VIRY.CZ

mohl bych poprosit o kontrolu logu?
počítač není můj, je od kamráda
log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Hai at 2011-07-16 09:44:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 159 GB (82%) free of 194 GB
Total RAM: 3071 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:44:54, on 16.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Logitech\QuickCam\Quickcam.exe
E:\Program Files\DAEMON Tools\daemon.exe
E:\Program Files\VVSN\VVSN.exe
E:\WINDOWS\system32\RunDll32.exe
E:\Program Files\Gameforge4D\4Story\PrePatch.exe
E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
E:\Program Files\ESET\ESET Smart Security\egui.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
E:\Program Files\ESET\ESET Smart Security\ekrn.exe
E:\Program Files\ICQ6Toolbar\ICQ Service.exe
E:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
E:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\WINDOWS\system32\IoctlSvc.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
E:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
E:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
E:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
E:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
E:\Documents and Settings\Hai\Dokumenty\Stažené soubory\RSIT.exe
E:\Program Files\trend micro\Hai.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=E:\WINDOWS\system32\userinit.exe,,E:\Program Files\anodtchm\itgpecqa.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - E:\Program Files\Yahoo!\Search Protection\ysp.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [VVSN] E:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [4StoryPrePatch] E:\Program Files\Gameforge4D\4Story\PrePatch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "E:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - E:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - E:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - E:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - E:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ICQ Service - Unknown owner - E:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LVCOMSer - Logitech Inc. - E:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - E:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - E:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 8695 bytes

=========Mozilla firefox=========

ProfilePath - E:\Documents and Settings\Hai\Data aplikací\Mozilla\Firefox\Profiles\3dreny6y.default

prefs.js - "browser.startup.homepage" - "http://www.yahoo.com"
prefs.js - "extensions.enabledItems" - "{635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202, {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.27.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=ffds1&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=E:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]
"Description"=Yahoo Messenger State Plugin
"Path"=E:\Program Files\Yahoo!\Shared\npYState.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=E:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=E:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

E:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIBitCometAgent.xpt
nsILegitCheckPlugin.xpt
nsJSRealPlayerPlugin.xpt

E:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
npLegitCheckPlugin.dll
nppl3260.dll
nprpjplug.dll

E:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

E:\Documents and Settings\Hai\Data aplikací\Mozilla\Firefox\Profiles\3dreny6y.default\extensions\
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-03-16 1392952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25BC7718-0BFA-40EA-B381-4B2D9732D686}]
Yahooo Search Protection - E:\Program Files\Yahoo!\Search Protection\ysp.dll [2010-04-01 578872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - E:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-03-16 163128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-03-16 1392952]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]
"LogitechCommunicationsManager"=E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]
"LogitechQuickCamRibbon"=E:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]
"DAEMON Tools"=E:\Program Files\DAEMON Tools\daemon.exe [2005-11-09 128920]
"VVSN"=E:\Program Files\VVSN\VVSN.exe [2005-10-25 107520]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"4StoryPrePatch"=E:\Program Files\Gameforge4D\4Story\PrePatch.exe [2010-10-20 319488]
"NeroFilterCheck"=E:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]
"NBKeyScan"=E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"egui"=E:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Messenger (Yahoo!)"=E:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2011-06-16 6276408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=E:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]

E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech Desktop Messenger.lnk - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2008-08-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
E:\WINDOWS\system32\WgaLogon.dll [2008-03-24 200064]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"E:\Program Files\BitComet\BitComet.exe"="E:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"E:\Program Files\Metin2\metin2client.bin"="E:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"E:\Program Files\ICQ7.5\ICQ.exe"="E:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"E:\Program Files\Warcraft III\Warcraft III.exe"="E:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"E:\Program Files\ICQ7.5\ICQ.exe"="E:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=E:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=E:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"vidc.tscc"=E:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-07-16 07:11:40 ----HDC---- E:\WINDOWS\$NtUninstallKB2345886$
2011-07-16 07:11:35 ----HDC---- E:\WINDOWS\$NtUninstallKB970430$
2011-07-16 07:08:37 ----HDC---- E:\WINDOWS\$NtUninstallKB971737$
2011-07-16 06:37:25 ----D---- E:\WINDOWS\system32\XPSViewer
2011-07-16 06:37:23 ----D---- E:\Program Files\MSBuild
2011-07-16 06:37:22 ----D---- E:\WINDOWS\system32\en-US
2011-07-16 06:37:17 ----D---- E:\Program Files\Reference Assemblies
2011-07-16 06:36:59 ----N---- E:\WINDOWS\system32\xpssvcs.dll
2011-07-16 06:36:59 ----N---- E:\WINDOWS\system32\xpsshhdr.dll
2011-07-16 06:36:59 ----N---- E:\WINDOWS\system32\prntvpt.dll
2011-07-15 23:23:45 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2$
2011-07-15 23:23:41 ----HDC---- E:\WINDOWS\$NtUninstallKB952954$
2011-07-15 23:23:37 ----HDC---- E:\WINDOWS\$NtUninstallKB959426$
2011-07-15 23:23:33 ----HDC---- E:\WINDOWS\$NtUninstallKB946648$
2011-07-15 23:23:29 ----HDC---- E:\WINDOWS\$NtUninstallKB2387149$
2011-07-15 23:23:24 ----HDC---- E:\WINDOWS\$NtUninstallKB960859$
2011-07-15 23:23:19 ----HDC---- E:\WINDOWS\$NtUninstallKB2479943$
2011-07-15 23:23:15 ----HDC---- E:\WINDOWS\$NtUninstallKB2478971$
2011-07-15 23:23:11 ----HDC---- E:\WINDOWS\$NtUninstallKB2296011$
2011-07-15 23:23:07 ----HDC---- E:\WINDOWS\$NtUninstallKB2115168$
2011-07-15 23:23:03 ----HDC---- E:\WINDOWS\$NtUninstallKB975558_WM8$
2011-07-15 23:22:58 ----HDC---- E:\WINDOWS\$NtUninstallKB955759$
2011-07-15 23:22:49 ----HDC---- E:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-07-15 23:22:45 ----HDC---- E:\WINDOWS\$NtUninstallKB974318$
2011-07-15 23:22:40 ----HDC---- E:\WINDOWS\$NtUninstallKB951978$
2011-07-15 23:22:35 ----HDC---- E:\WINDOWS\$NtUninstallKB969059$
2011-07-15 23:22:31 ----HDC---- E:\WINDOWS\$NtUninstallKB2443105$
2011-07-15 23:22:26 ----HDC---- E:\WINDOWS\$NtUninstallKB2229593$
2011-07-15 23:22:22 ----HDC---- E:\WINDOWS\$NtUninstallKB950974$
2011-07-15 23:22:17 ----HDC---- E:\WINDOWS\$NtUninstallKB2481109$
2011-07-15 23:22:13 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2011-07-15 23:22:09 ----HDC---- E:\WINDOWS\$NtUninstallKB2485663$
2011-07-15 23:22:05 ----HDC---- E:\WINDOWS\$NtUninstallKB2440591$
2011-07-15 23:22:01 ----HDC---- E:\WINDOWS\$NtUninstallKB982132$
2011-07-15 23:21:57 ----HDC---- E:\WINDOWS\$NtUninstallKB971657$
2011-07-15 23:21:53 ----HDC---- E:\WINDOWS\$NtUninstallKB978338$
2011-07-15 23:21:49 ----HDC---- E:\WINDOWS\$NtUninstallKB954155_WM9$
2011-07-15 23:21:39 ----HDC---- E:\WINDOWS\$NtUninstallKB2530548$
2011-07-15 23:21:34 ----HDC---- E:\WINDOWS\$NtUninstallKB2507938$
2011-07-15 23:21:30 ----HDC---- E:\WINDOWS\$NtUninstallKB972270$
2011-07-15 23:21:26 ----HDC---- E:\WINDOWS\$NtUninstallKB2510581$
2011-07-15 23:21:21 ----HDC---- E:\WINDOWS\$NtUninstallKB956744$
2011-07-15 23:21:17 ----HDC---- E:\WINDOWS\$NtUninstallKB2476490$
2011-07-15 23:21:13 ----HDC---- E:\WINDOWS\$NtUninstallKB974112$
2011-07-15 23:21:06 ----HDC---- E:\WINDOWS\$NtUninstallKB956572$
2011-07-15 23:21:00 ----HDC---- E:\WINDOWS\$NtUninstallKB2503665$
2011-07-15 23:20:56 ----HDC---- E:\WINDOWS\$NtUninstallKB2347290$
2011-07-15 23:20:52 ----HDC---- E:\WINDOWS\$NtUninstallKB956844$
2011-07-15 23:20:45 ----HDC---- E:\WINDOWS\$NtUninstallKB2483185$
2011-07-15 23:20:41 ----HDC---- E:\WINDOWS\$NtUninstallKB961501$
2011-07-15 23:20:36 ----HDC---- E:\WINDOWS\$NtUninstallKB2443685$
2011-07-15 23:20:33 ----HDC---- E:\WINDOWS\$NtUninstallKB2079403$
2011-07-15 23:20:29 ----HDC---- E:\WINDOWS\$NtUninstallKB2524375$
2011-07-15 23:20:25 ----HDC---- E:\WINDOWS\$NtUninstallKB979687$
2011-07-15 23:20:21 ----HDC---- E:\WINDOWS\$NtUninstallKB973869$
2011-07-15 23:20:17 ----HDC---- E:\WINDOWS\$NtUninstallKB975025$
2011-07-15 23:20:11 ----HDC---- E:\WINDOWS\$NtUninstallKB952004$
2011-07-15 23:20:06 ----HDC---- E:\WINDOWS\$NtUninstallKB974571$
2011-07-15 23:20:02 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2011-07-15 23:19:57 ----HDC---- E:\WINDOWS\$NtUninstallKB973507$
2011-07-15 23:19:54 ----HDC---- E:\WINDOWS\$NtUninstallKB941569$
2011-07-15 23:19:40 ----HDC---- E:\WINDOWS\$NtUninstallKB2535512$
2011-07-15 23:19:35 ----HDC---- E:\WINDOWS\$NtUninstallKB977816$
2011-07-15 23:19:31 ----HDC---- E:\WINDOWS\$NtUninstallKB973687$
2011-07-15 23:19:27 ----HDC---- E:\WINDOWS\$NtUninstallKB950762$
2011-07-15 23:19:24 ----HDC---- E:\WINDOWS\$NtUninstallKB2412687$
2011-07-15 23:19:20 ----HDC---- E:\WINDOWS\$NtUninstallKB978601$
2011-07-15 23:19:17 ----HDC---- E:\WINDOWS\$NtUninstallKB2508272$
2011-07-15 23:19:13 ----HDC---- E:\WINDOWS\$NtUninstallKB980436$
2011-07-15 23:19:09 ----HDC---- E:\WINDOWS\$NtUninstallKB2536276$
2011-07-15 23:19:06 ----HDC---- E:\WINDOWS\$NtUninstallKB981322$
2011-07-15 23:19:01 ----HDC---- E:\WINDOWS\$NtUninstallKB952287$
2011-07-15 23:18:58 ----HDC---- E:\WINDOWS\$NtUninstallKB978695_WM9$
2011-07-15 23:18:55 ----HDC---- E:\WINDOWS\$NtUninstallKB2507618$
2011-07-15 23:18:49 ----HDC---- E:\WINDOWS\$NtUninstallKB973904$
2011-07-15 23:18:42 ----HDC---- E:\WINDOWS\$NtUninstallKB973540_WM9$
2011-07-15 23:18:36 ----HDC---- E:\WINDOWS\$NtUninstallKB2419632$
2011-07-15 23:18:30 ----HDC---- E:\WINDOWS\$NtUninstallKB2508429$
2011-07-15 23:18:26 ----HDC---- E:\WINDOWS\$NtUninstallKB974392$
2011-07-15 23:18:17 ----HDC---- E:\WINDOWS\$NtUninstallKB971029$
2011-07-15 23:18:13 ----HDC---- E:\WINDOWS\$NtUninstallKB954459$
2011-07-15 23:18:08 ----HDC---- E:\WINDOWS\$NtUninstallKB2506212$
2011-07-15 23:18:03 ----HDC---- E:\WINDOWS\$NtUninstallKB952069_WM9$
2011-07-15 23:17:59 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2011-07-15 23:17:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978542$
2011-07-15 23:17:48 ----HDC---- E:\WINDOWS\$NtUninstallKB979309$
2011-07-15 23:17:44 ----HDC---- E:\WINDOWS\$NtUninstallKB979482$
2011-07-15 23:17:40 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2011-07-15 23:17:35 ----HDC---- E:\WINDOWS\$NtUninstallKB981997$
2011-07-15 23:17:31 ----HDC---- E:\WINDOWS\$NtUninstallKB960803$
2011-07-15 23:17:27 ----HDC---- E:\WINDOWS\$NtUninstallKB973815$
2011-07-15 23:17:23 ----HDC---- E:\WINDOWS\$NtUninstallKB975562$
2011-07-15 23:17:18 ----HDC---- E:\WINDOWS\$NtUninstallKB958644$
2011-07-15 23:17:14 ----HDC---- E:\WINDOWS\$NtUninstallKB2544893$
2011-07-15 23:17:10 ----HDC---- E:\WINDOWS\$NtUninstallKB956802$
2011-07-15 23:17:03 ----HDC---- E:\WINDOWS\$NtUninstallKB2509553$
2011-07-15 23:16:54 ----D---- E:\Program Files\MSXML 4.0
2011-07-15 23:16:47 ----HDC---- E:\WINDOWS\$NtUninstallKB982665$
2011-07-15 23:16:43 ----HDC---- E:\WINDOWS\$NtUninstallKB2541763$
2011-07-15 23:16:39 ----HDC---- E:\WINDOWS\$NtUninstallKB2544521$
2011-07-15 23:16:35 ----HDC---- E:\WINDOWS\$NtUninstallKB2555917$
2011-07-15 23:16:31 ----HDC---- E:\WINDOWS\$NtUninstallKB2478960$
2011-07-15 23:16:25 ----HDC---- E:\WINDOWS\$NtUninstallKB2393802$
2011-07-15 23:16:20 ----HDC---- E:\WINDOWS\$NtUninstallKB923561$
2011-07-15 23:16:15 ----HDC---- E:\WINDOWS\$NtUninstallKB975467$
2011-07-15 23:16:10 ----HDC---- E:\WINDOWS\$NtUninstallKB968389$
2011-07-15 23:16:05 ----HDC---- E:\WINDOWS\$NtUninstallKB2423089$
2011-07-15 23:15:58 ----HDC---- E:\WINDOWS\$NtUninstallKB2360937$
2011-07-15 21:59:37 ----D---- E:\Program Files\4U Computing
2011-07-15 19:01:03 ----A---- E:\WINDOWS\NeroDigital.ini
2011-07-15 18:11:12 ----N---- E:\WINDOWS\system32\browserchoice.exe
2011-07-15 18:08:13 ----N---- E:\WINDOWS\system32\spmsg.dll
2011-07-15 18:08:13 ----D---- E:\WINDOWS\system32\PreInstall
2011-07-15 18:08:13 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2011-07-15 18:08:11 ----HDC---- E:\WINDOWS\$NtUninstallKB898461$
2011-07-15 18:08:11 ----HD---- E:\WINDOWS\$hf_mig$
2011-07-15 15:44:14 ----D---- E:\Program Files\Voice Tech Group, Inc
2011-07-15 15:44:14 ----D---- E:\Documents and Settings\Hai\Data aplikací\tazti
2011-07-15 15:31:08 ----D---- E:\WINDOWS\system32\Adobe
2011-07-15 15:21:22 ----D---- E:\Documents and Settings\Hai\Data aplikací\ESET
2011-07-15 15:20:04 ----D---- E:\Program Files\ESET
2011-07-15 15:20:04 ----D---- E:\Documents and Settings\All Users\Data aplikací\ESET
2011-07-15 15:03:45 ----D---- E:\rsit
2011-07-15 15:03:45 ----D---- E:\Program Files\trend micro
2011-07-15 14:54:52 ----D---- E:\Documents and Settings\Hai\Data aplikací\WinRAR
2011-07-15 14:54:51 ----D---- E:\Program Files\WinRAR
2011-07-15 14:53:03 ----N---- E:\WINDOWS\system32\drivers\bthport.sys
2011-07-14 20:07:29 ----D---- E:\Program Files\Warcraft III
2011-07-14 18:34:55 ----D---- E:\Program Files\World of Warcraft.temp
2011-07-14 18:34:26 ----D---- E:\Documents and Settings\All Users\Data aplikací\Blizzard
2011-07-14 18:32:33 ----D---- E:\Program Files\Common Files\Blizzard Entertainment
2011-07-14 16:31:46 ----A---- E:\WINDOWS\War3Unin.pif
2011-07-14 16:31:46 ----A---- E:\WINDOWS\War3Unin.exe
2011-07-14 16:31:46 ----A---- E:\WINDOWS\War3Unin.dat
2011-07-14 15:56:30 ----D---- E:\Documents and Settings\Hai\Data aplikací\Nero
2011-07-14 12:34:22 ----D---- E:\Program Files\NeroInstall.bak
2011-07-14 12:31:18 ----D---- E:\Program Files\Nero
2011-07-14 12:31:18 ----D---- E:\Program Files\Common Files\Nero
2011-07-14 12:31:18 ----D---- E:\Documents and Settings\All Users\Data aplikací\Nero
2011-07-13 21:42:36 ----D---- E:\Program Files\ICQ6Toolbar
2011-07-13 21:42:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\ICQ
2011-07-13 21:40:50 ----D---- E:\Program Files\ICQ7.5
2011-07-13 18:54:14 ----D---- E:\Program Files\Gameforge4D
2011-07-13 13:43:54 ----RA---- E:\WINDOWS\system32\Cmeaupci.exe
2011-07-13 13:43:50 ----RA---- E:\WINDOWS\system32\cmudax3.DLL
2011-07-13 13:43:49 ----RA---- E:\WINDOWS\system32\drivers\cmudax3.sys
2011-07-13 13:43:43 ----RA---- E:\WINDOWS\system32\CmiInstallResAll.dll
2011-07-13 13:43:41 ----RA---- E:\WINDOWS\difxapi.dll
2011-07-13 13:43:41 ----RA---- E:\WINDOWS\cmudax3.ini
2011-07-12 22:29:37 ----D---- E:\Program Files\Metin2
2011-07-12 21:52:56 ----D---- E:\Program Files\VVSN
2011-07-12 21:51:03 ----D---- E:\Program Files\DAEMON Tools
2011-07-12 21:51:03 ----A---- E:\WINDOWS\system32\drivers\dtscsi.sys
2011-07-12 21:49:00 ----A---- E:\WINDOWS\system32\drivers\sptd8221.sys
2011-07-12 21:49:00 ----A---- E:\WINDOWS\system32\drivers\sptd.sys
2011-07-12 19:59:47 ----A---- E:\WINDOWS\system32\ptpusd.dll
2011-07-12 19:59:47 ----A---- E:\WINDOWS\system32\ptpusb.dll
2011-07-12 19:59:46 ----A---- E:\WINDOWS\system32\drivers\usbscan.sys
2011-07-12 18:07:05 ----D---- E:\Documents and Settings\Hai\Data aplikací\DAEMON Tools Lite
2011-07-12 18:07:05 ----D---- E:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-07-12 18:06:29 ----D---- E:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2011-07-12 18:05:59 ----D---- E:\Documents and Settings\Hai\Data aplikací\CometPlayer
2011-07-12 18:05:57 ----D---- E:\Program Files\MpcStar
2011-07-12 18:05:57 ----D---- E:\Documents and Settings\Hai\Data aplikací\tigerplayer
2011-07-12 18:02:13 ----D---- E:\Program Files\BitComet
2011-07-12 18:02:13 ----D---- E:\Documents and Settings\Hai\Data aplikací\BitComet
2011-07-12 17:18:55 ----D---- E:\Documents and Settings\Hai\Data aplikací\Macromedia
2011-07-12 17:18:54 ----D---- E:\Documents and Settings\Hai\Data aplikací\Adobe
2011-07-12 17:16:38 ----D---- E:\Documents and Settings\Hai\Data aplikací\Yahoo!
2011-07-12 17:16:38 ----D---- E:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2011-07-12 17:16:16 ----D---- E:\Documents and Settings\All Users\Data aplikací\Yahoo!
2011-07-12 17:14:37 ----D---- E:\Program Files\Yahoo!
2011-07-12 16:51:36 ----R---- E:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2011-07-12 16:51:21 ----D---- E:\Documents and Settings\Hai\Data aplikací\Leadertech
2011-07-12 16:50:42 ----RA---- E:\WINDOWS\system32\LVUI2RC.dll
2011-07-12 16:50:42 ----RA---- E:\WINDOWS\system32\LVUI2.dll
2011-07-12 16:50:41 ----RA---- E:\WINDOWS\system32\lvcodec2.dll
2011-07-12 16:50:41 ----RA---- E:\WINDOWS\system32\drivers\lvuvc.sys
2011-07-12 16:50:18 ----RA---- E:\WINDOWS\system32\lvcoinst.ini
2011-07-12 16:50:18 ----RA---- E:\WINDOWS\system32\lvci11801048.dll
2011-07-12 16:50:18 ----RA---- E:\WINDOWS\system32\drivers\LVUSBSta.sys
2011-07-12 16:50:18 ----RA---- E:\WINDOWS\system32\drivers\lvrs.sys
2011-07-12 16:49:20 ----RA---- E:\WINDOWS\system32\drivers\lvuvcflt.sys
2011-07-12 16:49:18 ----D---- E:\WINDOWS\system32\ReinstallBackups
2011-07-12 16:48:54 ----DC---- E:\WINDOWS\system32\DRVSTORE
2011-07-12 16:48:10 ----D---- E:\Documents and Settings\All Users\Data aplikací\Logishrd
2011-07-12 16:48:06 ----D---- E:\Program Files\Common Files\LogiShrd
2011-07-12 16:47:57 ----D---- E:\Documents and Settings\All Users\Data aplikací\Logitech
2011-07-12 16:47:56 ----D---- E:\Program Files\Logitech
2011-07-12 16:34:37 ----A---- E:\WINDOWS\system32\rmoc3260.dll
2011-07-12 16:34:37 ----A---- E:\WINDOWS\system32\pndx5032.dll
2011-07-12 16:34:37 ----A---- E:\WINDOWS\system32\pndx5016.dll
2011-07-12 16:34:35 ----A---- E:\WINDOWS\system32\unrar.dll
2011-07-12 16:34:35 ----A---- E:\WINDOWS\avisplitter.ini
2011-07-12 16:34:33 ----A---- E:\WINDOWS\system32\yv12vfw.dll
2011-07-12 16:34:33 ----A---- E:\WINDOWS\system32\xvidvfw.dll
2011-07-12 16:34:33 ----A---- E:\WINDOWS\system32\xvidcore.dll
2011-07-12 16:34:31 ----A---- E:\WINDOWS\system32\qt-dx331.dll
2011-07-12 16:34:31 ----A---- E:\WINDOWS\system32\dpl100.dll
2011-07-12 16:34:29 ----A---- E:\WINDOWS\system32\divx.dll
2011-07-12 16:34:27 ----A---- E:\WINDOWS\system32\ff_vfw.dll
2011-07-12 16:34:22 ----D---- E:\Program Files\K-Lite Codec Pack
2011-07-12 16:15:07 ----D---- E:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-07-12 15:52:12 ----D---- E:\WINDOWS\system32\NtmsData
2011-07-12 15:40:34 ----D---- E:\Program Files\Belarc
2011-07-12 15:40:34 ----A---- E:\WINDOWS\system32\drivers\BANTExt.sys
2011-07-12 15:39:45 ----A---- E:\WINDOWS\nsreg.dat
2011-07-12 15:39:42 ----D---- E:\Documents and Settings\Hai\Data aplikací\Mozilla
2011-07-12 15:38:24 ----D---- E:\Program Files\Mozilla Firefox
2011-07-12 15:36:43 ----A---- E:\WINDOWS\system32\XAudio2_5.dll
2011-07-12 15:36:43 ----A---- E:\WINDOWS\system32\xactengine3_5.dll
2011-07-12 15:36:43 ----A---- E:\WINDOWS\system32\D3DCompiler_42.dll
2011-07-12 15:36:42 ----A---- E:\WINDOWS\system32\d3dx11_42.dll
2011-07-12 15:36:42 ----A---- E:\WINDOWS\system32\d3dcsx_42.dll
2011-07-12 15:36:41 ----A---- E:\WINDOWS\system32\D3DX9_42.dll
2011-07-12 15:36:41 ----A---- E:\WINDOWS\system32\D3DX9_41.dll
2011-07-12 15:36:41 ----A---- E:\WINDOWS\system32\d3dx10_42.dll
2011-07-12 15:36:41 ----A---- E:\WINDOWS\system32\d3dx10_41.dll
2011-07-12 15:36:41 ----A---- E:\WINDOWS\system32\D3DCompiler_41.dll
2011-07-12 15:36:40 ----A---- E:\WINDOWS\system32\XAudio2_4.dll
2011-07-12 15:36:40 ----A---- E:\WINDOWS\system32\XAPOFX1_3.dll
2011-07-12 15:36:40 ----A---- E:\WINDOWS\system32\xactengine3_4.dll
2011-07-12 15:36:39 ----A---- E:\WINDOWS\system32\X3DAudio1_6.dll
2011-07-12 15:36:39 ----A---- E:\WINDOWS\system32\d3dx10_40.dll
2011-07-12 15:36:39 ----A---- E:\WINDOWS\system32\D3DCompiler_40.dll
2011-07-12 15:36:38 ----A---- E:\WINDOWS\system32\XAudio2_3.dll
2011-07-12 15:36:38 ----A---- E:\WINDOWS\system32\XAPOFX1_2.dll
2011-07-12 15:36:38 ----A---- E:\WINDOWS\system32\xactengine3_3.dll
2011-07-12 15:36:38 ----A---- E:\WINDOWS\system32\D3DX9_40.dll
2011-07-12 15:36:37 ----A---- E:\WINDOWS\system32\XAudio2_2.dll
2011-07-12 15:36:37 ----A---- E:\WINDOWS\system32\XAPOFX1_1.dll
2011-07-12 15:36:37 ----A---- E:\WINDOWS\system32\X3DAudio1_5.dll
2011-07-12 15:36:36 ----A---- E:\WINDOWS\system32\xactengine3_2.dll
2011-07-12 15:36:36 ----A---- E:\WINDOWS\system32\d3dx10_39.dll
2011-07-12 15:36:36 ----A---- E:\WINDOWS\system32\D3DCompiler_39.dll
2011-07-12 15:36:35 ----A---- E:\WINDOWS\system32\XAudio2_1.dll
2011-07-12 15:36:35 ----A---- E:\WINDOWS\system32\XAPOFX1_0.dll
2011-07-12 15:36:35 ----A---- E:\WINDOWS\system32\D3DX9_39.dll
2011-07-12 15:36:34 ----A---- E:\WINDOWS\system32\xactengine3_1.dll
2011-07-12 15:36:34 ----A---- E:\WINDOWS\system32\X3DAudio1_4.dll
2011-07-12 15:36:34 ----A---- E:\WINDOWS\system32\d3dx10_38.dll
2011-07-12 15:36:34 ----A---- E:\WINDOWS\system32\D3DCompiler_38.dll
2011-07-12 15:36:33 ----A---- E:\WINDOWS\system32\XAudio2_0.dll
2011-07-12 15:36:33 ----A---- E:\WINDOWS\system32\D3DX9_38.dll
2011-07-12 15:36:32 ----A---- E:\WINDOWS\system32\xactengine3_0.dll
2011-07-12 15:36:32 ----A---- E:\WINDOWS\system32\X3DAudio1_3.dll
2011-07-12 15:36:32 ----A---- E:\WINDOWS\system32\d3dx10_37.dll
2011-07-12 15:36:32 ----A---- E:\WINDOWS\system32\D3DCompiler_37.dll
2011-07-12 15:36:31 ----A---- E:\WINDOWS\system32\xactengine2_10.dll
2011-07-12 15:36:31 ----A---- E:\WINDOWS\system32\D3DX9_37.dll
2011-07-12 15:36:30 ----A---- E:\WINDOWS\system32\d3dx9_36.dll
2011-07-12 15:36:30 ----A---- E:\WINDOWS\system32\d3dx10_36.dll
2011-07-12 15:36:30 ----A---- E:\WINDOWS\system32\D3DCompiler_36.dll
2011-07-12 15:36:29 ----A---- E:\WINDOWS\system32\xactengine2_9.dll
2011-07-12 15:36:29 ----A---- E:\WINDOWS\system32\d3dx10_35.dll
2011-07-12 15:36:29 ----A---- E:\WINDOWS\system32\D3DCompiler_35.dll
2011-07-12 15:36:28 ----A---- E:\WINDOWS\system32\xactengine2_8.dll
2011-07-12 15:36:28 ----A---- E:\WINDOWS\system32\X3DAudio1_2.dll
2011-07-12 15:36:28 ----A---- E:\WINDOWS\system32\d3dx9_35.dll
2011-07-12 15:36:27 ----A---- E:\WINDOWS\system32\d3dx10_34.dll
2011-07-12 15:36:27 ----A---- E:\WINDOWS\system32\D3DCompiler_34.dll
2011-07-12 15:36:26 ----A---- E:\WINDOWS\system32\xinput1_3.dll
2011-07-12 15:36:26 ----A---- E:\WINDOWS\system32\d3dx9_34.dll
2011-07-12 15:36:25 ----A---- E:\WINDOWS\system32\xactengine2_7.dll
2011-07-12 15:36:24 ----A---- E:\WINDOWS\system32\d3dx10_33.dll
2011-07-12 15:36:24 ----A---- E:\WINDOWS\system32\D3DCompiler_33.dll
2011-07-12 15:36:22 ----A---- E:\WINDOWS\system32\xactengine2_6.dll
2011-07-12 15:36:22 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2011-07-12 15:36:22 ----A---- E:\WINDOWS\system32\d3dx9_33.dll
2011-07-12 15:36:22 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2011-07-12 15:36:21 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2011-07-12 15:36:21 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2011-07-12 15:36:21 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2011-07-12 15:36:21 ----A---- E:\WINDOWS\system32\d3dx9_31.dll
2011-07-12 15:36:20 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2011-07-12 15:36:20 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2011-07-12 15:36:20 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2011-07-12 15:36:20 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2011-07-12 15:36:14 ----A---- E:\WINDOWS\system32\d3dx9_30.dll
2011-07-12 15:36:13 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2011-07-12 15:36:13 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2011-07-12 15:36:13 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2011-07-12 15:36:13 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2011-07-12 15:36:13 ----A---- E:\WINDOWS\system32\d3dx9_28.dll
2011-07-12 15:36:12 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2011-07-12 15:36:12 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2011-07-12 15:36:12 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2011-07-12 15:36:11 ----A---- E:\WINDOWS\system32\d3dx9_24.dll
2011-07-12 15:35:54 ----D---- E:\WINDOWS\Logs
2011-07-12 15:20:09 ----D---- E:\WINDOWS\system32\SoftwareDistribution
2011-07-12 14:30:23 ----A---- E:\WINDOWS\system32\drivers\RTL8139.sys
2011-07-12 01:33:11 ----A---- E:\WINDOWS\system32\h323log.txt
2011-07-12 01:23:32 ----A---- E:\WINDOWS\system32\drivers\audstub.sys
2011-07-12 01:23:01 ----A---- E:\WINDOWS\system32\drivers\redbook.sys
2011-07-12 01:22:18 ----A---- E:\WINDOWS\system32\usbui.dll
2011-07-12 01:22:01 ----A---- E:\WINDOWS\system32\drivers\wmiacpi.sys
2011-07-12 01:20:43 ----A---- E:\WINDOWS\imsins.BAK
2011-07-12 01:20:39 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2011-07-12 01:20:38 ----SHD---- E:\WINDOWS\Installer
2011-07-12 01:20:37 ----D---- E:\Program Files\Common Files\ODBC
2011-07-12 01:20:37 ----A---- E:\WINDOWS\ODBCINST.INI
2011-07-12 01:20:34 ----D---- E:\Program Files\Common Files\SpeechEngines
2011-07-12 01:20:33 ----RD---- E:\Program Files
2011-07-12 01:20:33 ----D---- E:\Program Files\Common Files\Microsoft Shared
2011-07-12 01:20:33 ----D---- E:\Program Files\Common Files
2011-07-12 01:20:26 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2011-07-12 01:20:26 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2011-07-12 01:20:26 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdur.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdru.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2011-07-12 01:20:25 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2011-07-12 01:20:23 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2011-07-12 01:20:21 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2011-07-12 01:20:21 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2011-07-12 01:20:21 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2011-07-12 01:20:21 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2011-07-12 01:20:21 ----RA---- E:\WINDOWS\system32\kbdest.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdro.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2011-07-12 01:20:12 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2011-07-12 01:20:11 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2011-07-12 01:20:09 ----A---- E:\WINDOWS\system32\spxcoins.dll
2011-07-12 01:20:09 ----A---- E:\WINDOWS\system32\irclass.dll
2011-07-12 01:20:09 ----A---- E:\WINDOWS\system32\dgsetup.dll
2011-07-12 01:20:09 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2011-07-12 01:20:08 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2011-07-12 01:20:07 ----A---- E:\WINDOWS\TASKMAN.EXE
2011-07-12 01:20:06 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2011-07-12 01:20:06 ----A---- E:\WINDOWS\system32\drivers\irenum.sys
2011-07-12 01:20:06 ----A---- E:\WINDOWS\system32\batt.dll
2011-07-12 01:20:06 ----A---- E:\WINDOWS\NOTEPAD.EXE
2011-07-12 01:20:05 ----A---- E:\WINDOWS\system32\storprop.dll
2011-07-12 01:19:57 ----ASH---- E:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-07-12 01:19:51 ----RA---- E:\WINDOWS\SET8.tmp
2011-07-12 01:19:48 ----RA---- E:\WINDOWS\SET4.tmp
2011-07-12 01:19:47 ----RA---- E:\WINDOWS\SET3.tmp
2011-07-12 01:19:43 ----D---- E:\WINDOWS\system32\CatRoot2
2011-07-12 01:19:43 ----D---- E:\WINDOWS\system32\CatRoot
2011-07-12 01:19:37 ----SD---- E:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-07-12 01:19:20 ----A---- E:\WINDOWS\setuplog.txt
2011-07-12 01:19:17 ----D---- E:\Documents and Settings
2011-07-12 01:19:16 ----SHD---- E:\System Volume Information
2011-07-12 01:19:16 ----A---- E:\WINDOWS\system32\FNTCACHE.DAT
2011-07-12 01:16:23 ----RSHDC---- E:\WINDOWS\system32\dllcache
2011-07-12 01:16:23 ----RSD---- E:\WINDOWS\Fonts
2011-07-12 01:16:23 ----RD---- E:\WINDOWS\Web
2011-07-12 01:16:23 ----HD---- E:\WINDOWS\inf
2011-07-12 01:16:23 ----D---- E:\WINDOWS\WinSxS
2011-07-12 01:16:23 ----D---- E:\WINDOWS\twain_32
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Temp
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\wins
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\wbem
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\usmt
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\spool
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\ShellExt
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\Setup
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\ras
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\oobe
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\npp
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\mui
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\inetsrv
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\IME
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\icsxml
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\ias
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\export
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\drivers\etc
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\drivers\disdn
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\drivers
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\dhcp
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\cs-cz
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\cs
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\config
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\3com_dmi
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\3076
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\2052
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1054
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1042
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1041
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1037
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1033
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1031
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1029
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1028
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32\1025
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system32
2011-07-12 01:16:23 ----D---- E:\WINDOWS\system
2011-07-12 01:16:23 ----D---- E:\WINDOWS\security
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Resources
2011-07-12 01:16:23 ----D---- E:\WINDOWS\repair
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Provisioning
2011-07-12 01:16:23 ----D---- E:\WINDOWS\pchealth
2011-07-12 01:16:23 ----D---- E:\WINDOWS\PeerNet
2011-07-12 01:16:23 ----D---- E:\WINDOWS\NLDRV
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Network Diagnostic
2011-07-12 01:16:23 ----D---- E:\WINDOWS\mui
2011-07-12 01:16:23 ----D---- E:\WINDOWS\msapps
2011-07-12 01:16:23 ----D---- E:\WINDOWS\msagent
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Media
2011-07-12 01:16:23 ----D---- E:\WINDOWS\L2Schemas
2011-07-12 01:16:23 ----D---- E:\WINDOWS\java
2011-07-12 01:16:23 ----D---- E:\WINDOWS\ime
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Help
2011-07-12 01:16:23 ----D---- E:\WINDOWS\ehome
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Driver Cache
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Debug
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Cursors
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Connection Wizard
2011-07-12 01:16:23 ----D---- E:\WINDOWS\Config
2011-07-12 01:16:23 ----D---- E:\WINDOWS\AppPatch
2011-07-12 01:16:23 ----D---- E:\WINDOWS\addins
2011-07-12 01:16:23 ----D---- E:\WINDOWS
2011-07-12 01:16:21 ----ASH---- E:\pagefile.sys
2011-07-11 22:13:22 ----D---- E:\Program Files\anodtchm
2011-07-11 18:49:18 ----D---- E:\Program Files\Doom 3
2011-07-11 18:47:57 ----A---- E:\WINDOWS\CD_Start.INI
2011-07-11 18:15:10 ----SHD---- E:\RECYCLER
2011-07-11 18:01:01 ----A---- E:\WINDOWS\ModemLog_Standardní modem 28 800 bitů za sekundu.txt
2011-07-11 17:52:23 ----D---- E:\Documents and Settings\Hai\Data aplikací\ATI
2011-07-11 17:52:23 ----D---- E:\Documents and Settings\All Users\Data aplikací\ATI
2011-07-11 17:48:12 ----D---- E:\Program Files\Common Files\ATI Technologies
2011-07-11 17:47:52 ----D---- E:\WINDOWS\RegisteredPackages
2011-07-11 17:47:43 ----A---- E:\WINDOWS\system32\psisdecd.dll
2011-07-11 17:47:43 ----A---- E:\WINDOWS\system32\drivers\msdv.sys
2011-07-11 17:47:42 ----A---- E:\WINDOWS\system32\drivers\mpe.sys
2011-07-11 17:47:42 ----A---- E:\WINDOWS\system32\drivers\bdasup.sys
2011-07-11 17:47:41 ----A---- E:\WINDOWS\system32\dxdllreg.exe
2011-07-11 17:46:16 ----RSD---- E:\WINDOWS\assembly
2011-07-11 17:46:00 ----D---- E:\WINDOWS\Microsoft.NET
2011-07-11 17:45:39 ----RA---- E:\WINDOWS\system32\drivers\AtiHdmi.sys
2011-07-11 17:45:11 ----N---- E:\WINDOWS\system32\ati2sgag.exe
2011-07-11 17:45:08 ----RA---- E:\WINDOWS\system32\atiiiexx.dll
2011-07-11 17:45:07 ----RA---- E:\WINDOWS\system32\ATIDEMGX.dll
2011-07-11 17:45:05 ----RA---- E:\WINDOWS\system32\ativva6x.dat
2011-07-11 17:45:04 ----RA---- E:\WINDOWS\system32\ativva5x.dat
2011-07-11 17:45:03 ----RA---- E:\WINDOWS\system32\ativvaxx.dat
2011-07-11 17:45:03 ----RA---- E:\WINDOWS\system32\atiicdxx.dat
2011-07-11 17:44:49 ----D---- E:\Program Files\ATI Technologies
2011-07-11 17:44:48 ----HD---- E:\Program Files\InstallShield Installation Information
2011-07-11 17:44:24 ----D---- E:\Program Files\Common Files\InstallShield
2011-07-11 17:42:39 ----A---- E:\WINDOWS\system32\drivers\MSTEE.sys
2011-07-11 17:42:38 ----A---- E:\WINDOWS\system32\drivers\splitter.sys
2011-07-11 17:42:36 ----A---- E:\WINDOWS\system32\drivers\wdmaud.sys
2011-07-11 17:42:35 ----A---- E:\WINDOWS\system32\drivers\DMusic.sys
2011-07-11 17:42:33 ----A---- E:\WINDOWS\system32\drivers\swmidi.sys
2011-07-11 17:42:31 ----A---- E:\WINDOWS\system32\drivers\aec.sys
2011-07-11 17:42:30 ----A---- E:\WINDOWS\system32\drivers\kmixer.sys
2011-07-11 17:42:29 ----A---- E:\WINDOWS\system32\drivers\drmkaud.sys
2011-07-11 17:42:28 ----A---- E:\WINDOWS\system32\drivers\sysaudio.sys
2011-07-11 17:42:26 ----A---- E:\WINDOWS\system32\drivers\NdisIP.sys
2011-07-11 17:42:25 ----A---- E:\WINDOWS\system32\drivers\StreamIP.sys
2011-07-11 17:42:24 ----A---- E:\WINDOWS\system32\drivers\SLIP.sys
2011-07-11 17:42:22 ----A---- E:\WINDOWS\system32\drivers\WSTCODEC.SYS
2011-07-11 17:42:20 ----A---- E:\WINDOWS\system32\drivers\NABTSFEC.sys
2011-07-11 17:42:19 ----A---- E:\WINDOWS\system32\drivers\CCDECODE.sys
2011-07-11 17:42:17 ----A---- E:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-07-11 17:42:16 ----A---- E:\WINDOWS\system32\drivers\MSPQM.sys
2011-07-11 17:42:14 ----A---- E:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-07-11 17:42:09 ----A---- E:\WINDOWS\system32\drivers\USBAUDIO.sys
2011-07-11 17:42:09 ----A---- E:\WINDOWS\system32\drivers\portcls.sys
2011-07-11 17:42:09 ----A---- E:\WINDOWS\system32\drivers\drmk.sys
2011-07-11 17:42:00 ----A---- E:\WINDOWS\system32\vfwwdm32.dll
2011-07-11 17:42:00 ----A---- E:\WINDOWS\system32\ksuser.dll
2011-07-11 17:42:00 ----A---- E:\WINDOWS\system32\drivers\usbvideo.sys
2011-07-11 17:41:55 ----A---- E:\WINDOWS\system32\drivers\usbccgp.sys
2011-07-11 17:41:54 ----D---- E:\Documents and Settings\Hai\Data aplikací\Identities
2011-07-11 17:41:52 ----HD---- E:\Program Files\Uninstall Information
2011-07-11 17:41:48 ----ASH---- E:\Documents and Settings\Hai\Data aplikací\desktop.ini
2011-07-11 17:41:47 ----SD---- E:\Documents and Settings\Hai\Data aplikací\Microsoft
2011-07-11 17:40:25 ----D---- E:\WINDOWS\SoftwareDistribution
2011-07-11 17:40:23 ----SD---- E:\WINDOWS\system32\Microsoft
2011-07-11 17:40:23 ----D---- E:\WINDOWS\Prefetch
2011-07-11 17:40:23 ----A---- E:\WINDOWS\SchedLgU.Txt
2011-07-11 17:39:11 ----AS---- E:\WINDOWS\bootstat.dat
2011-07-11 17:37:52 ----D---- E:\WINDOWS\system32\xircom
2011-07-11 17:37:52 ----D---- E:\Program Files\xerox
2011-07-11 17:37:52 ----D---- E:\Program Files\microsoft frontpage
2011-07-11 17:37:38 ----A---- E:\WINDOWS\control.ini
2011-07-11 17:37:30 ----A---- E:\WINDOWS\OEWABLog.txt
2011-07-11 17:37:27 ----A---- E:\WINDOWS\system32\mapi32.dll
2011-07-11 17:36:47 ----SD---- E:\WINDOWS\Downloaded Program Files
2011-07-11 17:36:47 ----RD---- E:\WINDOWS\Offline Web Pages
2011-07-11 17:36:38 ----HD---- E:\Program Files\WindowsUpdate
2011-07-11 17:36:35 ----D---- E:\Program Files\Online Services
2011-07-11 17:36:22 ----D---- E:\WINDOWS\system32\DirectX
2011-07-11 17:36:17 ----A---- E:\WINDOWS\system32\atrace.dll
2011-07-11 17:36:15 ----A---- E:\WINDOWS\system32\desktop.ini
2011-07-11 17:36:15 ----A---- E:\WINDOWS\desktop.ini
2011-07-11 17:36:09 ----A---- E:\WINDOWS\system32\nmevtmsg.dll
2011-07-11 17:36:08 ----A---- E:\WINDOWS\system32\acctres.dll
2011-07-11 17:36:07 ----D---- E:\Program Files\Common Files\Services
2011-07-11 17:36:04 ----SD---- E:\WINDOWS\Tasks
2011-07-11 17:36:04 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2011-07-11 17:36:03 ----D---- E:\Program Files\Common Files\MSSoap
2011-07-11 17:36:00 ----D---- E:\WINDOWS\system32\Macromed
2011-07-11 17:36:00 ----D---- E:\WINDOWS\srchasst
2011-07-11 17:35:58 ----A---- E:\WINDOWS\system32\wuweb.dll
2011-07-11 17:35:58 ----A---- E:\WINDOWS\system32\wucltui.dll
2011-07-11 17:35:58 ----A---- E:\WINDOWS\system32\wuauserv.dll
2011-07-11 17:35:58 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\wups.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\wuaueng.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\wuauclt.exe
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\wuapi.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\qmgr.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\bitsprx4.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2011-07-11 17:35:57 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2011-07-11 17:35:54 ----D---- E:\Program Files\Movie Maker
2011-07-11 17:35:40 ----A---- E:\WINDOWS\system32\safrslv.dll
2011-07-11 17:35:40 ----A---- E:\WINDOWS\system32\safrdm.dll
2011-07-11 17:35:39 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2011-07-11 17:35:39 ----A---- E:\WINDOWS\system32\racpldlg.dll
2011-07-11 17:35:37 ----D---- E:\WINDOWS\system32\Restore
2011-07-11 17:35:37 ----A---- E:\WINDOWS\system32\srrstr.dll
2011-07-11 17:35:37 ----A---- E:\WINDOWS\system32\fltMc.exe
2011-07-11 17:35:37 ----A---- E:\WINDOWS\system32\fltlib.dll
2011-07-11 17:35:37 ----A---- E:\WINDOWS\system32\drivers\fltMgr.sys
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\srsvc.dll
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\srclient.dll
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\nmmkcert.dll
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\mnmdd.dll
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\ils.dll
2011-07-11 17:35:36 ----A---- E:\WINDOWS\system32\drivers\sr.sys
2011-07-11 17:35:35 ----A---- E:\WINDOWS\system32\msconf.dll
2011-07-11 17:35:35 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2011-07-11 17:35:33 ----D---- E:\Program Files\NetMeeting
2011-07-11 17:35:33 ----A---- E:\WINDOWS\system32\msoert2.dll
2011-07-11 17:35:33 ----A---- E:\WINDOWS\system32\msoeacct.dll
2011-07-11 17:35:32 ----A---- E:\WINDOWS\system32\inetres.dll
2011-07-11 17:35:32 ----A---- E:\WINDOWS\system32\inetcomm.dll
2011-07-11 17:35:31 ----D---- E:\Program Files\Outlook Express
2011-07-11 17:35:31 ----A---- E:\WINDOWS\system32\schedsvc.dll
2011-07-11 17:35:31 ----A---- E:\WINDOWS\system32\mstinit.exe
2011-07-11 17:35:31 ----A---- E:\WINDOWS\system32\mstask.dll
2011-07-11 17:35:30 ----A---- E:\WINDOWS\system32\isign32.dll
2011-07-11 17:35:30 ----A---- E:\WINDOWS\system32\inetcfg.dll
2011-07-11 17:35:30 ----A---- E:\WINDOWS\system32\icwphbk.dll
2011-07-11 17:35:30 ----A---- E:\WINDOWS\system32\icwdial.dll
2011-07-11 17:35:25 ----D---- E:\Program Files\Common Files\System
2011-07-11 17:35:22 ----D---- E:\Program Files\Internet Explorer
2011-07-11 17:34:58 ----A---- E:\WINDOWS\system32\emptyregdb.dat
2011-07-11 17:34:49 ----D---- E:\Program Files\ComPlus Applications
2011-07-11 17:34:47 ----A---- E:\WINDOWS\vbaddin.ini
2011-07-11 17:34:47 ----A---- E:\WINDOWS\vb.ini
2011-07-11 17:34:42 ----D---- E:\WINDOWS\Registration
2011-07-11 17:34:36 ----D---- E:\Program Files\Windows Media Player
2011-07-11 17:34:30 ----D---- E:\Program Files\Messenger
2011-07-11 17:34:27 ----D---- E:\Program Files\MSN Gaming Zone
2011-07-11 17:34:27 ----A---- E:\WINDOWS\system32\write.exe
2011-07-11 17:34:19 ----A---- E:\WINDOWS\system32\sndvol32.exe
2011-07-11 17:34:19 ----A---- E:\WINDOWS\system32\hticons.dll
2011-07-11 17:34:19 ----A---- E:\WINDOWS\system32\avwav.dll
2011-07-11 17:34:19 ----A---- E:\WINDOWS\system32\avtapi.dll
2011-07-11 17:34:19 ----A---- E:\WINDOWS\system32\avmeter.dll
2011-07-11 17:34:18 ----A---- E:\WINDOWS\system32\winchat.exe
2011-07-11 17:34:13 ----A---- E:\WINDOWS\system32\getuname.dll
2011-07-11 17:34:12 ----A---- E:\WINDOWS\system32\winmine.exe
2011-07-11 17:34:12 ----A---- E:\WINDOWS\system32\sol.exe
2011-07-11 17:34:12 ----A---- E:\WINDOWS\system32\charmap.exe
2011-07-11 17:34:12 ----A---- E:\WINDOWS\system32\calc.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\tsshutdn.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\tslabels.ini
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\tskill.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\tsdiscon.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\tscon.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\shadow.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\rwinsta.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\reset.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\mshearts.exe
2011-07-11 17:34:11 ----A---- E:\WINDOWS\system32\freecell.exe
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\regini.exe
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\rdpcfgex.dll
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\qwinsta.exe
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\qappsrv.exe
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\msg.exe
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\logoff.exe
2011-07-11 17:34:10 ----A---- E:\WINDOWS\system32\cdmodem.dll
2011-07-11 17:34:05 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2011-07-11 17:34:04 ----A---- E:\WINDOWS\system32\sndrec32.exe
2011-07-11 17:34:04 ----A---- E:\WINDOWS\system32\mplay32.exe
2011-07-11 17:34:04 ----A---- E:\WINDOWS\system32\accwiz.exe
2011-07-11 17:34:03 ----D---- E:\Program Files\Windows NT
2011-07-11 17:34:03 ----A---- E:\WINDOWS\system32\spider.exe
2011-07-11 17:34:03 ----A---- E:\WINDOWS\system32\mspaint.exe
2011-07-11 17:34:03 ----A---- E:\WINDOWS\system32\hypertrm.dll
2011-07-11 17:34:03 ----A---- E:\WINDOWS\system32\clipbrd.exe
2011-07-11 17:34:02 ----A---- E:\WINDOWS\system32\tsgqec.dll
2011-07-11 17:34:02 ----A---- E:\WINDOWS\system32\tscfgwmi.dll
2011-07-11 17:34:02 ----A---- E:\WINDOWS\system32\drivers\tdtcp.sys
2011-07-11 17:34:02 ----A---- E:\WINDOWS\system32\drivers\tdpipe.sys
2011-07-11 17:34:02 ----A---- E:\WINDOWS\system32\drivers\rdpwd.sys
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\rhttpaa.dll
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\remotepg.dll
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\rdshost.exe
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\rdsaddin.exe
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\mstscax.dll
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\mstsc.exe
2011-07-11 17:34:01 ----A---- E:\WINDOWS\system32\aaclient.dll
2011-07-11 17:34:00 ----D---- E:\WINDOWS\system32\MsDtc
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\termsrv.dll
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\sessmgr.exe
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\rdpwsx.dll
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\rdpsnd.dll
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\rdpclip.exe
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\rdchost.dll
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\qprocess.exe
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\icaapi.dll
2011-07-11 17:34:00 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2011-07-11 17:33:59 ----A---- E:\WINDOWS\system32\xolehlp.dll
2011-07-11 17:33:59 ----A---- E:\WINDOWS\system32\mtxoci.dll
2011-07-11 17:33:59 ----A---- E:\WINDOWS\system32\msdtctm.dll
2011-07-11 17:33:59 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2011-07-11 17:33:59 ----A---- E:\WINDOWS\system32\msdtclog.dll
2011-07-11 17:33:59 ----A---- E:\WINDOWS\system32\msdtc.exe
2011-07-11 17:33:58 ----D---- E:\WINDOWS\system32\Com
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\mtxex.dll
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\mtxdm.dll
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\comrepl.dll
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\comaddin.dll
2011-07-11 17:33:58 ----A---- E:\WINDOWS\system32\colbact.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\stclient.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\comuid.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\comsvcs.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\comsnap.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\clbcatex.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\catsrvut.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\catsrvps.dll
2011-07-11 17:33:57 ----A---- E:\WINDOWS\system32\catsrv.dll
2011-07-11 17:33:56 ----A---- E:\WINDOWS\system32\clbcatq.dll
2011-07-11 17:33:50 ----A---- E:\WINDOWS\system32\servdeps.dll
2011-07-11 17:33:50 ----A---- E:\WINDOWS\system32\mmfutil.dll
2011-07-11 17:33:49 ----A---- E:\WINDOWS\system32\licwmi.dll
2011-07-11 17:33:49 ----A---- E:\WINDOWS\system32\cmprops.dll
2011-07-11 17:33:46 ----A---- E:\WINDOWS\system32\drivers\termdd.sys
2011-07-11 17:33:46 ----A---- E:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2011-07-12 01:20:32 ----A---- E:\WINDOWS\system.ini
2011-07-11 17:37:38 ----A---- E:\WINDOWS\win.ini
2011-07-11 17:37:17 ----ASH---- E:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2011-07-12 664064]
R1 BANTExt;Belarc SMBios Access; E:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 ehdrv;ehdrv; E:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R1 epfwtdi;epfwtdi; E:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-04-09 55768]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; E:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;eamon; E:\WINDOWS\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 epfw;epfw; E:\WINDOWS\system32\DRIVERS\epfw.sys [2009-04-09 133000]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-01 3266560]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; E:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]
R3 cmuda3;C-Media PCI Audio Interface; E:\WINDOWS\system32\drivers\cmudax3.sys [2009-05-22 1872320]
R3 dtscsi;dtscsi; E:\WINDOWS\System32\Drivers\dtscsi.sys [2011-07-12 223128]
R3 Epfwndis;Eset Personal Firewall; E:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-04-09 33096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; E:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; E:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam E3500(UVC); E:\WINDOWS\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; E:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbaudio;Ovladač zvukové karty USB (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleNT;EagleNT; \??\E:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\E:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FilterService;UVC Filter Service; E:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2008-07-26 23832]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); E:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2008-08-01 573440]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 ekrn;ESET Service; E:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-04-09 731840]
R2 ICQ Service;ICQ Service; E:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 LVCOMSer;LVCOMSer; E:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; E:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; E:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 UMWdf;Windows User Mode Driver Framework; E:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 YahooAUService;Yahoo! Updater; E:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 NMIndexingService;NMIndexingService; E:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2008-07-31 593920]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;ESET HTTP Server; E:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-04-09 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Na ten ESET Smart Security ma kamarad zakoupenou licenci nebo si jej hodla cracknout

Počítač je nový. Ten NOD32 už tam není, protože byl odinstalován a nyní je tam ESS na 30 dní.
info z RSIT:
info.txt logfile of random's system information tool 1.09 2011-07-15 15:03:52

======Uninstall list======

-->E:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->E:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->E:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->E:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->E:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->E:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->E:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
4Story 3.5-->"E:\Program Files\Gameforge4D\4Story\unins000.exe"
Adobe Flash Player 10 ActiveX-->E:\WINDOWS\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->E:\WINDOWS\system32\Macromed\Flash\FlashUtil10u_Plugin.exe -maintain plugin
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 E:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
Belarc Advisor 8.1-->"E:\PROGRA~1\Belarc\Advisor\Uninstall.exe" "E:\PROGRA~1\Belarc\Advisor\INSTALL.LOG"
BitComet 1.27-->E:\Program Files\BitComet\uninst.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799}
C-Media PCI Audio Device-->E:\WINDOWS\System32\cmeaupci.exe /rm /ppci8768
ICQ Toolbar-->E:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.5-->"E:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
K-Lite Mega Codec Pack 5.7.0-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech Desktop Messenger-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech QuickCam Driver Package-->"E:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"E:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Microsoft .NET Framework 2.0-->E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe
MpcStar 5.2-->E:\Program Files\MpcStar\uninst.exe
Nero 8-->MsiExec.exe /X{F296739D-AF5C-4426-972A-0DC916D11029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Softarová utilita ATI - Odinstalovat-->E:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Media Format Runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR-->E:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger-->E:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U E:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->E:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Software Update-->E:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->E:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Security center information======

AV: ESET NOD32 Antivirus 4.2

======System event log======

Computer Name: MACHINENAME
Event Code: 26
Message: Místní nabídka aplikace: : Machine Check: Regs

Record Number: 5
Source Name: Application Popup
Time Written: 20110712011942.000000+120
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 26
Message: Místní nabídka aplikace: : Machine Check:

Record Number: 4
Source Name: Application Popup
Time Written: 20110712011942.000000+120
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Během prověřování, zda \Device\Serial0 je skutečně sériový port, byl zjištěn zásobník typu FIFO. Bude použit tento zásobník.

Record Number: 3
Source Name: Serial
Time Written: 20110712011942.000000+120
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 2
Source Name: EventLog
Time Written: 20110712011923.000000+120
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20110712011923.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: HAIPC-802E4A554
Event Code: 1000
Message: Čítače výkonu pro službu MSDTC (MSDTC) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 5
Source Name: LoadPerf
Time Written: 20110711173439.000000+120
Event Type: Informace
User:

Computer Name: HAIPC-802E4A554
Event Code: 1000
Message: Čítače výkonu pro službu TermService (Terminálová služba) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 4
Source Name: LoadPerf
Time Written: 20110711173436.000000+120
Event Type: Informace
User:

Computer Name: HAIPC-802E4A554
Event Code: 1000
Message: Čítače výkonu pro službu RemoteAccess (Směrování a vzdálený přístup) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 3
Source Name: LoadPerf
Time Written: 20110711173342.000000+120
Event Type: Informace
User:

Computer Name: HAIPC-802E4A554
Event Code: 1000
Message: Čítače výkonu pro službu PSched (PSched) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 2
Source Name: LoadPerf
Time Written: 20110711173315.000000+120
Event Type: Informace
User:

Computer Name: HAIPC-802E4A554
Event Code: 1000
Message: Čítače výkonu pro službu RSVP (QoS RSVP) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.

Record Number: 1
Source Name: LoadPerf
Time Written: 20110711173314.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;E:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Pokud si nehodla na ten ESS koupit licenci, tak je zbytecne jej tam mit a zvolil bych free reseni v podobe Avastu. Jelikoz cracknout antivir je jako zamknout dum ale nechat otevrene okno, nehlede na pachani trestneho cinu

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  motji píše: Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

Aplikujte exeHelper by Raktor

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/exeHelper.com
  • SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
• Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-07-15.03 - Hai 16.07.2011 10:46:16.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2378 [GMT 2:00]
Spuštěný z: e:\documents and settings\Hai\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\program files\Internet Explorer\dmlconf.dat
e:\program files\VVSN
e:\program files\VVSN\vvsn.cfg
e:\program files\VVSN\VVSN.exe
e:\windows\TEMP\logishrd\LVPrcInj02.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-15 13:03 . 2011-07-16 08:42 -------- d-----w- E:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- e:\windows\system32\win32k.sys
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- e:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- e:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2008-04-14 06:52 293376 ----a-w- e:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2008-04-14 06:51 33280 ----a-w- e:\windows\system32\csrsrv.dll
2011-04-25 14:47 . 2008-04-14 06:52 668160 ----a-w- e:\windows\system32\wininet.dll
2011-04-25 14:47 . 2008-04-14 06:51 1510912 ----a-w- e:\windows\system32\shdocvw.dll
2011-04-25 14:47 . 2008-04-14 06:50 61952 ----a-w- e:\windows\system32\tdc.ocx
2011-04-25 14:47 . 2008-04-14 06:51 81920 ----a-w- e:\windows\system32\ieencode.dll
2011-04-25 14:43 . 2008-04-14 05:50 370176 ----a-w- e:\windows\system32\html.iec
2011-04-21 13:37 . 2008-04-13 22:47 105472 ----a-w- e:\windows\system32\drivers\mup.sys
2011-07-08 07:29 . 2011-07-15 13:30 142296 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-06-12 . C71BB4782833750BF4C02AC30ED670B7 . 1571840 . . [5.1.2600.5512] . . e:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="e:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2011-06-16 6276408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="e:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"LogitechCommunicationsManager"="e:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="e:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"DAEMON Tools"="e:\program files\DAEMON Tools\daemon.exe" [2005-11-08 128920]
"4StoryPrePatch"="e:\program files\Gameforge4D\4Story\PrePatch.exe" [2010-10-20 319488]
"NeroFilterCheck"="e:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="e:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"egui"="e:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - e:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2011-7-12 66864]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"e:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"e:\\Program Files\\BitComet\\BitComet.exe"=
"e:\\Program Files\\Metin2\\metin2client.bin"=
"e:\\Program Files\\ICQ7.5\\ICQ.exe"=
"e:\\Program Files\\Warcraft III\\Warcraft III.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25698:TCP"= 25698:TCP:BitComet 25698 TCP
"25698:UDP"= 25698:UDP:BitComet 25698 UDP
"24132:TCP"= 24132:TCP:BitComet 24132 TCP
"24132:UDP"= 24132:UDP:BitComet 24132 UDP
"22960:TCP"= 22960:TCP:BitComet 22960 TCP
"22960:UDP"= 22960:UDP:BitComet 22960 UDP
.
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [12.7.2011 21:49 664064]
R1 ehdrv;ehdrv;e:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R2 ekrn;ESET Service;e:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 14:23 727720]
R2 ICQ Service;ICQ Service;e:\program files\ICQ6Toolbar\ICQ Service.exe [13.7.2011 21:42 247608]
S3 EagleXNt;EagleXNt;\??\e:\windows\system32\drivers\EagleXNt.sys --> e:\windows\system32\drivers\EagleXNt.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.atcomet.com/b/
mStart Page = hxxp://www.yahoo.com
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: Stáhnout odkaz s použitím BitCometu - e:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - e:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - e:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - e:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - e:\documents and settings\Hai\Data aplikací\Mozilla\Firefox\Profiles\3dreny6y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-VVSN - e:\program files\VVSN\VVSN.exe
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-16 10:51
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
e:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(8488)
e:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\Ati2evxx.exe
e:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
e:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
e:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
e:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
e:\windows\system32\IoctlSvc.exe
e:\windows\system32\wdfmgr.exe
e:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\windows\system32\RunDll32.exe
e:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
e:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
e:\program files\Common Files\Nero\Lib\NMIndexingService.exe
e:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Celkový čas: 2011-07-16 10:53:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-16 08:53
.
Před spuštěním: Volných bajtů: 167 442 923 520
Po spuštění: Volných bajtů: 172 010 184 704
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\Avldr.bin="Chuong trinh GHOST tu dong"
.
- - End Of File - - 10A1CE99E493F143F6B247D9362DA282

log z exehelperlog
exeHelper by Raktor
Build 20100414
Run at 10:41:20 on 07/16/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
log z RKill:
This log file is located at E:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 16.07.2011 at 10:40:47.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

E:\WINDOWS\Explorer.EXE
E:\Documents and Settings\Hai\Dokumenty\StaE:\WINDOWS\System32\rundll32.exe


Rkill completed on 16.07.2011 at 10:40:50.

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Messenger (Yahoo!)"=-
  "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools"=-
  "4StoryPrePatch"=-
  "NeroFilterCheck"=-
  "NBKeyScan"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=-
  "{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25BC7718-0BFA-40EA-B381-4B2D9732D686}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
  
  Collect::
  E:\Program Files\anodtchm\itgpecqa.exe
  
  Driver::
  ICQ Service
  
  Folder::
  e:\program files\ICQ6Toolbar
  E:\Program Files\anodtchm
  
  File::
  E:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
  
  DDs::
  uStart Page = hxxp://google.atcomet.com/b/
  mStart Page = hxxp://www.yahoo.com
  uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
  
  Firefox::
  FF - ProfilePath - e:\documents and settings\Hai\Data aplikací\Mozilla\Firefox\Profiles\3dreny6y.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
  FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
  FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
  
  RegLock::
  [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

log ComboFix:
ComboFix 11-07-15.03 - Hai 16.07.2011 11:10:04.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2488 [GMT 2:00]
Spuštěný z: e:\documents and settings\Hai\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Hai\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"e:\progra~1\Yahoo!\Companion\Installs\cpn0\yt.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\progra~1\Yahoo!\Companion\Installs\cpn0\yt.dll
e:\program files\anodtchm
e:\program files\ICQ6Toolbar
e:\program files\ICQ6Toolbar\config.xml
e:\program files\ICQ6Toolbar\Icons.bmp
e:\program files\ICQ6Toolbar\ICQ Service.exe
e:\program files\ICQ6Toolbar\icq6Toolbar.ico
e:\program files\ICQ6Toolbar\ICQToolBar.dll
e:\program files\ICQ6Toolbar\ICQUnToolbar.exe
e:\program files\ICQ6Toolbar\logo_small.gif
e:\program files\ICQ6Toolbar\ServiceStarter.exe
e:\program files\ICQ6Toolbar\short.wav
e:\program files\ICQ6Toolbar\Version.txt
e:\program files\ICQ6Toolbar\voucher.bmp
e:\program files\ICQ6Toolbar\voucher2.bmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-15 13:03 . 2011-07-16 08:42 -------- d-----w- E:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- e:\windows\system32\win32k.sys
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- e:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- e:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2008-04-14 06:52 293376 ----a-w- e:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2008-04-14 06:51 33280 ----a-w- e:\windows\system32\csrsrv.dll
2011-04-25 14:47 . 2008-04-14 06:52 668160 ----a-w- e:\windows\system32\wininet.dll
2011-04-25 14:47 . 2008-04-14 06:51 1510912 ----a-w- e:\windows\system32\shdocvw.dll
2011-04-25 14:47 . 2008-04-14 06:50 61952 ----a-w- e:\windows\system32\tdc.ocx
2011-04-25 14:47 . 2008-04-14 06:51 81920 ----a-w- e:\windows\system32\ieencode.dll
2011-04-25 14:43 . 2008-04-14 05:50 370176 ----a-w- e:\windows\system32\html.iec
2011-04-21 13:37 . 2008-04-13 22:47 105472 ----a-w- e:\windows\system32\drivers\mup.sys
2011-07-08 07:29 . 2011-07-15 13:30 142296 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-06-12 . C71BB4782833750BF4C02AC30ED670B7 . 1571840 . . [5.1.2600.5512] . . e:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-16_08.51.02 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2011-07-16 08:25 67312 e:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2011-07-16 08:54 67312 e:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2011-07-16 08:25 77872 e:\windows\system32\perfc005.dat
+ 2001-10-25 14:00 . 2011-07-16 08:54 77872 e:\windows\system32\perfc005.dat
- 2011-07-16 08:50 . 2008-07-26 06:25 109080 e:\windows\temp\logishrd\LVPrcInj01.dll
+ 2011-07-16 09:14 . 2008-07-26 06:25 109080 e:\windows\temp\logishrd\LVPrcInj01.dll
+ 2001-10-25 14:00 . 2011-07-16 08:54 432356 e:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2011-07-16 08:25 432356 e:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2011-07-16 08:25 428750 e:\windows\system32\perfh005.dat
+ 2001-10-25 14:00 . 2011-07-16 08:54 428750 e:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"LogitechCommunicationsManager"="e:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="e:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"egui"="e:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - e:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2011-7-12 66864]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"e:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"e:\\Program Files\\BitComet\\BitComet.exe"=
"e:\\Program Files\\Metin2\\metin2client.bin"=
"e:\\Program Files\\ICQ7.5\\ICQ.exe"=
"e:\\Program Files\\Warcraft III\\Warcraft III.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25698:TCP"= 25698:TCP:BitComet 25698 TCP
"25698:UDP"= 25698:UDP:BitComet 25698 UDP
"24132:TCP"= 24132:TCP:BitComet 24132 TCP
"24132:UDP"= 24132:UDP:BitComet 24132 UDP
"22960:TCP"= 22960:TCP:BitComet 22960 TCP
"22960:UDP"= 22960:UDP:BitComet 22960 UDP
.
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [12.7.2011 21:49 664064]
R1 ehdrv;ehdrv;e:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R2 ekrn;ESET Service;e:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 14:23 727720]
S3 EagleXNt;EagleXNt;\??\e:\windows\system32\drivers\EagleXNt.sys --> e:\windows\system32\drivers\EagleXNt.sys [?]
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: Stáhnout odkaz s použitím BitCometu - e:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - e:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - e:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - e:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - e:\documents and settings\Hai\Data aplikací\Mozilla\Firefox\Profiles\3dreny6y.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - e:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-16 11:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
e:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(7896)
e:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\Ati2evxx.exe
e:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
e:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
e:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
e:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
e:\windows\system32\IoctlSvc.exe
e:\windows\system32\wdfmgr.exe
e:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
e:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Celkový čas: 2011-07-16 11:16:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-16 09:16
ComboFix2.txt 2011-07-16 08:53
.
Před spuštěním: Volných bajtů: 172 023 005 184
Po spuštění: Volných bajtů: 171 954 413 568
.
- - End Of File - - BE433BF8976120DCC757B84564AEBBFC

Jak se chova PC

předtím ESS nalezl spoustu virů, tak jsem pro jistotu chtěl dočistit zbytky
jinak se již chová normálně.
Díky.

Mohl byste mi prosim dat screen karanteny - navod na screen http://viry.cz/forum/viewtopic.php?f=11&t=14114