VIRY.CZ

Nazdar! Tak došlo i na mě! Mám trochu zapeklitý problém. Na PC mám jeden 250GB disk rozdělený na Systémovou část (20GB) a zbytek, ale i když jsem dva dny zpátky reinstaloval systém, tak mám PC prolezlý viry! Nainstaloval jsem AVG, ale to už i ve svých procesech detekovalo nákazu, takže mi moc nepomůže... Přidávám log

EDIT : Ještě bych dodal, že mi ty viry vytváří různě pojmenované soubury různých formátů přímo na C:/ a D:/ a co je ještě horší, když jsem chtěl nainstalovat Avira antivirus nebo Avast antivirus tak se mi ty instalace samy od sebe terminovali bez příčiny.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Doobee at 2012-08-11 11:34:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (77%) free of 20 GB
Total RAM: 511 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:35:20, on 11.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\avgwdsvc.exe
C:\Program Files\AVG\avgidsagent.exe
C:\Program Files\AVG\avgnsx.exe
C:\Program Files\AVG\avgrsx.exe
C:\Program Files\AVG\avgcsrvx.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Doobee\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Doobee.exe
C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\avgdtiex.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\avgtray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\avgdtiex.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\avgpp.dll
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\avgwdsvc.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe (file missing)

--
End of file - 4952 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-842925246-1177238915-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-842925246-1177238915-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\avgdtiex.dll [2012-06-13 937592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-10 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"AVG_TRAY"=C:\Program Files\AVG\avgtray.exe [2012-04-05 2587008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-08-10 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
C:\WINDOWS\system32\browserchoice.exe /run []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WINDOW~2\WINDOW~1.EXE [2011-01-25 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2011-01-25 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2011-01-25 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2011-01-25 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=147
"NoFind"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=147

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Hry\Warcraft III\war3.exe"="D:\Hry\Warcraft III\war3.exe:*:Disabled:ipsec"
"D:\Hry\Warcraft III\gproxy.exe"="D:\Hry\Warcraft III\gproxy.exe:*:Disabled:ipsec"
"D:\Hry\Warcraft III\dk1.4-0.2.0\dotakeys.exe"="D:\Hry\Warcraft III\dk1.4-0.2.0\dotakeys.exe:*:Disabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\explorer.exe:*:Enabled:ipsec"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE"="C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE:*:Enabled:ipsec"
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:*:Enabled:ipsec"
"C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe"="C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe:*:Enabled:ipsec"
"C:\Program Files\AVG\avgtray.exe"="C:\Program Files\AVG\avgtray.exe:*:Enabled:ipsec"
"C:\Program Files\AVG\avgscanx.exe"="C:\Program Files\AVG\avgscanx.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\taskmgr.exe"="C:\WINDOWS\system32\taskmgr.exe:*:Enabled:ipsec"
"C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Doobee\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-08-11 11:34:59 ----D---- C:\Program Files\trend micro
2012-08-11 11:34:58 ----D---- C:\rsit
2012-08-11 00:17:42 ----SHD---- C:\WINDOWS\CSC
2012-08-10 23:53:01 ----HD---- C:\WINDOWS\PIF
2012-08-10 22:50:23 ----D---- C:\Documents and Settings\Doobee\Data aplikací\AVG
2012-08-10 22:49:22 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-08-10 22:49:06 ----D---- C:\Program Files\AVG PC Tuneup
2012-08-10 22:40:34 ----D---- C:\Documents and Settings\Doobee\Data aplikací\AVG2012
2012-08-10 22:31:29 ----HD---- C:\$AVG
2012-08-10 22:31:29 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-08-10 22:31:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2012-08-10 22:31:11 ----D---- C:\Program Files\AVG
2012-08-10 22:29:30 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2012-08-10 22:29:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2012-08-10 22:23:12 ----D---- C:\WINDOWS\pss
2012-08-10 22:15:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-08-10 21:21:49 ----A---- C:\WINDOWS\War3Unin.dat
2012-08-10 21:21:48 ----A---- C:\WINDOWS\War3Unin.pif
2012-08-10 21:21:48 ----A---- C:\WINDOWS\War3Unin.exe
2012-08-10 21:15:45 ----D---- C:\Program Files\D-Tools
2012-08-10 21:15:45 ----A---- C:\WINDOWS\system32\drivers\d344prt.sys
2012-08-10 21:15:45 ----A---- C:\WINDOWS\system32\drivers\d344bus.sys
2012-08-10 21:15:36 ----D---- C:\WINDOWS\Downloaded Installations
2012-08-10 21:00:45 ----A---- C:\WINDOWS\system32\h323log.txt
2012-08-10 21:00:09 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2012-08-10 20:59:39 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2012-08-10 20:59:20 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2012-08-10 20:59:20 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2012-08-10 20:59:20 -------- C:\WINDOWS\system32\ativvaxx.dll
2012-08-10 20:59:20 -------- C:\WINDOWS\system32\ati3duag.dll
2012-08-10 20:59:20 -------- C:\WINDOWS\system32\ati2dvag.dll
2012-08-10 20:59:20 -------- C:\WINDOWS\system32\ati2cqag.dll
2012-08-10 20:58:55 ----A---- C:\WINDOWS\system32\drivers\fetnd5.sys
2012-08-10 20:58:53 ----A---- C:\WINDOWS\system32\usbui.dll
2012-08-10 20:58:49 ----A---- C:\WINDOWS\system32\drivers\GAGP30KX.SYS
2012-08-10 20:57:53 ----SHD---- C:\WINDOWS\Installer
2012-08-10 20:57:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-10 20:57:52 ----D---- C:\Program Files\Common Files\ODBC
2012-08-10 20:57:52 ----A---- C:\WINDOWS\ODBCINST.INI
2012-08-10 20:57:49 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-08-10 20:57:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-10 20:57:48 ----RD---- C:\Program Files
2012-08-10 20:57:48 ----D---- C:\Program Files\Common Files
2012-08-10 20:57:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-08-10 20:57:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-08-10 20:57:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-08-10 20:57:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-08-10 20:57:36 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-08-10 20:57:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-08-10 20:57:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-08-10 20:57:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-08-10 20:57:32 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-08-10 20:57:32 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-08-10 20:57:32 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-08-10 20:57:32 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-08-10 20:57:32 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdro.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2012-08-10 20:57:24 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2012-08-10 20:57:21 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-08-10 20:57:21 ----A---- C:\WINDOWS\system32\irclass.dll
2012-08-10 20:57:21 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-08-10 20:57:21 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-08-10 20:57:21 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-08-10 20:57:18 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-08-10 20:57:18 -------- C:\WINDOWS\system32\CONFIG.TMP
2012-08-10 20:57:17 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2012-08-10 20:57:17 ----A---- C:\WINDOWS\system32\batt.dll
2012-08-10 20:57:16 ----A---- C:\WINDOWS\system32\storprop.dll
2012-08-10 20:57:16 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-08-10 20:57:10 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-08-10 20:56:48 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-10 20:56:48 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-10 20:56:43 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-10 20:56:22 ----D---- C:\Program Files\IrfanView
2012-08-10 20:56:22 ----D---- C:\Documents and Settings\Doobee\Data aplikací\IrfanView
2012-08-10 20:56:22 ----D---- C:\Documents and Settings
2012-08-10 20:56:21 ----SHD---- C:\System Volume Information
2012-08-10 20:56:20 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-08-10 20:55:55 ----SH---- C:\boot.ini
2012-08-10 20:52:20 ----SD---- C:\WINDOWS\Offline Web Pages
2012-08-10 20:52:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-10 20:52:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-10 20:52:20 ----RSD---- C:\WINDOWS\Fonts
2012-08-10 20:52:20 ----RD---- C:\WINDOWS\Web
2012-08-10 20:52:20 ----HD---- C:\WINDOWS\inf
2012-08-10 20:52:20 ----D---- C:\WINDOWS\WinSxS
2012-08-10 20:52:20 ----D---- C:\WINDOWS\WBEM
2012-08-10 20:52:20 ----D---- C:\WINDOWS\twain_32
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Temp
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\wins
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\wbem
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\usmt
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\spool
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\ShellExt
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\Setup
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\ras
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\oobe
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\npp
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\mui
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\inetsrv
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\IME
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\icsxml
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\ias
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\export
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\drivers\UMDF
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\drivers\etc
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\drivers
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\dhcp
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\cs-cz
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\cs
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\config
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\3com_dmi
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\3076
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\2052
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1054
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1042
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1041
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1037
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1033
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1031
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1029
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1028
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32\1025
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system32
2012-08-10 20:52:20 ----D---- C:\WINDOWS\system
2012-08-10 20:52:20 ----D---- C:\WINDOWS\security
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Resources
2012-08-10 20:52:20 ----D---- C:\WINDOWS\repair
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Provisioning
2012-08-10 20:52:20 ----D---- C:\WINDOWS\pchealth
2012-08-10 20:52:20 ----D---- C:\WINDOWS\PeerNet
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Network Diagnostic
2012-08-10 20:52:20 ----D---- C:\WINDOWS\mui
2012-08-10 20:52:20 ----D---- C:\WINDOWS\msapps
2012-08-10 20:52:20 ----D---- C:\WINDOWS\msagent
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Media
2012-08-10 20:52:20 ----D---- C:\WINDOWS\L2Schemas
2012-08-10 20:52:20 ----D---- C:\WINDOWS\java
2012-08-10 20:52:20 ----D---- C:\WINDOWS\ime
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Help
2012-08-10 20:52:20 ----D---- C:\WINDOWS\ehome
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Driver Cache
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Debug
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Cursors
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Connection Wizard
2012-08-10 20:52:20 ----D---- C:\WINDOWS\Config
2012-08-10 20:52:20 ----D---- C:\WINDOWS\AppPatch
2012-08-10 20:52:20 ----D---- C:\WINDOWS\addins
2012-08-10 20:52:20 ----D---- C:\WINDOWS
2012-08-10 20:44:02 ----ASH---- C:\hiberfil.sys
2012-08-10 20:40:13 -------- C:\WINDOWS\system32\ati2sgag.exe
2012-08-10 20:39:57 ----D---- C:\Program Files\ATI Technologies
2012-08-10 20:38:41 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2012-08-10 20:32:01 ----A---- C:\WINDOWS\WININIT.INI
2012-08-10 20:27:38 ----D---- C:\Documents and Settings\Doobee\Data aplikací\ATI
2012-08-10 20:24:37 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2012-08-10 20:24:36 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-08-10 20:24:35 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-08-10 20:24:35 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-08-10 20:24:34 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2012-08-10 20:24:33 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-08-10 20:24:32 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-08-10 20:24:31 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-08-10 20:24:30 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-08-10 20:24:29 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-08-10 20:24:28 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-08-10 20:24:25 ----RA---- C:\WINDOWS\system32\drivers\vinyl97.sys
2012-08-10 20:24:25 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-08-10 20:24:25 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-08-10 20:24:24 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-08-10 20:23:51 ----D---- C:\Program Files\VIA
2012-08-10 20:23:51 -------- C:\WINDOWS\system32\difxapi.dll
2012-08-10 20:21:38 ----D---- C:\Program Files\Common Files\InstallShield
2012-08-10 20:21:25 ----D---- C:\ATI
2012-08-10 20:19:29 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-08-10 20:19:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-08-10 20:19:27 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys
2012-08-10 20:19:26 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-10 20:19:26 ----D---- C:\Program Files\AMD
2012-08-10 20:19:14 ----D---- C:\Documents and Settings\Doobee\Data aplikací\InstallShield
2012-08-10 20:15:34 ----D---- C:\Program Files\BSPlayer
2012-08-10 20:15:34 ----D---- C:\Documents and Settings\Doobee\Data aplikací\BSplayer Pro
2012-08-10 20:15:34 ----D---- C:\Documents and Settings\Doobee\Data aplikací\BSplayer
2012-08-10 20:14:19 ----A---- C:\WINDOWS\Filzip.ini
2012-08-10 20:13:32 ----D---- C:\Program Files\Filzip
2012-08-10 20:07:18 ----D---- C:\Program Files\uTorrent
2012-08-10 20:07:08 ----D---- C:\Documents and Settings\Doobee\Data aplikací\uTorrent
2012-08-10 19:52:59 ----SHD---- C:\RECYCLER
2012-08-10 19:42:15 ----D---- C:\Documents and Settings\Doobee\Data aplikací\Windows Search
2012-08-10 19:39:28 ----D---- C:\Documents and Settings\Doobee\Data aplikací\Adobe
2012-08-10 19:38:33 ----D---- C:\Documents and Settings\Doobee\Data aplikací\Windows Desktop Search
2012-08-10 19:38:02 ----A---- C:\WINDOWS\system32\wmpns.dll
2012-08-10 19:38:00 ----D---- C:\Documents and Settings\Doobee\Data aplikací\Identities
2012-08-10 19:37:58 ----HD---- C:\Program Files\Uninstall Information
2012-08-10 19:37:47 ----SD---- C:\Documents and Settings\Doobee\Data aplikací\Microsoft
2012-08-10 19:37:47 ----ASH---- C:\Documents and Settings\Doobee\Data aplikací\desktop.ini
2012-08-10 19:36:14 ----D---- C:\WINDOWS\Prefetch
2012-08-10 19:36:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-10 19:35:24 ----AS---- C:\WINDOWS\bootstat.dat
2012-08-10 19:33:12 ----D---- C:\WINDOWS\system32\xircom
2012-08-10 19:33:12 ----D---- C:\Program Files\xerox
2012-08-10 19:33:12 ----D---- C:\Program Files\microsoft frontpage
2012-08-10 19:32:34 ----SD---- C:\WINDOWS\system32\Microsoft
2012-08-10 19:32:32 ----A---- C:\WINDOWS\system32\javaws.exe
2012-08-10 19:32:32 ----A---- C:\WINDOWS\system32\javaw.exe
2012-08-10 19:32:32 ----A---- C:\WINDOWS\system32\java.exe
2012-08-10 19:32:32 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-08-10 19:32:24 ----D---- C:\Program Files\Java
2012-08-10 19:32:01 ----RASH---- C:\MSDOS.SYS
2012-08-10 19:32:01 ----RASH---- C:\IO.SYS
2012-08-10 19:32:01 ----A---- C:\WINDOWS\control.ini
2012-08-10 19:32:01 ----A---- C:\CONFIG.SYS
2012-08-10 19:32:01 ----A---- C:\AUTOEXEC.BAT
2012-08-10 19:31:06 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-08-10 19:29:43 ----HD---- C:\Program Files\WindowsUpdate
2012-08-10 19:29:39 ----D---- C:\Program Files\Online Services
2012-08-10 19:29:21 ----D---- C:\Program Files\Windows Media Connect 2
2012-08-10 19:29:04 ----D---- C:\WINDOWS\system32\DirectX
2012-08-10 19:28:53 ----A---- C:\WINDOWS\system32\atrace.dll
2012-08-10 19:28:50 ----A---- C:\WINDOWS\system32\desktop.ini
2012-08-10 19:28:50 ----A---- C:\WINDOWS\desktop.ini
2012-08-10 19:28:42 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-08-10 19:28:40 ----D---- C:\Program Files\Common Files\Services
2012-08-10 19:28:40 ----A---- C:\WINDOWS\system32\acctres.dll
2012-08-10 19:28:36 ----SD---- C:\WINDOWS\Tasks
2012-08-10 19:28:36 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-08-10 19:28:34 ----D---- C:\Program Files\Common Files\MSSoap
2012-08-10 19:28:26 ----D---- C:\WINDOWS\srchasst
2012-08-10 19:28:22 ----D---- C:\WINDOWS\system32\Macromed
2012-08-10 19:28:19 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-08-10 19:28:18 ----A---- C:\WINDOWS\system32\wups.dll
2012-08-10 19:28:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-08-10 19:28:18 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-08-10 19:28:18 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-08-10 19:28:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-08-10 19:28:17 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-08-10 19:28:16 ----D---- C:\WINDOWS\system32\bits
2012-08-10 19:28:12 ----D---- C:\Program Files\Movie Maker
2012-08-10 19:27:50 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-08-10 19:27:50 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-08-10 19:27:50 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-08-10 19:27:50 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-08-10 19:27:46 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-08-10 19:27:46 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-08-10 19:27:45 ----D---- C:\WINDOWS\system32\Restore
2012-08-10 19:27:45 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-08-10 19:27:45 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-08-10 19:27:45 ----A---- C:\WINDOWS\system32\srclient.dll
2012-08-10 19:27:45 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-08-10 19:27:44 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-08-10 19:27:44 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-08-10 19:27:44 ----A---- C:\WINDOWS\system32\ils.dll
2012-08-10 19:27:44 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2012-08-10 19:27:43 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-08-10 19:27:43 ----A---- C:\WINDOWS\system32\msconf.dll
2012-08-10 19:27:43 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-08-10 19:27:38 ----D---- C:\Program Files\NetMeeting
2012-08-10 19:27:38 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-08-10 19:27:38 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-08-10 19:27:37 ----A---- C:\WINDOWS\system32\inetres.dll
2012-08-10 19:27:36 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-08-10 19:27:34 ----D---- C:\Program Files\Outlook Express
2012-08-10 19:27:34 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-08-10 19:27:34 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-08-10 19:27:34 ----A---- C:\WINDOWS\system32\mstask.dll
2012-08-10 19:27:33 ----A---- C:\WINDOWS\system32\isign32.dll
2012-08-10 19:27:33 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-08-10 19:27:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-08-10 19:27:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-08-10 19:27:26 ----D---- C:\Program Files\Common Files\System
2012-08-10 19:19:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2012-08-10 19:11:30 ----RSD---- C:\WINDOWS\assembly
2012-08-10 19:11:03 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-08-10 19:10:56 ----D---- C:\Program Files\ComPlus Applications
2012-08-10 19:10:55 ----A---- C:\WINDOWS\vbaddin.ini
2012-08-10 19:10:55 ----A---- C:\WINDOWS\vb.ini
2012-08-10 19:10:52 ----D---- C:\WINDOWS\Registration
2012-08-10 19:10:46 ----D---- C:\Program Files\Windows Media Player
2012-08-10 19:10:10 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2012-08-10 19:09:55 ----D---- C:\Program Files\Microsoft.NET
2012-08-10 19:09:54 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2012-08-10 19:09:29 ----D---- C:\WINDOWS\system32\XPSViewer
2012-08-10 19:09:29 ----D---- C:\Program Files\MSBuild
2012-08-10 19:09:28 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2012-08-10 19:09:24 ----A---- C:\WINDOWS\system32\rgb9rast_2.dll
2012-08-10 19:09:23 ----D---- C:\WINDOWS\system32\en-US
2012-08-10 19:09:23 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2012-08-10 19:09:23 ----A---- C:\WINDOWS\system32\PresentationHostProxy.dll
2012-08-10 19:09:23 ----A---- C:\WINDOWS\system32\PresentationHost.exe
2012-08-10 19:09:21 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2012-08-10 19:09:19 ----A---- C:\WINDOWS\system32\infocardapi.dll
2012-08-10 19:09:19 ----A---- C:\WINDOWS\system32\icardres.dll
2012-08-10 19:09:19 ----A---- C:\WINDOWS\system32\icardagt.exe
2012-08-10 19:09:18 ----D---- C:\Program Files\Reference Assemblies
2012-08-10 19:09:18 ----A---- C:\WINDOWS\system32\evr.dll
2012-08-10 19:09:16 ----A---- C:\WINDOWS\system32\dxva2.dll
2012-08-10 19:08:59 ----A---- C:\WINDOWS\system32\msvcr80.dll
2012-08-10 19:08:58 ----A---- C:\WINDOWS\system32\msvcp80.dll
2012-08-10 19:08:58 ----A---- C:\WINDOWS\system32\msvcm80.dll
2012-08-10 19:08:48 ----A---- C:\WINDOWS\system32\dfshim.dll
2012-08-10 19:08:24 ----A---- C:\WINDOWS\system32\netfxperf.dll
2012-08-10 19:08:21 ----D---- C:\Program Files\Internet Explorer
2012-08-10 19:08:21 ----A---- C:\WINDOWS\system32\mscories.dll
2012-08-10 19:08:21 ----A---- C:\WINDOWS\system32\mscorier.dll
2012-08-10 19:08:21 ----A---- C:\WINDOWS\system32\mscoree.dll
2012-08-10 19:08:09 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2012-08-10 19:08:09 ----A---- C:\WINDOWS\system32\prntvpt.dll
2012-08-10 19:08:08 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2012-08-10 19:08:00 ----D---- C:\WINDOWS\system32\DRM
2012-08-10 19:08:00 ----D---- C:\WINDOWS\BitLockerDiscoveryVolumeContents
2012-08-10 19:08:00 ----A---- C:\WINDOWS\system32\SecProc_ssp_isv.dll
2012-08-10 19:08:00 ----A---- C:\WINDOWS\system32\SecProc_ssp.dll
2012-08-10 19:07:59 ----A---- C:\WINDOWS\system32\RmActivate_ssp_isv.exe
2012-08-10 19:07:59 ----A---- C:\WINDOWS\system32\RmActivate_ssp.exe
2012-08-10 19:07:59 ----A---- C:\WINDOWS\system32\RmActivate_isv.exe
2012-08-10 19:07:58 ----A---- C:\WINDOWS\system32\SecProc_isv.dll
2012-08-10 19:07:58 ----A---- C:\WINDOWS\system32\SecProc.dll
2012-08-10 19:07:58 ----A---- C:\WINDOWS\system32\RmActivate.exe
2012-08-10 19:07:58 ----A---- C:\WINDOWS\system32\msdrm.dll
2012-08-10 19:07:57 ----A---- C:\WINDOWS\system32\WgaTray.exe
2012-08-10 19:07:57 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2012-08-10 19:07:56 ----A---- C:\WINDOWS\system32\winUsbCoinstaller.dll
2012-08-10 19:07:56 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2012-08-10 19:07:55 ----A---- C:\WINDOWS\system32\WUDFUpdate_01007.dll
2012-08-10 19:07:54 ----A---- C:\WINDOWS\system32\UncNE.dll
2012-08-10 19:07:54 ----A---- C:\WINDOWS\system32\UncDMS.dll
2012-08-10 19:07:54 ----A---- C:\WINDOWS\system32\UncCplExt.dll
2012-08-10 19:07:54 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2012-08-10 19:07:54 ----A---- C:\WINDOWS\system32\imapi2.dll
2012-08-10 19:07:53 ----A---- C:\WINDOWS\system32\UncRes.dll
2012-08-10 19:07:53 ----A---- C:\WINDOWS\system32\UncPH.dll
2012-08-10 19:07:53 ----A---- C:\WINDOWS\system32\oephRes.dll
2012-08-10 19:07:53 ----A---- C:\WINDOWS\system32\oeph.dll
2012-08-10 19:07:47 ----D---- C:\Program Files\Windows Desktop Search
2012-08-10 19:07:44 ----A---- C:\WINDOWS\system32\xmlfilter.dll
2012-08-10 19:07:44 ----A---- C:\WINDOWS\system32\srchadmin.dll
2012-08-10 19:07:44 ----A---- C:\WINDOWS\system32\rtffilt.dll
2012-08-10 19:07:44 ----A---- C:\WINDOWS\system32\propsys.dll
2012-08-10 19:07:43 ----A---- C:\WINDOWS\system32\msshsq.dll
2012-08-10 19:07:43 ----A---- C:\WINDOWS\system32\msshooks.dll
2012-08-10 19:07:43 ----A---- C:\WINDOWS\system32\idxcntrs.ini
2012-08-10 19:07:42 ----A---- C:\WINDOWS\system32\msscb.dll
2012-08-10 19:07:42 ----A---- C:\WINDOWS\system32\gthrctr.ini
2012-08-10 19:07:42 ----A---- C:\WINDOWS\system32\gsrvctr.ini
2012-08-10 19:07:41 ----A---- C:\WINDOWS\system32\tquery.dll
2012-08-10 19:07:41 ----A---- C:\WINDOWS\system32\propdefs.dll
2012-08-10 19:07:41 ----A---- C:\WINDOWS\system32\msstrc.dll
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\searchprotocolhost.exe
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\searchindexer.exe
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\searchfilterhost.exe
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\mssrch.dll
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\mssprxy.dll
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\mssphtb.dll
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\mssph.dll
2012-08-10 19:07:40 ----A---- C:\WINDOWS\system32\mssitlb.dll
2012-08-10 19:07:39 ----A---- C:\WINDOWS\system32\msxml4r.dll
2012-08-10 19:07:39 ----A---- C:\WINDOWS\system32\msscntrs.dll
2012-08-10 19:07:38 ----D---- C:\Program Files\MSXML 4.0
2012-08-10 19:07:38 ----A---- C:\WINDOWS\system32\msxml4.dll
2012-08-10 19:07:33 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-10 19:07:31 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2012-08-10 19:07:31 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2012-08-10 19:07:31 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2012-08-10 19:07:30 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2012-08-10 19:07:30 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2012-08-10 19:07:30 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2012-08-10 19:07:30 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2012-08-10 19:07:30 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2012-08-10 19:07:29 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2012-08-10 19:07:29 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2012-08-10 19:07:29 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2012-08-10 19:07:29 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2012-08-10 19:07:28 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2012-08-10 19:07:27 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2012-08-10 19:07:26 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2012-08-10 19:07:25 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2012-08-10 19:07:24 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2012-08-10 19:07:24 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2012-08-10 19:07:23 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2012-08-10 19:07:23 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2012-08-10 19:07:22 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2012-08-10 19:07:21 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2012-08-10 19:07:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2012-08-10 19:07:20 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2012-08-10 19:07:19 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2012-08-10 19:07:19 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2012-08-10 19:07:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2012-08-10 19:07:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2012-08-10 19:07:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2012-08-10 19:07:16 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2012-08-10 19:07:16 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2012-08-10 19:07:15 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2012-08-10 19:07:15 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2012-08-10 19:07:14 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2012-08-10 19:07:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2012-08-10 19:07:13 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2012-08-10 19:07:13 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2012-08-10 19:07:13 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2012-08-10 19:07:13 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2012-08-10 19:07:12 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2012-08-10 19:07:11 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2012-08-10 19:07:11 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2012-08-10 19:07:11 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2012-08-10 19:07:11 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2012-08-10 19:07:07 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2012-08-10 19:07:06 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2012-08-10 19:07:06 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2012-08-10 19:07:05 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2012-08-10 19:07:04 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2012-08-10 19:07:04 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2012-08-10 19:07:03 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2012-08-10 19:07:02 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2012-08-10 19:07:02 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2012-08-10 19:07:01 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2012-08-10 19:07:01 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2012-08-10 19:07:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2012-08-10 19:06:37 ----D---- C:\Program Files\Microsoft Silverlight
2012-08-10 19:06:36 ----D---- C:\WINDOWS\SoftwareDistribution
2012-08-10 19:06:36 ----A---- C:\WINDOWS\system32\muweb.dll
2012-08-10 19:06:36 ----A---- C:\WINDOWS\system32\mucltui.dll
2012-08-10 19:06:36 ----A---- C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll
2012-08-10 19:06:35 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2012-08-10 19:06:34 ----D---- C:\WINDOWS\system32\PreInstall
2012-08-10 19:06:31 ----A---- C:\WINDOWS\system32\pwrshplugin.dll
2012-08-10 19:06:17 ----D---- C:\WINDOWS\system32\winrm
2012-08-10 19:06:17 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2012-08-10 19:06:17 ----D---- C:\WINDOWS\system32\GroupPolicy
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\wsmanhttpconfig.exe
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\winrssrv.dll
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\winrsmgr.dll
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\winrscmd.dll
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\winrmprov.dll
2012-08-10 19:06:16 ----A---- C:\WINDOWS\system32\wevtfwd.dll
2012-08-10 19:06:15 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2012-08-10 19:06:15 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2012-08-10 19:06:15 ----A---- C:\WINDOWS\system32\WsmRes.dll
2012-08-10 19:06:15 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2012-08-10 19:06:15 ----A---- C:\WINDOWS\system32\winrshost.exe
2012-08-10 19:06:15 ----A---- C:\WINDOWS\system32\winrs.exe
2012-08-10 19:06:14 ----A---- C:\WINDOWS\system32\winrm.vbs
2012-08-10 19:06:14 ----A---- C:\WINDOWS\system32\winrm.cmd
2012-08-10 19:06:12 ----D---- C:\Program Files\Messenger
2012-08-10 19:06:08 ----D---- C:\Program Files\MSN Gaming Zone
2012-08-10 19:06:08 ----A---- C:\WINDOWS\system32\write.exe
2012-08-10 19:05:56 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-08-10 19:05:55 ----A---- C:\WINDOWS\system32\hticons.dll
2012-08-10 19:05:55 ----A---- C:\WINDOWS\system32\avwav.dll
2012-08-10 19:05:55 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-08-10 19:05:55 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-08-10 19:05:54 ----A---- C:\WINDOWS\system32\winchat.exe
2012-08-10 19:05:46 ----A---- C:\WINDOWS\system32\getuname.dll
2012-08-10 19:05:45 ----A---- C:\WINDOWS\system32\charmap.exe
2012-08-10 19:05:45 ----A---- C:\WINDOWS\system32\calc.exe
2012-08-10 19:05:44 ----A---- C:\WINDOWS\system32\winmine.exe
2012-08-10 19:05:44 ----A---- C:\WINDOWS\system32\sol.exe
2012-08-10 19:05:44 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-08-10 19:05:44 ----A---- C:\WINDOWS\system32\freecell.exe
2012-08-10 19:05:43 ----A---- C:\WINDOWS\system32\rdpshell.exe
2012-08-10 19:05:43 ----A---- C:\WINDOWS\system32\rdpinit.exe
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\wksprtps.dll
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\wksprt.exe
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\winlogonnotification.dll
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\tswbprxy.exe
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\tspubwmi.dll
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\reset.exe
2012-08-10 19:05:42 ----A---- C:\WINDOWS\system32\MsRdpWebAccess.dll
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\tskill.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\tscon.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\shadow.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\regini.exe
2012-08-10 19:05:41 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-08-10 19:05:40 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-08-10 19:05:40 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-08-10 19:05:40 ----A---- C:\WINDOWS\system32\msg.exe
2012-08-10 19:05:40 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-08-10 19:05:40 ----A---- C:\WINDOWS\system32\logoff.exe
2012-08-10 19:05:40 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-08-10 19:05:32 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-08-10 19:05:31 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-08-10 19:05:31 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-08-10 19:05:31 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-08-10 19:05:30 ----D---- C:\Program Files\Windows NT
2012-08-10 19:05:30 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-08-10 19:05:29 ----A---- C:\WINDOWS\system32\spider.exe
2012-08-10 19:05:29 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-08-10 19:05:29 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-08-10 19:05:28 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-08-10 19:05:28 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-08-10 19:05:28 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-08-10 19:05:27 ----A---- C:\WINDOWS\system32\tsgqec.dll
2012-08-10 19:05:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-08-10 19:05:27 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2012-08-10 19:05:27 ----A---- C:\WINDOWS\system32\aaclient.dll
2012-08-10 19:05:26 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-08-10 19:05:26 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-08-10 19:05:25 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-08-10 19:05:24 ----D---- C:\WINDOWS\system32\MsDtc
2012-08-10 19:05:24 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-08-10 19:05:24 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-08-10 19:05:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-08-10 19:05:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-08-10 19:05:24 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-08-10 19:05:24 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-08-10 19:05:23 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-08-10 19:05:23 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-08-10 19:05:23 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-08-10 19:05:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-08-10 19:05:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-08-10 19:05:22 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-08-10 19:05:21 ----D---- C:\WINDOWS\system32\Com
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\stclient.dll
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-08-10 19:05:21 ----A---- C:\WINDOWS\system32\colbact.dll
2012-08-10 19:05:20 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-08-10 19:05:20 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-08-10 19:05:20 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-08-10 19:05:20 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-08-10 19:05:19 ----A---- C:\WINDOWS\system32\comuid.dll
2012-08-10 19:05:19 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-08-10 19:05:19 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-08-10 19:05:18 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-08-10 19:05:10 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-08-10 19:05:10 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-08-10 19:05:10 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-08-10 19:05:10 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-08-10 19:05:06 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2012-08-10 19:05:05 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-08-10 23:44:25 ----A---- C:\WINDOWS\system32\oeminfo.ini
2012-08-10 22:25:54 ----N---- C:\WINDOWS\win.ini
2012-08-10 22:25:54 ----N---- C:\WINDOWS\system.ini
2012-08-10 19:30:54 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 d344prt;d344prt; C:\WINDOWS\System32\Drivers\d344prt.sys [2003-12-27 5248]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2009-05-05 13976]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2009-05-05 22168]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-02-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-03-19 301248]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2011-01-25 62848]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2011-01-25 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2011-01-25 9472]
S3 amsint32;amsint32; \??\C:\WINDOWS\system32\drivers\jphpt.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2011-01-25 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2011-01-25 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2011-01-25 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\avgidsagent.exe [2012-07-04 5160568]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\avgwdsvc.exe [2012-02-14 193288]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2011-01-25 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2011-01-25 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2011-01-25 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2011-01-25 14848]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim a pekny den preji

Hodne radku rika ze je tam virut

Virut je konkrétním typem viru - tzv. fileinfector.Virut je polymorfní souborový virus,který napadá exe soubory atd, takže je téměř min. šance na vyléčení.Připojuje se k IRC síti.Je možné jej na dálku ovladát.Virut hledá spustitelné soubory exe,src.Spustitelné soubory virut infikuje připojením svého kódu k poslední sekci. Hostitelský soubor modifikuje tak, že před během původního kódu se spusti virus.Dokáže se aktualizovat anebo spustit libovolný soubor.

Takze chcete se jej pokusit lecit

Jen tak mimochodem, AVG je spise parodie na antivir

jaké mám jiné možnosti? formát D:/ a reinstal C:/ ?

každopádně když si přečtete můj edit, tak zjistíte, že mi jiný antivir nainstalovat nešel. AVG bylo jediné co šlo, ale mám z toho takový pocit, že ten vir věděl, co dělá, když mě ho nechal nainstalovat

No vážně jsem docela v koncích. Jestli se dokáže dostat jen do .exe souborů, tak by mohlo stačit pročistit D:/ od programů a her a nechat aspoň multimédia, ale já nejsem expert, takže to považujte spíše za otázku. Vážně si nevím rady. Navíc ten disk byl čistý, ale připojoval jsem disk, který jsem dostal (další 250GB), který ani neměl alokovanou část disku, kterou jsem se snažil rozjet, ale selhal jsem, tak jsem ho naformátoval a pak znovu reinstaloval C:/ (kvůli prvním problémům) a zjistil jsem, že mám infikovaný celý disk (ten druhý už jsem odpojil)

EDIT : né jen .exe .........

napadlo mě, že bych mohl (zase) reinstalovat a spojit obě části disku, tím je i naformátovat (pěkně pomalu...na to si potrpím) a zbavil bych se všech, i škodlivých, dat. Sice bych to nedělal rád, ale jestli, jak píšete, se tyhle viruty téměř nedaj vyléčit, tak mi nejspíš stejně nic jiného nezbývá.

Staci ze kdekoliv zustane jeden napadeny soubor a virut se z nej rozmnozi

Bohuzel uz existuji i varianty virutu, ktere napadaji i treba jpg obrazky, zkratka, zadny soubor jim neni svaty

Muzete zazalohovat filmy, zkusit obrazky, dokumenty - vse vypalit na CD (ne flash disky, z tech se rad virut tez siri), to projet treba Kaspersky antivirem na nejakem jinem PC

Nejlepsi je udelat format celeho disku, odstranit partice (C:\ i D:\), znovu rozdelit a provest instalaci systemu

když pominu filmy (nahraditelné) tak tady mám dost dokumentů o které bych vážně nerad přišel, ale kdybych je vypálil, tak je nemám jak zkontrolovat. Musel bych zase reinstalovat PC, nainstalovat antivir a až potom to zkusit. To bych ale přežil, každopádně měl bych tedy přesedlat na Kapersky? Už jsem o něm slyšel dost dobrých věcí, ale nemám s ním zkušenosti. A jaké vůbec tenhle virut sebou nese hrozby? Je to jako kdysi trojan, který sice udělá bordel na disku a zpomalý PC, ale nepřináší žádné HW, či systémové rizika?

Kaspersky je ale placeny produkt, takze jej muzete nainstalovat a otestovat pote soubory v jeho zkusebni verzi. Jinak je to ale jeden ze spickovych bezp. produktu

Virut krade hesla, takze doporucuji jejich kompletni zmenu

vše hotovo (naformátováno, reinstalováno, zazálohováno i změněné hesla) a teď jdu na zkontrolování toho CD. Bude Avira stačit? A ještě jedna otázka. Jak teď rozdělím ten disk? Půjde to ještě?

Rozdeleni disku je ted mozne, ovsem ne moc bezpecne, proto jsem psal ze hned pri formatu jej mate rozdelit

Spise doporucuji nainstalovat trial verzi Kasperskeho s jim to nechat zkontrolovat

Pokud nebude zde vyvijena nejaka cinnost - bude tema na zaklade Pravidla o zamykani temat