nenalezl C:/windows/system32/sshnas.dll

[djaspic]

nejsem žádný profík a proto se obracím s prosbou, PC mi při statru píše.: nenalezl C:/windows/system32/sshnas.dll.
Něco jsem našel v diskuzi a vyrobil jsem nějakej ten log.
Prosím o jeho kontrolu, nerad bych něco zanedbal. děkuji djaspic.

Logfile of random's system information tool 1.06 (written by random/random)
Run by uzivatel at 2010-01-07 21:55:00
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 424 GB (71%) free of 599 GB
Total RAM: 3325 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:55:41, on 7.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Opera\opera.exe
C:\Users\uzivatel\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [C:\Windows\system32\V0420Cvw.dll] C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0420Cvw.dll
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [ICSDCLT] C:\Windows\rundll32.exe C:\Windows\system32\icsdclt.dll,ICSClient
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunServices: [SSDPSRV] C:\Windows\system32\ssdpsrv.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,AddConsoleAliasAW
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-106771787-44505253-1318668714-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Dominika')
O4 - HKUS\S-1-5-21-106771787-44505253-1318668714-1002\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Tina a Petra')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{50003530-4B94-442A-BBF1-06BC1B8AE85E}: NameServer = 193.165.254.9,193.165.145.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{50003530-4B94-442A-BBF1-06BC1B8AE85E}: NameServer = 193.165.254.9,193.165.145.12
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 6970 bytes

======Scheduled tasks folder======

C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-07-17 279944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"C:\Windows\system32\V0420Cvw.dll"=C:\Windows\system32\RegSvr32.exe [2006-11-02 14336]
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"ICSDCLT"=C:\Windows\rundll32.exe C:\Windows\system32\icsdclt.dll,ICSClient []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-04 149280]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"LosAlamos"=C:\Windows\system32\sshnas.dll,AddConsoleAliasAW []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[djaspic]

pokračování logu.

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-07 21:55:00 ----D---- C:\rsit
2010-01-07 21:55:00 ----D---- C:\Program Files\trend micro
2010-01-04 22:32:56 ----D---- C:\Users\uzivatel\AppData\Roaming\TomTom
2010-01-04 22:32:49 ----D---- C:\Program Files\TomTom International B.V
2010-01-04 22:32:40 ----D---- C:\Program Files\TomTom HOME 2
2010-01-04 21:52:59 ----A---- C:\Windows\system32\sysprs7.dll
2010-01-04 21:52:59 ----A---- C:\Windows\system32\ssprs.dll
2010-01-04 21:52:59 ----A---- C:\Windows\system32\lsprst7.dll
2010-01-04 21:52:59 ----A---- C:\Windows\system32\clauth2.dll
2010-01-04 21:52:59 ----A---- C:\Windows\system32\clauth1.dll
2010-01-04 21:52:57 ----D---- C:\ProgramData\hps
2010-01-04 21:52:43 ----D---- C:\Program Files\Digimax
2010-01-04 17:41:36 ----D---- C:\Windows\Minidump
2010-01-04 16:56:10 ----D---- C:\ProgramData\HappyFoto
2010-01-04 16:55:57 ----D---- C:\Program Files\HappyFoto
2010-01-04 16:53:45 ----D---- C:\Users\uzivatel\AppData\Roaming\Happy Foto
2010-01-04 16:53:44 ----D---- C:\Program Files\Aberger
2010-01-04 16:46:22 ----A---- C:\Windows\system32\javaws.exe
2010-01-04 16:46:22 ----A---- C:\Windows\system32\javaw.exe
2010-01-04 16:46:22 ----A---- C:\Windows\system32\deploytk.dll
2010-01-04 16:46:21 ----A---- C:\Windows\system32\java.exe
2010-01-04 16:46:05 ----D---- C:\Program Files\Java
2010-01-04 14:43:29 ----D---- C:\Users\uzivatel\AppData\Roaming\ESET
2010-01-04 12:46:45 ----D---- C:\Users\uzivatel\AppData\Roaming\VistaCodecs
2010-01-04 12:46:42 ----D---- C:\Program Files\VistaCodecPack
2010-01-04 12:46:00 ----D---- C:\ProgramData\VistaCodecs
2010-01-04 00:21:18 ----D---- C:\Program Files\MSXML 4.0
2010-01-03 22:00:18 ----D---- C:\ProgramData\LightScribe
2010-01-03 21:59:17 ----D---- C:\Users\uzivatel\AppData\Roaming\Nero
2010-01-03 21:49:57 ----A---- C:\Windows\Irremote.ini
2010-01-03 21:38:25 ----D---- C:\Program Files\Nero
2010-01-03 21:38:03 ----D---- C:\ProgramData\Nero
2010-01-03 21:38:01 ----D---- C:\Program Files\Common Files\Nero
2010-01-03 21:37:41 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-01-03 21:37:10 ----D---- C:\Program Files\Common Files\LightScribe
2010-01-03 20:33:14 ----A---- C:\Windows\system32\msonpmon.dll
2010-01-03 20:31:03 ----D---- C:\Program Files\Microsoft Works
2010-01-03 20:30:39 ----D---- C:\Program Files\Microsoft Visual Studio
2010-01-03 20:30:39 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-03 20:30:11 ----D---- C:\Windows\PCHEALTH
2010-01-03 20:30:11 ----D---- C:\Program Files\Microsoft.NET
2010-01-03 20:28:27 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-01-03 20:27:50 ----D---- C:\Windows\SHELLNEW
2010-01-03 20:27:28 ----D---- C:\ProgramData\Microsoft Help
2010-01-03 20:27:28 ----D---- C:\Program Files\Microsoft Office
2010-01-03 20:25:19 ----RHD---- C:\MSOCache
2010-01-03 20:18:20 ----D---- C:\Program Files\Windows Portable Devices
2010-01-03 20:06:05 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-01-03 20:06:05 ----A---- C:\Windows\system32\UIAnimation.dll
2010-01-03 20:06:04 ----A---- C:\Windows\system32\UIRibbon.dll
2010-01-03 20:05:39 ----A---- C:\Windows\system32\WMPhoto.dll
2010-01-03 20:05:39 ----A---- C:\Windows\system32\cdd.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-01-03 20:05:38 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\dxdiagn.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\dxdiag.exe
2010-01-03 20:05:38 ----A---- C:\Windows\system32\d3d10warp.dll
2010-01-03 20:05:38 ----A---- C:\Windows\system32\d2d1.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\xpsservices.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\XpsPrint.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\OpcServices.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\FntCache.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\dxgi.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\DWrite.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\d3d11.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\d3d10level9.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\d3d10core.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\d3d10_1.dll
2010-01-03 20:05:37 ----A---- C:\Windows\system32\d3d10.dll
2010-01-03 20:05:10 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-01-03 20:05:09 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-01-03 20:05:09 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-01-03 20:05:08 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-01-03 20:05:07 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-01-03 20:05:07 ----A---- C:\Windows\system32\WpdConns.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\WPDSp.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\wpdshext.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\WpdMtp.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\wpd_ci.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-01-03 20:05:06 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-01-03 20:03:08 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-01-03 20:03:08 ----A---- C:\Windows\system32\oleaccrc.dll
2010-01-03 20:03:08 ----A---- C:\Windows\system32\oleacc.dll
2010-01-03 18:51:28 ----D---- C:\Windows\system32\eu-ES
2010-01-03 18:51:28 ----D---- C:\Windows\system32\ca-ES
2010-01-03 18:51:22 ----D---- C:\Windows\system32\vi-VN
2010-01-03 16:04:19 ----D---- C:\Windows\system32\EventProviders
2010-01-03 13:50:00 ----D---- C:\Program Files\Mozilla Firefox
2010-01-03 13:50:00 ----D---- C:\Program Files\AskBarDis
2010-01-03 13:49:53 ----D---- C:\Users\uzivatel\AppData\Roaming\GlarySoft
2010-01-03 13:49:51 ----D---- C:\Program Files\Absolute Uninstaller
2010-01-03 13:44:14 ----D---- C:\Users\uzivatel\AppData\Roaming\WinRAR
2010-01-03 13:43:45 ----D---- C:\Program Files\WinRAR
2010-01-02 12:11:02 ----A---- C:\Windows\system32\jscript.dll
2010-01-01 21:15:51 ----D---- C:\Users\uzivatel\AppData\Roaming\Opera
2010-01-01 21:15:43 ----D---- C:\Program Files\Opera
2010-01-01 21:13:33 ----A---- C:\Windows\system32\occache.dll
2010-01-01 21:13:33 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-01 21:13:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-01 21:13:32 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-01 21:13:32 ----A---- C:\Windows\system32\ieui.dll
2010-01-01 21:13:32 ----A---- C:\Windows\system32\iesetup.dll
2010-01-01 21:13:32 ----A---- C:\Windows\system32\iernonce.dll
2010-01-01 21:13:32 ----A---- C:\Windows\system32\iepeers.dll
2010-01-01 21:13:31 ----A---- C:\Windows\system32\wininet.dll
2010-01-01 21:13:31 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-01 21:13:31 ----A---- C:\Windows\system32\iertutil.dll
2010-01-01 21:13:31 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-01 21:13:31 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-01 21:13:30 ----A---- C:\Windows\system32\urlmon.dll
2010-01-01 21:13:30 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-01 21:13:30 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-01 21:13:29 ----A---- C:\Windows\system32\mshtml.dll
2010-01-01 21:13:29 ----A---- C:\Windows\system32\ieframe.dll
2010-01-01 21:12:21 ----A---- C:\Windows\system32\mshtmler.dll
2010-01-01 21:12:21 ----A---- C:\Windows\system32\mshtmled.dll
2010-01-01 21:12:21 ----A---- C:\Windows\system32\icardie.dll
2010-01-01 21:12:21 ----A---- C:\Windows\system32\admparse.dll
2010-01-01 21:12:20 ----A---- C:\Windows\system32\msls31.dll
2010-01-01 21:12:20 ----A---- C:\Windows\system32\imgutil.dll
2010-01-01 21:12:20 ----A---- C:\Windows\system32\ieakeng.dll
2010-01-01 21:12:20 ----A---- C:\Windows\system32\dxtrans.dll
2010-01-01 21:12:20 ----A---- C:\Windows\system32\dxtmsft.dll
2010-01-01 21:12:20 ----A---- C:\Windows\system32\corpol.dll
2010-01-01 21:12:19 ----A---- C:\Windows\system32\msrating.dll
2010-01-01 21:12:19 ----A---- C:\Windows\system32\licmgr10.dll
2010-01-01 21:12:19 ----A---- C:\Windows\system32\inseng.dll
2010-01-01 21:12:19 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-01 21:12:18 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-01-01 21:12:18 ----A---- C:\Windows\system32\wextract.exe
2010-01-01 21:12:18 ----A---- C:\Windows\system32\webcheck.dll
2010-01-01 21:12:18 ----A---- C:\Windows\system32\pngfilt.dll
2010-01-01 21:12:18 ----A---- C:\Windows\system32\mstime.dll
2010-01-01 21:12:18 ----A---- C:\Windows\system32\ieakui.dll
2010-01-01 21:12:18 ----A---- C:\Windows\system32\advpack.dll
2010-01-01 21:12:17 ----A---- C:\Windows\system32\vbscript.dll
2010-01-01 21:12:17 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-01 21:12:16 ----A---- C:\Windows\system32\url.dll
2010-01-01 21:12:15 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-01-01 21:12:15 ----A---- C:\Windows\system32\SetDepNx.exe
2010-01-01 21:12:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-01-01 21:12:15 ----A---- C:\Windows\system32\PDMSetup.exe
2010-01-01 21:12:15 ----A---- C:\Windows\system32\mshta.exe
2010-01-01 21:12:15 ----A---- C:\Windows\system32\iexpress.exe
2010-01-01 16:56:02 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-01-01 16:55:59 ----A---- C:\Windows\system32\SLsvc.exe
2010-01-01 16:55:59 ----A---- C:\Windows\system32\SLCExt.dll
2010-01-01 16:55:54 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-01-01 16:55:54 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-01-01 16:55:52 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-01-01 16:55:50 ----A---- C:\Windows\system32\mssrch.dll
2010-01-01 16:55:47 ----A---- C:\Windows\system32\tquery.dll
2010-01-01 16:55:46 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-01-01 16:55:45 ----A---- C:\Windows\system32\scavenge.dll
2010-01-01 16:55:45 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-01-01 16:55:44 ----A---- C:\Windows\system32\RMActivate.exe
2010-01-01 16:55:43 ----A---- C:\Windows\system32\msi.dll
2010-01-01 16:55:42 ----A---- C:\Windows\system32\imapi2fs.dll
2010-01-01 16:55:41 ----A---- C:\Windows\system32\WscEapPr.dll
2010-01-01 16:55:41 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-01-01 16:55:41 ----A---- C:\Windows\system32\sysmain.dll
2010-01-01 16:55:41 ----A---- C:\Windows\system32\secproc_isv.dll
2010-01-01 16:55:39 ----A---- C:\Windows\system32\icardagt.exe
2010-01-01 16:55:38 ----A---- C:\Windows\system32\EhStorShell.dll
2010-01-01 16:55:37 ----A---- C:\Windows\system32\spreview.exe
2010-01-01 16:55:37 ----A---- C:\Windows\system32\spinstall.exe
2010-01-01 16:55:36 ----A---- C:\Windows\system32\drmv2clt.dll
2010-01-01 16:55:35 ----A---- C:\Windows\system32\spwizui.dll
2010-01-01 16:55:35 ----A---- C:\Windows\system32\secproc.dll
2010-01-01 16:55:35 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-01-01 16:55:34 ----A---- C:\Windows\system32\shell32.dll
2010-01-01 16:55:33 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-01-01 16:55:33 ----A---- C:\Windows\system32\p2psvc.dll
2010-01-01 16:55:32 ----A---- C:\Windows\system32\mssvp.dll
2010-01-01 16:55:32 ----A---- C:\Windows\system32\mssphtb.dll
2010-01-01 16:55:32 ----A---- C:\Windows\system32\mssph.dll
2010-01-01 16:55:32 ----A---- C:\Windows\system32\mscoree.dll
2010-01-01 16:55:31 ----A---- C:\Windows\system32\imapi2.dll
2010-01-01 16:55:30 ----A---- C:\Windows\system32\sdohlp.dll
2010-01-01 16:55:29 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-01-01 16:55:29 ----A---- C:\Windows\system32\esent.dll
2010-01-01 16:55:29 ----A---- C:\Windows\system32\DevicePairing.dll
2010-01-01 16:55:28 ----A---- C:\Windows\system32\wevtsvc.dll
2010-01-01 16:55:28 ----A---- C:\Windows\system32\sperror.dll
2010-01-01 16:55:28 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-01-01 16:55:28 ----A---- C:\Windows\system32\korwbrkr.dll
2010-01-01 16:55:27 ----A---- C:\Windows\system32\SLC.dll
2010-01-01 16:55:27 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-01-01 16:55:27 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-01-01 16:55:27 ----A---- C:\Windows\system32\msshsq.dll
2010-01-01 16:55:24 ----A---- C:\Windows\system32\msjet40.dll
2010-01-01 16:55:24 ----A---- C:\Windows\system32\MPSSVC.dll
2010-01-01 16:55:22 ----A---- C:\Windows\system32\Query.dll
2010-01-01 16:55:22 ----A---- C:\Windows\system32\qmgr.dll
2010-01-01 16:55:21 ----A---- C:\Windows\system32\P2PGraph.dll
2010-01-01 16:55:21 ----A---- C:\Windows\system32\msexch40.dll
2010-01-01 16:55:21 ----A---- C:\Windows\system32\IasMigReader.exe
2010-01-01 16:55:21 ----A---- C:\Windows\system32\diagperf.dll
2010-01-01 16:55:20 ----A---- C:\Windows\system32\srchadmin.dll
2010-01-01 16:55:20 ----A---- C:\Windows\system32\ole32.dll
2010-01-01 16:55:20 ----A---- C:\Windows\system32\ntdll.dll
2010-01-01 16:55:19 ----A---- C:\Windows\system32\winload.exe
2010-01-01 16:55:19 ----A---- C:\Windows\system32\mblctr.exe
2010-01-01 16:55:18 ----A---- C:\Windows\system32\uDWM.dll
2010-01-01 16:55:18 ----A---- C:\Windows\system32\mmc.exe
2010-01-01 16:55:18 ----A---- C:\Windows\system32\EncDec.dll
2010-01-01 16:55:17 ----A---- C:\Windows\system32\riched20.dll
2010-01-01 16:55:17 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-01-01 16:55:17 ----A---- C:\Windows\system32\dfsr.exe
2010-01-01 16:55:16 ----A---- C:\Windows\system32\RacEngn.dll
2010-01-01 16:55:16 ----A---- C:\Windows\system32\fdBth.dll
2010-01-01 16:55:15 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-01-01 16:55:15 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-01-01 16:55:15 ----A---- C:\Windows\system32\kernel32.dll
2010-01-01 16:55:14 ----A---- C:\Windows\system32\spoolss.dll
2010-01-01 16:55:14 ----A---- C:\Windows\system32\schedsvc.dll
2010-01-01 16:55:14 ----A---- C:\Windows\system32\milcore.dll
2010-01-01 16:55:14 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-01-01 16:55:14 ----A---- C:\Windows\system32\CertEnroll.dll
2010-01-01 16:55:13 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-01-01 16:55:12 ----A---- C:\Windows\system32\msvcp60.dll
2010-01-01 16:55:12 ----A---- C:\Windows\system32\msjtes40.dll
2010-01-01 16:55:12 ----A---- C:\Windows\system32\infocardapi.dll
2010-01-01 16:55:12 ----A---- C:\Windows\system32\gpedit.dll
2010-01-01 16:55:11 ----A---- C:\Windows\system32\WinSAT.exe
2010-01-01 16:55:11 ----A---- C:\Windows\system32\es.dll
2010-01-01 16:55:10 ----A---- C:\Windows\system32\mstext40.dll
2010-01-01 16:55:10 ----A---- C:\Windows\system32\Magnify.exe
2010-01-01 16:55:06 ----A---- C:\Windows\system32\WebClnt.dll
2010-01-01 16:55:06 ----A---- C:\Windows\system32\advapi32.dll
2010-01-01 16:55:05 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-01-01 16:55:05 ----A---- C:\Windows\system32\slwmi.dll
2010-01-01 16:55:05 ----A---- C:\Windows\system32\msxbde40.dll
2010-01-01 16:55:05 ----A---- C:\Windows\system32\msexcl40.dll
2010-01-01 16:55:05 ----A---- C:\Windows\system32\comsvcs.dll
2010-01-01 16:55:04 ----A---- C:\Windows\system32\vssapi.dll
2010-01-01 16:55:03 ----A---- C:\Windows\system32\authui.dll
2010-01-01 16:55:02 ----A---- C:\Windows\system32\propsys.dll
2010-01-01 16:55:02 ----A---- C:\Windows\system32\PresentationHost.exe
2010-01-01 16:55:02 ----A---- C:\Windows\system32\newdev.dll
2010-01-01 16:55:02 ----A---- C:\Windows\system32\msrepl40.dll
2010-01-01 16:55:01 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-01-01 16:55:01 ----A---- C:\Windows\system32\iasrecst.dll
2010-01-01 16:55:01 ----A---- C:\Windows\system32\gpsvc.dll
2010-01-01 16:55:01 ----A---- C:\Windows\system32\eudcedit.exe
2010-01-01 16:55:01 ----A---- C:\Windows\system32\crypt32.dll
2010-01-01 16:55:00 ----A---- C:\Windows\system32\setupapi.dll
2010-01-01 16:55:00 ----A---- C:\Windows\system32\rpcss.dll
2010-01-01 16:55:00 ----A---- C:\Windows\explorer.exe
2010-01-01 16:54:59 ----A---- C:\Windows\system32\mspbde40.dll
2010-01-01 16:54:59 ----A---- C:\Windows\system32\d3d9.dll
2010-01-01 16:54:58 ----A---- C:\Windows\system32\shlwapi.dll
2010-01-01 16:54:58 ----A---- C:\Windows\system32\msltus40.dll
2010-01-01 16:54:58 ----A---- C:\Windows\system32\mfc42.dll
2010-01-01 16:54:58 ----A---- C:\Windows\system32\davclnt.dll
2010-01-01 16:54:57 ----A---- C:\Windows\system32\msrd3x40.dll
2010-01-01 16:54:57 ----A---- C:\Windows\system32\msdtctm.dll
2010-01-01 16:54:57 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-01-01 16:54:57 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-01-01 16:54:57 ----A---- C:\Windows\system32\browseui.dll
2010-01-01 16:54:56 ----A---- C:\Windows\system32\wevtapi.dll
2010-01-01 16:54:56 ----A---- C:\Windows\system32\photowiz.dll
2010-01-01 16:54:56 ----A---- C:\Windows\system32\nlhtml.dll
2010-01-01 16:54:55 ----A---- C:\Windows\system32\user32.dll
2010-01-01 16:54:54 ----A---- C:\Windows\system32\samsrv.dll
2010-01-01 16:54:54 ----A---- C:\Windows\system32\quartz.dll
2010-01-01 16:54:54 ----A---- C:\Windows\system32\ci.dll
2010-01-01 16:54:53 ----A---- C:\Windows\system32\win32spl.dll
2010-01-01 16:54:53 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-01-01 16:54:53 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-01-01 16:54:53 ----A---- C:\Windows\system32\oleaut32.dll
2010-01-01 16:54:53 ----A---- C:\Windows\system32\kerberos.dll
2010-01-01 16:54:52 ----A---- C:\Windows\system32\netshell.dll
2010-01-01 16:54:52 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-01-01 16:54:52 ----A---- C:\Windows\system32\compcln.exe
2010-01-01 16:54:51 ----A---- C:\Windows\system32\winhttp.dll
2010-01-01 16:54:51 ----A---- C:\Windows\system32\mswstr10.dll
2010-01-01 16:54:51 ----A---- C:\Windows\system32\audiosrv.dll
2010-01-01 16:54:51 ----A---- C:\Windows\system32\apds.dll
2010-01-01 16:54:50 ----A---- C:\Windows\system32\xmlfilter.dll
2010-01-01 16:54:50 ----A---- C:\Windows\system32\msctf.dll
2010-01-01 16:54:50 ----A---- C:\Windows\system32\emdmgmt.dll
2010-01-01 16:54:49 ----A---- C:\Windows\system32\VSSVC.exe
2010-01-01 16:54:49 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-01-01 16:54:49 ----A---- C:\Windows\system32\msvcrt.dll
2010-01-01 16:54:49 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-01-01 16:54:49 ----A---- C:\Windows\system32\gdi32.dll
2010-01-01 16:54:48 ----A---- C:\Windows\system32\SLUI.exe
2010-01-01 16:54:48 ----A---- C:\Windows\system32\msrd2x40.dll
2010-01-01 16:54:48 ----A---- C:\Windows\system32\mfc42u.dll
2010-01-01 16:54:48 ----A---- C:\Windows\system32\eapphost.dll
2010-01-01 16:54:47 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-01-01 16:54:46 ----A---- C:\Windows\system32\winresume.exe
2010-01-01 16:54:46 ----A---- C:\Windows\system32\propdefs.dll
2010-01-01 16:54:46 ----A---- C:\Windows\system32\odbc32.dll
2010-01-01 16:54:45 ----A---- C:\Windows\system32\shdocvw.dll
2010-01-01 16:54:44 ----A---- C:\Windows\system32\wevtutil.exe
2010-01-01 16:54:44 ----A---- C:\Windows\system32\dbgeng.dll
2010-01-01 16:54:43 ----A---- C:\Windows\system32\mssitlb.dll
2010-01-01 16:54:42 ----A---- C:\Windows\system32\WsmSvc.dll
2010-01-01 16:54:42 ----A---- C:\Windows\system32\swprv.dll
2010-01-01 16:54:42 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-01-01 16:54:41 ----A---- C:\Windows\system32\usp10.dll
2010-01-01 16:54:40 ----A---- C:\Windows\system32\vds.exe
2010-01-01 16:54:39 ----A---- C:\Windows\system32\netlogon.dll
2010-01-01 16:54:39 ----A---- C:\Windows\system32\msscb.dll
2010-01-01 16:54:39 ----A---- C:\Windows\system32\msctfp.dll
2010-01-01 16:54:39 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-01-01 16:54:39 ----A---- C:\Windows\system32\drvinst.exe
2010-01-01 16:54:39 ----A---- C:\Windows\system32\devmgr.dll
2010-01-01 16:54:39 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-01-01 16:54:39 ----A---- C:\Windows\system32\BFE.DLL
2010-01-01 16:54:39 ----A---- C:\Windows\system32\adsldpc.dll
2010-01-01 16:54:38 ----A---- C:\Windows\system32\Wldap32.dll
2010-01-01 16:54:38 ----A---- C:\Windows\system32\wcnwiz.dll
2010-01-01 16:54:38 ----A---- C:\Windows\system32\schannel.dll
2010-01-01 16:54:38 ----A---- C:\Windows\system32\evr.dll
2010-01-01 16:54:37 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-01-01 16:54:36 ----A---- C:\Windows\system32\wercon.exe
2010-01-01 16:54:36 ----A---- C:\Windows\system32\services.exe
2010-01-01 16:54:36 ----A---- C:\Windows\system32\mimefilt.dll
2010-01-01 16:54:36 ----A---- C:\Windows\system32\comdlg32.dll
2010-01-01 16:54:36 ----A---- C:\Windows\system32\adtschema.dll
2010-01-01 16:54:35 ----A---- C:\Windows\system32\wcncsvc.dll
2010-01-01 16:54:35 ----A---- C:\Windows\system32\msjter40.dll
2010-01-01 16:54:35 ----A---- C:\Windows\system32\msdtcprx.dll
2010-01-01 16:54:35 ----A---- C:\Windows\system32\msdrm.dll
2010-01-01 16:54:35 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-01-01 16:54:35 ----A---- C:\Windows\system32\certcli.dll
2010-01-01 16:54:34 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-01-01 16:54:34 ----A---- C:\Windows\system32\taskeng.exe
2010-01-01 16:54:34 ----A---- C:\Windows\system32\rtffilt.dll
2010-01-01 16:54:34 ----A---- C:\Windows\system32\reg.exe
2010-01-01 16:54:34 ----A---- C:\Windows\system32\mswdat10.dll
2010-01-01 16:54:34 ----A---- C:\Windows\system32\dnsapi.dll
2010-01-01 16:54:34 ----A---- C:\Windows\system32\certutil.exe
2010-01-01 16:54:33 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-01-01 16:54:33 ----A---- C:\Windows\system32\w32time.dll
2010-01-01 16:54:33 ----A---- C:\Windows\system32\msshooks.dll
2010-01-01 16:54:33 ----A---- C:\Windows\system32\msscntrs.dll
2010-01-01 16:54:33 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-01-01 16:54:33 ----A---- C:\Windows\system32\bcrypt.dll
2010-01-01 16:54:32 ----A---- C:\Windows\system32\rsaenh.dll
2010-01-01 16:54:32 ----A---- C:\Windows\system32\msihnd.dll
2010-01-01 16:54:32 ----A---- C:\Windows\system32\bthserv.dll
2010-01-01 16:54:31 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-01-01 16:54:31 ----A---- C:\Windows\system32\msstrc.dll
2010-01-01 16:54:31 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-01-01 16:54:31 ----A---- C:\Windows\system32\inetcomm.dll
2010-01-01 16:54:30 ----A---- C:\Windows\system32\netapi32.dll
2010-01-01 16:54:30 ----A---- C:\Windows\system32\mtxclu.dll
2010-01-01 16:54:30 ----A---- C:\Windows\system32\inetpp.dll
2010-01-01 16:54:30 ----A---- C:\Windows\system32\fundisc.dll
2010-01-01 16:54:30 ----A---- C:\Windows\system32\dfshim.dll
2010-01-01 16:54:30 ----A---- C:\Windows\system32\cryptsvc.dll
2010-01-01 16:54:29 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-01-01 16:54:29 ----A---- C:\Windows\system32\profsvc.dll
2010-01-01 16:54:29 ----A---- C:\Windows\system32\mscories.dll
2010-01-01 16:54:29 ----A---- C:\Windows\system32\hidserv.dll
2010-01-01 16:54:29 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-01-01 16:54:28 ----A---- C:\Windows\system32\termsrv.dll
2010-01-01 16:54:27 ----A---- C:\Windows\system32\wdc.dll
2010-01-01 16:54:27 ----A---- C:\Windows\system32\shsvcs.dll
2010-01-01 16:54:27 ----A---- C:\Windows\system32\msiexec.exe
2010-01-01 16:54:27 ----A---- C:\Windows\system32\imapi.dll
2010-01-01 16:54:26 ----A---- C:\Windows\system32\rasmans.dll
2010-01-01 16:54:26 ----A---- C:\Windows\system32\pnidui.dll
2010-01-01 16:54:26 ----A---- C:\Windows\system32\icardres.dll
2010-01-01 16:54:26 ----A---- C:\Windows\system32\iassdo.dll
2010-01-01 16:54:26 ----A---- C:\Windows\system32\chsbrkr.dll
2010-01-01 16:54:25 ----A---- C:\Windows\system32\wersvc.dll
2010-01-01 16:54:25 ----A---- C:\Windows\system32\spoolsv.exe
2010-01-01 16:54:25 ----A---- C:\Windows\system32\slmgr.vbs
2010-01-01 16:54:25 ----A---- C:\Windows\system32\scrrun.dll
2010-01-01 16:54:25 ----A---- C:\Windows\system32\PSHED.DLL
2010-01-01 16:54:25 ----A---- C:\Windows\system32\autofmt.exe
2010-01-01 16:54:24 ----A---- C:\Windows\system32\pdh.dll
2010-01-01 16:54:24 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-01-01 16:54:24 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-01-01 16:54:24 ----A---- C:\Windows\system32\azroles.dll
2010-01-01 16:54:23 ----A---- C:\Windows\system32\pidgenx.dll
2010-01-01 16:54:20 ----A---- C:\Windows\system32\wmpmde.dll
2010-01-01 16:54:20 ----A---- C:\Windows\system32\winlogon.exe
2010-01-01 16:54:19 ----A---- C:\Windows\system32\SyncCenter.dll
2010-01-01 16:54:19 ----A---- C:\Windows\system32\SLUINotify.dll
2010-01-01 16:54:19 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-01-01 16:54:18 ----A---- C:\Windows\system32\sethc.exe
2010-01-01 16:54:18 ----A---- C:\Windows\system32\ncrypt.dll
2010-01-01 16:54:18 ----A---- C:\Windows\system32\kd1394.dll
2010-01-01 16:54:18 ----A---- C:\Windows\system32\comuid.dll
2010-01-01 16:54:18 ----A---- C:\Windows\system32\certmgr.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\wisptis.exe
2010-01-01 16:54:17 ----A---- C:\Windows\system32\untfs.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\taskcomp.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\spp.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\scrobj.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\rtutils.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\iassam.dll
2010-01-01 16:54:17 ----A---- C:\Windows\system32\dwm.exe
2010-01-01 16:54:16 ----A---- C:\Windows\system32\iasnap.dll
2010-01-01 16:54:16 ----A---- C:\Windows\system32\autochk.exe
2010-01-01 16:54:15 ----A---- C:\Windows\system32\winsrv.dll
2010-01-01 16:54:15 ----A---- C:\Windows\system32\printui.dll
2010-01-01 16:54:15 ----A---- C:\Windows\system32\autoconv.exe
2010-01-01 16:54:14 ----A---- C:\Windows\system32\wow32.dll
2010-01-01 16:54:14 ----A---- C:\Windows\system32\userenv.dll
2010-01-01 16:54:14 ----A---- C:\Windows\system32\onex.dll
2010-01-01 16:54:14 ----A---- C:\Windows\system32\kdcom.dll
2010-01-01 16:54:14 ----A---- C:\Windows\system32\cscript.exe
2010-01-01 16:54:14 ----A---- C:\Windows\system32\basecsp.dll
2010-01-01 16:54:14 ----A---- C:\Windows\system32\audiodg.exe
2010-01-01 16:54:13 ----A---- C:\Windows\system32\winmm.dll
2010-01-01 16:54:13 ----A---- C:\Windows\system32\RelMon.dll
2010-01-01 16:54:13 ----A---- C:\Windows\system32\osk.exe
2010-01-01 16:54:13 ----A---- C:\Windows\system32\mswsock.dll
2010-01-01 16:54:13 ----A---- C:\Windows\system32\kdusb.dll
2010-01-01 16:54:12 ----A---- C:\Windows\system32\WinSCard.dll
2010-01-01 16:54:12 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-01-01 16:54:12 ----A---- C:\Windows\system32\spcmsg.dll
2010-01-01 16:54:12 ----A---- C:\Windows\system32\rdpencom.dll
2010-01-01 16:54:12 ----A---- C:\Windows\system32\offfilt.dll
2010-01-01 16:54:12 ----A---- C:\Windows\system32\msftedit.dll
2010-01-01 16:54:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-01-01 16:54:10 ----A---- C:\Windows\system32\wsepno.dll
2010-01-01 16:54:10 ----A---- C:\Windows\system32\WerFault.exe
2010-01-01 16:54:10 ----A---- C:\Windows\system32\Utilman.exe
2010-01-01 16:54:10 ----A---- C:\Windows\system32\stobject.dll
2010-01-01 16:54:10 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-01-01 16:54:10 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-01-01 16:54:09 ----A---- C:\Windows\system32\SndVol.exe
2010-01-01 16:54:09 ----A---- C:\Windows\system32\prnntfy.dll
2010-01-01 16:54:09 ----A---- C:\Windows\system32\msnetobj.dll
2010-01-01 16:54:09 ----A---- C:\Windows\system32\mscms.dll
2010-01-01 16:54:09 ----A---- C:\Windows\system32\mfplat.dll
2010-01-01 16:54:09 ----A---- C:\Windows\system32\diskraid.exe
2010-01-01 16:54:09 ----A---- C:\Windows\system32\apphelp.dll
2010-01-01 16:54:09 ----A---- C:\Windows\system32\adsmsext.dll
2010-01-01 16:54:08 ----A---- C:\Windows\system32\wscript.exe
2010-01-01 16:54:08 ----A---- C:\Windows\system32\wiaservc.dll
2010-01-01 16:54:08 ----A---- C:\Windows\system32\ulib.dll
2010-01-01 16:54:08 ----A---- C:\Windows\system32\sysclass.dll
2010-01-01 16:54:08 ----A---- C:\Windows\system32\odbccp32.dll
2010-01-01 16:54:08 ----A---- C:\Windows\system32\iasdatastore.dll
2010-01-01 16:54:07 ----A---- C:\Windows\system32\wscntfy.dll
2010-01-01 16:54:07 ----A---- C:\Windows\system32\rastapi.dll
2010-01-01 16:54:07 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-01-01 16:54:07 ----A---- C:\Windows\system32\dsound.dll
2010-01-01 16:54:07 ----A---- C:\Windows\system32\cryptui.dll
2010-01-01 16:54:06 ----A---- C:\Windows\system32\wlangpui.dll
2010-01-01 16:54:06 ----A---- C:\Windows\system32\pnpsetup.dll
2010-01-01 16:54:06 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-01-01 16:54:06 ----A---- C:\Windows\system32\fdProxy.dll
2010-01-01 16:54:06 ----A---- C:\Windows\system32\diskpart.exe
2010-01-01 16:54:06 ----A---- C:\Windows\system32\brcpl.dll
2010-01-01 16:54:05 ----A---- C:\Windows\system32\wscsvc.dll
2010-01-01 16:54:05 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-01-01 16:54:05 ----A---- C:\Windows\system32\vdsdyn.dll
2010-01-01 16:54:05 ----A---- C:\Windows\system32\logman.exe
2010-01-01 16:54:05 ----A---- C:\Windows\system32\iashlpr.dll
2010-01-01 16:54:05 ----A---- C:\Windows\system32\gpapi.dll
2010-01-01 16:54:04 ----A---- C:\Windows\system32\wusa.exe
2010-01-01 16:54:04 ----A---- C:\Windows\system32\regsvc.dll
2010-01-01 16:54:04 ----A---- C:\Windows\system32\rasapi32.dll
2010-01-01 16:54:04 ----A---- C:\Windows\system32\ntprint.dll
2010-01-01 16:54:04 ----A---- C:\Windows\system32\mscorier.dll
2010-01-01 16:54:04 ----A---- C:\Windows\system32\iasrad.dll
2010-01-01 16:54:04 ----A---- C:\Windows\system32\findstr.exe
2010-01-01 16:54:03 ----A---- C:\Windows\system32\zipfldr.dll
2010-01-01 16:54:03 ----A---- C:\Windows\system32\wshext.dll
2010-01-01 16:54:03 ----A---- C:\Windows\system32\wpccpl.dll
2010-01-01 16:54:03 ----A---- C:\Windows\system32\netcenter.dll
2010-01-01 16:54:02 ----A---- C:\Windows\system32\wer.dll
2010-01-01 16:54:02 ----A---- C:\Windows\system32\rasdlg.dll
2010-01-01 16:54:02 ----A---- C:\Windows\system32\iassvcs.dll
2010-01-01 16:54:01 ----A---- C:\Windows\system32\wsnmp32.dll
2010-01-01 16:54:01 ----A---- C:\Windows\system32\uxsms.dll
2010-01-01 16:54:01 ----A---- C:\Windows\system32\themecpl.dll
2010-01-01 16:54:01 ----A---- C:\Windows\system32\mssprxy.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\tsbyuv.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\srvsvc.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\slcc.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\scansetting.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\ntmarta.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\msutb.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\mstlsapi.dll
2010-01-01 16:54:00 ----A---- C:\Windows\system32\iasads.dll
2010-01-01 16:53:59 ----A---- C:\Windows\system32\powrprof.dll
2010-01-01 16:53:59 ----A---- C:\Windows\system32\networkmap.dll
2010-01-01 16:53:59 ----A---- C:\Windows\system32\mstsc.exe
2010-01-01 16:53:59 ----A---- C:\Windows\system32\iasacct.dll
2010-01-01 16:53:58 ----A---- C:\Windows\system32\powercpl.dll
2010-01-01 16:53:58 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-01-01 16:53:58 ----A---- C:\Windows\system32\newdev.exe
2010-01-01 16:53:58 ----A---- C:\Windows\system32\connect.dll
2010-01-01 16:53:58 ----A---- C:\Windows\system32\authz.dll
2010-01-01 16:53:57 ----A---- C:\Windows\system32\themeui.dll
2010-01-01 16:53:57 ----A---- C:\Windows\system32\systemcpl.dll
2010-01-01 16:53:57 ----A---- C:\Windows\system32\sud.dll
2010-01-01 16:53:57 ----A---- C:\Windows\system32\pcaui.dll
2010-01-01 16:53:57 ----A---- C:\Windows\system32\dot3svc.dll
2010-01-01 16:53:56 ----A---- C:\Windows\system32\usercpl.dll
2010-01-01 16:53:56 ----A---- C:\Windows\system32\samlib.dll
2010-01-01 16:53:56 ----A---- C:\Windows\system32\mmci.dll
2010-01-01 16:53:56 ----A---- C:\Windows\system32\autoplay.dll
2010-01-01 16:53:56 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-01-01 16:53:55 ----A---- C:\Windows\system32\wlanpref.dll
2010-01-01 16:53:55 ----A---- C:\Windows\system32\rpchttp.dll
2010-01-01 16:53:55 ----A---- C:\Windows\system32\regapi.dll
2010-01-01 16:53:55 ----A---- C:\Windows\system32\qdvd.dll
2010-01-01 16:53:54 ----A---- C:\Windows\system32\wpcao.dll
2010-01-01 16:53:54 ----A---- C:\Windows\system32\vdsutil.dll
2010-01-01 16:53:54 ----A---- C:\Windows\system32\tapisrv.dll
2010-01-01 16:53:54 ----A---- C:\Windows\system32\msinfo32.exe
2010-01-01 16:53:53 ----A---- C:\Windows\system32\scksp.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\scesrv.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\psisdecd.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\oleprn.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\mpr.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\imm32.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\feclient.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\dot3msm.dll
2010-01-01 16:53:53 ----A---- C:\Windows\system32\AudioSes.dll
2010-01-01 16:53:52 ----A---- C:\Windows\system32\wscisvif.dll
2010-01-01 16:53:52 ----A---- C:\Windows\system32\sdclt.exe
2010-01-01 16:53:52 ----A---- C:\Windows\system32\rekeywiz.exe
2010-01-01 16:53:52 ----A---- C:\Windows\system32\iaspolcy.dll
2010-01-01 16:53:52 ----A---- C:\Windows\system32\Faultrep.dll
2010-01-01 16:53:52 ----A---- C:\Windows\system32\dpapimig.exe
2010-01-01 16:53:52 ----A---- C:\Windows\system32\DeviceEject.exe
2010-01-01 16:53:51 ----A---- C:\Windows\system32\rasgcw.dll
2010-01-01 16:53:51 ----A---- C:\Windows\system32\qedit.dll
2010-01-01 16:53:51 ----A---- C:\Windows\system32\pnpui.dll
2010-01-01 16:53:51 ----A---- C:\Windows\system32\perfdisk.dll
2010-01-01 16:53:51 ----A---- C:\Windows\system32\ncryptui.dll
2010-01-01 16:53:51 ----A---- C:\Windows\system32\hdwwiz.exe
2010-01-01 16:53:51 ----A---- C:\Windows\system32\certreq.exe
2010-01-01 16:53:50 ----A---- C:\Windows\system32\TSTheme.exe
2010-01-01 16:53:50 ----A---- C:\Windows\system32\spwinsat.dll
2010-01-01 16:53:50 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-01-01 16:53:50 ----A---- C:\Windows\system32\scecli.dll
2010-01-01 16:53:50 ----A---- C:\Windows\system32\rasplap.dll
2010-01-01 16:53:50 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-01-01 16:53:49 ----A---- C:\Windows\system32\whealogr.dll
2010-01-01 16:53:49 ----A---- C:\Windows\system32\tcpmon.dll
2010-01-01 16:53:49 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-01-01 16:53:49 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-01-01 16:53:49 ----A---- C:\Windows\system32\fdWSD.dll
2010-01-01 16:53:49 ----A---- C:\Windows\system32\cmmon32.exe
2010-01-01 16:53:48 ----A---- C:\Windows\system32\srcore.dll
2010-01-01 16:53:48 ----A---- C:\Windows\system32\SCardSvr.dll
2010-01-01 16:53:48 ----A---- C:\Windows\system32\conime.exe
2010-01-01 16:53:48 ----A---- C:\Windows\system32\cmdial32.dll
2010-01-01 16:53:47 ----A---- C:\Windows\system32\wiaaut.dll
2010-01-01 16:53:47 ----A---- C:\Windows\system32\raschap.dll
2010-01-01 16:53:47 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-01-01 16:53:47 ----A---- C:\Windows\system32\fontext.dll
2010-01-01 16:53:46 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-01-01 16:53:46 ----A---- C:\Windows\system32\wlanui.dll
2010-01-01 16:53:46 ----A---- C:\Windows\system32\shwebsvc.dll
2010-01-01 16:53:46 ----A---- C:\Windows\system32\rasppp.dll
2010-01-01 16:53:46 ----A---- C:\Windows\system32\PnPutil.exe
2010-01-01 16:53:46 ----A---- C:\Windows\system32\dsprop.dll
2010-01-01 16:53:45 ----A---- C:\Windows\system32\oobefldr.dll
2010-01-01 16:53:45 ----A---- C:\Windows\system32\dimsroam.dll
2010-01-01 16:53:44 ----A---- C:\Windows\system32\shsetup.dll
2010-01-01 16:53:44 ----A---- C:\Windows\system32\rasmontr.dll
2010-01-01 16:53:44 ----A---- C:\Windows\system32\mscandui.dll
2010-01-01 16:53:44 ----A---- C:\Windows\system32\modemui.dll
2010-01-01 16:53:43 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-01-01 16:53:43 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-01-01 16:53:43 ----A---- C:\Windows\system32\rdpwsx.dll
2010-01-01 16:53:43 ----A---- C:\Windows\system32\chtbrkr.dll
2010-01-01 16:53:43 ----A---- C:\Windows\system32\dataclen.dll
2010-01-01 16:53:43 ----A---- C:\Windows\system32\blackbox.dll
2010-01-01 16:53:42 ----A---- C:\Windows\system32\WSDMon.dll
2010-01-01 16:53:42 ----A---- C:\Windows\system32\wmpeffects.dll
2010-01-01 16:53:42 ----A---- C:\Windows\system32\smss.exe
2010-01-01 16:53:42 ----A---- C:\Windows\system32\netplwiz.dll
2010-01-01 16:53:42 ----A---- C:\Windows\system32\credui.dll
2010-01-01 16:53:42 ----A---- C:\Windows\system32\certprop.dll
2010-01-01 16:53:41 ----A---- C:\Windows\system32\wpcsvc.dll
2010-01-01 16:53:41 ----A---- C:\Windows\system32\networkexplorer.dll
2010-01-01 16:53:41 ----A---- C:\Windows\system32\ifmon.dll
2010-01-01 16:53:40 ----A---- C:\Windows\system32\wscapi.dll
2010-01-01 16:53:40 ----A---- C:\Windows\system32\msscp.dll
2010-01-01 16:53:40 ----A---- C:\Windows\system32\msimtf.dll
2010-01-01 16:53:40 ----A---- C:\Windows\system32\logagent.exe
2010-01-01 16:53:40 ----A---- C:\Windows\system32\InkEd.dll
2010-01-01 16:53:40 ----A---- C:\Windows\system32\gpresult.exe
2010-01-01 16:53:40 ----A---- C:\Windows\system32\cipher.exe
2010-01-01 16:53:39 ----A---- C:\Windows\system32\thawbrkr.dll
2010-01-01 16:53:39 ----A---- C:\Windows\system32\softkbd.dll
2010-01-01 16:53:39 ----A---- C:\Windows\system32\sendmail.dll
2010-01-01 16:53:39 ----A---- C:\Windows\system32\msctfui.dll
2010-01-01 16:53:39 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-01-01 16:53:38 ----A---- C:\Windows\system32\puiapi.dll
2010-01-01 16:53:38 ----A---- C:\Windows\system32\olepro32.dll
2010-01-01 16:53:38 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-01-01 16:53:38 ----A---- C:\Windows\system32\dmsynth.dll
2010-01-01 16:53:37 ----A---- C:\Windows\system32\wshbth.dll
2010-01-01 16:53:37 ----A---- C:\Windows\system32\version.dll
2010-01-01 16:53:37 ----A---- C:\Windows\system32\SLLUA.exe
2010-01-01 16:53:37 ----A---- C:\Windows\system32\msisip.dll
2010-01-01 16:53:37 ----A---- C:\Windows\system32\mprapi.dll
2010-01-01 16:53:37 ----A---- C:\Windows\system32\input.dll
2010-01-01 16:53:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-01-01 16:53:36 ----A---- C:\Windows\system32\fdSSDP.dll
2010-01-01 16:53:36 ----A---- C:\Windows\system32\fc.exe
2010-01-01 16:53:36 ----A---- C:\Windows\system32\dmusic.dll
2010-01-01 16:53:35 ----A---- C:\Windows\system32\msjint40.dll
2010-01-01 16:53:35 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-01-01 16:53:35 ----A---- C:\Windows\system32\l2nacp.dll
2010-01-01 16:53:35 ----A---- C:\Windows\system32\ftp.exe
2010-01-01 16:53:35 ----A---- C:\Windows\system32\eapp3hst.dll
2010-01-01 16:53:35 ----A---- C:\Windows\system32\cscdll.dll
2010-01-01 16:53:35 ----A---- C:\Windows\system32\cscapi.dll
2010-01-01 16:53:34 ----A---- C:\Windows\system32\wsdchngr.dll
2010-01-01 16:53:34 ----A---- C:\Windows\system32\Storprop.dll
2010-01-01 16:53:34 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-01-01 16:53:34 ----A---- C:\Windows\system32\rasdial.exe
2010-01-01 16:53:34 ----A---- C:\Windows\system32\rasdiag.dll
2010-01-01 16:53:34 ----A---- C:\Windows\system32\fdWCN.dll
2010-01-01 16:53:34 ----A---- C:\Windows\system32\bthudtask.exe
2010-01-01 16:53:34 ----A---- C:\Windows\system32\bthci.dll
2010-01-01 16:53:33 ----A---- C:\Windows\system32\tscupgrd.exe
2010-01-01 16:53:33 ----A---- C:\Windows\system32\slcinst.dll
2010-01-01 16:53:33 ----A---- C:\Windows\system32\nslookup.exe
2010-01-01 16:53:33 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-01-01 16:53:33 ----A---- C:\Windows\system32\ipconfig.exe
2010-01-01 16:53:33 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-01-01 16:53:33 ----A---- C:\Windows\system32\eappcfg.dll
2010-01-01 16:53:33 ----A---- C:\Windows\system32\dot3cfg.dll
2010-01-01 16:53:32 ----A---- C:\Windows\system32\ocsetup.exe
2010-01-01 16:53:32 ----A---- C:\Windows\system32\hbaapi.dll
2010-01-01 16:53:32 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-01-01 16:53:32 ----A---- C:\Windows\system32\fdeploy.dll
2010-01-01 16:53:32 ----A---- C:\Windows\system32\eappgnui.dll
2010-01-01 16:53:31 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-01-01 16:53:31 ----A---- C:\Windows\system32\mmcico.dll
2010-01-01 16:53:30 ----A---- C:\Windows\system32\gpupdate.exe
2010-01-01 16:53:29 ----A---- C:\Windows\system32\NcdProp.dll
2010-01-01 16:53:29 ----A---- C:\Windows\system32\iscsilog.dll
2010-01-01 16:53:29 ----A---- C:\Windows\system32\csrstub.exe
2010-01-01 16:53:29 ----A---- C:\Windows\system32\cbsra.exe
2010-01-01 16:53:29 ----A---- C:\Windows\system32\bitsigd.dll
2010-01-01 16:53:28 ----A---- C:\Windows\system32\vdmdbg.dll
2010-01-01 16:53:28 ----A---- C:\Windows\system32\odbcconf.dll
2010-01-01 16:53:27 ----A---- C:\Windows\system32\winrnr.dll
2010-01-01 16:53:27 ----A---- C:\Windows\system32\slwga.dll
2010-01-01 16:53:27 ----A---- C:\Windows\system32\midimap.dll
2010-01-01 16:53:27 ----A---- C:\Windows\system32\inetppui.dll
2010-01-01 16:53:25 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-01-01 16:53:24 ----A---- C:\Windows\system32\msimsg.dll
2010-01-01 16:52:49 ----A---- C:\Windows\system32\SmiEngine.dll
2010-01-01 16:52:38 ----A---- C:\Windows\system32\wdscore.dll
2010-01-01 16:52:38 ----A---- C:\Windows\system32\PkgMgr.exe
2010-01-01 16:52:07 ----A---- C:\Windows\system32\drvstore.dll
2009-12-30 22:18:32 ----D---- C:\Program Files\ICQ6Toolbar
2009-12-30 22:18:30 ----D---- C:\Users\uzivatel\AppData\Roaming\Mozilla
2009-12-30 22:18:29 ----D---- C:\ProgramData\ICQ
2009-12-30 22:15:25 ----D---- C:\Users\uzivatel\AppData\Roaming\ICQ
2009-12-30 22:14:53 ----D---- C:\Program Files\ICQ6.5
2009-12-30 22:00:45 ----A---- C:\Windows\system32\tzres.dll
2009-12-30 21:28:52 ----A---- C:\Windows\system32\netfxperf.dll
2009-12-29 17:06:58 ----A---- C:\Windows\system32\atmfd.dll
2009-12-29 17:06:57 ----A---- C:\Windows\system32\t2embed.dll
2009-12-29 17:06:57 ----A---- C:\Windows\system32\lpk.dll
2009-12-29 17:06:57 ----A---- C:\Windows\system32\fontsub.dll
2009-12-29 17:06:57 ----A---- C:\Windows\system32\atmlib.dll
2009-12-29 17:06:56 ----A---- C:\Windows\system32\dciman32.dll
2009-12-29 17:06:54 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-12-29 17:06:31 ----A---- C:\Windows\system32\wmp.dll
2009-12-29 17:06:26 ----A---- C:\Windows\system32\unregmp2.exe
2009-12-29 17:06:24 ----A---- C:\Windows\system32\spwmp.dll
2009-12-29 17:06:24 ----A---- C:\Windows\system32\dxmasf.dll
2009-12-29 17:06:23 ----A---- C:\Windows\system32\wmploc.DLL
2009-12-29 17:06:04 ----A---- C:\Windows\system32\netiohlp.dll
2009-12-29 17:06:03 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-12-29 17:06:03 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-12-29 17:06:03 ----A---- C:\Windows\system32\ARP.EXE
2009-12-29 17:06:02 ----A---- C:\Windows\system32\MRINFO.EXE
2009-12-29 17:06:02 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-12-29 17:06:02 ----A---- C:\Windows\system32\finger.exe
2009-12-29 17:06:01 ----A---- C:\Windows\system32\ROUTE.EXE
2009-12-29 17:06:00 ----A---- C:\Windows\system32\netevent.dll
2009-12-29 17:05:48 ----A---- C:\Windows\system32\wlansvc.dll
2009-12-29 17:05:48 ----A---- C:\Windows\system32\wlanhlp.dll
2009-12-29 17:05:47 ----A---- C:\Windows\system32\wlansec.dll
2009-12-29 17:05:47 ----A---- C:\Windows\system32\wlanmsm.dll
2009-12-29 17:05:47 ----A---- C:\Windows\system32\wlanapi.dll
2009-12-29 17:05:47 ----A---- C:\Windows\system32\L2SecHC.dll
2009-12-29 17:05:42 ----A---- C:\Windows\system32\msxml6.dll
2009-12-29 17:05:42 ----A---- C:\Windows\system32\msxml3.dll
2009-12-29 17:05:36 ----A---- C:\Windows\system32\lsasrv.dll
2009-12-29 17:05:35 ----A---- C:\Windows\system32\msv1_0.dll
2009-12-29 17:05:34 ----A---- C:\Windows\system32\wdigest.dll
2009-12-29 17:05:33 ----A---- C:\Windows\system32\secur32.dll
2009-12-29 17:05:33 ----A---- C:\Windows\system32\lsass.exe
2009-12-29 17:05:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-12-29 17:05:11 ----A---- C:\Windows\system32\mf.dll
2009-12-29 17:05:10 ----A---- C:\Windows\system32\rrinstaller.exe
2009-12-29 17:05:10 ----A---- C:\Windows\system32\mfps.dll
2009-12-29 17:05:10 ----A---- C:\Windows\system32\mfpmp.exe
2009-12-29 17:05:09 ----A---- C:\Windows\system32\mferror.dll
2009-12-29 17:05:06 ----A---- C:\Windows\system32\atl.dll
2009-12-29 17:04:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-12-29 17:04:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-12-29 17:04:11 ----A---- C:\Windows\system32\wkssvc.dll
2009-12-29 17:04:06 ----A---- C:\Windows\system32\mstscax.dll
2009-12-29 17:04:05 ----A---- C:\Windows\system32\tsgqec.dll
2009-12-29 17:04:05 ----A---- C:\Windows\system32\aaclient.dll
2009-12-29 17:03:37 ----A---- C:\Windows\system32\localspl.dll
2009-12-29 17:03:34 ----A---- C:\Windows\system32\avifil32.dll
2009-12-29 17:02:59 ----A---- C:\Windows\system32\kbd106n.dll
2009-12-29 17:02:13 ----A---- C:\Windows\system32\wmpdxm.dll
2009-12-29 17:01:57 ----A---- C:\Windows\system32\gameux.dll
2009-12-29 17:01:55 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-12-29 17:01:54 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-12-29 17:01:35 ----A---- C:\Windows\system32\msasn1.dll
2009-12-29 17:01:29 ----A---- C:\Windows\system32\rpcrt4.dll
2009-12-29 17:01:16 ----A---- C:\Windows\system32\rastls.dll
2009-12-29 17:01:13 ----A---- C:\Windows\system32\WSDApi.dll
2009-12-29 16:57:19 ----N---- C:\Windows\system32\MpSigStub.exe
2009-12-29 16:56:49 ----D---- C:\ProgramData\ESET
2009-12-27 18:56:38 ----D---- C:\Users\uzivatel\AppData\Roaming\AdobeUM
2009-12-26 22:15:52 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-26 22:15:52 ----D---- C:\Program Files\D-Link
2009-12-26 22:15:46 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-26 22:13:52 ----D---- C:\ProgramData\Adobe
2009-12-26 22:13:50 ----D---- C:\Program Files\Adobe
2009-12-26 22:13:05 ----D---- C:\Windows\Cache
2009-12-26 10:30:03 ----D---- C:\Program Files\ESET
2009-12-26 09:40:53 ----A---- C:\Windows\V0420Mon.exe
2009-12-26 09:40:53 ----A---- C:\Windows\V0420Cfg.exe
2009-12-26 09:40:53 ----A---- C:\Windows\system32\V0420Vfw.dll
2009-12-26 09:40:53 ----A---- C:\Windows\system32\V0420Srv.exe
2009-12-26 09:40:53 ----A---- C:\Windows\system32\V0420Pin.dll
2009-12-26 09:40:53 ----A---- C:\Windows\system32\V0420Hwx.dll
2009-12-26 09:40:53 ----A---- C:\Windows\system32\V0420CVW.dll
2009-12-26 09:40:53 ----A---- C:\Windows\system32\CtCamMgr.dll
2009-12-26 09:40:53 ----A---- C:\Windows\CtDrvIns.exe.manifest
2009-12-26 09:40:53 ----A---- C:\Windows\CtDrvIns.exe
2009-12-11 12:56:58 ----D---- C:\Users\uzivatel\AppData\Roaming\Identities
2009-12-11 12:56:53 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2009-12-11 12:55:08 ----A---- C:\Windows\system32\wups2.dll
2009-12-11 12:55:08 ----A---- C:\Windows\system32\wucltux.dll
2009-12-11 12:55:08 ----A---- C:\Windows\system32\wuaueng.dll
2009-12-11 12:55:08 ----A---- C:\Windows\system32\wuauclt.exe
2009-12-11 12:54:58 ----A---- C:\Windows\system32\wups.dll
2009-12-11 12:54:58 ----A---- C:\Windows\system32\wudriver.dll
2009-12-11 12:54:58 ----A---- C:\Windows\system32\wuapi.dll
2009-12-11 12:54:54 ----A---- C:\Windows\system32\wuwebv.dll
2009-12-11 12:54:54 ----A---- C:\Windows\system32\wuapp.exe
2009-12-11 12:54:48 ----SHD---- C:\ProgramData\Šablony
2009-12-11 12:54:48 ----SHD---- C:\ProgramData\Plocha
2009-12-11 12:54:48 ----SHD---- C:\ProgramData\Oblíbené položky
2009-12-11 12:54:48 ----SHD---- C:\ProgramData\Nabídka Start
2009-12-11 12:54:48 ----SHD---- C:\ProgramData\Dokumenty
2009-12-11 12:54:48 ----SHD---- C:\ProgramData\Data aplikací
2009-12-11 12:54:32 ----D---- C:\Windows\Debug
2009-12-11 12:52:21 ----D---- C:\Windows\SoftwareDistribution
2009-12-11 12:50:03 ----D---- C:\Windows\Prefetch
2009-12-11 12:50:02 ----SHD---- C:\System Volume Information
2009-12-11 12:49:26 ----D---- C:\Windows\Panther
2009-12-11 12:49:13 ----RAS---- C:\BOOTSECT.BAK
2009-12-11 12:49:12 ----SHD---- C:\Boot
2009-12-11 12:42:27 ----D---- C:\Users\uzivatel\AppData\Roaming\ATI
2009-12-11 12:42:27 ----D---- C:\ProgramData\ATI
2009-12-11 12:38:39 ----SHD---- C:\Windows\Installer
2009-12-11 12:38:35 ----D---- C:\Program Files\ATI Technologies
2009-12-11 12:38:34 ----D---- C:\Program Files\ATI
2009-12-11 12:37:13 ----D---- C:\ATI
2009-12-11 12:34:24 ----D---- C:\Users\uzivatel\AppData\Roaming\Macromedia
2009-12-11 12:34:24 ----D---- C:\Users\uzivatel\AppData\Roaming\Adobe
2009-12-11 12:34:23 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 months======

2010-01-07 21:55:08 ----D---- C:\Windows\Temp
2010-01-07 21:55:00 ----RD---- C:\Program Files
2010-01-07 20:00:47 ----D---- C:\Windows\System32
2010-01-07 20:00:46 ----D---- C:\Windows\inf
2010-01-07 20:00:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-06 15:05:37 ----D---- C:\Windows
2010-01-05 22:45:36 ----D---- C:\Windows\system32\drivers
2010-01-05 22:45:21 ----D---- C:\Windows\system32\catroot
2010-01-05 21:27:59 ----RSD---- C:\Windows\assembly
2010-01-05 21:24:47 ----RSD---- C:\Windows\Fonts
2010-01-05 21:24:44 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-05 21:21:47 ----D---- C:\Program Files\Common Files\System
2010-01-05 21:21:47 ----A---- C:\Windows\win.ini
2010-01-04 23:52:48 ----D---- C:\Windows\winsxs
2010-01-04 21:52:57 ----HD---- C:\ProgramData
2010-01-04 21:40:48 ----D---- C:\Windows\Tasks
2010-01-04 17:40:06 ----D---- C:\Windows\system32\Tasks
2010-01-04 00:40:54 ----D---- C:\Windows\system32\Msdtc
2010-01-04 00:40:52 ----D---- C:\Windows\system32\wbem
2010-01-04 00:40:17 ----D---- C:\Windows\system32\config
2010-01-04 00:40:06 ----D---- C:\Windows\system32\spool
2010-01-04 00:40:06 ----D---- C:\Windows\system32\catroot2
2010-01-04 00:40:04 ----D---- C:\Windows\registration
2010-01-03 21:38:01 ----D---- C:\Program Files\Common Files
2010-01-03 20:36:36 ----D---- C:\Windows\rescache
2010-01-03 20:35:56 ----D---- C:\Windows\Microsoft.NET
2010-01-03 20:30:53 ----D---- C:\Program Files\MSBuild
2010-01-03 20:30:11 ----SD---- C:\ProgramData\Microsoft
2010-01-03 20:18:22 ----D---- C:\Windows\system32\cs-CZ
2010-01-03 20:18:17 ----D---- C:\Windows\system32\zh-TW
2010-01-03 20:18:17 ----D---- C:\Windows\system32\zh-HK
2010-01-03 20:18:17 ----D---- C:\Windows\system32\zh-CN
2010-01-03 20:18:17 ----D---- C:\Windows\system32\uk-UA
2010-01-03 20:18:17 ----D---- C:\Windows\system32\tr-TR
2010-01-03 20:18:17 ----D---- C:\Windows\system32\th-TH
2010-01-03 20:18:17 ----D---- C:\Windows\system32\sv-SE
2010-01-03 20:18:17 ----D---- C:\Windows\system32\sr-Latn-CS
2010-01-03 20:18:17 ----D---- C:\Windows\system32\sl-SI
2010-01-03 20:18:17 ----D---- C:\Windows\system32\sk-SK
2010-01-03 20:18:17 ----D---- C:\Windows\system32\ru-RU
2010-01-03 20:18:17 ----D---- C:\Windows\system32\ro-RO
2010-01-03 20:18:17 ----D---- C:\Windows\system32\pt-PT
2010-01-03 20:18:17 ----D---- C:\Windows\system32\pt-BR
2010-01-03 20:18:17 ----D---- C:\Windows\system32\pl-PL
2010-01-03 20:18:17 ----D---- C:\Windows\system32\nl-NL
2010-01-03 20:18:17 ----D---- C:\Windows\system32\nb-NO
2010-01-03 20:18:17 ----D---- C:\Windows\system32\lv-LV
2010-01-03 20:18:17 ----D---- C:\Windows\system32\lt-LT
2010-01-03 20:18:17 ----D---- C:\Windows\system32\ko-KR
2010-01-03 20:18:17 ----D---- C:\Windows\system32\ja-JP
2010-01-03 20:18:17 ----D---- C:\Windows\system32\it-IT
2010-01-03 20:18:17 ----D---- C:\Windows\system32\hu-HU
2010-01-03 20:18:17 ----D---- C:\Windows\system32\hr-HR
2010-01-03 20:18:17 ----D---- C:\Windows\system32\he-IL
2010-01-03 20:18:17 ----D---- C:\Windows\system32\fr-FR
2010-01-03 20:18:17 ----D---- C:\Windows\system32\fi-FI
2010-01-03 20:18:17 ----D---- C:\Windows\system32\et-EE
2010-01-03 20:18:17 ----D---- C:\Windows\system32\es-ES
2010-01-03 20:18:17 ----D---- C:\Windows\system32\en-US
2010-01-03 20:18:17 ----D---- C:\Windows\system32\el-GR
2010-01-03 20:18:17 ----D---- C:\Windows\system32\de-DE
2010-01-03 20:18:17 ----D---- C:\Windows\system32\da-DK
2010-01-03 20:18:17 ----D---- C:\Windows\system32\bg-BG
2010-01-03 20:18:17 ----D---- C:\Windows\system32\ar-SA
2010-01-03 18:53:13 ----D---- C:\Program Files\Windows Mail
2010-01-03 18:53:13 ----D---- C:\Program Files\Windows Calendar
2010-01-03 18:53:13 ----D---- C:\Program Files\Movie Maker
2010-01-03 18:53:11 ----D---- C:\Program Files\Windows Sidebar
2010-01-03 18:53:11 ----D---- C:\Program Files\Windows Media Player
2010-01-03 18:53:11 ----D---- C:\Program Files\Internet Explorer
2010-01-03 18:53:09 ----D---- C:\Program Files\Windows Collaboration
2010-01-03 18:53:08 ----D---- C:\Program Files\Windows Photo Gallery
2010-01-03 18:52:58 ----D---- C:\Program Files\Windows Defender
2010-01-03 18:52:57 ----D---- C:\Windows\servicing
2010-01-03 18:52:45 ----D---- C:\Windows\system32\XPSViewer
2010-01-03 18:52:45 ----D---- C:\Windows\IME
2010-01-03 18:52:44 ----D---- C:\Windows\system32\oobe
2010-01-03 18:52:43 ----D---- C:\Windows\system32\migration
2010-01-03 18:52:40 ----D---- C:\Windows\system32\setup
2010-01-03 18:52:40 ----D---- C:\Windows\system32\cs
2010-01-03 18:52:40 ----D---- C:\Windows\system32\AdvancedInstallers
2010-01-03 18:52:37 ----D---- C:\Windows\system32\SLUI
2010-01-03 18:52:36 ----D---- C:\Windows\system32\manifeststore
2010-01-03 18:52:31 ----D---- C:\Windows\system32\migwiz
2010-01-03 18:51:34 ----D---- C:\Windows\AppPatch
2010-01-03 18:51:21 ----D---- C:\Windows\system32\Boot
2010-01-03 10:56:17 ----SHD---- C:\$Recycle.Bin
2010-01-01 21:16:53 ----D---- C:\Windows\PolicyDefinitions
2009-12-31 13:51:59 ----D---- C:\Windows\system32\WDI
2009-12-30 21:36:53 ----RD---- C:\Users
2009-12-29 17:11:18 ----D---- C:\Windows\system32\LogFiles
2009-12-29 16:48:19 ----D---- C:\Windows\Logs
2009-12-26 09:41:07 ----D---- C:\Windows\twain_32
2009-12-25 10:37:54 ----D---- C:\Windows\system32\NDF
2009-12-11 12:54:48 ----D---- C:\Program Files\Windows NT
2009-12-11 12:38:57 ----D---- C:\Windows\system32\restore
2009-12-11 12:34:24 ----SD---- C:\Windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

[motji]

Dobrý večer

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

[djaspic]

Dobrý večer, předem děkuji za pomoc.
combofix log.:
ComboFix 10-01-04.01 - uzivatel 07.01.2010 23:06:08.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3325.1745 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-07 do 2010-01-07 )))))))))))))))))))))))))))))))
.

2010-01-07 20:55 . 2010-01-07 20:55 -------- d-----w- C:\rsit
2010-01-07 20:55 . 2010-01-07 20:55 -------- d-----w- c:\program files\trend micro
2010-01-05 19:45 . 2010-01-05 19:45 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\Happy Foto
2010-01-05 18:07 . 2010-01-05 18:07 -------- d-----w- c:\users\Dominika\AppData\Local\Nero
2010-01-05 17:59 . 2010-01-05 18:07 -------- d-----w- c:\users\Dominika\AppData\Roaming\Nero
2010-01-04 22:52 . 2010-01-04 22:52 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\users\uzivatel\AppData\Roaming\TomTom
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\users\uzivatel\AppData\Local\TomTom
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\program files\TomTom International B.V
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\program files\TomTom HOME 2
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\sysprs7.dll
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\clauth2.dll
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\clauth1.dll
2010-01-04 20:52 . 2010-01-04 20:52 -------- d-----w- c:\programdata\hps
2010-01-04 20:52 . 2010-01-04 20:54 -------- d-----w- c:\program files\Digimax
2010-01-04 16:06 . 2010-01-04 16:06 -------- d-----w- c:\users\Dominika\AppData\Roaming\Happy Foto
2010-01-04 15:57 . 2010-01-04 15:57 -------- d-----w- c:\users\uzivatel\AppData\Local\HF Designer 1.4
2010-01-04 15:56 . 2010-01-04 15:56 -------- d-----w- c:\programdata\HappyFoto
2010-01-04 15:55 . 2010-01-04 15:55 -------- d-----w- c:\program files\HappyFoto
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Happy Foto
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\program files\Aberger
2010-01-04 15:46 . 2010-01-04 15:46 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-04 15:46 . 2010-01-04 15:46 -------- d-----w- c:\program files\Java
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\users\uzivatel\AppData\Roaming\VistaCodecs
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\program files\VistaCodecPack
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\programdata\VistaCodecs
2010-01-03 23:21 . 2010-01-03 23:21 -------- d-----w- c:\program files\MSXML 4.0
2010-01-03 21:14 . 2010-01-03 21:14 -------- d-----w- c:\users\uzivatel\AppData\Local\Nero
2010-01-03 21:00 . 2010-01-03 21:00 -------- d-----w- c:\programdata\LightScribe
2010-01-03 20:59 . 2010-01-03 21:00 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Nero
2010-01-03 20:38 . 2010-01-03 20:49 -------- d-----w- c:\program files\Nero
2010-01-03 20:38 . 2010-01-03 20:44 -------- d-----w- c:\programdata\Nero
2010-01-03 20:38 . 2010-01-03 20:58 -------- d-----w- c:\program files\Common Files\Nero
2010-01-03 20:37 . 2010-01-03 20:37 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-03 19:33 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-01-03 19:33 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-01-03 19:31 . 2010-01-05 20:24 -------- d-----w- c:\program files\Microsoft Works
2010-01-03 19:30 . 2010-01-03 19:30 -------- d-----w- c:\windows\PCHEALTH
2010-01-03 19:30 . 2010-01-03 19:30 -------- d-----w- c:\program files\Microsoft.NET
2010-01-03 19:28 . 2010-01-03 19:28 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-03 19:27 . 2010-01-03 19:30 -------- d-----w- c:\windows\SHELLNEW
2010-01-03 19:27 . 2010-01-03 19:27 -------- d-----w- c:\users\uzivatel\AppData\Local\Microsoft Help
2010-01-03 19:27 . 2010-01-05 20:29 -------- d-----w- c:\programdata\Microsoft Help
2010-01-03 19:25 . 2010-01-03 19:25 -------- d-----r- C:\MSOCache
2010-01-03 19:18 . 2010-01-03 19:18 -------- d-----w- c:\program files\Windows Portable Devices
2010-01-03 19:09 . 2010-01-03 19:09 -------- d-----w- c:\users\uzivatel\AppData\Local\ESET
2010-01-03 19:06 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-01-03 19:06 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-01-03 19:06 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-01-03 19:03 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-01-03 19:03 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-01-03 19:03 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\ca-ES
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\eu-ES
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\vi-VN
2010-01-03 15:04 . 2010-01-03 15:04 -------- d-----w- c:\windows\system32\EventProviders
2010-01-03 12:50 . 2010-01-03 12:50 -------- d-----w- c:\program files\AskBarDis
2010-01-03 12:49 . 2010-01-03 12:50 -------- d-----w- c:\users\uzivatel\AppData\Roaming\GlarySoft
2010-01-03 12:49 . 2010-01-03 12:49 -------- d-----w- c:\program files\Absolute Uninstaller
2010-01-02 20:30 . 2010-01-02 20:54 -------- d-----w- c:\users\uzivatel\přesunuto
2010-01-02 15:39 . 2010-01-02 15:39 -------- d-----w- c:\users\Tina a Petra\AppData\Local\Opera
2010-01-02 14:29 . 2010-01-02 14:29 -------- d-----w- c:\users\Dominika\AppData\Local\Opera
2010-01-01 20:15 . 2010-01-01 20:15 -------- d-----w- c:\users\uzivatel\AppData\Local\Opera
2010-01-01 20:15 . 2010-01-01 20:15 -------- d-----w- c:\program files\Opera
2010-01-01 20:12 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-01 15:56 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-01-01 15:54 . 2009-04-11 06:28 368640 ----a-w- c:\windows\system32\mspbde40.dll
2010-01-01 15:53 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\powrprof.dll
2010-01-01 15:52 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-01-01 15:52 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-01-01 15:52 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-01-01 15:52 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-01-01 15:52 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-01-01 15:52 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-01-01 15:52 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-01-01 15:52 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-01-01 15:52 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-01-01 15:52 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-01-01 15:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-12-31 12:54 . 2009-12-31 12:54 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\ICQ
2009-12-30 21:24 . 2010-01-07 19:10 -------- d-----w- c:\users\Dominika\AppData\Roaming\ICQ
2009-12-30 21:18 . 2009-12-30 21:18 -------- d-----w- c:\program files\ICQ6Toolbar
2009-12-30 21:18 . 2009-12-30 21:18 -------- d-----w- c:\programdata\ICQ
2009-12-30 21:15 . 2009-12-30 21:18 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ICQ
2009-12-30 21:14 . 2010-01-07 22:10 -------- d-----w- c:\program files\ICQ6.5
2009-12-30 21:00 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-30 20:50 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-12-30 20:38 . 2009-12-30 20:38 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\ATI
2009-12-30 20:38 . 2009-12-30 20:38 -------- d-----w- c:\users\Tina a Petra\AppData\Local\ATI
2009-12-30 20:37 . 2010-01-06 14:05 99864 ----a-w- c:\users\Tina a Petra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 20:35 . 2010-01-06 14:53 99864 ----a-w- c:\users\Dominika\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 20:28 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-12-30 20:24 . 2009-12-30 20:24 -------- d-----w- c:\users\uzivatel\AppData\Local\MigWiz
2009-12-29 16:05 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-29 16:04 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-29 16:04 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-29 16:04 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-12-29 16:04 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-12-29 16:04 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-12-29 16:04 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-12-29 16:03 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-12-29 16:03 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-29 16:02 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-12-29 16:02 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-12-29 16:02 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-29 16:01 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-12-29 16:01 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-29 16:01 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-29 16:01 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-29 16:01 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-29 16:01 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-29 16:01 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-29 16:01 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-29 15:57 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-27 17:56 . 2009-12-27 17:56 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AdobeUM
2009-12-27 17:56 . 2009-12-27 17:56 -------- d-----w- c:\users\uzivatel\AppData\Local\Adobe
2009-12-26 21:15 . 2009-12-30 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 21:15 . 2009-12-26 21:15 -------- d-----w- c:\program files\D-Link
2009-12-26 21:15 . 2009-12-26 21:15 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-26 21:13 . 2009-12-26 21:13 -------- d-----w- c:\windows\Cache
2009-12-26 09:30 . 2010-01-03 22:42 -------- d-----w- c:\program files\ESET
2009-12-26 08:40 . 2007-05-31 01:32 99648 ----a-w- c:\windows\system32\drivers\V0420Vid.sys
2009-12-26 08:40 . 2007-05-31 01:00 36864 ----a-w- c:\windows\system32\V0420Pin.dll
2009-12-26 08:40 . 2007-05-14 01:00 32768 ----a-w- c:\windows\system32\V0420Hwx.dll
2009-12-26 08:40 . 2007-05-14 01:00 262144 ----a-w- c:\windows\system32\V0420CVW.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 19:00 . 2008-01-21 06:13 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-01-07 19:00 . 2008-01-21 06:13 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 15:57 . 2010-01-04 15:57 19 ----a-w- c:\users\uzivatel\AppData\Roaming\mdbu.bin
2010-01-03 19:30 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2010-01-03 19:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-03 19:18 . 2010-01-03 19:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-01-03 19:17 . 2010-01-03 19:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2010-01-03 17:53 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-03 17:52 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-12-30 20:36 . 2009-12-30 20:36 -------- d-----w- c:\users\Dominika\AppData\Roaming\ATI
2009-12-25 19:26 . 2009-12-25 19:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-11 12:40 . 2009-12-11 11:56 680 ----a-w- c:\users\uzivatel\AppData\Local\d3d9caps.dat
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Plocha
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Oblíbené položky
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Šablony
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Nabídka Start
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Dokumenty
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Data aplikací
2009-12-11 11:52 . 2009-12-11 11:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-11-21 06:40 . 2010-01-01 20:13 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2010-01-01 20:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2010-01-01 20:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2010-01-01 20:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-16 08:06 . 2009-11-16 08:06 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-04 16:16 . 2009-11-04 16:16 5079040 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2009-11-04 15:46 . 2009-11-04 15:46 479232 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-04 15:45 . 2009-11-04 15:45 360448 ----a-w- c:\windows\system32\atieclxx.exe
2009-11-04 15:45 . 2009-11-04 15:45 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2009-11-04 15:43 . 2009-11-04 15:43 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2009-11-04 15:43 . 2009-11-04 15:43 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-04 15:43 . 2009-11-04 15:43 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-04 15:43 . 2009-11-04 15:43 11776 ----a-w- c:\windows\system32\atimuixx.dll
2009-11-04 15:42 . 2009-11-04 15:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-04 15:39 . 2009-11-04 15:39 3034624 ----a-w- c:\windows\system32\atidxx32.dll
2009-11-04 15:23 . 2009-11-04 15:23 3602432 ----a-w- c:\windows\system32\atiumdag.dll
2009-11-04 15:11 . 2009-11-04 15:11 12964352 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-04 15:05 . 2009-11-04 15:05 2899456 ----a-w- c:\windows\system32\atiumdva.dll
2009-11-04 14:52 . 2009-11-04 14:52 52224 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-04 14:52 . 2009-11-04 14:52 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-04 14:52 . 2009-11-04 14:52 208896 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-04 14:47 . 2009-11-04 14:47 53248 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-04 14:47 . 2009-11-04 14:47 53248 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-04 14:46 . 2009-11-04 14:46 3547136 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-04 14:37 . 2009-11-04 14:37 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 16:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-04 98304]
"c:\windows\system32\V0420Cvw.dll"="c:\windows\system32\V0420Cvw.dll" [2007-05-14 262144]
"V0420Mon.exe"="c:\windows\V0420Mon.exe" [2007-04-30 32768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-04 149280]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b3,b8,1e,46,9e,8c,ca,01

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [4.11.2009 16:45 172032]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [16.11.2009 9:06 38240]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.12.2009 22:18 222968]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 12:31 92008]
R3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\System32\drivers\V0420Vid.sys [26.12.2009 9:40 99648]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {50003530-4B94-442A-BBF1-06BC1B8AE85E} = 193.165.254.9,193.165.145.12
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-LosAlamos - c:\windows\system32\sshnas.dll
HKLM-Run-ICSDCLT - c:\windows\rundll32.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 23:10
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-01-07 23:12:35
ComboFix-quarantined-files.txt 2010-01-07 22:12

Před spuštěním: Volných bajtů: 444 633 690 112
Po spuštění: Volných bajtů: 447 158 779 904

- - End Of File - - 29FC38C64F9E5059150B99E1944E619B

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

Folder::
c:\program files\AskBarDis

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci



Start - ovládací panely - možnosti složky - zobrazení - odkrýt skryté a systémové soubory

Dejte soubor otestovat na http://www.virustotal.com
c:\windows\system32\V0420Cvw.dll

Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

[djaspic]

dobrý podvečer, PC bez resetu vydalo log.:
ComboFix 10-01-04.01 - uzivatel 08.01.2010 18:19:05.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3325.2196 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-08 do 2010-01-08 )))))))))))))))))))))))))))))))
.

2010-01-08 17:23 . 2010-01-08 17:23 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2010-01-08 17:23 . 2010-01-08 17:23 -------- d-----w- c:\users\Tina a Petra\AppData\Local\temp
2010-01-08 17:23 . 2010-01-08 17:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-08 17:23 . 2010-01-08 17:23 -------- d-----w- c:\users\Dominika\AppData\Local\temp
2010-01-08 17:23 . 2010-01-08 17:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-07 20:55 . 2010-01-07 20:55 -------- d-----w- C:\rsit
2010-01-07 20:55 . 2010-01-07 20:55 -------- d-----w- c:\program files\trend micro
2010-01-05 19:45 . 2010-01-05 19:45 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\Happy Foto
2010-01-05 18:07 . 2010-01-05 18:07 -------- d-----w- c:\users\Dominika\AppData\Local\Nero
2010-01-05 17:59 . 2010-01-05 18:07 -------- d-----w- c:\users\Dominika\AppData\Roaming\Nero
2010-01-04 22:52 . 2010-01-04 22:52 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\users\uzivatel\AppData\Roaming\TomTom
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\users\uzivatel\AppData\Local\TomTom
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\program files\TomTom International B.V
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\program files\TomTom HOME 2
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\sysprs7.dll
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\clauth2.dll
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\clauth1.dll
2010-01-04 20:52 . 2010-01-04 20:52 -------- d-----w- c:\programdata\hps
2010-01-04 20:52 . 2010-01-04 20:54 -------- d-----w- c:\program files\Digimax
2010-01-04 16:06 . 2010-01-04 16:06 -------- d-----w- c:\users\Dominika\AppData\Roaming\Happy Foto
2010-01-04 15:57 . 2010-01-04 15:57 -------- d-----w- c:\users\uzivatel\AppData\Local\HF Designer 1.4
2010-01-04 15:56 . 2010-01-04 15:56 -------- d-----w- c:\programdata\HappyFoto
2010-01-04 15:55 . 2010-01-04 15:55 -------- d-----w- c:\program files\HappyFoto
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Happy Foto
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\program files\Aberger
2010-01-04 15:46 . 2010-01-04 15:46 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-04 15:46 . 2010-01-04 15:46 -------- d-----w- c:\program files\Java
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\users\uzivatel\AppData\Roaming\VistaCodecs
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\program files\VistaCodecPack
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\programdata\VistaCodecs
2010-01-03 23:21 . 2010-01-03 23:21 -------- d-----w- c:\program files\MSXML 4.0
2010-01-03 21:14 . 2010-01-03 21:14 -------- d-----w- c:\users\uzivatel\AppData\Local\Nero
2010-01-03 21:00 . 2010-01-03 21:00 -------- d-----w- c:\programdata\LightScribe
2010-01-03 20:59 . 2010-01-03 21:00 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Nero
2010-01-03 20:38 . 2010-01-03 20:49 -------- d-----w- c:\program files\Nero
2010-01-03 20:38 . 2010-01-03 20:44 -------- d-----w- c:\programdata\Nero
2010-01-03 20:38 . 2010-01-03 20:58 -------- d-----w- c:\program files\Common Files\Nero
2010-01-03 20:37 . 2010-01-03 20:37 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-03 19:33 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-01-03 19:33 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-01-03 19:31 . 2010-01-05 20:24 -------- d-----w- c:\program files\Microsoft Works
2010-01-03 19:30 . 2010-01-03 19:30 -------- d-----w- c:\windows\PCHEALTH
2010-01-03 19:30 . 2010-01-03 19:30 -------- d-----w- c:\program files\Microsoft.NET
2010-01-03 19:28 . 2010-01-03 19:28 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-03 19:27 . 2010-01-03 19:30 -------- d-----w- c:\windows\SHELLNEW
2010-01-03 19:27 . 2010-01-03 19:27 -------- d-----w- c:\users\uzivatel\AppData\Local\Microsoft Help
2010-01-03 19:27 . 2010-01-05 20:29 -------- d-----w- c:\programdata\Microsoft Help
2010-01-03 19:25 . 2010-01-03 19:25 -------- d-----r- C:\MSOCache
2010-01-03 19:18 . 2010-01-03 19:18 -------- d-----w- c:\program files\Windows Portable Devices
2010-01-03 19:09 . 2010-01-08 17:19 -------- d-----w- c:\users\uzivatel\AppData\Local\ESET
2010-01-03 19:06 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-01-03 19:06 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-01-03 19:06 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-01-03 19:03 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-01-03 19:03 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-01-03 19:03 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\ca-ES
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\eu-ES
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\vi-VN
2010-01-03 15:04 . 2010-01-03 15:04 -------- d-----w- c:\windows\system32\EventProviders
2010-01-03 12:49 . 2010-01-03 12:50 -------- d-----w- c:\users\uzivatel\AppData\Roaming\GlarySoft
2010-01-03 12:49 . 2010-01-03 12:49 -------- d-----w- c:\program files\Absolute Uninstaller
2010-01-02 20:30 . 2010-01-02 20:54 -------- d-----w- c:\users\uzivatel\přesunuto
2010-01-02 15:39 . 2010-01-02 15:39 -------- d-----w- c:\users\Tina a Petra\AppData\Local\Opera
2010-01-02 14:29 . 2010-01-02 14:29 -------- d-----w- c:\users\Dominika\AppData\Local\Opera
2010-01-01 20:15 . 2010-01-01 20:15 -------- d-----w- c:\users\uzivatel\AppData\Local\Opera
2010-01-01 20:15 . 2010-01-01 20:15 -------- d-----w- c:\program files\Opera
2010-01-01 20:12 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-01 15:56 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-01-01 15:54 . 2009-04-11 06:28 368640 ----a-w- c:\windows\system32\mspbde40.dll
2010-01-01 15:53 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\powrprof.dll
2010-01-01 15:52 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-01-01 15:52 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-01-01 15:52 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-01-01 15:52 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-01-01 15:52 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-01-01 15:52 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-01-01 15:52 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-01-01 15:52 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-01-01 15:52 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-01-01 15:52 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-01-01 15:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-12-31 12:54 . 2009-12-31 12:54 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\ICQ
2009-12-30 21:24 . 2010-01-07 22:32 -------- d-----w- c:\users\Dominika\AppData\Roaming\ICQ
2009-12-30 21:18 . 2009-12-30 21:18 -------- d-----w- c:\program files\ICQ6Toolbar
2009-12-30 21:18 . 2009-12-30 21:18 -------- d-----w- c:\programdata\ICQ
2009-12-30 21:15 . 2009-12-30 21:18 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ICQ
2009-12-30 21:14 . 2010-01-07 22:10 -------- d-----w- c:\program files\ICQ6.5
2009-12-30 21:00 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-30 20:50 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-12-30 20:38 . 2009-12-30 20:38 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\ATI
2009-12-30 20:38 . 2009-12-30 20:38 -------- d-----w- c:\users\Tina a Petra\AppData\Local\ATI
2009-12-30 20:37 . 2010-01-06 14:05 99864 ----a-w- c:\users\Tina a Petra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 20:35 . 2010-01-06 14:53 99864 ----a-w- c:\users\Dominika\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 20:28 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-12-30 20:24 . 2009-12-30 20:24 -------- d-----w- c:\users\uzivatel\AppData\Local\MigWiz
2009-12-29 16:05 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-29 16:04 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-29 16:04 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-29 16:04 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-12-29 16:04 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-12-29 16:04 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-12-29 16:04 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-12-29 16:03 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-12-29 16:03 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-29 16:02 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-12-29 16:02 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-12-29 16:02 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-29 16:01 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-12-29 16:01 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-29 16:01 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-29 16:01 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-29 16:01 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-29 16:01 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-29 16:01 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-29 16:01 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-29 15:57 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-27 17:56 . 2009-12-27 17:56 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AdobeUM
2009-12-27 17:56 . 2009-12-27 17:56 -------- d-----w- c:\users\uzivatel\AppData\Local\Adobe
2009-12-26 21:15 . 2009-12-30 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 21:15 . 2009-12-26 21:15 -------- d-----w- c:\program files\D-Link
2009-12-26 21:15 . 2009-12-26 21:15 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-26 21:13 . 2009-12-26 21:13 -------- d-----w- c:\windows\Cache
2009-12-26 09:30 . 2010-01-03 22:42 -------- d-----w- c:\program files\ESET

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-08 14:30 . 2008-01-21 06:13 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-01-08 14:30 . 2008-01-21 06:13 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 15:57 . 2010-01-04 15:57 19 ----a-w- c:\users\uzivatel\AppData\Roaming\mdbu.bin
2010-01-03 19:30 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2010-01-03 19:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-03 19:18 . 2010-01-03 19:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-01-03 19:17 . 2010-01-03 19:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2010-01-03 17:53 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-03 17:52 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-12-30 20:36 . 2009-12-30 20:36 -------- d-----w- c:\users\Dominika\AppData\Roaming\ATI
2009-12-25 19:26 . 2009-12-25 19:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-11 12:40 . 2009-12-11 11:56 680 ----a-w- c:\users\uzivatel\AppData\Local\d3d9caps.dat
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Plocha
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Oblíbené položky
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Šablony
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Nabídka Start
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Dokumenty
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Data aplikací
2009-12-11 11:52 . 2009-12-11 11:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-11-21 06:40 . 2010-01-01 20:13 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2010-01-01 20:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2010-01-01 20:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2010-01-01 20:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-16 08:06 . 2009-11-16 08:06 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-04 16:16 . 2009-11-04 16:16 5079040 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2009-11-04 15:46 . 2009-11-04 15:46 479232 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-04 15:45 . 2009-11-04 15:45 360448 ----a-w- c:\windows\system32\atieclxx.exe
2009-11-04 15:45 . 2009-11-04 15:45 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2009-11-04 15:43 . 2009-11-04 15:43 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2009-11-04 15:43 . 2009-11-04 15:43 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-04 15:43 . 2009-11-04 15:43 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-04 15:43 . 2009-11-04 15:43 11776 ----a-w- c:\windows\system32\atimuixx.dll
2009-11-04 15:42 . 2009-11-04 15:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-04 15:39 . 2009-11-04 15:39 3034624 ----a-w- c:\windows\system32\atidxx32.dll
2009-11-04 15:23 . 2009-11-04 15:23 3602432 ----a-w- c:\windows\system32\atiumdag.dll
2009-11-04 15:11 . 2009-11-04 15:11 12964352 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-04 15:05 . 2009-11-04 15:05 2899456 ----a-w- c:\windows\system32\atiumdva.dll
2009-11-04 14:52 . 2009-11-04 14:52 52224 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-04 14:52 . 2009-11-04 14:52 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-04 14:52 . 2009-11-04 14:52 208896 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-04 14:47 . 2009-11-04 14:47 53248 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-04 14:47 . 2009-11-04 14:47 53248 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-04 14:46 . 2009-11-04 14:46 3547136 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-04 14:37 . 2009-11-04 14:37 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-07_22.10.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 13:02 . 2010-01-08 14:28 59300 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-11 11:56 . 2010-01-08 14:24 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-11 11:56 . 2010-01-07 18:56 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-11 11:56 . 2010-01-08 14:24 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-11 11:56 . 2010-01-07 18:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-11 11:56 . 2010-01-07 18:56 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-11 11:56 . 2010-01-08 14:24 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-31 16:07 . 2010-01-07 18:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-31 16:07 . 2010-01-08 14:24 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-31 16:07 . 2010-01-07 18:56 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-31 16:07 . 2010-01-08 14:24 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-31 16:07 . 2010-01-07 18:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-31 16:07 . 2010-01-08 14:24 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-31 12:54 . 2010-01-08 14:28 2118 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-106771787-44505253-1318668714-1002_UserData.bin
+ 2010-01-08 14:24 . 2010-01-08 14:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-07 18:56 . 2010-01-07 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-07 18:56 . 2010-01-07 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-08 14:24 . 2010-01-08 14:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-01-08 14:30 586980 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-01-07 19:00 586980 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-01-08 14:30 101052 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2010-01-07 19:00 101052 c:\windows\System32\perfc009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-04 98304]
"c:\windows\system32\V0420Cvw.dll"="c:\windows\system32\V0420Cvw.dll" [2007-05-14 262144]
"V0420Mon.exe"="c:\windows\V0420Mon.exe" [2007-04-30 32768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-04 149280]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b3,b8,1e,46,9e,8c,ca,01

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [4.11.2009 16:45 172032]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [16.11.2009 9:06 38240]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.12.2009 22:18 222968]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 12:31 92008]
R3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\System32\drivers\V0420Vid.sys [26.12.2009 9:40 99648]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {50003530-4B94-442A-BBF1-06BC1B8AE85E} = 193.165.254.9,193.165.145.12
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 18:23
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-01-08 18:25:39
ComboFix-quarantined-files.txt 2010-01-08 17:25
ComboFix2.txt 2010-01-07 22:12

Před spuštěním: Volných bajtů: 446 886 432 768
Po spuštění: Volných bajtů: 446 856 699 904

- - End Of File - - 8EA77EB6F5B3AF09474FEB0E2F25D928

[djaspic]

v prvním logu jsem udělal chybu, žýe jsem zapoměl vypnout ochranu, tady log s vypnutou ochranou.:

ComboFix 10-01-04.01 - uzivatel 08.01.2010 19:30:09.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3325.2084 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-08 do 2010-01-08 )))))))))))))))))))))))))))))))
.

2010-01-08 18:33 . 2010-01-08 18:33 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2010-01-08 18:33 . 2010-01-08 18:33 -------- d-----w- c:\users\Tina a Petra\AppData\Local\temp
2010-01-08 18:33 . 2010-01-08 18:33 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-08 18:33 . 2010-01-08 18:33 -------- d-----w- c:\users\Dominika\AppData\Local\temp
2010-01-08 18:33 . 2010-01-08 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-07 20:55 . 2010-01-07 20:55 -------- d-----w- C:\rsit
2010-01-07 20:55 . 2010-01-07 20:55 -------- d-----w- c:\program files\trend micro
2010-01-05 19:45 . 2010-01-05 19:45 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\Happy Foto
2010-01-05 18:07 . 2010-01-05 18:07 -------- d-----w- c:\users\Dominika\AppData\Local\Nero
2010-01-05 17:59 . 2010-01-05 18:07 -------- d-----w- c:\users\Dominika\AppData\Roaming\Nero
2010-01-04 22:52 . 2010-01-04 22:52 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\users\uzivatel\AppData\Roaming\TomTom
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\users\uzivatel\AppData\Local\TomTom
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\program files\TomTom International B.V
2010-01-04 21:32 . 2010-01-04 21:32 -------- d-----w- c:\program files\TomTom HOME 2
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\sysprs7.dll
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\clauth2.dll
2010-01-04 20:52 . 2010-01-04 20:52 1025 ----a-w- c:\windows\system32\clauth1.dll
2010-01-04 20:52 . 2010-01-04 20:52 -------- d-----w- c:\programdata\hps
2010-01-04 20:52 . 2010-01-04 20:54 -------- d-----w- c:\program files\Digimax
2010-01-04 16:06 . 2010-01-04 16:06 -------- d-----w- c:\users\Dominika\AppData\Roaming\Happy Foto
2010-01-04 15:57 . 2010-01-04 15:57 -------- d-----w- c:\users\uzivatel\AppData\Local\HF Designer 1.4
2010-01-04 15:56 . 2010-01-04 15:56 -------- d-----w- c:\programdata\HappyFoto
2010-01-04 15:55 . 2010-01-04 15:55 -------- d-----w- c:\program files\HappyFoto
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Happy Foto
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\program files\Aberger
2010-01-04 15:46 . 2010-01-04 15:46 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-04 15:46 . 2010-01-04 15:46 -------- d-----w- c:\program files\Java
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\users\uzivatel\AppData\Roaming\VistaCodecs
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\program files\VistaCodecPack
2010-01-04 11:46 . 2010-01-04 11:46 -------- d-----w- c:\programdata\VistaCodecs
2010-01-03 23:21 . 2010-01-03 23:21 -------- d-----w- c:\program files\MSXML 4.0
2010-01-03 21:14 . 2010-01-03 21:14 -------- d-----w- c:\users\uzivatel\AppData\Local\Nero
2010-01-03 21:00 . 2010-01-03 21:00 -------- d-----w- c:\programdata\LightScribe
2010-01-03 20:59 . 2010-01-03 21:00 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Nero
2010-01-03 20:38 . 2010-01-03 20:49 -------- d-----w- c:\program files\Nero
2010-01-03 20:38 . 2010-01-03 20:44 -------- d-----w- c:\programdata\Nero
2010-01-03 20:38 . 2010-01-03 20:58 -------- d-----w- c:\program files\Common Files\Nero
2010-01-03 20:37 . 2010-01-03 20:37 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-03 19:33 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-01-03 19:33 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-01-03 19:31 . 2010-01-05 20:24 -------- d-----w- c:\program files\Microsoft Works
2010-01-03 19:30 . 2010-01-03 19:30 -------- d-----w- c:\windows\PCHEALTH
2010-01-03 19:30 . 2010-01-03 19:30 -------- d-----w- c:\program files\Microsoft.NET
2010-01-03 19:28 . 2010-01-03 19:28 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-03 19:27 . 2010-01-03 19:30 -------- d-----w- c:\windows\SHELLNEW
2010-01-03 19:27 . 2010-01-03 19:27 -------- d-----w- c:\users\uzivatel\AppData\Local\Microsoft Help
2010-01-03 19:27 . 2010-01-05 20:29 -------- d-----w- c:\programdata\Microsoft Help
2010-01-03 19:25 . 2010-01-03 19:25 -------- d-----r- C:\MSOCache
2010-01-03 19:18 . 2010-01-03 19:18 -------- d-----w- c:\program files\Windows Portable Devices
2010-01-03 19:09 . 2010-01-08 17:19 -------- d-----w- c:\users\uzivatel\AppData\Local\ESET
2010-01-03 19:06 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-01-03 19:06 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-01-03 19:06 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-01-03 19:03 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-01-03 19:03 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-01-03 19:03 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\ca-ES
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\eu-ES
2010-01-03 17:51 . 2010-01-03 17:52 -------- d-----w- c:\windows\system32\vi-VN
2010-01-03 15:04 . 2010-01-03 15:04 -------- d-----w- c:\windows\system32\EventProviders
2010-01-03 12:49 . 2010-01-03 12:50 -------- d-----w- c:\users\uzivatel\AppData\Roaming\GlarySoft
2010-01-03 12:49 . 2010-01-03 12:49 -------- d-----w- c:\program files\Absolute Uninstaller
2010-01-02 20:30 . 2010-01-02 20:54 -------- d-----w- c:\users\uzivatel\přesunuto
2010-01-02 15:39 . 2010-01-02 15:39 -------- d-----w- c:\users\Tina a Petra\AppData\Local\Opera
2010-01-02 14:29 . 2010-01-02 14:29 -------- d-----w- c:\users\Dominika\AppData\Local\Opera
2010-01-01 20:15 . 2010-01-01 20:15 -------- d-----w- c:\users\uzivatel\AppData\Local\Opera
2010-01-01 20:15 . 2010-01-01 20:15 -------- d-----w- c:\program files\Opera
2010-01-01 20:12 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-01 15:56 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-01-01 15:54 . 2009-04-11 06:28 368640 ----a-w- c:\windows\system32\mspbde40.dll
2010-01-01 15:53 . 2009-04-11 06:28 98816 ----a-w- c:\windows\system32\powrprof.dll
2010-01-01 15:52 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-01-01 15:52 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-01-01 15:52 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-01-01 15:52 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-01-01 15:52 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-01-01 15:52 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-01-01 15:52 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-01-01 15:52 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-01-01 15:52 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-01-01 15:52 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-01-01 15:52 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-12-31 12:54 . 2009-12-31 12:54 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\ICQ
2009-12-30 21:24 . 2010-01-07 22:32 -------- d-----w- c:\users\Dominika\AppData\Roaming\ICQ
2009-12-30 21:18 . 2009-12-30 21:18 -------- d-----w- c:\program files\ICQ6Toolbar
2009-12-30 21:18 . 2009-12-30 21:18 -------- d-----w- c:\programdata\ICQ
2009-12-30 21:15 . 2009-12-30 21:18 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ICQ
2009-12-30 21:14 . 2010-01-07 22:10 -------- d-----w- c:\program files\ICQ6.5
2009-12-30 21:00 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-30 20:50 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-12-30 20:38 . 2009-12-30 20:38 -------- d-----w- c:\users\Tina a Petra\AppData\Roaming\ATI
2009-12-30 20:38 . 2009-12-30 20:38 -------- d-----w- c:\users\Tina a Petra\AppData\Local\ATI
2009-12-30 20:37 . 2010-01-06 14:05 99864 ----a-w- c:\users\Tina a Petra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 20:35 . 2010-01-06 14:53 99864 ----a-w- c:\users\Dominika\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 20:28 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-12-30 20:24 . 2009-12-30 20:24 -------- d-----w- c:\users\uzivatel\AppData\Local\MigWiz
2009-12-29 16:05 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-29 16:04 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-29 16:04 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-29 16:04 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-12-29 16:04 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-12-29 16:04 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-12-29 16:04 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-12-29 16:03 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-12-29 16:03 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-29 16:02 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-12-29 16:02 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-12-29 16:02 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-29 16:01 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-12-29 16:01 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-29 16:01 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-29 16:01 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-29 16:01 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-29 16:01 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-29 16:01 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-29 16:01 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-29 15:57 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-27 17:56 . 2009-12-27 17:56 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AdobeUM
2009-12-27 17:56 . 2009-12-27 17:56 -------- d-----w- c:\users\uzivatel\AppData\Local\Adobe
2009-12-26 21:15 . 2009-12-30 21:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 21:15 . 2009-12-26 21:15 -------- d-----w- c:\program files\D-Link
2009-12-26 21:15 . 2009-12-26 21:15 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-26 21:13 . 2009-12-26 21:13 -------- d-----w- c:\windows\Cache
2009-12-26 09:30 . 2010-01-03 22:42 -------- d-----w- c:\program files\ESET

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-08 14:30 . 2008-01-21 06:13 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-01-08 14:30 . 2008-01-21 06:13 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 15:57 . 2010-01-04 15:57 19 ----a-w- c:\users\uzivatel\AppData\Roaming\mdbu.bin
2010-01-03 19:30 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2010-01-03 19:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-03 19:18 . 2010-01-03 19:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-01-03 19:17 . 2010-01-03 19:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2010-01-03 17:53 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2010-01-03 17:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-03 17:52 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-12-30 20:36 . 2009-12-30 20:36 -------- d-----w- c:\users\Dominika\AppData\Roaming\ATI
2009-12-25 19:26 . 2009-12-25 19:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-11 12:40 . 2009-12-11 11:56 680 ----a-w- c:\users\uzivatel\AppData\Local\d3d9caps.dat
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Plocha
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Oblíbené položky
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Šablony
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Nabídka Start
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Dokumenty
2009-12-11 11:54 . 2009-12-11 11:54 -------- d-sh--we c:\programdata\Data aplikací
2009-12-11 11:52 . 2009-12-11 11:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-11-21 06:40 . 2010-01-01 20:13 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2010-01-01 20:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2010-01-01 20:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2010-01-01 20:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-16 08:06 . 2009-11-16 08:06 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-04 16:16 . 2009-11-04 16:16 5079040 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2009-11-04 15:46 . 2009-11-04 15:46 479232 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-04 15:45 . 2009-11-04 15:45 360448 ----a-w- c:\windows\system32\atieclxx.exe
2009-11-04 15:45 . 2009-11-04 15:45 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2009-11-04 15:43 . 2009-11-04 15:43 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2009-11-04 15:43 . 2009-11-04 15:43 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-04 15:43 . 2009-11-04 15:43 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-04 15:43 . 2009-11-04 15:43 11776 ----a-w- c:\windows\system32\atimuixx.dll
2009-11-04 15:42 . 2009-11-04 15:42 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-04 15:39 . 2009-11-04 15:39 3034624 ----a-w- c:\windows\system32\atidxx32.dll
2009-11-04 15:23 . 2009-11-04 15:23 3602432 ----a-w- c:\windows\system32\atiumdag.dll
2009-11-04 15:11 . 2009-11-04 15:11 12964352 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-04 15:05 . 2009-11-04 15:05 2899456 ----a-w- c:\windows\system32\atiumdva.dll
2009-11-04 14:52 . 2009-11-04 14:52 52224 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-04 14:52 . 2009-11-04 14:52 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-04 14:52 . 2009-11-04 14:52 208896 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-04 14:47 . 2009-11-04 14:47 53248 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-04 14:47 . 2009-11-04 14:47 53248 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-04 14:46 . 2009-11-04 14:46 3547136 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-04 14:37 . 2009-11-04 14:37 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-07_22.10.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 13:02 . 2010-01-08 14:28 59300 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-11 11:56 . 2010-01-08 14:24 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-11 11:56 . 2010-01-07 18:56 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-11 11:56 . 2010-01-08 14:24 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-11 11:56 . 2010-01-07 18:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-11 11:56 . 2010-01-07 18:56 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-11 11:56 . 2010-01-08 14:24 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-31 16:07 . 2010-01-07 18:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-31 16:07 . 2010-01-08 14:24 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-31 16:07 . 2010-01-07 18:56 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-31 16:07 . 2010-01-08 14:24 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-31 16:07 . 2010-01-07 18:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-31 16:07 . 2010-01-08 14:24 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-31 12:54 . 2010-01-08 14:28 2118 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-106771787-44505253-1318668714-1002_UserData.bin
+ 2010-01-08 14:24 . 2010-01-08 14:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-07 18:56 . 2010-01-07 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-07 18:56 . 2010-01-07 18:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-08 14:24 . 2010-01-08 14:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-01-08 14:30 586980 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-01-07 19:00 586980 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-01-08 14:30 101052 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2010-01-07 19:00 101052 c:\windows\System32\perfc009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-04 98304]
"c:\windows\system32\V0420Cvw.dll"="c:\windows\system32\V0420Cvw.dll" [2007-05-14 262144]
"V0420Mon.exe"="c:\windows\V0420Mon.exe" [2007-04-30 32768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-04 149280]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):b3,b8,1e,46,9e,8c,ca,01

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [4.11.2009 16:45 172032]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [16.11.2009 9:06 38240]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.12.2009 22:18 222968]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 12:31 92008]
R3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\System32\drivers\V0420Vid.sys [26.12.2009 9:40 99648]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {50003530-4B94-442A-BBF1-06BC1B8AE85E} = 193.165.254.9,193.165.145.12
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 19:33
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2788)
c:\program files\Aberger\HfAsistent\FotoSync.dll
c:\program files\Aberger\HfAsistent\xerc2701.dll
c:\program files\Aberger\HfAsistent\fotosynr.dll
.
Celkový čas: 2010-01-08 19:35:47
ComboFix-quarantined-files.txt 2010-01-08 18:35
ComboFix2.txt 2010-01-08 17:25
ComboFix3.txt 2010-01-07 22:12

Před spuštěním: Volných bajtů: 446 842 306 560
Po spuštění: Volných bajtů: 446 812 045 312

- - End Of File - - AE68BC53B00F9C9F345341C3EE41DB37

[djaspic]

soubor.: c:\windows\system32\V0420Cvw.dll otestován a zde je link.:http://www.virustotal.com/cs/analisis/6 ... 1262978840


nebo.:
Soubor V0420CVW.dll přijatý 2010.01.08 19:27:20 (UTC)
Současný stav: Dokončeno
Výsledek: 0/41 (0%)
Formátované
Vytisknout výsledky Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.48 2010.01.08 -
AhnLab-V3 5.0.0.2 2010.01.08 -
AntiVir 7.9.1.130 2010.01.08 -
Antiy-AVL 2.0.3.7 2010.01.08 -
Authentium 5.2.0.5 2010.01.08 -
Avast 4.8.1351.0 2010.01.08 -
AVG 8.5.0.430 2010.01.04 -
BitDefender 7.2 2010.01.08 -
CAT-QuickHeal 10.00 2010.01.08 -
ClamAV 0.94.1 2010.01.08 -
Comodo 3514 2010.01.08 -
DrWeb 5.0.1.12222 2010.01.08 -
eSafe 7.0.17.0 2010.01.07 -
eTrust-Vet 35.2.7226 2010.01.08 -
F-Prot 4.5.1.85 2010.01.08 -
F-Secure 9.0.15370.0 2010.01.08 -
Fortinet 4.0.14.0 2010.01.08 -
GData 19 2010.01.08 -
Ikarus T3.1.1.80.0 2010.01.08 -
Jiangmin 13.0.900 2010.01.08 -
K7AntiVirus 7.10.942 2010.01.08 -
Kaspersky 7.0.0.125 2010.01.08 -
McAfee 5855 2010.01.08 -
McAfee+Artemis 5855 2010.01.08 -
McAfee-GW-Edition 6.8.5 2010.01.08 -
Microsoft 1.5302 2010.01.08 -
NOD32 4755 2010.01.08 -
Norman 6.04.03 2010.01.08 -
nProtect 2009.1.8.0 2010.01.08 -
Panda 10.0.2.2 2010.01.08 -
PCTools 7.0.3.5 2010.01.08 -
Prevx 3.0 2010.01.08 -
Rising 22.29.04.04 2010.01.08 -
Sophos 4.49.0 2010.01.08 -
Sunbelt 3.2.1858.2 2010.01.08 -
Symantec 20091.2.0.41 2010.01.08 -
TheHacker 6.5.0.3.142 2010.01.08 -
TrendMicro 9.120.0.1004 2010.01.08 -
VBA32 3.12.12.1 2010.01.06 -
ViRobot 2010.1.8.2128 2010.01.08 -
VirusBuster 5.0.21.0 2010.01.08 -
Rozšiřující informace
File size: 262144 bytes
MD5...: 513c6a8503044b04be425991cd9c20aa
SHA1..: 8ae004209147c2c82e29b80c40d3eeadda3ffce7
SHA256: 6fff072a54d72c656ef1845bd197687bf643aa38002f5a4517eaf6a4cbf097a4
ssdeep: 3072:C8TYgsOVNGrCeuT2XVuqjcUAzuPhxtUu6qMGkjGCvu1Gfhiei92Y73bDr:8
Vo24ucUAzuhTBZNCvNfy/7
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1633a
timedatestamp.....: 0x4647bd6d (Mon May 14 01:37:49 2007)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x286ae 0x29000 6.51 8b328866237e1cf1620500d72314dcf1
.rdata 0x2a000 0x80ac 0x9000 4.50 07d44db978d555c83fc7e7ea2dd78758
.data 0x33000 0x7f41 0x5000 2.42 e2cfcd4360b1263d48f3df619dbf4787
.rsrc 0x3b000 0x308 0x1000 0.82 d97846537efdbb111e6fc3654c486235
.reloc 0x3c000 0x6364 0x7000 3.83 34a3d255c29253f3d8aaf8ccfaeceb00

( 12 imports )
> WINSPOOL.DRV: DocumentPropertiesA, OpenPrinterA, ClosePrinter
> COMCTL32.dll: -
> SHLWAPI.dll: PathRemoveBackslashA, SHDeleteKeyA, StrStrIA
> KERNEL32.dll: GetCPInfo, GetProcessVersion, GlobalFlags, SetErrorMode, GetOEMCP, GetProcAddress, WritePrivateProfileStringA, WriteFile, SetFilePointer, LocalReAlloc, TlsGetValue, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, lstrcpynA, MulDiv, SetLastError, GlobalUnlock, GlobalFree, SuspendThread, SetThreadPriority, ResumeThread, GlobalLock, GlobalAlloc, lstrcmpA, GetCurrentThread, LocalFree, InterlockedIncrement, InterlockedDecrement, FindResourceA, LoadResource, LockResource, GetVersion, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, lstrcatA, lstrcpyA, ReleaseMutex, GetWindowsDirectoryA, GetUserDefaultLangID, GetModuleFileNameA, CreateDirectoryA, GetSystemDirectoryA, FindFirstFileA, SetFileAttributesA, RemoveDirectoryA, FindNextFileA, DeleteFileA, FindClose, MultiByteToWideChar, GetCurrentProcess, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, GetCurrentProcessId, GetProcessHeap, HeapAlloc, CreateEventA, SetEvent, lstrlenA, lstrcmpiA, WaitForSingleObject, HeapFree, GetExitCodeProcess, Sleep, IsBadReadPtr, CreateMutexA, GetLastError, GetCurrentThreadId, WaitForMultipleObjects, CloseHandle, FreeLibrary, LoadLibraryA, FlushFileBuffers, SetStdHandle, DeviceIoControl, CreateFileA, SetUnhandledExceptionFilter, LCMapStringW, LCMapStringA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetStartupInfoA, GetFileType, FreeEnvironmentStringsA, GetStdHandle, SetHandleCount, UnhandledExceptionFilter, IsBadWritePtr, VirtualAlloc, VirtualFree, HeapCreate, HeapDestroy, GetEnvironmentVariableA, GetACP, HeapSize, TerminateProcess, ExitProcess, RaiseException, GetCommandLineA, HeapReAlloc, ExitThread, CreateThread, RtlUnwind, IsBadCodePtr, GetStringTypeW, GetStringTypeA
> USER32.dll: UnregisterClassA, GetClassNameA, DestroyMenu, GetSysColorBrush, WinHelpA, TrackPopupMenu, GetWindowTextA, DestroyWindow, CreateWindowExA, SetWindowsHookExA, CallNextHookEx, GetClassLongA, SetPropA, GetMessageA, TranslateMessage, GetActiveWindow, ValidateRect, GetCursorPos, PostQuitMessage, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, SetMenuItemBitmaps, UnhookWindowsHookEx, GetPropA, CallWindowProcA, CheckMenuItem, GetNextDlgTabItem, IsWindowEnabled, ShowWindow, SetWindowTextA, RemovePropA, GetMessageTime, GetMessagePos, IsDialogMessageA, SetWindowLongA, SetWindowPos, SystemParametersInfoA, GetWindowPlacement, ShowScrollBar, TabbedTextOutA, GrayStringA, SetParent, GetWindowLongA, GetSubMenu, KillTimer, GetAsyncKeyState, GetKeyState, BroadcastSystemMessage, InvalidateRect, SetTimer, GetDlgCtrlID, GetSystemMenu, ClientToScreen, LoadImageA, EnableMenuItem, DrawIcon, LoadIconA, DeleteMenu, InsertMenuA, CreatePopupMenu, GetMenuItemCount, GetMenuItemID, GetMenuStringA, ModifyMenuA, CopyRect, GetDC, GetWindowRect, GetSystemMetrics, GetClientRect, PtInRect, GetCapture, ReleaseCapture, IsWindowVisible, GetFocus, GetClassInfoA, DefWindowProcA, LoadStringA, wsprintfA, GetWindowThreadProcessId, AttachThreadInput, IsIconic, OpenIcon, SetForegroundWindow, SetActiveWindow, IsWindow, MessageBoxA, GetDlgItem, RegisterWindowMessageA, GetParent, SendMessageA, SetCursor, EnableWindow, LoadCursorA, DrawTextA, EndPaint, BeginPaint, EndDialog, ReleaseDC, WindowFromPoint, PostMessageA, CreateDialogIndirectParamA, RegisterClassExA, IsDlgButtonChecked, CheckRadioButton, CheckDlgButton, UpdateWindow, SendDlgItemMessageA, MapWindowPoints, GetSysColor, PeekMessageA, DispatchMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetScrollInfo, GetWindow, GetTopWindow, GetLastActivePopup, GetForegroundWindow, GetMenu, RegisterClassA, SetScrollInfo
> ADVAPI32.dll: RegSetValueExA, RegCreateKeyExA, RegQueryValueExA, RegOpenKeyExA, RegDeleteValueA, RegEnumKeyExA, RegQueryInfoKeyA, RegCloseKey
> ole32.dll: CoInitialize, CoCreateInstance, CoUninitialize
> OLEAUT32.dll: -, -, -, -, -, -
> CFGMGR32.dll: CM_Get_DevNode_Status, CM_Get_DevNode_Registry_PropertyA
> SETUPAPI.dll: SetupDiEnumDeviceInfo, SetupDiDestroyDeviceInfoList, SetupDiGetClassDevsA, SetupDiOpenDevRegKey, SetupDiGetDeviceRegistryPropertyA
> GDI32.dll: GetDeviceCaps, GetTextMetricsA, CreateFontIndirectA, GetObjectA, DeleteObject, CreateICA, GetStockObject, GetClipBox, SetTextColor, SetBkColor, CreateBitmap, DeleteDC, SaveDC, RestoreDC, SelectObject, SetBkMode, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape
> SHELL32.dll: ShellExecuteExA, SHGetSpecialFolderPathA

( 7 exports )
DllRegisterServer, DllUnregisterServer, ctCVWConsoleRunDLL32EP, ctCVWEntryPoint, ctCVWIntroRunDLL32EP, ctCVWParentalRunDLL32EP, ctCVWUtilityRunDLL32EP
RDS...: NSRL Reference Data Set
-
pdfid.: -
sigcheck:
publisher....: Creative Technology Ltd.
copyright....: Copyright (c) Creative Technology Ltd., 2007
product......: n/a
description..: Live_ Cam Console
original name: V0420Cvw.dll
internal name: n/a
file version.: 1.00.02.00
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
trid..: Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

[motji]

Fajn, jak to vypadá s počítačem ted?

[djaspic]

musím se přiznat jsem lajdák, ten druhý log po vypnuté ochraně jsem nesledoval, odskočil jsem si a tak nevím zda se PC restartoval, ale při pokusu o spuštění ikonou na ploše jakéhokoliv progranu, tak mi psal že označen pro smazání a nereagoval. PC jsem rerstartoval a F8 do poslední známé funkční konfigurace, kde jsem te´d a čekám dalších pokynů , at něco nezvořu. Hlášku "nenalezl C:/windows/system32/sshnas.dll" jsem dnes při spuštění PC nezaznamenal. Co má dělat dál? restartat?

[motji]

A ted vše funguje jak má?
Když tak pc restartujte a napište jak to vypadá

[djaspic]

PC nevykazuje nic od normálu, takže restart dám vědět.

[djaspic]

Po restartu se zdá všechno OK, PC naběhl celkem svižně, až na NOD 32 smart security4, ten nastartoval bez zapnuté antispamové ochrany, tu jsem zapnul dodatečně, mjinak vše v poho.
Jen malý skromný dotaz, který antivir je dobrý a který doporučuješ? V PC mám na zkoušku výš uvedenej 30 denní verzi, zda zakoupit nebo změnit firmu nebo nejaký crack.
Každá rada dobrá.
Jinak velice děkuji za pomoc a budu muset přispět trochou do mlýna. dík djaspic

[motji]

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)


Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?


Crack určitě ne , je to nelegální a navíc cracky bývají zavirované a takový antivir nemusí fungovat správně, i když se tak tváří.
Pokud Vám Nod vyhovuje, klidně si ho zakupte.
Ve Free verzi je Avast a Avira, myslím že patří k těm dobrým antivirům.

[djaspic]

PC OK, zde je log, na dvakrát.:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:38:02, on 8.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\V0420Mon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Opera\opera.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\uzivatel\AppData\Local\Opera\Opera\temporary_downloads\RSIT (1).exe
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [C:\Windows\system32\V0420Cvw.dll] C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0420Cvw.dll
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{50003530-4B94-442A-BBF1-06BC1B8AE85E}: NameServer = 193.165.254.9,193.165.145.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{50003530-4B94-442A-BBF1-06BC1B8AE85E}: NameServer = 193.165.254.9,193.165.145.12
O17 - HKLM\System\CS2\Services\Tcpip\..\{50003530-4B94-442A-BBF1-06BC1B8AE85E}: NameServer = 193.165.254.9,193.165.145.12
O17 - HKLM\System\CS3\Services\Tcpip\..\{50003530-4B94-442A-BBF1-06BC1B8AE85E}: NameServer = 193.165.254.9,193.165.145.12
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 5888 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-04 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-04 98304]
"C:\Windows\system32\V0420Cvw.dll"=C:\Windows\system32\RegSvr32.exe [2006-11-02 14336]
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-04 149280]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]