VIRY.CZ

info.txt logfile of random's system information tool 1.08 2011-03-30 16:19:11

======Uninstall list======

-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_Plugin.exe -maintain plugin
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x0009 -removeonly
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
Full Tilt Poker-->C:\Program Files\Full Tilt Poker\uninstall.exe
Last.fm 1.5.4.27091-->"C:\Program Files\Last.fm\unins000.exe"
Logitech MouseWare 9.76 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox 4.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Graphics Driver 260.99-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA nView 135.36-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NView
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX System Software 9.10.0514-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
PokerTracker 3 (remove only)-->"C:\Program Files\PokerTracker 3\uninstall.exe"
PostgreSQL 8.3-->MsiExec.exe /I{B823632F-3B72-4514-8861-B961CE263224}
VIA Platforma Ovladače zařízení-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: ESET NOD32 Antivirus 4.2

======System event log======

Computer Name: KURE
Event Code: 10005
Message: DCOM got error "%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Record Number: 202
Source Name: DCOM
Time Written: 20110327190423.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 10005
Message: DCOM got error "%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Record Number: 156
Source Name: DCOM
Time Written: 20110327092719.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 10005
Message: DCOM got error "%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Record Number: 129
Source Name: DCOM
Time Written: 20110326133100.000000+060
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 20
Message: Printer Driver Microsoft Office Document Image Writer Driver for Windows NT x86 Version-3 was added or updated. Files:- mdigraph.dll, mdiui.dll, mdiui.dll.

Record Number: 102
Source Name: Print
Time Written: 20110326131256.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 1073
Message: The attempt to reboot KURE failed

Record Number: 43
Source Name: USER32
Time Written: 20110326112544.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: KURE
Event Code: 5603
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 15
Source Name: WinMgmt
Time Written: 20110326104600.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 5603
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 14
Source Name: WinMgmt
Time Written: 20110326104600.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 13
Source Name: WinMgmt
Time Written: 20110326104600.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 12
Source Name: WinMgmt
Time Written: 20110326104600.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KURE
Event Code: 63
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 11
Source Name: WinMgmt
Time Written: 20110326104558.000000+060
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT a nazvem log.txt, je ulozen v c:\rsit

Logfile of random's system information tool 1.08 (written by random/random)
Run by kundibal at 2011-03-30 16:18:58
Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (68%) free of 25 GB
Total RAM: 3327 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:19:09, on 30.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\kundibal\My Documents\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\kundibal.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-823518204-1035525444-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'postgres')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1135424515
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe

--
End of file - 4134 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-26 1753192]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-06-05 33628160]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-03-04 19968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-03-30 16:18:58 ----D---- C:\rsit
2011-03-30 16:18:58 ----D---- C:\Program Files\trend micro
2011-03-29 20:40:59 ----D---- C:\WINDOWS\system32\LogFiles
2011-03-29 11:36:03 ----D---- C:\WINDOWS\Minidump
2011-03-28 17:00:29 ----D---- C:\Program Files\Defraggler
2011-03-28 16:57:58 ----D---- C:\HP
2011-03-28 16:54:15 ----A---- C:\WINDOWS\system32\drivers\RTL8139.sys
2011-03-28 16:28:16 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-03-28 14:58:21 ----A---- C:\WINDOWS\system32\asr_78478.exe
2011-03-27 20:44:56 ----D---- C:\Program Files\ESET
2011-03-27 20:44:56 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-03-27 20:03:51 ----D---- C:\Program Files\uTorrent
2011-03-27 19:57:42 ----D---- C:\Documents and Settings\kundibal\Application Data\uTorrent
2011-03-26 18:08:32 ----D---- C:\Documents and Settings\All Users\Application Data\Last.fm
2011-03-26 18:07:10 ----D---- C:\Program Files\Last.fm
2011-03-26 16:28:12 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-03-26 16:26:23 ----D---- C:\Documents and Settings\kundibal\Application Data\Macromedia
2011-03-26 16:26:23 ----D---- C:\Documents and Settings\kundibal\Application Data\Adobe
2011-03-26 15:13:34 ----D---- C:\Documents and Settings\kundibal\Application Data\Ventrilo
2011-03-26 14:46:20 ----D---- C:\Program Files\Webteh
2011-03-26 14:41:46 ----D---- C:\Program Files\PostgreSQL
2011-03-26 14:38:42 ----A---- C:\WINDOWS\DIIUnin.pif
2011-03-26 14:38:42 ----A---- C:\WINDOWS\DIIUnin.exe
2011-03-26 14:28:21 ----D---- C:\Program Files\Full Tilt Poker
2011-03-26 14:28:07 ----D---- C:\Program Files\PokerTracker 3
2011-03-26 14:23:34 ----D---- C:\Program Files\QIP
2011-03-26 14:19:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-03-26 14:19:51 ----D---- C:\Program Files\Common Files\Logitech
2011-03-26 14:19:51 ----A---- C:\WINDOWS\system32\LMOUSE32.DLL
2011-03-26 14:19:51 ----A---- C:\WINDOWS\system32\LMOUSE16.DLL
2011-03-26 14:19:51 ----A---- C:\WINDOWS\system32\LGUICOM.DLL
2011-03-26 14:19:51 ----A---- C:\WINDOWS\system32\ifc21.dll
2011-03-26 14:19:51 ----A---- C:\WINDOWS\system32\FEELIT.DLL
2011-03-26 14:19:51 ----A---- C:\WINDOWS\system32\COMNCTR.DLL
2011-03-26 14:19:47 ----N---- C:\WINDOWS\system32\lmoufrc.dll
2011-03-26 14:19:47 ----N---- C:\WINDOWS\LOGI_MWX.EXE
2011-03-26 14:19:47 ----D---- C:\Program Files\Logitech
2011-03-26 14:19:46 ----N---- C:\WINDOWS\system32\LCOINST.DLL
2011-03-26 14:19:46 ----N---- C:\WINDOWS\system32\drivers\LCCFLTR.SYS
2011-03-26 14:19:46 ----N---- C:\WINDOWS\system32\drivers\L8042PR2.SYS
2011-03-26 14:19:46 ----A---- C:\WINDOWS\system32\drivers\LMouFlt2.Sys
2011-03-26 14:19:46 ----A---- C:\WINDOWS\system32\drivers\LHidUsb.sys
2011-03-26 14:19:46 ----A---- C:\WINDOWS\system32\drivers\LHidFlt2.Sys
2011-03-26 14:15:00 ----D---- C:\WINDOWS\RegisteredPackages
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\vxblock.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxwave.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxsfs.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxmas.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxdrv.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\pxafs.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\px.dll
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2011-03-26 14:14:45 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2011-03-26 14:14:42 ----D---- C:\Program Files\Winamp
2011-03-26 14:14:42 ----D---- C:\Documents and Settings\kundibal\Application Data\Winamp
2011-03-26 14:13:50 ----SHD---- C:\RECYCLER
2011-03-26 14:12:59 ----A---- C:\WINDOWS\ODBC.INI
2011-03-26 14:12:56 ----A---- C:\WINDOWS\system32\mdimon.dll
2011-03-26 14:12:32 ----D---- C:\Program Files\Common Files\DESIGNER
2011-03-26 14:12:22 ----D---- C:\WINDOWS\SHELLNEW
2011-03-26 14:12:15 ----D---- C:\Program Files\Microsoft Office
2011-03-26 12:42:41 ----A---- C:\WINDOWS\system32\h323log.txt
2011-03-26 12:32:08 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-03-26 12:31:22 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-03-26 12:30:54 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-03-26 12:30:54 ----A---- C:\WINDOWS\system32\wups2.dll
2011-03-26 12:30:54 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2011-03-26 12:30:54 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2011-03-26 12:30:54 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2011-03-26 12:30:06 ----A---- C:\WINDOWS\system32\usbui.dll
2011-03-26 12:30:04 ----A---- C:\WINDOWS\system32\drivers\wmiacpi.sys
2011-03-26 12:29:05 ----SHD---- C:\WINDOWS\Installer
2011-03-26 12:29:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-26 12:29:04 ----D---- C:\Program Files\Common Files\ODBC
2011-03-26 12:29:04 ----A---- C:\WINDOWS\ODBCINST.INI
2011-03-26 12:29:01 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-03-26 12:29:00 ----RD---- C:\Program Files
2011-03-26 12:29:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-03-26 12:29:00 ----D---- C:\Program Files\Common Files
2011-03-26 12:28:57 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-03-26 12:28:56 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-03-26 12:28:56 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-03-26 12:28:54 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-03-26 12:28:52 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-03-26 12:28:51 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-03-26 12:28:51 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-03-26 12:28:51 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-03-26 12:28:51 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-03-26 12:28:51 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-03-26 12:28:51 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-03-26 12:28:50 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-03-26 12:28:50 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-03-26 12:28:50 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-03-26 12:28:49 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-03-26 12:28:49 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdro.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2011-03-26 12:28:47 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2011-03-26 12:28:45 ----A---- C:\WINDOWS\system32\irclass.dll
2011-03-26 12:28:44 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-03-26 12:28:44 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-03-26 12:28:44 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-03-26 12:28:44 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-03-26 12:28:41 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-03-26 12:28:41 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-03-26 12:28:41 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-03-26 12:28:41 ----A---- C:\WINDOWS\system32\batt.dll
2011-03-26 12:28:40 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-03-26 12:28:38 ----A---- C:\WINDOWS\system32\storprop.dll
2011-03-26 12:28:31 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2011-03-26 12:27:43 ----D---- C:\Program Files\DAEMON Tools Lite
2011-03-26 12:26:49 ----RA---- C:\WINDOWS\SET8.tmp
2011-03-26 12:26:46 ----RA---- C:\WINDOWS\SET4.tmp
2011-03-26 12:26:44 ----RA---- C:\WINDOWS\SET3.tmp
2011-03-26 12:26:38 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-26 12:26:38 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-26 12:26:33 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-03-26 12:26:10 ----A---- C:\WINDOWS\setuplog.txt
2011-03-26 12:26:06 ----SHD---- C:\System Volume Information
2011-03-26 12:26:06 ----D---- C:\Documents and Settings
2011-03-26 12:25:47 ----D---- C:\Documents and Settings\kundibal\Application Data\Mozilla
2011-03-26 12:25:27 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-03-26 12:25:25 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-03-26 12:25:22 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-03-26 12:25:18 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-03-26 12:25:17 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-03-26 12:25:16 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-03-26 12:25:13 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-03-26 12:25:12 ----SH---- C:\boot.ini
2011-03-26 12:25:12 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-03-26 12:25:10 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-03-26 12:25:07 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-03-26 12:25:03 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-03-26 12:24:57 ----RA---- C:\WINDOWS\system32\drivers\monfilt.sys
2011-03-26 12:24:56 ----RA---- C:\WINDOWS\system32\drivers\viahduaa.sys
2011-03-26 12:24:55 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-03-26 12:24:55 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-03-26 12:24:55 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-03-26 12:24:50 ----A---- C:\WINDOWS\system32\drivers\ar5211.sys
2011-03-26 12:24:50 ----A---- C:\WINDOWS\system32\ar5211.sys
2011-03-26 12:24:26 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2011-03-26 12:24:13 ----D---- C:\temp
2011-03-26 12:23:55 ----D---- C:\Documents and Settings\kundibal\Application Data\WinRAR
2011-03-26 12:23:49 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2011-03-26 12:23:48 ----D---- C:\Documents and Settings\kundibal\Application Data\DAEMON Tools
2011-03-26 12:23:24 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-03-26 12:23:23 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2011-03-26 12:23:23 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2011-03-26 12:23:23 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2011-03-26 12:23:23 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2011-03-26 12:23:23 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2011-03-26 12:23:23 ----A---- C:\WINDOWS\system32\nvcuda.dll
2011-03-26 12:23:20 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-03-26 12:23:20 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-03-26 12:23:20 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2011-03-26 12:23:20 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-03-26 12:23:04 ----D---- C:\Program Files\Mozilla Firefox
2011-03-26 12:22:47 ----D---- C:\Program Files\NVIDIA Corporation
2011-03-26 12:22:34 ----N---- C:\WINDOWS\system32\difxapi.dll
2011-03-26 12:22:33 ----D---- C:\Program Files\VIA
2011-03-26 12:22:16 ----D---- C:\NVIDIA
2011-03-26 12:21:48 ----D---- C:\Program Files\WinRAR
2011-03-26 12:21:39 ----RA---- C:\WINDOWS\system32\drivers\l1e51x86.sys
2011-03-26 12:21:34 ----D---- C:\WINDOWS\system32\Atheros_L1e
2011-03-26 12:20:33 ----D---- C:\WINDOWS\pss
2011-03-26 12:20:22 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-26 12:20:12 ----D---- C:\Program Files\Common Files\InstallShield
2011-03-26 12:19:52 ----A---- C:\WINDOWS\Language_trs.ini
2011-03-26 12:19:18 ----RA---- C:\WINDOWS\system32\drivers\ASACPI.sys
2011-03-26 12:19:11 ----A---- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2011-03-26 12:19:11 ----A---- C:\WINDOWS\Ascd_tmp.ini
2011-03-26 12:19:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-26 12:19:02 ----RSD---- C:\WINDOWS\Fonts
2011-03-26 12:19:02 ----RD---- C:\WINDOWS\Web
2011-03-26 12:19:02 ----HD---- C:\WINDOWS\inf
2011-03-26 12:19:02 ----D---- C:\WINDOWS\WinSxS
2011-03-26 12:19:02 ----D---- C:\WINDOWS\twain_32
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Temp
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\wins
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\wbem
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\usmt
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\spool
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\ShellExt
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\Setup
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\scripting
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\ras
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\oobe
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\npp
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\mui
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\inetsrv
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\IME
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\icsxml
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\ias
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\export
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\en
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\drivers
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\dhcp
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\config
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\3com_dmi
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\3076
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\2052
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1054
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1042
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1041
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1037
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1033
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1031
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1028
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32\1025
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system32
2011-03-26 12:19:02 ----D---- C:\WINDOWS\system
2011-03-26 12:19:02 ----D---- C:\WINDOWS\security
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Resources
2011-03-26 12:19:02 ----D---- C:\WINDOWS\repair
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Provisioning
2011-03-26 12:19:02 ----D---- C:\WINDOWS\pchealth
2011-03-26 12:19:02 ----D---- C:\WINDOWS\PeerNet
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Network Diagnostic
2011-03-26 12:19:02 ----D---- C:\WINDOWS\mui
2011-03-26 12:19:02 ----D---- C:\WINDOWS\msapps
2011-03-26 12:19:02 ----D---- C:\WINDOWS\msagent
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Media
2011-03-26 12:19:02 ----D---- C:\WINDOWS\L2Schemas
2011-03-26 12:19:02 ----D---- C:\WINDOWS\java
2011-03-26 12:19:02 ----D---- C:\WINDOWS\ime
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Help
2011-03-26 12:19:02 ----D---- C:\WINDOWS\ehome
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Driver Cache
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Debug
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Cursors
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Connection Wizard
2011-03-26 12:19:02 ----D---- C:\WINDOWS\Config
2011-03-26 12:19:02 ----D---- C:\WINDOWS\AppPatch
2011-03-26 12:19:02 ----D---- C:\WINDOWS\addins
2011-03-26 12:19:02 ----D---- C:\WINDOWS
2011-03-26 12:19:01 ----ASH---- C:\pagefile.sys
2011-03-26 12:17:06 ----D---- C:\Documents and Settings\kundibal\Application Data\Identities
2011-03-26 12:17:04 ----HD---- C:\Program Files\Uninstall Information
2011-03-26 12:16:49 ----SD---- C:\Documents and Settings\kundibal\Application Data\Microsoft
2011-03-26 12:16:49 ----ASH---- C:\Documents and Settings\kundibal\Application Data\desktop.ini
2011-03-26 12:01:21 ----D---- C:\WINDOWS\SoftwareDistribution
2011-03-26 12:01:19 ----D---- C:\WINDOWS\Prefetch
2011-03-26 12:01:14 ----SD---- C:\WINDOWS\system32\Microsoft
2011-03-26 12:01:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-26 11:49:34 ----D---- C:\WINDOWS\system32\xircom
2011-03-26 11:49:34 ----D---- C:\Program Files\xerox
2011-03-26 11:49:34 ----D---- C:\Program Files\microsoft frontpage
2011-03-26 11:49:12 ----RASH---- C:\MSDOS.SYS
2011-03-26 11:49:12 ----RASH---- C:\IO.SYS
2011-03-26 11:49:12 ----A---- C:\WINDOWS\control.ini
2011-03-26 11:49:12 ----A---- C:\CONFIG.SYS
2011-03-26 11:49:12 ----A---- C:\AUTOEXEC.BAT
2011-03-26 11:49:01 ----A---- C:\WINDOWS\OEWABLog.txt
2011-03-26 11:48:57 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-03-26 11:48:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-03-26 11:48:08 ----RD---- C:\WINDOWS\Offline Web Pages
2011-03-26 11:48:08 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-03-26 11:48:02 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-03-26 11:47:58 ----HD---- C:\Program Files\WindowsUpdate
2011-03-26 11:47:35 ----D---- C:\WINDOWS\system32\DirectX
2011-03-26 11:47:28 ----A---- C:\WINDOWS\system32\atrace.dll
2011-03-26 11:47:25 ----A---- C:\WINDOWS\system32\desktop.ini
2011-03-26 11:47:25 ----A---- C:\WINDOWS\desktop.ini
2011-03-26 11:47:17 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-03-26 11:47:16 ----A---- C:\WINDOWS\system32\acctres.dll
2011-03-26 11:47:15 ----D---- C:\Program Files\Common Files\Services
2011-03-26 11:47:12 ----SD---- C:\WINDOWS\Tasks
2011-03-26 11:47:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-03-26 11:47:10 ----D---- C:\Program Files\Common Files\MSSoap
2011-03-26 11:47:06 ----D---- C:\WINDOWS\srchasst
2011-03-26 11:47:04 ----D---- C:\WINDOWS\system32\Macromed
2011-03-26 11:47:01 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-03-26 11:47:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-03-26 11:47:01 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-03-26 11:47:01 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\wups.dll
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-03-26 11:47:00 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-03-26 11:46:59 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-03-26 11:46:59 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-03-26 11:46:54 ----D---- C:\Program Files\Movie Maker
2011-03-26 11:46:32 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-03-26 11:46:32 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-03-26 11:46:32 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-03-26 11:46:32 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-03-26 11:46:28 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-03-26 11:46:27 ----D---- C:\WINDOWS\system32\Restore
2011-03-26 11:46:27 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-03-26 11:46:27 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-03-26 11:46:27 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-03-26 11:46:27 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-03-26 11:46:26 ----A---- C:\WINDOWS\system32\srclient.dll
2011-03-26 11:46:26 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-03-26 11:46:26 ----A---- C:\WINDOWS\system32\ils.dll
2011-03-26 11:46:26 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-03-26 11:46:25 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-03-26 11:46:25 ----A---- C:\WINDOWS\system32\msconf.dll
2011-03-26 11:46:25 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-03-26 11:46:25 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-03-26 11:46:22 ----D---- C:\Program Files\NetMeeting
2011-03-26 11:46:22 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-03-26 11:46:21 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-03-26 11:46:20 ----A---- C:\WINDOWS\system32\inetres.dll
2011-03-26 11:46:20 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-03-26 11:46:17 ----D---- C:\Program Files\Outlook Express
2011-03-26 11:46:17 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-03-26 11:46:17 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-03-26 11:46:17 ----A---- C:\WINDOWS\system32\mstask.dll
2011-03-26 11:46:17 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-03-26 11:46:16 ----A---- C:\WINDOWS\system32\isign32.dll
2011-03-26 11:46:16 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-03-26 11:46:16 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-03-26 11:46:09 ----D---- C:\Program Files\Common Files\System
2011-03-26 11:46:08 ----D---- C:\Program Files\Internet Explorer
2011-03-26 11:45:35 ----D---- C:\Program Files\ComPlus Applications
2011-03-26 11:45:33 ----A---- C:\WINDOWS\vbaddin.ini
2011-03-26 11:45:33 ----A---- C:\WINDOWS\vb.ini
2011-03-26 11:45:27 ----D---- C:\WINDOWS\Registration
2011-03-26 11:45:18 ----D---- C:\Program Files\Windows Media Player
2011-03-26 11:45:18 ----D---- C:\Program Files\Online Services
2011-03-26 11:45:09 ----D---- C:\Program Files\Messenger
2011-03-26 11:45:05 ----D---- C:\Program Files\MSN Gaming Zone
2011-03-26 11:45:05 ----A---- C:\WINDOWS\system32\write.exe
2011-03-26 11:44:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-03-26 11:44:53 ----A---- C:\WINDOWS\system32\hticons.dll
2011-03-26 11:44:53 ----A---- C:\WINDOWS\system32\avwav.dll
2011-03-26 11:44:53 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-03-26 11:44:53 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-03-26 11:44:52 ----A---- C:\WINDOWS\system32\winchat.exe
2011-03-26 11:44:44 ----A---- C:\WINDOWS\system32\charmap.exe
2011-03-26 11:44:44 ----A---- C:\WINDOWS\system32\getuname.dll
2011-03-26 11:44:44 ----A---- C:\WINDOWS\system32\calc.exe
2011-03-26 11:44:43 ----A---- C:\WINDOWS\system32\winmine.exe
2011-03-26 11:44:43 ----A---- C:\WINDOWS\system32\sol.exe
2011-03-26 11:44:43 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\tskill.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\tscon.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\shadow.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\reset.exe
2011-03-26 11:44:42 ----A---- C:\WINDOWS\system32\freecell.exe
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\regini.exe
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\msg.exe
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\logoff.exe
2011-03-26 11:44:41 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-03-26 11:44:34 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-03-26 11:44:18 ----D---- C:\Program Files\MSN
2011-03-26 11:44:16 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-03-26 11:44:16 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-03-26 11:44:15 ----D---- C:\Program Files\Windows NT
2011-03-26 11:44:15 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-03-26 11:44:15 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-03-26 11:44:14 ----A---- C:\WINDOWS\system32\spider.exe
2011-03-26 11:44:14 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-03-26 11:44:14 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-03-26 11:44:13 ----D---- C:\WINDOWS\system32\en-US
2011-03-26 11:44:13 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-03-26 11:44:13 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-03-26 11:44:13 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-03-26 11:44:13 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-03-26 11:44:13 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-03-26 11:44:12 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-03-26 11:44:12 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-03-26 11:44:11 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-03-26 11:44:11 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-03-26 11:44:11 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-03-26 11:44:11 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-03-26 11:44:11 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-03-26 11:44:11 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-03-26 11:44:10 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-03-26 11:44:09 ----D---- C:\WINDOWS\system32\MsDtc
2011-03-26 11:44:09 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-03-26 11:44:09 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-03-26 11:44:09 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-03-26 11:44:09 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-03-26 11:44:08 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-03-26 11:44:08 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-03-26 11:44:08 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-03-26 11:44:07 ----D---- C:\WINDOWS\system32\Com
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-03-26 11:44:07 ----A---- C:\WINDOWS\system32\colbact.dll
2011-03-26 11:44:06 ----A---- C:\WINDOWS\system32\stclient.dll
2011-03-26 11:44:06 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-03-26 11:44:06 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-03-26 11:44:06 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-03-26 11:44:06 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-03-26 11:44:05 ----A---- C:\WINDOWS\system32\comuid.dll
2011-03-26 11:44:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-03-26 11:44:05 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-03-26 11:44:04 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-03-26 11:43:57 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-03-26 11:43:57 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-03-26 11:43:57 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-03-26 11:43:57 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-03-26 11:43:53 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2011-03-26 11:43:52 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

======List of files/folders modified in the last 1 months======

2011-03-26 12:20:56 ----A---- C:\WINDOWS\win.ini
2011-03-26 12:20:56 ----A---- C:\WINDOWS\system.ini
2011-03-26 11:48:46 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-26 717296]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2009-05-20 38400]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-03-04 25214]
R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-03-04 37804]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-03-04 73134]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-15 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-06-02 1374464]
S3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-12-21 470048]
S3 atu6xvbb;atu6xvbb; C:\WINDOWS\system32\drivers\atu6xvbb.sys []
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2009-12-10 65536]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Jsou s PC nejake problemy

Částečně Mám k PC připojen notebook a po určitém čase sdílení internetu najednou internet přestane fungovat(resp. sdílený internet na notebooku, v PC funguje pořád). Tak se snažím zjistit pokud to nemůže nějaký vir či něco blokovat. Pokusím se poslat i log z notebooku, ale nejdříve se snažím odinstalovat veškerý nelegální software a "blbosti". Bohužel notebook není můj, ale přítelkyně takže se to protahuje. Nenapadá mě co by mohlo být příčinnou, možná se vypíná nějaká služba netuším...

Na ntb zalozte nove tema a do predmetu dejte "pro vyosek" - kolegove mi to nechaji - tady by se nam to michalo

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-04-01.01 - kundibal 02.04.2011 14:12:11.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.3327.2964 [GMT 2:00]
Spuštěný z: c:\documents and settings\kundibal\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\asr_78478.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-02 do 2011-04-02 )))))))))))))))))))))))))))))))
.
.
2011-03-30 14:18 . 2011-03-30 14:19 -------- d-----w- C:\rsit
2011-03-28 14:57 . 2011-03-28 14:57 -------- d-----w- C:\HP
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-18 17:55 . 2011-03-26 17:33 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-06-05 33628160]
"Logitech Utility"="Logi_MwX.Exe" [2003-03-04 19968]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/26/2011 12:23 PM 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [12/21/2010 3:04 PM 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [12/21/2010 1:47 PM 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [1/12/2011 4:41 PM 810144]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [12/10/2009 4:39 AM 65536]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [3/26/2011 12:24 PM 1374464]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\kundibal\Application Data\Mozilla\Firefox\Profiles\jn9u7kwb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-02 14:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-04-02 14:15:27
ComboFix-quarantined-files.txt 2011-04-02 12:15
.
Před spuštěním: 17 413 967 872 bytes free
Po spuštění: 17 409 527 808 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /noguiboot
.
- - End Of File - - D128B4359F95F380D40210192ADE7250


Tak tady zasílám log z combofixu. Jen poznámka - rezidentní štít sem vypl, ale ne hned po upozornění "vypněte ho" ale až při hlášce, že není vypnutý před spuštěním testu.

Nastala nejaka zmena

Ne, zatim sem nezkousel, cekam az udelam combofix na ntb a pockam na posouzeni

Dobra tedy, pockame co udela CFko na ntb

I když teď mě vlastně něco napadlo PC mi hází BSOD, zatím za týden jen tři, ale stejně. Nevím proč, HW bude v pohodě, byl i před reainstalaci OS.
Jen sem prejmenoval z .dmp na .rar pac to neslo jinak uploadnout. Diky

Poprosim kolegu at na ten dmp mrkne

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Zasilam log. Naslo to akorat SPTD


2011/04/05 17:49:43.0687 3216 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/05 17:49:43.0953 3216 ================================================================================
2011/04/05 17:49:43.0953 3216 SystemInfo:
2011/04/05 17:49:43.0953 3216
2011/04/05 17:49:43.0953 3216 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/05 17:49:43.0953 3216 Product type: Workstation
2011/04/05 17:49:43.0953 3216 ComputerName: BITCH
2011/04/05 17:49:43.0953 3216 UserName: kundibal
2011/04/05 17:49:43.0953 3216 Windows directory: C:\WINDOWS
2011/04/05 17:49:43.0953 3216 System windows directory: C:\WINDOWS
2011/04/05 17:49:43.0953 3216 Processor architecture: Intel x86
2011/04/05 17:49:43.0953 3216 Number of processors: 2
2011/04/05 17:49:43.0953 3216 Page size: 0x1000
2011/04/05 17:49:43.0953 3216 Boot type: Normal boot
2011/04/05 17:49:43.0953 3216 ================================================================================
2011/04/05 17:49:44.0640 3216 Initialize success
2011/04/05 17:49:51.0359 3332 ================================================================================
2011/04/05 17:49:51.0359 3332 Scan started
2011/04/05 17:49:51.0359 3332 Mode: Manual;
2011/04/05 17:49:51.0359 3332 ================================================================================
2011/04/05 17:49:52.0000 3332 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/05 17:49:52.0046 3332 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/05 17:49:52.0156 3332 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/05 17:49:52.0218 3332 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/04/05 17:49:52.0484 3332 AR5211 (3cb8e72b7c9887b42b90000e8cb1e7be) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2011/04/05 17:49:52.0703 3332 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/05 17:49:52.0734 3332 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/05 17:49:52.0812 3332 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/05 17:49:52.0859 3332 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/05 17:49:52.0906 3332 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/05 17:49:53.0031 3332 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/05 17:49:53.0109 3332 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/05 17:49:53.0140 3332 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/05 17:49:53.0187 3332 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/05 17:49:53.0437 3332 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/05 17:49:53.0484 3332 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/05 17:49:53.0531 3332 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/05 17:49:53.0578 3332 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/05 17:49:53.0625 3332 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/05 17:49:53.0703 3332 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/05 17:49:53.0734 3332 eamon (d42dd9021acd47683b33adf21bca49aa) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/04/05 17:49:53.0765 3332 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/04/05 17:49:53.0812 3332 epfwtdir (aa0667eb9a92414abb784c101a6c7fec) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/04/05 17:49:53.0875 3332 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/05 17:49:53.0921 3332 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/04/05 17:49:53.0937 3332 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/05 17:49:53.0984 3332 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/04/05 17:49:54.0015 3332 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/04/05 17:49:54.0031 3332 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/05 17:49:54.0046 3332 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/05 17:49:54.0109 3332 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/05 17:49:54.0140 3332 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/04/05 17:49:54.0187 3332 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/05 17:49:54.0265 3332 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/05 17:49:54.0343 3332 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/05 17:49:54.0375 3332 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/05 17:49:54.0484 3332 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/04/05 17:49:54.0515 3332 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/05 17:49:54.0531 3332 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/05 17:49:54.0562 3332 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/05 17:49:54.0593 3332 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/05 17:49:54.0640 3332 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/05 17:49:54.0703 3332 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/05 17:49:54.0734 3332 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/05 17:49:54.0765 3332 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/05 17:49:54.0828 3332 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/05 17:49:54.0890 3332 L1e (101457d884e3dd4636baefb9b7e7d3f3) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
2011/04/05 17:49:55.0031 3332 LHidFlt2 (63b00a26f62572e0d58e6c8d3b32bf59) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
2011/04/05 17:49:55.0109 3332 LHidUsb (ac05a1b5c66d693b1598fd83617d1820) C:\WINDOWS\system32\Drivers\LHidUsb.Sys
2011/04/05 17:49:55.0156 3332 LMouFlt2 (03abef1a29addc98c32ed0f336b98e90) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
2011/04/05 17:49:55.0218 3332 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/05 17:49:55.0265 3332 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/05 17:49:55.0343 3332 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
2011/04/05 17:49:55.0421 3332 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/05 17:49:55.0453 3332 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/05 17:49:55.0484 3332 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/05 17:49:55.0562 3332 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/05 17:49:55.0640 3332 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/05 17:49:55.0703 3332 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/05 17:49:55.0750 3332 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/05 17:49:55.0781 3332 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/05 17:49:55.0796 3332 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/05 17:49:55.0828 3332 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/05 17:49:55.0875 3332 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/04/05 17:49:55.0921 3332 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/05 17:49:55.0968 3332 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/05 17:49:56.0015 3332 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/05 17:49:56.0046 3332 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/05 17:49:56.0062 3332 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/05 17:49:56.0171 3332 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/05 17:49:56.0187 3332 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/05 17:49:56.0218 3332 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/05 17:49:56.0281 3332 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/05 17:49:56.0312 3332 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/05 17:49:56.0421 3332 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/05 17:49:56.0718 3332 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/04/05 17:49:57.0000 3332 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/05 17:49:57.0015 3332 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/05 17:49:57.0062 3332 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/04/05 17:49:57.0093 3332 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/05 17:49:57.0140 3332 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/05 17:49:57.0171 3332 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/05 17:49:57.0218 3332 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/05 17:49:57.0265 3332 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/05 17:49:57.0484 3332 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/05 17:49:57.0531 3332 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/04/05 17:49:57.0562 3332 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/05 17:49:57.0593 3332 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/05 17:49:57.0625 3332 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/04/05 17:49:57.0890 3332 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/05 17:49:57.0906 3332 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/05 17:49:57.0937 3332 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/05 17:49:57.0953 3332 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/05 17:49:57.0968 3332 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/05 17:49:58.0015 3332 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/05 17:49:58.0062 3332 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/05 17:49:58.0093 3332 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/05 17:49:58.0218 3332 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/05 17:49:58.0312 3332 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/04/05 17:49:58.0343 3332 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/05 17:49:58.0375 3332 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/05 17:49:58.0406 3332 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/05 17:49:58.0421 3332 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/05 17:49:58.0546 3332 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/05 17:49:58.0609 3332 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/04/05 17:49:58.0609 3332 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/04/05 17:49:58.0625 3332 sptd - detected Locked file (1)
2011/04/05 17:49:58.0640 3332 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/05 17:49:58.0687 3332 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/05 17:49:58.0781 3332 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/05 17:49:58.0828 3332 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/05 17:49:58.0984 3332 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/05 17:49:59.0046 3332 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/05 17:49:59.0109 3332 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/05 17:49:59.0140 3332 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/05 17:49:59.0187 3332 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/05 17:49:59.0265 3332 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/05 17:49:59.0328 3332 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/05 17:49:59.0421 3332 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/05 17:49:59.0437 3332 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/05 17:49:59.0453 3332 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/04/05 17:49:59.0484 3332 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/05 17:49:59.0515 3332 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/05 17:49:59.0593 3332 VIAHdAudAddService (29cc58050804de6c3a900045ea2dd564) C:\WINDOWS\system32\drivers\viahduaa.sys
2011/04/05 17:49:59.0687 3332 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/05 17:49:59.0734 3332 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/05 17:49:59.0890 3332 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/05 17:49:59.0968 3332 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/04/05 17:50:00.0171 3332 ================================================================================
2011/04/05 17:50:00.0171 3332 Scan finished
2011/04/05 17:50:00.0171 3332 ================================================================================
2011/04/05 17:50:00.0187 3324 Detected object count: 1
2011/04/05 17:50:14.0421 3324 Locked file(sptd) - User select action: Skip

Prosim o strpeni nez kolega rozlusti ten dmp, byva tu hlavne v noci...

No vypadá to na chybu v ovladači viahduaa.sys (VIA High Definition Audio Driver).
Zkuste ho updatnout.
Eventuelně by to ještě mohl být problém s nějakým USB ovladačem. Pokud update zvukového ovladače nepomůže, spustíme Verifier.