---- C:\Windows\system32\oobe
2011-02-23 15:32:21 ----D---- C:\Windows\system32\migration
2011-02-23 15:32:21 ----D---- C:\Windows\PolicyDefinitions
2011-02-23 15:32:20 ----D---- C:\Windows\system32\Setup
2011-02-23 15:32:20 ----D---- C:\Windows\system32\cs
2011-02-23 15:32:20 ----D---- C:\Windows\system32\AdvancedInstallers
2011-02-23 15:32:19 ----D---- C:\Windows\system32\sppui
2011-02-23 15:32:19 ----D---- C:\Windows\system32\manifeststore
2011-02-23 15:32:18 ----D---- C:\Windows\system32\wbem
2011-02-23 15:32:17 ----D---- C:\Windows\system32\migwiz
2011-02-23 15:32:17 ----D---- C:\Windows\system32\Dism
2011-02-23 15:32:09 ----RSD---- C:\Windows\Fonts
2011-02-23 15:32:08 ----D---- C:\Windows\AppPatch
2011-02-23 15:32:02 ----D---- C:\Windows\system32\Boot
2011-02-23 14:01:52 ----A---- C:\Windows\system32\msclmd.dll
2011-02-21 11:14:00 ----D---- C:\Program Files\Windows Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-11 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl1dfb6df3;MpKsl1dfb6df3; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2EA605F-00F5-416E-9894-23AD9B32A61C}\MpKsl1dfb6df3.sys [2011-03-19 28752]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-02-04 142592]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-24 231248]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-02-17 160560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-17 44784]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-06-25 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-06-25 38400]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-25 155136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-05-10 235584]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 7424]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 111152]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 122032]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ao90byov;ao90byov; C:\Windows\system32\drivers\ao90byov.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-09-20 73728]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-04 488960]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-11 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[motji]

Dobrý večer

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[bivoj]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6107

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

20.3.2011 14:05:07
mbam-log-2011-03-20 (14-04-57).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 313652
Uplynulý čas: 1 hodin, 15 minut, 3 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Hulasek\AppData\Roaming\thinstall\adobe audition 1.5\48000000f4600002h\Audition.exe (Trojan.Agent) -> No action taken.

[motji]

Otestujte na www.virustotal.com
c:\Users\Hulasek\AppData\Roaming\thinstall\adobe audition 1.5\48000000f4600002h\Audition.exe

[bivoj]

Výsledek testu: http://bit.ly/eziZau

[motji]

dejte prosím reanalyze

[bivoj]

Po tom co jsem dal reanalyze: http://bit.ly/fMe8ck

[motji]

Můžete smazat.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[bivoj]

Smazal jsem.
Zde log z ComboFixu

ComboFix 11-03-19.06 - Hulasek 21.03.2011 10:18:10.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3070.2235 [GMT 1:00]
Spuštěný z: c:\users\Hulasek\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-21 do 2011-03-21 )))))))))))))))))))))))))))))))
.
.
2011-03-21 09:24 . 2011-03-21 09:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-21 08:27 . 2011-03-21 08:27 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B128FB19-F10D-4959-B4DC-6FBFC11971BA}\MpKsle8b74c14.sys
2011-03-21 08:27 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B128FB19-F10D-4959-B4DC-6FBFC11971BA}\mpengine.dll
2011-03-20 20:33 . 2011-03-21 08:34 -------- d-----w- c:\users\Hulasek\AppData\Local\{527D4795-E447-4EEA-A6DF-8EDB3AD770C2}
2011-03-20 08:02 . 2011-03-20 08:02 -------- d-----w- c:\users\Hulasek\AppData\Local\{CFD4188C-2EDF-4D43-9CEC-12A777310E4C}
2011-03-19 16:02 . 2011-03-19 16:02 -------- d-----w- c:\users\Hulasek\AppData\Roaming\Malwarebytes
2011-03-19 16:02 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-19 16:02 . 2011-03-19 16:02 -------- d-----w- c:\programdata\Malwarebytes
2011-03-19 16:02 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-19 16:02 . 2011-03-19 16:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-19 10:37 . 2011-03-19 10:37 -------- d-----w- C:\rsit
2011-03-19 10:37 . 2011-03-19 10:37 -------- d-----w- c:\program files\trend micro
2011-03-17 21:37 . 2011-03-17 21:37 -------- d-----w- c:\users\Hulasek\AppData\Local\{D5FFAB59-D02D-4045-94A3-D3F6E098A4CB}
2011-03-17 08:15 . 2011-03-17 08:15 -------- d-----w- c:\users\Hulasek\AppData\Local\{94C84DED-CF59-48E6-8A8D-E2A35241ADEE}
2011-03-15 14:51 . 2011-03-15 14:55 -------- d-----w- c:\users\Hulasek\.VirtualBox
2011-03-15 14:50 . 2011-02-17 17:06 160560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-03-15 14:50 . 2011-03-15 14:50 -------- dc----w- c:\windows\system32\DRVSTORE
2011-03-15 14:50 . 2011-02-17 17:06 44784 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-03-14 22:22 . 2011-03-19 09:38 -------- d-----w- c:\users\Hulasek\AppData\Local\{E82B7A5F-074C-409C-A928-A6BB00167259}
2011-03-14 10:22 . 2011-03-14 10:22 -------- d-----w- c:\users\Hulasek\AppData\Local\{FA4D585B-E23E-4727-AB4D-DC1DBAE54A2C}
2011-03-13 10:21 . 2011-03-13 22:21 -------- d-----w- c:\users\Hulasek\AppData\Local\{8C1069B6-4D67-4845-8592-7D41A66C9E61}
2011-03-11 07:53 . 2011-03-12 21:30 -------- d-----w- c:\users\Hulasek\AppData\Local\{AC07C684-FADF-4458-9325-F3EFD81D2A3F}
2011-03-10 11:26 . 2011-03-10 11:26 -------- d-----w- c:\users\Hulasek\AppData\Local\{BDAD1A9E-CA22-4E20-9606-2F409E0F7080}
2011-03-09 15:40 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 15:40 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 15:40 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 15:40 . 2010-12-23 05:54 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 15:40 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 15:40 . 2010-12-23 05:54 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 15:40 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 08:12 . 2011-03-09 08:13 -------- d-----w- c:\users\Hulasek\AppData\Local\{E48850CB-DADD-4AEE-AF92-D7AF023E6519}
2011-03-07 07:15 . 2011-03-08 08:10 -------- d-----w- c:\users\Hulasek\AppData\Local\{CAEA7B04-DC03-429F-A87D-F9397D97797B}
2011-03-06 19:15 . 2011-03-06 19:15 -------- d-----w- c:\users\Hulasek\AppData\Local\{96D5C287-674E-4EEE-850B-EC57B0D2B8A4}
2011-03-06 15:37 . 2011-03-06 18:25 -------- d-----w- c:\program files\PSPad
2011-03-06 13:01 . 2011-03-20 12:59 -------- d-----r- c:\users\Hulasek\Virtual Machines
2011-03-06 12:51 . 2011-03-06 12:52 -------- d-----w- c:\program files\Windows XP Mode
2011-03-06 12:29 . 2010-11-20 12:17 2171392 ----a-w- c:\windows\system32\VPCWizard.exe
2011-03-06 12:29 . 2010-11-20 10:50 48128 ----a-w- c:\windows\system32\drivers\vpcnfltr.sys
2011-03-06 12:29 . 2010-11-20 12:30 296064 ----a-w- c:\windows\system32\drivers\vpcvmm.sys
2011-03-06 12:29 . 2010-11-20 12:30 172416 ----a-w- c:\windows\system32\drivers\vpchbus.sys
2011-03-06 12:29 . 2010-11-20 10:50 78336 ----a-w- c:\windows\system32\drivers\vpcusb.sys
2011-03-06 12:29 . 2010-11-20 12:21 14848 ----a-w- c:\windows\system32\vpchbuspipe.dll
2011-03-06 12:29 . 2010-11-20 12:17 1260032 ----a-w- c:\windows\system32\VPCSettings.exe
2011-03-06 12:29 . 2010-11-20 10:50 559616 ----a-w- c:\windows\system32\VMCPropertyHandler.dll
2011-03-06 12:29 . 2010-11-20 10:52 1003008 ----a-w- c:\windows\system32\VMWindow.exe
2011-03-06 12:29 . 2010-11-20 10:52 793600 ----a-w- c:\windows\system32\vmsal.exe
2011-03-06 12:29 . 2010-11-20 12:17 3330560 ----a-w- c:\windows\system32\vpc.exe
2011-03-06 07:14 . 2011-03-06 07:15 -------- d-----w- c:\users\Hulasek\AppData\Local\{8307580B-F0FE-47A7-8A35-C74819DA93EC}
2011-03-02 06:46 . 2011-03-05 10:17 -------- d-----w- c:\users\Hulasek\AppData\Local\{BDE18CCB-2658-4E4A-981C-D6B30416BC84}
2011-03-01 09:16 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-01 08:44 . 2011-03-01 08:44 -------- d-----w- c:\users\Hulasek\AppData\Local\{7C6ED6F6-AF07-42C2-A752-808D0CDA8158}
2011-03-01 08:18 . 2011-03-03 10:41 -------- d-----w- c:\users\Hulasek\AppData\Roaming\SQL Developer
2011-03-01 08:18 . 2011-03-15 14:50 -------- d-----w- c:\program files\Oracle
2011-02-28 20:44 . 2011-02-28 20:44 -------- d-----w- c:\users\Hulasek\AppData\Local\{1A0DFCA3-D208-43F2-8D65-C50EB960562B}
2011-02-28 08:43 . 2011-02-28 08:44 -------- d-----w- c:\users\Hulasek\AppData\Local\{3F0DAE90-3DF8-4896-A5F1-E805E0FFF987}
2011-02-27 08:43 . 2011-02-27 08:43 -------- d-----w- c:\users\Hulasek\AppData\Local\{7BCFD831-9771-4755-84DA-411E90DCB33A}
2011-02-26 08:05 . 2011-02-27 20:43 -------- d-----w- c:\users\Hulasek\AppData\Local\{F6F6242D-2144-4BA8-B5CD-654320A6CB75}
2011-02-25 12:59 . 2011-02-25 13:00 -------- d-----w- c:\users\Hulasek\AppData\Local\{1D7EDAA1-DEFC-45F6-8A47-02DAC4CB65E6}
2011-02-24 08:25 . 2011-02-24 08:26 -------- d-----w- c:\users\Hulasek\AppData\Local\{A51DE96F-7465-469B-9599-0D32D5CD9D85}
2011-02-23 12:55 . 2011-02-23 12:55 -------- d-----w- c:\windows\system32\SPReview
2011-02-23 12:53 . 2011-02-23 12:53 -------- d-----w- c:\windows\system32\EventProviders
2011-02-23 12:50 . 2010-11-20 12:21 2755072 ----a-w- c:\windows\system32\themeui.dll
2011-02-23 12:49 . 2010-11-20 12:21 65024 ----a-w- c:\windows\system32\TSpkg.dll
2011-02-23 12:48 . 2010-11-20 12:21 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-02-23 12:48 . 2010-11-20 12:21 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-02-23 12:48 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-02-23 12:48 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-02-23 12:48 . 2010-11-20 12:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-02-23 12:48 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-02-23 12:48 . 2010-11-20 12:17 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-02-23 12:48 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-02-23 12:48 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll
2011-02-23 07:34 . 2011-01-07 07:46 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 07:33 . 2011-01-07 07:46 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 08:25 . 2011-02-23 08:25 -------- d-----w- c:\users\Hulasek\AppData\Local\{ADD1F734-CE68-4957-9DE3-2DC179BA031D}
2011-02-21 10:20 . 2011-02-21 10:20 -------- d-----w- c:\users\Hulasek\AppData\Local\{B43D858E-BC4F-4A94-B23F-BBE1F0CBEF3D}
2011-02-21 10:13 . 2011-02-21 10:13 -------- d-----w- c:\windows\cs
2011-02-21 10:07 . 2011-02-21 10:07 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\2bb03c961cbd1af05\MeshBetaRemover.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 11:25 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-23 13:01 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-17 17:06 . 2011-02-17 17:06 122032 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-02-17 17:06 . 2011-02-17 17:06 111152 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-02-17 17:06 . 2011-02-17 17:06 135472 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2011-02-11 06:54 . 2010-12-22 09:09 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-03 05:54 . 2011-02-09 11:09 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 20:40 . 2010-11-11 13:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-23 23:37 . 2011-01-23 23:37 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2011-01-07 07:45 . 2011-02-09 11:09 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 06:01 . 2011-02-09 11:10 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-01-07 05:43 . 2011-02-09 11:09 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-05 05:55 . 2011-02-09 11:10 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 03:51 . 2011-02-09 11:10 2330624 ----a-w- c:\windows\system32\win32k.sys
2010-12-21 19:30 . 2010-12-21 19:30 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{856CBA8E-7BD4-4898-98DF-94BD448A09B5}\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SharingPrivate]
@="{08244EE6-92F0-47f2-9FC9-929BAA2E7235}"
[HKEY_CLASSES_ROOT\CLSID\{08244EE6-92F0-47f2-9FC9-929BAA2E7235}]
2010-11-20 12:20 442880 ----a-w- c:\windows\System32\ntshrui.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-04 3037696]
"Google Update"="c:\users\Hulasek\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-06 136176]
"WLSync"="c:\program files\Windows Live\Mesh\WLSync.exe" [2010-09-22 1448800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-04 2166784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-06-14 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-14 8433664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-14 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-06-14 67584]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2010-09-05 1655296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Hulasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Digsby.lnk - c:\program files\Digsby\digsby.exe [2010-3-3 141488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe [2010-11-20 3179520]
R3 AcpiPmi;Ovladač měřiče napájení standardu ACPI;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2010-11-20 80256]
R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys [2010-11-20 50176]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-13 37888]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 28160]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 46160]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys [2010-11-20 332160]
R3 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 65536]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 233344]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
R3 mpio;Ovladač sběrnice Microsoft Multi-Path;c:\windows\system32\drivers\mpio.sys [2010-11-20 130432]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 28032]
R3 msdsm;Specifický modul zařízení Microsoft Multi-Path;c:\windows\system32\drivers\msdsm.sys [2010-11-20 116096]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2010-11-20 143744]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 26624]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-13 12288]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-07-13 71168]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
R3 StorSvc;Služba úložiště;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys [2010-11-20 28032]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 204800]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 31232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2009-07-14 35840]
R3 uliagpkx;Filtr sběrnice Uli AGP;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 57424]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-13 86016]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe [2009-07-14 22528]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
R3 ViaC7;VIA C7 Processor Driver;c:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
R3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\System32\drivers\vwifibus.sys [2009-07-13 19968]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-13 21632]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-11 1343400]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe [2010-11-20 1203200]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
R3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
R3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2009-07-14 20992]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe [2009-07-14 20992]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2010-11-20 22400]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys [2009-07-14 249408]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2009-07-14 369568]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 58448]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 194800]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14208]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2009-07-14 133200]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 13888]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 43088]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-11 691696]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys [2010-11-20 40704]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 32832]
S0 vmbus;Sběrnice virtuálního počítače;c:\windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2010-11-20 53120]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys [2009-07-14 297040]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 35328]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys [2010-11-20 388096]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 78336]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 32256]
S1 MpKsle8b74c14;MpKsle8b74c14;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B128FB19-F10D-4959-B4DC-6FBFC11971BA}\MpKsle8b74c14.sys [2011-03-21 28752]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys [2009-07-13 16896]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-02-04 142592]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 74752]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-02-17 160560]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-17 44784]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 63488]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-13 48128]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys [2009-07-13 86528]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 586752]
S2 Power;Napájení;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2010-11-20 35328]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys [2009-07-13 69632]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 728448]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-07-14 22528]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 23552]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-13 60416]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-11-20 223232]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-11-20 96768]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-07-13 267264]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2010-11-20 309248]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2010-11-20 114176]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 108544]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\drivers\umbus.sys [2010-11-20 39936]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 111152]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 122032]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL28A64998
*NewlyCreated* - MPKSLD7D11D34
*NewlyCreated* - MPKSLE8B74C14
*Deregistered* - MpKsl28a64998
*Deregistered* - MpKsld7d11d34
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
RPCSS REG_MULTI_SZ RpcEptMapper RpcSs
defragsvc REG_MULTI_SZ defragsvc
WerSvcGroup REG_MULTI_SZ wersvc
LocalServiceNoNetwork REG_MULTI_SZ DPS PLA BFE mpssvc WwanSvc
swprv REG_MULTI_SZ swprv
LocalServicePeerNet REG_MULTI_SZ PNRPSvc p2pimsvc p2psvc PnrpAutoReg
NetworkServiceAndNoImpersonation REG_MULTI_SZ KtmRm
regsvc REG_MULTI_SZ RemoteRegistry
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
DcomLaunch REG_MULTI_SZ Power PlugPlay DcomLaunch
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
sdrsvc REG_MULTI_SZ sdrsvc
WbioSvcGroup REG_MULTI_SZ WbioSrvc
wcssvc REG_MULTI_SZ WcsPlugInService
AxInstSVGroup REG_MULTI_SZ AxInstSV
secsvcs REG_MULTI_SZ WinDefend
PeerDist REG_MULTI_SZ PeerDistSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
IKEEXT
AudioSrv
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
wercplsupport
EapHost
ProfSvc
schedule
hkmsvc
SessionEnv
winmgmt
browser
Themes
BDESVC
AppMgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
homegrouplistener
StorSvc
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
WdiServiceHost
sppuinotify
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetworkService
lanmanworkstation
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalServiceNetworkRestricted
BthHFSrv
homegroupprovider
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868282008-844033957-2709302122-1000Core.job
- c:\users\Hulasek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-06 08:55]
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2868282008-844033957-2709302122-1000UA.job
- c:\users\Hulasek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-06 08:55]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-sacsvr
SafeBoot-vmms
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:24
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:25
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:25
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 10:25
Windows 6.1.7601 Service Pack 1 NTFS
.
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2868282008-844033957-2709302122-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2868282008-844033957-2709302122-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="60741E54A10D22306F35C9BE59313A1656AE623C2447CDB1FDD207F94D8203C76F01A21AC17D5AD80D60E149F41918769BBD814F89E7F3A1190AECBCDCB09DC3675DA5A5CCF99229448B09705E29451811D04F272B33FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA6A0AC4980AC7933C038D530D6EB3452D6E62188BE181C88A04AA33EBCD12F17149DD6E5241DE8AC5AE34E8235DDBC8E2FAB7F3FCDEDCE4B8B268D917376DDE615CA5D73355C881AE40384A6D4BCDD209CF5F90F45EF3B944A502415F3ADFBE29C33AF20E6B00048E51CB89AAD71F559F26B41869376FE282F787CAA38299C729AB065C0E240755C08CEA7C2B2BF6141B896583D1CFB4D103FAE00B6B1BA683F2F7DECAAC4D926C3A91F65074F8A92A42BE319C8B21C6C99316AE925C05898B6B13908391B6A622BDDF4D8525F5A0F9437A6ACC8A21BB655F1074C623E9E7D0B2AE64DC9EB088E88EB1E3C1535DD6D64829195DBAA5D1919A1418B5FF3CB7A33566EA5402F68A190CBCA1E4214E4DDAB64402527FA6C987C963DE093A2420669271B4E03CE6A293FAE0F62D136E42147E6AE8353BA7749DED77FD876FB89ADAAC31C5A7CAC0C46D475E23EBF47F58BD64B3F2E8D8450D55FA1F35487A6CB8D3A8484AE9A9CF02A52B6A33D0C6A55863F04B6F206E36CFC64E5E807C6BDD8DA9DF7CC06D1666220803E90BE39B26510A839BDF7715E651117470F7A3BD123DC9FDD4F6D1846CA836A89CEF3CF2BA8397E46E33208E67977E321FE0CEE6442ED4E2DCCC5676BBA44DE4C67E55ACDC8A6F1BA196F87E98A2B7CFC326CEDED6F7EFA10E6473EF96666F06AC4ECE98E1492755AB24D30C39E3AD59D079FC9570C11BB62A679218B25037781B8B91152F8C9431BEAC246C65F4729F5BF7E1A0118BCEC36F5BA94AA73468EDEF74E686F0E2D562BDD15913A9A88733003B5773F3CADA9D026BC24D8717015839A018AB58C33EE670EE06056C3C8F5265BC7FED5C3A2D6ABE7865E07E1D42D281CFD1965D06490E5E016034BED64B56CB68653829CEE19F55570D5A02D5C3FB6DDC2B4B2DADC84EB20F84D38D54FFB43E89D1AF259795A1068A8A101DF0575CDA422074751CF57F5771F19B5D68FD626A588FB4BB2BD498E01315CF5A85B403F18C3BB417B815734F877434D753F16408997A6A1024B57BC62DF24C5DC0751124422022FC7CB9A099B3F2A7BD40CCFF113EFCC01C6C53D96B35E1CA8F33FA0019A0B8D97C59B788CB60B34B341B9DB51A28A24E9A3E2714F012A6A4888CFE9796E2396F3AAF18C8A8943C9DBA71DD82501B4E44C5F70B5C9B815BAC65C192B20F8DED7B0CF65378233A2D74E1AA1A6EAD78D4E13E44B8823AEC43B37528F284956"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-21 10:26:57
ComboFix-quarantined-files.txt 2011-03-21 09:26
.
Před spuštěním: Volných bajtů: 17 301 368 832
Po spuštění: Volných bajtů: 17 244 106 752
.
- - End Of File - - ED41BDA5818443ED0378079DAD8C0572

[motji]

odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC


Stahněte http://www.jpshortstuff.247fixes.com/Defogger.exe
- spustte,
- potvrdte disabled
-log vložte zde



Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu


start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde

[bivoj]

Defoger mi žádný log nevytvořil.

Log 1 z Gmer:

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit quick scan 2011-03-21 18:00:33
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD2500BEVS-75UST0 rev.01.01A01
Running: gmer.exe; Driver: C:\Users\Hulasek\AppData\Local\Temp\kwdiifow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Log 2 z Gmer:

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-03-21 18:20:16
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD2500BEVS-75UST0 rev.01.01A01
Running: gmer.exe; Driver: C:\Users\Hulasek\AppData\Local\Temp\kwdiifow.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwClose [0x904F488E]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateFile [0x904F40EC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateKey [0x904F3DCE]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateSection [0x904F5938]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteKey [0x904F3ED8]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0x904F3FC2]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwLoadDriver [0x904F4BBC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwOpenFile [0x904F43F4]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0x904F4526]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetValueKey [0x904F3BFC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0x904F4B04]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwWriteFile [0x904F470C]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 82C4E339 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C87D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82C8EE64 4 Bytes [8E, 48, 4F, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11AF 82C8EEA4 4 Bytes [EC, 40, 4F, 90] {IN AL, DX ; INC EAX; DEC EDI; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 82C8EEB4 4 Bytes [CE, 3D, 4F, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82C8EEEC 4 Bytes [38, 59, 4F, 90] {CMP [ECX+0x4f], BL; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1243 82C8EF38 4 Bytes [D8, 3E, 4F, 90] {FDIVR DWORD [ESI]; DEC EDI; NOP }
.text ...
? System32\drivers\eekbsqyh.sys Systém nemůže nalézt uvedenou cestu. !
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x91620340, 0x345217, 0xE8000020]
PAGE peauth.sys 9DC44E20 101 Bytes CALL 26FBEB84
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 AC844000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 AC844123 629 Bytes [F5, 83, AC, FE, 05, 34, F5, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 AC844399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 538F AC8443FF 148 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 543B AC8444AB 2228 Bytes [8B, FF, 55, 8B, EC, FF, 75, ...]
PAGE ...

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\System32\rundll32.exe[2916] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2916] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2916] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2916] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2924] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2924] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2924] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[2924] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3044] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3044] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3044] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3044] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7593FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000054 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Threads - GMER 1.0.15 ----

Thread System [4:5060] AC851F2E

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Intel(R) PRO/Wireless 3945ABG \x2013 síťové připojení 1?
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x3D 0x67 0x3E 0x2E ...
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Intel(R) PRO/Wireless 3945ABG \x2013 síťové připojení 1?
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x3D 0x67 0x3E 0x2E ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG11.00.00.01WORKSTATION 60741E54A10D22306F35C9BE59313A1656AE623C2447CDB1FDD207F94D8203C76F01A21AC17D5AD80D60E149F41918769BBD814F89E7F3A1190AECBCDCB09DC3675DA5A5CCF99229448B09705E29451811D04F272B33FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA6A0AC4980AC7933C038D530D6EB3452D6E62188BE181C88A04AA33EBCD12F17149DD6E5241DE8AC5AE34E8235DDBC8E2FAB7F3FCDEDCE4B8B268D917376DDE615CA5D73355C881AE40384A6D4BCDD209CF5F90F45EF3B944A502415F3ADFBE29C33AF20E6B00048E51CB89AAD71F559F26B41869376FE282F787CAA38299C729AB065C0E240755C08CEA7C2B2BF6141B896583D1CFB4D103FAE00B6B1BA683F2F7DECAAC4D926C3A91F65074F8A92A42BE319C8B21C6C99316AE925C05898B6B13908391B6A622BDDF4D8525F5A0F9437A6ACC8A21BB655F1074C623E9E7D0B2AE64DC9EB088E88EB1E3C1535DD6D64829195DBAA5D1919A1418B5FF3CB7A33566EA5402F68A190CBCA1E4214E4DDAB64402527FA6C987C963DE093A2420669271B4E03CE6A293FAE0F62D136E42147E6AE8353BA7749DED77FD876FB89ADAAC31C5A7CAC0C46D475E23EBF47F58BD64B3F2E8D8450D55FA1F35487A6CB8D3A8484AE9A9CF02A52B6A

---- EOF - GMER 1.0.15 ----

Log z MBR:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD2500BEVS-75UST0 rev.01.01A01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys intelppm.sys fltmgr.sys VSTCNXT3.SYS
C:\Windows\system32\DRIVERS\VSTCNXT3.SYS Conexant Systems, Inc. SoftK56 Modem Driver
1 ntkrnlpa!IofCallDriver[0x82C4752F] -> \Device\Harddisk0\DR0[0x8637F030]
3 CLASSPNP[0x8B3D859E] -> ntkrnlpa!IofCallDriver[0x82C4752F] -> \Device\Ide\IdeDeviceP1T0L0-1[0x85F31908]
kernel: MBR read successfully
user & kernel MBR OK

[motji]

S počítačem to ted vypadá jak?



Stáhněte SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

- uložte ho na plochu a spustte.
- do okénka zkopírujte

Kód: Vybrat vše

:filefind
eekbsqyh.sys
eekbsqyh

:regfind
eekbsqyh.sys
eekbsqyh

- klikněte na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopírujete sem

[bivoj]

Doma momentálně nejsem,takže nemoho hodnotit, ale tam kde jsem současně připojen,tak síť nevytěžuje.

Zde log ze SystemLook:

SystemLook 04.09.10 by jpshortstuff
Log created at 22:24 on 21/03/2011 by Hulasek
Administrator - Elevation successful

========== filefind ==========

Searching for "eekbsqyh.sys"
No files found.

Searching for "eekbsqyh"
No files found.

========== regfind ==========

Searching for "eekbsqyh.sys"
No data found.

Searching for "eekbsqyh"
No data found.

-= EOF =-

[motji]

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?