Prosím o preventivní kontrolu logu. PC je zpomalené.

Zpráva

korn19771 · #1 Příspěvek od **korn19771** » 20 kvě 2010 12:09

Prosím o preventivní kontrolu logu. PC je zpomalené. Děkuji.

Logfile of random's system information tool 1.07 (written by random/random)
Run by bartosova at 2010-05-20 13:05:44
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 145 GB (67%) free of 215 GB
Total RAM: 1943 MB (44% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-03-05 816440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-11 41368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2009-12-01 256576]
"TPFNF7"=C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-12-21 69568]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-19 1434920]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2009-03-19 1527808]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-05-25 487424]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2009-07-23 185688]
"LPMailChecker"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"CreateLMBCShortCut"=C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe [2009-05-16 40960]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2010-03-01 431464]
"ACWlIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [2010-03-01 181608]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-03-05 3093816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"RoxioDragToDisc"=C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe [2007-03-13 1116920]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-02-26 992816]
"AMSG"=C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe [2009-09-03 436800]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2009-09-21 1206544]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-02-01 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-02-01 175640]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-02-01 166936]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-01-25 225792]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0298c66-2d31-11df-a72c-adbd0af11386}]
shell\AutoRun\command - S:\LenovoSDrive.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6e0fbbe-2d3c-11df-b101-806e6f6e6963}]
shell\AutoRun\command - Q:\LenovoQDrive.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-05-20 13:05:44 ----D---- C:\rsit
2010-05-20 13:05:44 ----D---- C:\Program Files\trend micro
2010-05-17 14:25:14 ----HD---- C:\C
2010-05-11 07:50:07 ----D---- C:\B
2010-05-05 14:48:44 ----D---- C:\Windows\system32\eu-ES
2010-05-05 14:48:44 ----D---- C:\Windows\system32\ca-ES
2010-05-05 14:48:41 ----D---- C:\Windows\system32\vi-VN
2010-05-05 14:25:38 ----D---- C:\Windows\system32\EventProviders
2010-05-05 14:19:37 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-05-05 14:19:35 ----A---- C:\Windows\system32\SLCExt.dll
2010-05-05 14:19:34 ----A---- C:\Windows\system32\SLsvc.exe
2010-05-05 14:19:29 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-05-05 14:19:29 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-05-05 14:19:26 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-05-05 14:19:23 ----A---- C:\Windows\system32\mssrch.dll
2010-05-05 14:19:19 ----A---- C:\Windows\system32\tquery.dll
2010-05-05 14:19:16 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-05-05 14:19:13 ----A---- C:\Windows\system32\scavenge.dll
2010-05-05 14:19:10 ----A---- C:\Windows\system32\msi.dll
2010-05-05 14:19:09 ----A---- C:\Windows\system32\imapi2fs.dll
2010-05-05 14:19:07 ----A---- C:\Windows\system32\WscEapPr.dll
2010-05-05 14:19:07 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-05-05 14:19:07 ----A---- C:\Windows\system32\sysmain.dll
2010-05-05 14:19:05 ----A---- C:\Windows\system32\icardagt.exe
2010-05-05 14:19:03 ----A---- C:\Windows\system32\EhStorShell.dll
2010-05-05 14:19:03 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2010-05-05 14:19:01 ----A---- C:\Windows\system32\spreview.exe
2010-05-05 14:19:01 ----A---- C:\Windows\system32\spinstall.exe
2010-05-05 14:19:00 ----A---- C:\Windows\system32\drmv2clt.dll
2010-05-05 14:18:59 ----A---- C:\Windows\system32\spwizui.dll
2010-05-05 14:18:59 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-05-05 14:18:57 ----A---- C:\Windows\system32\shell32.dll
2010-05-05 14:18:56 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-05-05 14:18:56 ----A---- C:\Windows\system32\p2psvc.dll
2010-05-05 14:18:56 ----A---- C:\Windows\system32\mssvp.dll
2010-05-05 14:18:55 ----A---- C:\Windows\system32\mscoree.dll
2010-05-05 14:18:54 ----A---- C:\Windows\system32\mssphtb.dll
2010-05-05 14:18:54 ----A---- C:\Windows\system32\mssph.dll
2010-05-05 14:18:53 ----A---- C:\Windows\system32\imapi2.dll
2010-05-05 14:18:51 ----A---- C:\Windows\system32\sdohlp.dll
2010-05-05 14:18:51 ----A---- C:\Windows\system32\esent.dll
2010-05-05 14:18:50 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-05-05 14:18:50 ----A---- C:\Windows\system32\DevicePairing.dll
2010-05-05 14:18:48 ----A---- C:\Windows\system32\wevtsvc.dll
2010-05-05 14:18:48 ----A---- C:\Windows\system32\sperror.dll
2010-05-05 14:18:48 ----A---- C:\Windows\system32\korwbrkr.dll
2010-05-05 14:18:47 ----A---- C:\Windows\system32\SLC.dll
2010-05-05 14:18:47 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-05-05 14:18:46 ----A---- C:\Windows\system32\msshsq.dll
2010-05-05 14:18:44 ----A---- C:\Windows\system32\pmcsnap.dll
2010-05-05 14:18:43 ----A---- C:\Windows\system32\msjet40.dll
2010-05-05 14:18:43 ----A---- C:\Windows\system32\MPSSVC.dll
2010-05-05 14:18:41 ----A---- C:\Windows\system32\Query.dll
2010-05-05 14:18:41 ----A---- C:\Windows\system32\qmgr.dll
2010-05-05 14:18:40 ----A---- C:\Windows\system32\P2PGraph.dll
2010-05-05 14:18:40 ----A---- C:\Windows\system32\msexch40.dll
2010-05-05 14:18:40 ----A---- C:\Windows\system32\diagperf.dll
2010-05-05 14:18:39 ----A---- C:\Windows\system32\ole32.dll
2010-05-05 14:18:39 ----A---- C:\Windows\system32\IasMigReader.exe
2010-05-05 14:18:38 ----A---- C:\Windows\system32\winload.exe
2010-05-05 14:18:38 ----A---- C:\Windows\system32\srchadmin.dll
2010-05-05 14:18:38 ----A---- C:\Windows\system32\ntdll.dll
2010-05-05 14:18:38 ----A---- C:\Windows\system32\mblctr.exe
2010-05-05 14:18:37 ----A---- C:\Windows\system32\uDWM.dll
2010-05-05 14:18:37 ----A---- C:\Windows\system32\mmc.exe
2010-05-05 14:18:37 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-05-05 14:18:37 ----A---- C:\Windows\system32\EncDec.dll
2010-05-05 14:18:37 ----A---- C:\Windows\system32\dfsr.exe
2010-05-05 14:18:36 ----A---- C:\Windows\system32\riched20.dll
2010-05-05 14:18:35 ----A---- C:\Windows\system32\fdBth.dll
2010-05-05 14:18:34 ----A---- C:\Windows\system32\RacEngn.dll
2010-05-05 14:18:34 ----A---- C:\Windows\system32\kernel32.dll
2010-05-05 14:18:33 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-05-05 14:18:33 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-05-05 14:18:33 ----A---- C:\Windows\system32\milcore.dll
2010-05-05 14:18:32 ----A---- C:\Windows\system32\spoolss.dll
2010-05-05 14:18:32 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-05-05 14:18:32 ----A---- C:\Windows\system32\CertEnroll.dll
2010-05-05 14:18:31 ----A---- C:\Windows\system32\schedsvc.dll
2010-05-05 14:18:31 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-05-05 14:18:29 ----A---- C:\Windows\system32\msjtes40.dll
2010-05-05 14:18:29 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-05-05 14:18:28 ----A---- C:\Windows\system32\WinSAT.exe
2010-05-05 14:18:28 ----A---- C:\Windows\system32\msvcp60.dll
2010-05-05 14:18:28 ----A---- C:\Windows\system32\infocardapi.dll
2010-05-05 14:18:28 ----A---- C:\Windows\system32\gpedit.dll
2010-05-05 14:18:27 ----A---- C:\Windows\system32\PresentationSettings.exe
2010-05-05 14:18:27 ----A---- C:\Windows\system32\es.dll
2010-05-05 14:18:27 ----A---- C:\Windows\system32\cscsvc.dll
2010-05-05 14:18:26 ----A---- C:\Windows\system32\Magnify.exe
2010-05-05 14:18:26 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2010-05-05 14:18:25 ----A---- C:\Windows\system32\WebClnt.dll
2010-05-05 14:18:25 ----A---- C:\Windows\system32\mstext40.dll
2010-05-05 14:18:25 ----A---- C:\Windows\system32\advapi32.dll
2010-05-05 14:18:24 ----A---- C:\Windows\system32\WMPhoto.dll
2010-05-05 14:18:24 ----A---- C:\Windows\system32\slwmi.dll
2010-05-05 14:18:24 ----A---- C:\Windows\system32\msexcl40.dll
2010-05-05 14:18:23 ----A---- C:\Windows\system32\msxbde40.dll
2010-05-05 14:18:23 ----A---- C:\Windows\system32\comsvcs.dll
2010-05-05 14:18:22 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-05-05 14:18:21 ----A---- C:\Windows\system32\vssapi.dll
2010-05-05 14:18:20 ----A---- C:\Windows\system32\authui.dll
2010-05-05 14:18:19 ----A---- C:\Windows\system32\NetProjW.dll
2010-05-05 14:18:18 ----A---- C:\Windows\system32\PresentationHost.exe
2010-05-05 14:18:18 ----A---- C:\Windows\system32\msrepl40.dll
2010-05-05 14:18:17 ----A---- C:\Windows\system32\propsys.dll
2010-05-05 14:18:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-05-05 14:18:17 ----A---- C:\Windows\system32\newdev.dll
2010-05-05 14:18:17 ----A---- C:\Windows\system32\iasrecst.dll
2010-05-05 14:18:17 ----A---- C:\Windows\system32\gpsvc.dll
2010-05-05 14:18:17 ----A---- C:\Windows\system32\eudcedit.exe
2010-05-05 14:18:16 ----A---- C:\Windows\system32\rpcss.dll
2010-05-05 14:18:16 ----A---- C:\Windows\system32\crypt32.dll
2010-05-05 14:18:16 ----A---- C:\Windows\explorer.exe
2010-05-05 14:18:15 ----A---- C:\Windows\system32\setupapi.dll
2010-05-05 14:18:15 ----A---- C:\Windows\system32\mspbde40.dll
2010-05-05 14:18:14 ----A---- C:\Windows\system32\d3d9.dll
2010-05-05 14:18:13 ----A---- C:\Windows\system32\msltus40.dll
2010-05-05 14:18:13 ----A---- C:\Windows\system32\davclnt.dll
2010-05-05 14:18:12 ----A---- C:\Windows\system32\shlwapi.dll
2010-05-05 14:18:12 ----A---- C:\Windows\system32\mfc42.dll
2010-05-05 14:18:12 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-05-05 14:18:11 ----A---- C:\Windows\system32\msrd3x40.dll
2010-05-05 14:18:11 ----A---- C:\Windows\system32\msdtctm.dll
2010-05-05 14:18:11 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-05-05 14:18:10 ----A---- C:\Windows\system32\wevtapi.dll
2010-05-05 14:18:10 ----A---- C:\Windows\system32\photowiz.dll
2010-05-05 14:18:10 ----A---- C:\Windows\system32\nlhtml.dll
2010-05-05 14:18:10 ----A---- C:\Windows\system32\browseui.dll
2010-05-05 14:18:08 ----A---- C:\Windows\system32\user32.dll
2010-05-05 14:18:04 ----A---- C:\Windows\system32\samsrv.dll
2010-05-05 14:18:03 ----A---- C:\Windows\system32\ci.dll
2010-05-05 14:18:02 ----A---- C:\Windows\system32\win32spl.dll
2010-05-05 14:18:02 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-05-05 14:18:02 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-05-05 14:18:01 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-05-05 14:18:01 ----A---- C:\Windows\system32\oleaut32.dll
2010-05-05 14:18:00 ----A---- C:\Windows\system32\netshell.dll
2010-05-05 14:18:00 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-05-05 14:18:00 ----A---- C:\Windows\system32\compcln.exe
2010-05-05 14:17:59 ----A---- C:\Windows\system32\winhttp.dll
2010-05-05 14:17:59 ----A---- C:\Windows\system32\apds.dll
2010-05-05 14:17:58 ----A---- C:\Windows\system32\xmlfilter.dll
2010-05-05 14:17:58 ----A---- C:\Windows\system32\mswstr10.dll
2010-05-05 14:17:58 ----A---- C:\Windows\system32\audiosrv.dll
2010-05-05 14:17:57 ----A---- C:\Windows\system32\msctf.dll
2010-05-05 14:17:57 ----A---- C:\Windows\system32\emdmgmt.dll
2010-05-05 14:17:56 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-05-05 14:17:56 ----A---- C:\Windows\system32\msvcrt.dll
2010-05-05 14:17:56 ----A---- C:\Windows\system32\gdi32.dll
2010-05-05 14:17:55 ----A---- C:\Windows\system32\VSSVC.exe
2010-05-05 14:17:55 ----A---- C:\Windows\system32\SLUI.exe
2010-05-05 14:17:55 ----A---- C:\Windows\system32\mfc42u.dll
2010-05-05 14:17:54 ----A---- C:\Windows\system32\eapphost.dll
2010-05-05 14:17:53 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-05-05 14:17:53 ----A---- C:\Windows\system32\msrd2x40.dll
2010-05-05 14:17:52 ----A---- C:\Windows\system32\wbengine.exe
2010-05-05 14:17:52 ----A---- C:\Windows\system32\odbc32.dll
2010-05-05 14:17:51 ----A---- C:\Windows\system32\winresume.exe
2010-05-05 14:17:51 ----A---- C:\Windows\system32\propdefs.dll
2010-05-05 14:17:50 ----A---- C:\Windows\system32\shdocvw.dll
2010-05-05 14:17:48 ----A---- C:\Windows\system32\wevtutil.exe
2010-05-05 14:17:48 ----A---- C:\Windows\system32\mssitlb.dll
2010-05-05 14:17:48 ----A---- C:\Windows\system32\dbgeng.dll
2010-05-05 14:17:46 ----A---- C:\Windows\system32\WsmSvc.dll
2010-05-05 14:17:46 ----A---- C:\Windows\system32\swprv.dll
2010-05-05 14:17:45 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-05-05 14:17:44 ----A---- C:\Windows\system32\usp10.dll
2010-05-05 14:17:43 ----A---- C:\Windows\system32\vds.exe
2010-05-05 14:17:43 ----A---- C:\Windows\system32\drvinst.exe
2010-05-05 14:17:43 ----A---- C:\Windows\system32\devmgr.dll
2010-05-05 14:17:42 ----A---- C:\Windows\system32\netlogon.dll
2010-05-05 14:17:42 ----A---- C:\Windows\system32\msscb.dll
2010-05-05 14:17:42 ----A---- C:\Windows\system32\msctfp.dll
2010-05-05 14:17:42 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-05-05 14:17:41 ----A---- C:\Windows\system32\WFS.exe
2010-05-05 14:17:41 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-05-05 14:17:41 ----A---- C:\Windows\system32\BFE.DLL
2010-05-05 14:17:41 ----A---- C:\Windows\system32\adsldpc.dll
2010-05-05 14:17:40 ----A---- C:\Windows\system32\wcnwiz.dll
2010-05-05 14:17:40 ----A---- C:\Windows\system32\evr.dll
2010-05-05 14:17:39 ----A---- C:\Windows\system32\Wldap32.dll
2010-05-05 14:17:39 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-05-05 14:17:38 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-05-05 14:17:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-05-05 14:17:36 ----A---- C:\Windows\system32\wercon.exe
2010-05-05 14:17:36 ----A---- C:\Windows\system32\services.exe
2010-05-05 14:17:35 ----A---- C:\Windows\system32\mimefilt.dll
2010-05-05 14:17:35 ----A---- C:\Windows\system32\comdlg32.dll
2010-05-05 14:17:35 ----A---- C:\Windows\system32\adtschema.dll
2010-05-05 14:17:34 ----A---- C:\Windows\system32\wcncsvc.dll
2010-05-05 14:17:34 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-05-05 14:17:34 ----A---- C:\Windows\system32\certcli.dll
2010-05-05 14:17:33 ----A---- C:\Windows\system32\taskeng.exe
2010-05-05 14:17:33 ----A---- C:\Windows\system32\reg.exe
2010-05-05 14:17:33 ----A---- C:\Windows\system32\mswdat10.dll
2010-05-05 14:17:33 ----A---- C:\Windows\system32\msjter40.dll
2010-05-05 14:17:33 ----A---- C:\Windows\system32\msdtcprx.dll
2010-05-05 14:17:33 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-05-05 14:17:32 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-05-05 14:17:32 ----A---- C:\Windows\system32\rtffilt.dll
2010-05-05 14:17:32 ----A---- C:\Windows\system32\dnsapi.dll
2010-05-05 14:17:32 ----A---- C:\Windows\system32\certutil.exe
2010-05-05 14:17:31 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-05-05 14:17:31 ----A---- C:\Windows\system32\w32time.dll
2010-05-05 14:17:30 ----A---- C:\Windows\system32\msshooks.dll
2010-05-05 14:17:30 ----A---- C:\Windows\system32\msscntrs.dll
2010-05-05 14:17:30 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-05-05 14:17:30 ----A---- C:\Windows\system32\bcrypt.dll
2010-05-05 14:17:29 ----A---- C:\Windows\system32\bthserv.dll
2010-05-05 14:17:28 ----A---- C:\Windows\system32\rsaenh.dll
2010-05-05 14:17:28 ----A---- C:\Windows\system32\msihnd.dll
2010-05-05 14:17:27 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-05-05 14:17:27 ----A---- C:\Windows\system32\msstrc.dll
2010-05-05 14:17:27 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-05-05 14:17:26 ----A---- C:\Windows\system32\scrptadm.dll
2010-05-05 14:17:26 ----A---- C:\Windows\system32\netapi32.dll
2010-05-05 14:17:26 ----A---- C:\Windows\system32\inetcomm.dll
2010-05-05 14:17:26 ----A---- C:\Windows\system32\dfshim.dll
2010-05-05 14:17:25 ----A---- C:\Windows\system32\mtxclu.dll
2010-05-05 14:17:25 ----A---- C:\Windows\system32\inetpp.dll
2010-05-05 14:17:24 ----A---- C:\Windows\system32\mscories.dll
2010-05-05 14:17:24 ----A---- C:\Windows\system32\hidserv.dll
2010-05-05 14:17:24 ----A---- C:\Windows\system32\fundisc.dll
2010-05-05 14:17:24 ----A---- C:\Windows\system32\cryptsvc.dll
2010-05-05 14:17:23 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-05-05 14:17:23 ----A---- C:\Windows\system32\termsrv.dll
2010-05-05 14:17:23 ----A---- C:\Windows\system32\profsvc.dll
2010-05-05 14:17:23 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-05-05 14:17:22 ----A---- C:\Windows\system32\imapi.dll
2010-05-05 14:17:21 ----A---- C:\Windows\system32\wdc.dll
2010-05-05 14:17:21 ----A---- C:\Windows\system32\shsvcs.dll
2010-05-05 14:17:21 ----A---- C:\Windows\system32\msiexec.exe
2010-05-05 14:17:21 ----A---- C:\Windows\system32\chsbrkr.dll
2010-05-05 14:17:20 ----A---- C:\Windows\system32\spoolsv.exe
2010-05-05 14:17:20 ----A---- C:\Windows\system32\rasmans.dll
2010-05-05 14:17:20 ----A---- C:\Windows\system32\pnidui.dll
2010-05-05 14:17:20 ----A---- C:\Windows\system32\icardres.dll
2010-05-05 14:17:20 ----A---- C:\Windows\system32\iassdo.dll
2010-05-05 14:17:19 ----A---- C:\Windows\system32\scrrun.dll
2010-05-05 14:17:19 ----A---- C:\Windows\system32\autofmt.exe
2010-05-05 14:17:18 ----A---- C:\Windows\system32\wersvc.dll
2010-05-05 14:17:18 ----A---- C:\Windows\system32\slmgr.vbs
2010-05-05 14:17:18 ----A---- C:\Windows\system32\PSHED.DLL
2010-05-05 14:17:18 ----A---- C:\Windows\system32\pdh.dll
2010-05-05 14:17:18 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-05-05 14:17:17 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-05-05 14:17:17 ----A---- C:\Windows\system32\azroles.dll
2010-05-05 14:17:16 ----A---- C:\Windows\system32\pidgenx.dll
2010-05-05 14:17:13 ----A---- C:\Windows\system32\wmpmde.dll
2010-05-05 14:17:13 ----A---- C:\Windows\system32\winlogon.exe
2010-05-05 14:17:12 ----A---- C:\Windows\system32\SyncCenter.dll
2010-05-05 14:17:12 ----A---- C:\Windows\system32\SLUINotify.dll
2010-05-05 14:17:11 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-05-05 14:17:11 ----A---- C:\Windows\system32\comuid.dll
2010-05-05 14:17:10 ----A---- C:\Windows\system32\sethc.exe
2010-05-05 14:17:10 ----A---- C:\Windows\system32\ncrypt.dll
2010-05-05 14:17:10 ----A---- C:\Windows\system32\kd1394.dll
2010-05-05 14:17:10 ----A---- C:\Windows\system32\certmgr.dll
2010-05-05 14:17:09 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-05-05 14:17:09 ----A---- C:\Windows\system32\untfs.dll
2010-05-05 14:17:09 ----A---- C:\Windows\system32\spp.dll
2010-05-05 14:17:09 ----A---- C:\Windows\system32\scrobj.dll
2010-05-05 14:17:09 ----A---- C:\Windows\system32\iassam.dll
2010-05-05 14:17:08 ----A---- C:\Windows\system32\wisptis.exe
2010-05-05 14:17:08 ----A---- C:\Windows\system32\rtutils.dll
2010-05-05 14:17:08 ----A---- C:\Windows\system32\dwm.exe
2010-05-05 14:17:07 ----A---- C:\Windows\system32\taskcomp.dll
2010-05-05 14:17:07 ----A---- C:\Windows\system32\cscui.dll
2010-05-05 14:17:07 ----A---- C:\Windows\system32\autochk.exe
2010-05-05 14:17:06 ----A---- C:\Windows\system32\printui.dll
2010-05-05 14:17:06 ----A---- C:\Windows\system32\iasnap.dll
2010-05-05 14:17:06 ----A---- C:\Windows\system32\autoconv.exe
2010-05-05 14:17:05 ----A---- C:\Windows\system32\winsrv.dll
2010-05-05 14:17:05 ----A---- C:\Windows\system32\cscript.exe
2010-05-05 14:17:04 ----A---- C:\Windows\system32\kdcom.dll
2010-05-05 14:17:04 ----A---- C:\Windows\system32\basecsp.dll
2010-05-05 14:17:03 ----A---- C:\Windows\system32\wow32.dll
2010-05-05 14:17:03 ----A---- C:\Windows\system32\userenv.dll
2010-05-05 14:17:03 ----A---- C:\Windows\system32\osk.exe
2010-05-05 14:17:03 ----A---- C:\Windows\system32\onex.dll
2010-05-05 14:17:03 ----A---- C:\Windows\system32\audiodg.exe
2010-05-05 14:17:02 ----A---- C:\Windows\system32\mswsock.dll
2010-05-05 14:17:01 ----A---- C:\Windows\system32\winmm.dll
2010-05-05 14:17:01 ----A---- C:\Windows\system32\RelMon.dll
2010-05-05 14:17:01 ----A---- C:\Windows\system32\kdusb.dll
2010-05-05 14:17:00 ----A---- C:\Windows\system32\WinSCard.dll
2010-05-05 14:17:00 ----A---- C:\Windows\system32\rdpencom.dll
2010-05-05 14:16:59 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-05-05 14:16:59 ----A---- C:\Windows\system32\spcmsg.dll
2010-05-05 14:16:59 ----A---- C:\Windows\system32\msftedit.dll
2010-05-05 14:16:58 ----A---- C:\Windows\system32\offfilt.dll
2010-05-05 14:16:58 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-05-05 14:16:57 ----A---- C:\Windows\system32\Utilman.exe
2010-05-05 14:16:56 ----A---- C:\Windows\system32\wsepno.dll
2010-05-05 14:16:56 ----A---- C:\Windows\system32\WerFault.exe
2010-05-05 14:16:56 ----A---- C:\Windows\system32\stobject.dll
2010-05-05 14:16:55 ----A---- C:\Windows\system32\mfplat.dll
2010-05-05 14:16:55 ----A---- C:\Windows\system32\diskraid.exe
2010-05-05 14:16:55 ----A---- C:\Windows\system32\apphelp.dll
2010-05-05 14:16:54 ----A---- C:\Windows\system32\SndVol.exe
2010-05-05 14:16:54 ----A---- C:\Windows\system32\prnntfy.dll
2010-05-05 14:16:54 ----A---- C:\Windows\system32\msnetobj.dll
2010-05-05 14:16:54 ----A---- C:\Windows\system32\mscms.dll
2010-05-05 14:16:54 ----A---- C:\Windows\system32\adsmsext.dll
2010-05-05 14:16:53 ----A---- C:\Windows\system32\wiaservc.dll
2010-05-05 14:16:53 ----A---- C:\Windows\system32\sysclass.dll
2010-05-05 14:16:53 ----A---- C:\Windows\system32\odbccp32.dll
2010-05-05 14:16:52 ----A---- C:\Windows\system32\wscript.exe
2010-05-05 14:16:52 ----A---- C:\Windows\system32\ulib.dll
2010-05-05 14:16:52 ----A---- C:\Windows\system32\iasdatastore.dll
2010-05-05 14:16:51 ----A---- C:\Windows\system32\dsound.dll
2010-05-05 14:16:50 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-05-05 14:16:50 ----A---- C:\Windows\system32\cryptui.dll
2010-05-05 14:16:49 ----A---- C:\Windows\system32\wscntfy.dll
2010-05-05 14:16:49 ----A---- C:\Windows\system32\rastapi.dll
2010-05-05 14:16:49 ----A---- C:\Windows\system32\pnpsetup.dll
2010-05-05 14:16:49 ----A---- C:\Windows\system32\fdProxy.dll
2010-05-05 14:16:48 ----A---- C:\Windows\system32\wlangpui.dll
2010-05-05 14:16:48 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-05-05 14:16:48 ----A---- C:\Windows\system32\diskpart.exe
2010-05-05 14:16:48 ----A---- C:\Windows\system32\brcpl.dll
2010-05-05 14:16:47 ----A---- C:\Windows\system32\wscsvc.dll
2010-05-05 14:16:47 ----A---- C:\Windows\system32\vdsdyn.dll
2010-05-05 14:16:47 ----A---- C:\Windows\system32\iashlpr.dll
2010-05-05 14:16:47 ----A---- C:\Windows\system32\gpapi.dll
2010-05-05 14:16:46 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-05-05 14:16:46 ----A---- C:\Windows\system32\rasapi32.dll
2010-05-05 14:16:46 ----A---- C:\Windows\system32\logman.exe
2010-05-05 14:16:45 ----A---- C:\Windows\system32\wusa.exe
2010-05-05 14:16:45 ----A---- C:\Windows\system32\regsvc.dll
2010-05-05 14:16:45 ----A---- C:\Windows\system32\ntprint.dll
2010-05-05 14:16:45 ----A---- C:\Windows\system32\mscorier.dll
2010-05-05 14:16:45 ----A---- C:\Windows\system32\iasrad.dll
2010-05-05 14:16:45 ----A---- C:\Windows\system32\findstr.exe
2010-05-05 14:16:44 ----A---- C:\Windows\system32\zipfldr.dll
2010-05-05 14:16:44 ----A---- C:\Windows\system32\wshext.dll
2010-05-05 14:16:43 ----A---- C:\Windows\system32\netcenter.dll
2010-05-05 14:16:42 ----A---- C:\Windows\system32\wer.dll
2010-05-05 14:16:42 ----A---- C:\Windows\system32\rasdlg.dll
2010-05-05 14:16:42 ----A---- C:\Windows\system32\iassvcs.dll
2010-05-05 14:16:41 ----A---- C:\Windows\system32\wsnmp32.dll
2010-05-05 14:16:41 ----A---- C:\Windows\system32\themecpl.dll
2010-05-05 14:16:39 ----A---- C:\Windows\system32\uxsms.dll
2010-05-05 14:16:39 ----A---- C:\Windows\system32\mssprxy.dll
2010-05-05 14:16:38 ----A---- C:\Windows\system32\srvsvc.dll
2010-05-05 14:16:38 ----A---- C:\Windows\system32\ntmarta.dll
2010-05-05 14:16:37 ----A---- C:\Windows\system32\scansetting.dll
2010-05-05 14:16:37 ----A---- C:\Windows\system32\msutb.dll
2010-05-05 14:16:37 ----A---- C:\Windows\system32\mstlsapi.dll
2010-05-05 14:16:37 ----A---- C:\Windows\system32\iasads.dll
2010-05-05 14:16:36 ----A---- C:\Windows\system32\slcc.dll
2010-05-05 14:16:36 ----A---- C:\Windows\system32\powrprof.dll
2010-05-05 14:16:36 ----A---- C:\Windows\system32\mstsc.exe
2010-05-05 14:16:35 ----A---- C:\Windows\system32\networkmap.dll
2010-05-05 14:16:35 ----A---- C:\Windows\system32\iasacct.dll
2010-05-05 14:16:34 ----A---- C:\Windows\system32\powercpl.dll
2010-05-05 14:16:34 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-05-05 14:16:33 ----A---- C:\Windows\system32\umrdp.dll
2010-05-05 14:16:33 ----A---- C:\Windows\system32\newdev.exe
2010-05-05 14:16:33 ----A---- C:\Windows\system32\connect.dll
2010-05-05 14:16:33 ----A---- C:\Windows\system32\authz.dll
2010-05-05 14:16:32 ----A---- C:\Windows\system32\sud.dll
2010-05-05 14:16:32 ----A---- C:\Windows\system32\dot3svc.dll
2010-05-05 14:16:31 ----A---- C:\Windows\system32\themeui.dll
2010-05-05 14:16:31 ----A---- C:\Windows\system32\systemcpl.dll
2010-05-05 14:16:31 ----A---- C:\Windows\system32\pcaui.dll
2010-05-05 14:16:30 ----A---- C:\Windows\system32\samlib.dll
2010-05-05 14:16:30 ----A---- C:\Windows\system32\mmci.dll
2010-05-05 14:16:30 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-05-05 14:16:29 ----A---- C:\Windows\system32\usercpl.dll
2010-05-05 14:16:29 ----A---- C:\Windows\system32\autoplay.dll
2010-05-05 14:16:28 ----A---- C:\Windows\system32\wlanpref.dll
2010-05-05 14:16:28 ----A---- C:\Windows\system32\qdvd.dll
2010-05-05 14:16:28 ----A---- C:\Windows\system32\brcplsiw.dll
2010-05-05 14:16:27 ----A---- C:\Windows\system32\rpchttp.dll
2010-05-05 14:16:27 ----A---- C:\Windows\system32\regapi.dll
2010-05-05 14:16:26 ----A---- C:\Windows\system32\vdsutil.dll
2010-05-05 14:16:26 ----A---- C:\Windows\system32\msinfo32.exe
2010-05-05 14:16:26 ----A---- C:\Windows\system32\cscobj.dll
2010-05-05 14:16:25 ----A---- C:\Windows\system32\tapisrv.dll
2010-05-05 14:16:25 ----A---- C:\Windows\system32\scksp.dll
2010-05-05 14:16:25 ----A---- C:\Windows\system32\feclient.dll
2010-05-05 14:16:24 ----A---- C:\Windows\system32\scesrv.dll
2010-05-05 14:16:24 ----A---- C:\Windows\system32\psisdecd.dll
2010-05-05 14:16:24 ----A---- C:\Windows\system32\oleprn.dll
2010-05-05 14:16:24 ----A---- C:\Windows\system32\mpr.dll
2010-05-05 14:16:24 ----A---- C:\Windows\system32\AudioSes.dll
2010-05-05 14:16:23 ----A---- C:\Windows\system32\wscisvif.dll
2010-05-05 14:16:23 ----A---- C:\Windows\system32\rekeywiz.exe
2010-05-05 14:16:23 ----A---- C:\Windows\system32\imm32.dll
2010-05-05 14:16:23 ----A---- C:\Windows\system32\iaspolcy.dll
2010-05-05 14:16:23 ----A---- C:\Windows\system32\Faultrep.dll
2010-05-05 14:16:23 ----A---- C:\Windows\system32\dot3msm.dll
2010-05-05 14:16:22 ----A---- C:\Windows\system32\sdclt.exe
2010-05-05 14:16:22 ----A---- C:\Windows\system32\ncryptui.dll
2010-05-05 14:16:22 ----A---- C:\Windows\system32\dpapimig.exe
2010-05-05 14:16:22 ----A---- C:\Windows\system32\DeviceEject.exe
2010-05-05 14:16:21 ----A---- C:\Windows\system32\scecli.dll
2010-05-05 14:16:21 ----A---- C:\Windows\system32\rasgcw.dll
2010-05-05 14:16:21 ----A---- C:\Windows\system32\qedit.dll
2010-05-05 14:16:21 ----A---- C:\Windows\system32\pnpui.dll
2010-05-05 14:16:21 ----A---- C:\Windows\system32\perfdisk.dll
2010-05-05 14:16:21 ----A---- C:\Windows\system32\hdwwiz.exe
2010-05-05 14:16:21 ----A---- C:\Windows\system32\certreq.exe
2010-05-05 14:16:20 ----A---- C:\Windows\system32\rasplap.dll
2010-05-05 14:16:20 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-05-05 14:16:19 ----A---- C:\Windows\system32\TSTheme.exe
2010-05-05 14:16:19 ----A---- C:\Windows\system32\spwinsat.dll
2010-05-05 14:16:19 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-05-05 14:16:18 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-05-05 14:16:18 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-05-05 14:16:18 ----A---- C:\Windows\system32\fdWSD.dll
2010-05-05 14:16:18 ----A---- C:\Windows\system32\cmmon32.exe
2010-05-05 14:16:17 ----A---- C:\Windows\system32\whealogr.dll
2010-05-05 14:16:17 ----A---- C:\Windows\system32\tcpmon.dll
2010-05-05 14:16:16 ----A---- C:\Windows\system32\srcore.dll
2010-05-05 14:16:16 ----A---- C:\Windows\system32\conime.exe
2010-05-05 14:16:16 ----A---- C:\Windows\system32\cmdial32.dll
2010-05-05 14:16:15 ----A---- C:\Windows\system32\SnippingTool.exe
2010-05-05 14:16:15 ----A---- C:\Windows\system32\SCardSvr.dll
2010-05-05 14:16:15 ----A---- C:\Windows\system32\raschap.dll
2010-05-05 14:16:14 ----A---- C:\Windows\system32\wiaaut.dll
2010-05-05 14:16:14 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-05-05 14:16:14 ----A---- C:\Windows\system32\fontext.dll
2010-05-05 14:16:13 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-05-05 14:16:13 ----A---- C:\Windows\system32\wlanui.dll
2010-05-05 14:16:12 ----A---- C:\Windows\system32\shwebsvc.dll
2010-05-05 14:16:12 ----A---- C:\Windows\system32\rasppp.dll
2010-05-05 14:16:12 ----A---- C:\Windows\system32\PnPutil.exe
2010-05-05 14:16:12 ----A---- C:\Windows\system32\dsprop.dll
2010-05-05 14:16:11 ----A---- C:\Windows\system32\oobefldr.dll
2010-05-05 14:16:11 ----A---- C:\Windows\system32\dimsroam.dll
2010-05-05 14:16:10 ----A---- C:\Windows\system32\shsetup.dll
2010-05-05 14:16:09 ----A---- C:\Windows\system32\rasmontr.dll
2010-05-05 14:16:09 ----A---- C:\Windows\system32\modemui.dll
2010-05-05 14:16:08 ----A---- C:\Windows\system32\mscandui.dll
2010-05-05 14:16:07 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-05-05 14:16:07 ----A---- C:\Windows\system32\chtbrkr.dll
2010-05-05 14:16:06 ----A---- C:\Windows\system32\dataclen.dll
2010-05-05 14:16:05 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-05-05 14:16:05 ----A---- C:\Windows\system32\tscfgwmi.dll
2010-05-05 14:16:05 ----A---- C:\Windows\system32\smss.exe
2010-05-05 14:16:05 ----A---- C:\Windows\system32\rdpwsx.dll
2010-05-05 14:16:05 ----A---- C:\Windows\system32\blackbox.dll
2010-05-05 14:16:04 ----A---- C:\Windows\system32\netplwiz.dll
2010-05-05 14:16:04 ----A---- C:\Windows\system32\credui.dll
2010-05-05 14:16:04 ----A---- C:\Windows\system32\appmgmts.dll
2010-05-05 14:16:03 ----A---- C:\Windows\system32\WSDMon.dll
2010-05-05 14:16:03 ----A---- C:\Windows\system32\wmpeffects.dll
2010-05-05 14:16:03 ----A---- C:\Windows\system32\CscMig.dll
2010-05-05 14:16:02 ----A---- C:\Windows\system32\certprop.dll
2010-05-05 14:16:01 ----A---- C:\Windows\system32\wscapi.dll
2010-05-05 14:16:01 ----A---- C:\Windows\system32\networkexplorer.dll
2010-05-05 14:16:01 ----A---- C:\Windows\system32\msscp.dll
2010-05-05 14:16:01 ----A---- C:\Windows\system32\logagent.exe
2010-05-05 14:16:01 ----A---- C:\Windows\system32\InkEd.dll
2010-05-05 14:16:01 ----A---- C:\Windows\system32\ifmon.dll
2010-05-05 14:16:01 ----A---- C:\Windows\system32\gpresult.exe
2010-05-05 14:16:01 ----A---- C:\Windows\system32\cipher.exe
2010-05-05 14:16:00 ----A---- C:\Windows\system32\msimtf.dll
2010-05-05 14:15:59 ----A---- C:\Windows\system32\thawbrkr.dll
2010-05-05 14:15:59 ----A---- C:\Windows\system32\softkbd.dll
2010-05-05 14:15:59 ----A---- C:\Windows\system32\sendmail.dll
2010-05-05 14:15:58 ----A---- C:\Windows\system32\msctfui.dll
2010-05-05 14:15:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-05-05 14:15:57 ----A---- C:\Windows\system32\rdpclip.exe
2010-05-05 14:15:57 ----A---- C:\Windows\system32\olepro32.dll
2010-05-05 14:15:57 ----A---- C:\Windows\system32\dmsynth.dll
2010-05-05 14:15:56 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-05-05 14:15:55 ----A---- C:\Windows\system32\puiapi.dll
2010-05-05 14:15:55 ----A---- C:\Windows\system32\gpprnext.dll
2010-05-05 14:15:55 ----A---- C:\Windows\system32\cdd.dll
2010-05-05 14:15:54 ----A---- C:\Windows\system32\version.dll
2010-05-05 14:15:54 ----A---- C:\Windows\system32\input.dll
2010-05-05 14:15:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-05-05 14:15:53 ----A---- C:\Windows\system32\wshbth.dll
2010-05-05 14:15:53 ----A---- C:\Windows\system32\SLLUA.exe
2010-05-05 14:15:53 ----A---- C:\Windows\system32\msisip.dll
2010-05-05 14:15:53 ----A---- C:\Windows\system32\mprapi.dll
2010-05-05 14:15:52 ----A---- C:\Windows\system32\fc.exe
2010-05-05 14:15:51 ----A---- C:\Windows\system32\fdSSDP.dll
2010-05-05 14:15:51 ----A---- C:\Windows\system32\dmusic.dll
2010-05-05 14:15:50 ----A---- C:\Windows\system32\rdpendp.dll
2010-05-05 14:15:50 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-05-05 14:15:49 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-05-05 14:15:49 ----A---- C:\Windows\system32\msjint40.dll
2010-05-05 14:15:49 ----A---- C:\Windows\system32\l2nacp.dll
2010-05-05 14:15:49 ----A---- C:\Windows\system32\eapp3hst.dll
2010-05-05 14:15:49 ----A---- C:\Windows\system32\cscapi.dll
2010-05-05 14:15:48 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-05-05 14:15:48 ----A---- C:\Windows\system32\ftp.exe
2010-05-05 14:15:48 ----A---- C:\Windows\system32\cscdll.dll
2010-05-05 14:15:47 ----A---- C:\Windows\system32\wsdchngr.dll
2010-05-05 14:15:47 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-05-05 14:15:46 ----A---- C:\Windows\system32\Storprop.dll
2010-05-05 14:15:46 ----A---- C:\Windows\system32\rasdial.exe
2010-05-05 14:15:46 ----A---- C:\Windows\system32\rasdiag.dll
2010-05-05 14:15:46 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-05-05 14:15:46 ----A---- C:\Windows\system32\fdWCN.dll
2010-05-05 14:15:46 ----A---- C:\Windows\system32\bthudtask.exe
2010-05-05 14:15:46 ----A---- C:\Windows\system32\bthci.dll
2010-05-05 14:15:45 ----A---- C:\Windows\system32\PrintBrmUi.exe
2010-05-05 14:15:45 ----A---- C:\Windows\system32\ipconfig.exe
2010-05-05 14:15:45 ----A---- C:\Windows\system32\gpscript.exe
2010-05-05 14:15:45 ----A---- C:\Windows\system32\eappcfg.dll
2010-05-05 14:15:45 ----A---- C:\Windows\system32\dot3cfg.dll
2010-05-05 14:15:44 ----A---- C:\Windows\system32\tscupgrd.exe
2010-05-05 14:15:44 ----A---- C:\Windows\system32\slcinst.dll
2010-05-05 14:15:44 ----A---- C:\Windows\system32\nslookup.exe
2010-05-05 14:15:44 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-05-05 14:15:44 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-05-05 14:15:43 ----A---- C:\Windows\system32\gpscript.dll
2010-05-05 14:15:42 ----A---- C:\Windows\system32\ocsetup.exe
2010-05-05 14:15:42 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-05-05 14:15:42 ----A---- C:\Windows\system32\eappgnui.dll
2010-05-05 14:15:41 ----A---- C:\Windows\system32\hbaapi.dll
2010-05-05 14:15:41 ----A---- C:\Windows\system32\fdeploy.dll
2010-05-05 14:15:40 ----A---- C:\Windows\system32\qprocess.exe
2010-05-05 14:15:40 ----A---- C:\Windows\system32\mmcico.dll
2010-05-05 14:15:39 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-05-05 14:15:39 ----A---- C:\Windows\system32\chgport.exe
2010-05-05 14:15:38 ----A---- C:\Windows\system32\chgusr.exe
2010-05-05 14:15:38 ----A---- C:\Windows\system32\gpupdate.exe
2010-05-05 14:15:37 ----A---- C:\Windows\system32\tscon.exe
2010-05-05 14:15:37 ----A---- C:\Windows\system32\shadow.exe
2010-05-05 14:15:37 ----A---- C:\Windows\system32\logoff.exe
2010-05-05 14:15:37 ----A---- C:\Windows\system32\csrstub.exe
2010-05-05 14:15:37 ----A---- C:\Windows\system32\cbsra.exe
2010-05-05 14:15:37 ----A---- C:\Windows\system32\bitsigd.dll
2010-05-05 14:15:36 ----A---- C:\Windows\system32\iscsilog.dll
2010-05-05 14:15:35 ----A---- C:\Windows\system32\NcdProp.dll
2010-05-05 14:15:34 ----A---- C:\Windows\system32\tskill.exe
2010-05-05 14:15:34 ----A---- C:\Windows\system32\rwinsta.exe
2010-05-05 14:15:34 ----A---- C:\Windows\system32\qappsrv.exe
2010-05-05 14:15:34 ----A---- C:\Windows\system32\chglogon.exe
2010-05-05 14:15:33 ----A---- C:\Windows\system32\tsdiscon.exe
2010-05-05 14:15:32 ----A---- C:\Windows\system32\vdmdbg.dll
2010-05-05 14:15:32 ----A---- C:\Windows\system32\slwga.dll
2010-05-05 14:15:32 ----A---- C:\Windows\system32\reset.exe
2010-05-05 14:15:32 ----A---- C:\Windows\system32\query.exe
2010-05-05 14:15:32 ----A---- C:\Windows\system32\odbcconf.dll
2010-05-05 14:15:31 ----A---- C:\Windows\system32\winrnr.dll
2010-05-05 14:15:31 ----A---- C:\Windows\system32\midimap.dll
2010-05-05 14:15:31 ----A---- C:\Windows\system32\inetppui.dll
2010-05-05 14:15:31 ----A---- C:\Windows\system32\change.exe
2010-05-05 14:15:26 ----A---- C:\Windows\system32\msimsg.dll
2010-05-05 14:15:26 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-05-05 14:14:28 ----A---- C:\Windows\system32\SmiEngine.dll
2010-05-05 14:14:16 ----A---- C:\Windows\system32\wdscore.dll
2010-05-05 14:14:16 ----A---- C:\Windows\system32\PkgMgr.exe
2010-05-05 14:13:36 ----A---- C:\Windows\system32\drvstore.dll
2010-05-05 13:39:50 ----D---- C:\Windows\system32\WindowsPowerShell
2010-05-05 13:07:31 ----A---- C:\Windows\system32\occache.dll
2010-05-05 13:07:31 ----A---- C:\Windows\system32\mstime.dll
2010-05-05 13:07:31 ----A---- C:\Windows\system32\jsproxy.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\wininet.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\msfeeds.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\ieui.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\iesetup.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\iernonce.dll
2010-05-05 13:07:30 ----A---- C:\Windows\system32\iepeers.dll
2010-05-05 13:07:29 ----A---- C:\Windows\system32\msfeedssync.exe
2010-05-05 13:07:29 ----A---- C:\Windows\system32\iertutil.dll
2010-05-05 13:07:29 ----A---- C:\Windows\system32\iedkcs32.dll
2010-05-05 13:07:29 ----A---- C:\Windows\system32\ie4uinit.exe
2010-05-05 13:07:28 ----A---- C:\Windows\system32\urlmon.dll
2010-05-05 13:07:28 ----A---- C:\Windows\system32\ieUnatt.exe
2010-05-05 13:07:28 ----A---- C:\Windows\system32\iesysprep.dll
2010-05-05 13:07:27 ----A---- C:\Windows\system32\ieframe.dll
2010-05-05 13:07:26 ----A---- C:\Windows\system32\mshtml.dll
2010-05-05 13:06:37 ----A---- C:\Windows\system32\mshtmler.dll
2010-05-05 13:06:37 ----A---- C:\Windows\system32\mshtmled.dll
2010-05-05 13:06:37 ----A---- C:\Windows\system32\icardie.dll
2010-05-05 13:06:37 ----A---- C:\Windows\system32\admparse.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\msls31.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\licmgr10.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\inseng.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\imgutil.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\ieakeng.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\dxtrans.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\dxtmsft.dll
2010-05-05 13:06:36 ----A---- C:\Windows\system32\corpol.dll
2010-05-05 13:06:35 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-05-05 13:06:35 ----A---- C:\Windows\system32\wextract.exe
2010-05-05 13:06:35 ----A---- C:\Windows\system32\webcheck.dll
2010-05-05 13:06:35 ----A---- C:\Windows\system32\pngfilt.dll
2010-05-05 13:06:35 ----A---- C:\Windows\system32\msrating.dll
2010-05-05 13:06:35 ----A---- C:\Windows\system32\ieakui.dll
2010-05-05 13:06:35 ----A---- C:\Windows\system32\ieaksie.dll
2010-05-05 13:06:35 ----A---- C:\Windows\system32\advpack.dll
2010-05-05 13:06:34 ----A---- C:\Windows\system32\vbscript.dll
2010-05-05 13:06:34 ----A---- C:\Windows\system32\url.dll
2010-05-05 13:06:34 ----A---- C:\Windows\system32\jscript.dll
2010-05-05 13:06:34 ----A---- C:\Windows\system32\ieapfltr.dll
2010-05-05 13:06:33 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-05-05 13:06:33 ----A---- C:\Windows\system32\SetDepNx.exe
2010-05-05 13:06:33 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-05-05 13:06:33 ----A---- C:\Windows\system32\PDMSetup.exe
2010-05-05 13:06:33 ----A---- C:\Windows\system32\mshta.exe
2010-05-05 13:06:33 ----A---- C:\Windows\system32\iexpress.exe
2010-05-05 13:03:39 ----A---- C:\Windows\system32\gpprefcl.dll
2010-05-05 13:00:54 ----D---- C:\Program Files\Microsoft Silverlight
2010-05-05 12:42:55 ----A---- C:\Windows\system32\kerberos.dll
2010-05-05 12:42:51 ----A---- C:\Windows\system32\schannel.dll
2010-05-05 12:23:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-05-05 12:23:03 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-05-05 11:57:38 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-05-05 10:58:59 ----A---- C:\Windows\system32\wintrust.dll
2010-05-05 10:58:51 ----A---- C:\Windows\system32\cabview.dll
2010-05-05 10:44:06 ----D---- C:\Windows\system32\appmgmt

======List of files/folders modified in the last 1 months======

2010-05-20 13:05:44 ----RD---- C:\Program Files
2010-05-20 13:05:44 ----D---- C:\Windows\Prefetch
2010-05-20 13:05:42 ----D---- C:\Windows\Temp
2010-05-20 13:05:05 ----SHD---- C:\System Volume Information
2010-05-19 10:36:57 ----D---- C:\Windows\system32\WDI
2010-05-18 14:22:34 ----D---- C:\Windows\rescache
2010-05-11 07:59:42 ----D---- C:\Windows\System32
2010-05-11 07:59:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-11 07:59:41 ----D---- C:\Windows\inf
2010-05-05 14:59:53 ----D---- C:\Windows\Microsoft.NET
2010-05-05 14:59:51 ----RSD---- C:\Windows\assembly
2010-05-05 14:55:41 ----D---- C:\Windows
2010-05-05 14:55:27 ----D---- C:\Windows\system32\catroot
2010-05-05 14:49:44 ----D---- C:\Program Files\Windows Mail
2010-05-05 14:49:44 ----D---- C:\Program Files\Windows Calendar
2010-05-05 14:49:44 ----D---- C:\Program Files\Movie Maker
2010-05-05 14:49:43 ----D---- C:\Program Files\Windows Sidebar
2010-05-05 14:49:43 ----D---- C:\Program Files\Windows Media Player
2010-05-05 14:49:43 ----D---- C:\Program Files\Windows Journal
2010-05-05 14:49:43 ----D---- C:\Program Files\Windows Collaboration
2010-05-05 14:49:43 ----D---- C:\Program Files\Internet Explorer
2010-05-05 14:49:41 ----D---- C:\Program Files\Windows Photo Gallery
2010-05-05 14:49:41 ----D---- C:\Program Files\Common Files\System
2010-05-05 14:49:40 ----D---- C:\Program Files\Windows Defender
2010-05-05 14:49:39 ----D---- C:\Windows\servicing
2010-05-05 14:49:30 ----D---- C:\Windows\system32\XPSViewer
2010-05-05 14:49:30 ----D---- C:\Windows\system32\sk-SK
2010-05-05 14:49:30 ----D---- C:\Windows\system32\lv-LV
2010-05-05 14:49:30 ----D---- C:\Windows\system32\hr-HR
2010-05-05 14:49:30 ----D---- C:\Windows\system32\et-EE
2010-05-05 14:49:30 ----D---- C:\Windows\system32\da-DK
2010-05-05 14:49:30 ----D---- C:\Windows\PolicyDefinitions
2010-05-05 14:49:30 ----D---- C:\Windows\IME
2010-05-05 14:49:29 ----D---- C:\Windows\system32\oobe
2010-05-05 14:49:29 ----D---- C:\Windows\system32\ko-KR
2010-05-05 14:49:29 ----D---- C:\Windows\system32\it-IT
2010-05-05 14:49:29 ----D---- C:\Windows\system32\en-US
2010-05-05 14:49:29 ----D---- C:\Windows\system32\el-GR
2010-05-05 14:49:29 ----D---- C:\Windows\system32\de-DE
2010-05-05 14:49:28 ----D---- C:\Windows\system32\migration
2010-05-05 14:49:26 ----D---- C:\Windows\system32\sv-SE
2010-05-05 14:49:26 ----D---- C:\Windows\system32\setup
2010-05-05 14:49:26 ----D---- C:\Windows\system32\ru-RU
2010-05-05 14:49:26 ----D---- C:\Windows\system32\he-IL
2010-05-05 14:49:26 ----D---- C:\Windows\system32\fr-FR
2010-05-05 14:49:26 ----D---- C:\Windows\system32\fi-FI
2010-05-05 14:49:26 ----D---- C:\Windows\system32\cs
2010-05-05 14:49:26 ----D---- C:\Windows\system32\AdvancedInstallers
2010-05-05 14:49:25 ----D---- C:\Windows\system32\cs-CZ
2010-05-05 14:49:23 ----D---- C:\Windows\system32\SLUI
2010-05-05 14:49:23 ----D---- C:\Windows\system32\pt-PT
2010-05-05 14:49:23 ----D---- C:\Windows\system32\hu-HU
2010-05-05 14:49:22 ----D---- C:\Windows\system32\zh-TW
2010-05-05 14:49:22 ----D---- C:\Windows\system32\zh-CN
2010-05-05 14:49:22 ----D---- C:\Windows\system32\uk-UA
2010-05-05 14:49:22 ----D---- C:\Windows\system32\th-TH
2010-05-05 14:49:22 ----D---- C:\Windows\system32\sr-Latn-CS
2010-05-05 14:49:22 ----D---- C:\Windows\system32\sl-SI
2010-05-05 14:49:22 ----D---- C:\Windows\system32\ro-RO
2010-05-05 14:49:22 ----D---- C:\Windows\system32\pl-PL
2010-05-05 14:49:22 ----D---- C:\Windows\system32\manifeststore
2010-05-05 14:49:22 ----D---- C:\Windows\system32\ja-JP
2010-05-05 14:49:22 ----D---- C:\Windows\system32\es-ES
2010-05-05 14:49:22 ----D---- C:\Windows\system32\drivers
2010-05-05 14:49:22 ----D---- C:\Windows\system32\bg-BG
2010-05-05 14:49:21 ----D---- C:\Windows\system32\tr-TR
2010-05-05 14:49:20 ----D---- C:\Windows\system32\wbem
2010-05-05 14:49:19 ----D---- C:\Windows\system32\pt-BR
2010-05-05 14:49:19 ----D---- C:\Windows\system32\nl-NL
2010-05-05 14:49:19 ----D---- C:\Windows\system32\nb-NO
2010-05-05 14:49:19 ----D---- C:\Windows\system32\migwiz
2010-05-05 14:49:19 ----D---- C:\Windows\system32\lt-LT
2010-05-05 14:49:19 ----D---- C:\Windows\system32\ar-SA
2010-05-05 14:48:50 ----RSD---- C:\Windows\Fonts
2010-05-05 14:48:50 ----D---- C:\Windows\AppPatch
2010-05-05 14:48:41 ----D---- C:\Windows\system32\Boot
2010-05-05 14:42:23 ----D---- C:\Windows\winsxs
2010-05-05 13:43:41 ----D---- C:\Windows\system32\catroot2
2010-05-05 13:30:27 ----SHD---- C:\Windows\Installer
2010-05-05 13:30:27 ----SHD---- C:\Config.Msi
2010-05-05 13:30:23 ----D---- C:\ProgramData\Microsoft Help
2010-05-05 11:20:01 ----D---- C:\Windows\Downloaded Installations
2010-05-05 11:16:50 ----D---- C:\Windows\system32\Tasks
2010-05-05 11:16:12 ----RSD---- C:\Windows\Media
2010-05-05 11:11:01 ----D---- C:\Program Files\Lenovo
2010-05-05 10:49:27 ----SD---- C:\Users\bartosova\AppData\Roaming\Microsoft
2010-05-05 10:44:06 ----HD---- C:\ProgramData
2010-05-02 19:34:52 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2010-03-03 11552]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2007-06-18 35064]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2007-06-18 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2007-06-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2007-06-18 105048]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2007-06-18 26744]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2007-06-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2007-06-18 98136]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2007-06-18 93752]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-11-16 95896]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2010-03-11 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-10-27 460800]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-03-19 25000]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-01-25 6282240]
R3 MUXMP;My WiFi PAN MUX-IM Virtual Miniport Driver; C:\Windows\system32\DRIVERS\mux.sys [2009-09-24 30768]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-09-15 6000640]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2008-09-25 31680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-03 230832]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2008-02-23 37312]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 MUXP;My WiFi PAN Mux-IM Protocol Driver; C:\Windows\system32\DRIVERS\mux.sys [2009-09-24 30768]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2009-01-05 128104]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2010-03-01 124264]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2010-03-01 259432]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2009-03-19 1680632]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-02-21 567848]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 DDNIOEMService;DDNIOEMService; C:\Program Files\DDNI\SBITS\DDNIOEMService.exe [2007-09-28 162280]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2010-03-03 132456]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2009-03-19 98304]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 858384]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-03-19 38176]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2010-03-10 50536]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-03-03 75112]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 473360]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-06-12 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-03-05 750904]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-01-18 63928]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2009-03-05 779576]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-05-25 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-05-25 1155072]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-11-17 44984]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2009-03-19 106496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 211216]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-25 1120752]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]

-----------------EOF-----------------

#2 Příspěvek od **riffman** » 20 kvě 2010 21:13

zdravim

stahnete a ulozte nejlepe na plochu ComboFix

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano:

Obrázek

dale muze dojit k varovani ohledne rezidentniho stitu vaseho antiviru a upozorneni na nenainstalovanou konzoli pro zotaveni; tu zatim neinstalujte.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, deaktivujte jeho rezidentni stit, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim Combofixu s rezidentem antispyware

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

korn19771 · #3 Příspěvek od **korn19771** » 21 kvě 2010 09:25

Tady je log z ComboFixu:

ComboFix 10-05-20.A0 - bartosova 21.05.2010 9:46.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.1943.788 [GMT 2:00]
Spuštěný z: c:\users\bartosova\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\Thumbs.db
Q:\Autorun.inf
S:\AUTORUN.INF

----- BITS: Možné infikované stránky -----

hxxp://dtph.ddniglobal.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-21 do 2010-05-21 )))))))))))))))))))))))))))))))
.

2010-05-21 07:58 . 2010-05-21 07:58 -------- d--h--we C:\A
2010-05-20 11:05 . 2010-05-20 11:05 -------- d-----w- C:\rsit
2010-05-20 11:05 . 2010-05-20 11:05 -------- d-----w- c:\program files\trend micro
2010-05-11 05:50 . 2010-05-11 05:50 -------- d-----w- C:\B
2010-05-05 12:48 . 2010-05-05 12:49 -------- d-----w- c:\windows\system32\ca-ES
2010-05-05 12:48 . 2010-05-05 12:49 -------- d-----w- c:\windows\system32\eu-ES
2010-05-05 12:48 . 2010-05-05 12:49 -------- d-----w- c:\windows\system32\vi-VN
2010-05-05 12:25 . 2010-05-05 12:25 -------- d-----w- c:\windows\system32\EventProviders
2010-05-05 12:18 . 2009-04-11 06:32 438744 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2010-05-05 12:17 . 2009-04-11 06:28 375808 ----a-w- c:\windows\system32\winhttp.dll
2010-05-05 12:16 . 2009-04-11 06:28 13312 ----a-w- c:\windows\system32\spcmsg.dll
2010-05-05 12:15 . 2009-04-11 06:28 69632 ----a-w- c:\windows\system32\sendmail.dll
2010-05-05 12:14 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-05-05 12:14 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-05-05 12:14 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-05-05 12:14 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-05-05 12:14 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-05-05 12:14 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-05-05 12:14 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-05-05 12:14 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-05-05 12:14 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-05-05 12:14 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-05-05 12:13 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-05-05 11:06 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-05-05 11:03 . 2009-06-03 23:56 675152 ----a-w- c:\windows\system32\gpprefcl.dll
2010-05-05 11:00 . 2010-05-05 11:00 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-05 10:42 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-05-05 10:42 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2010-05-05 10:23 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-05-05 10:23 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-05-05 10:23 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-05-05 10:23 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-05-05 10:23 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-05-05 09:57 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-05-05 09:57 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-05-05 09:57 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-05-05 09:27 . 2009-06-23 10:49 40832 ----a-w- c:\windows\system32\drivers\HECI.sys
2010-05-05 08:58 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-05-05 08:58 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-05-02 19:14 . 2008-01-21 02:23 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-20 11:07 . 2010-03-11 18:10 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-05-20 11:07 . 2010-03-11 18:10 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-05-05 12:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-05-05 12:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-05 12:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-05-05 12:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-05-05 12:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-05-05 12:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-05-05 12:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-05-05 12:48 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-05-05 11:30 . 2010-03-17 15:04 -------- d-----w- c:\programdata\Microsoft Help
2010-05-05 09:11 . 2010-03-11 18:46 -------- d-----w- c:\program files\Lenovo
2010-05-02 17:32 . 2010-03-17 14:44 115880 ----a-w- c:\users\bartosova\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-11 19:05 . 2010-03-11 19:05 33536 ----a-w- c:\windows\system32\drivers\tvtfilter.sys
2010-03-11 19:00 . 2010-03-11 19:00 410984 ----a-w- c:\windows\system32\deploytk.dll
2010-03-11 18:27 . 2010-03-11 18:27 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2010-03-11 18:16 . 2010-03-11 18:16 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-03-11 18:15 . 2010-03-11 18:15 6656 ----a-w- c:\windows\system32\kbd106n.dll
2010-03-11 18:13 . 2008-01-21 02:23 43272 ----a-w- c:\windows\system32\drivers\pciidex.sys
2010-03-11 18:13 . 2008-01-21 02:23 16136 ------w- c:\windows\system32\drivers\intelide.sys
2010-03-11 18:13 . 2006-11-02 08:51 26888 ----a-w- c:\windows\system32\drivers\msahci.sys
2010-03-11 18:13 . 2006-11-02 08:51 18184 ------w- c:\windows\system32\drivers\viaide.sys
2010-03-11 18:13 . 2006-11-02 08:51 16136 ------w- c:\windows\system32\drivers\amdide.sys
2010-03-11 18:13 . 2006-11-02 08:51 17160 ------w- c:\windows\system32\drivers\cmdide.sys
2010-03-11 18:13 . 2006-11-02 08:51 15624 ------w- c:\windows\system32\drivers\aliide.sys
2010-03-11 18:13 . 2006-11-02 08:51 14600 ------w- c:\windows\system32\drivers\pciide.sys
2010-03-11 18:10 . 2010-03-11 18:10 34724 ----a-w- c:\windows\system32\perfd005.dat
2010-03-11 18:10 . 2010-03-11 18:10 286912 ----a-w- c:\windows\system32\perfi005.dat
2010-03-11 18:10 . 2010-03-11 18:10 34724 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2010-03-11 18:10 . 2010-03-11 18:10 34724 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2010-03-11 18:10 . 2010-03-11 18:10 286912 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2010-03-11 18:10 . 2010-03-11 18:10 286912 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2010-03-03 01:20 . 2010-03-17 11:23 24304 ------w- c:\windows\system32\drivers\DOZEHDD.SYS
2010-03-03 01:20 . 2010-03-11 19:04 394600 ------w- c:\windows\PWMBTHLV.EXE
2010-03-03 01:20 . 2010-03-11 19:04 11552 ------w- c:\windows\system32\drivers\TPPWR32V.SYS
2010-02-24 08:16 . 2010-03-17 10:42 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-05-05 11:07 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-05-05 11:07 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-05-05 11:07 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-05-05 11:07 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:06 . 2010-03-17 13:53 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-17 13:53 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-17 13:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-08-04 62240]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-19 1434920]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-03-03 886120]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2010-03-03 214576]
"CreateLMBCShortCut"="c:\program files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe" [2009-05-16 40960]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2010-03-01 431464]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2010-03-01 181608]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-03-05 3093816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RoxioDragToDisc"="c:\program files\Lenovo\Drag-to-Disc\DrgToDsc.exe" [2007-03-13 1116920]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-02-26 992816]
"AMSG"="c:\progra~1\THINKV~1\AMSG\Amsg.exe" [2009-09-03 436800]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-09-21 1206544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-01 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-01 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-01 166936]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-2-21 789032]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2010-3-17 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):2b,70,fd,49,52,ec,ca,01

R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-11-17 44984]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-03-19 106496]
R3 MUXP;My WiFi PAN Mux-IM Protocol Driver;c:\windows\system32\DRIVERS\mux.sys [2009-09-24 30768]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2009-09-21 211216]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-25 1120752]
R4 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-03-03 24304]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-03-19 1680632]
S2 DDNIOEMService;DDNIOEMService;c:\program files\DDNI\SBITS\DDNIOEMService.exe [2007-09-28 162280]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-03-03 132456]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-03-19 98304]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-11-16 95896]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-03-10 50536]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-03-03 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-01-18 63928]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
S3 MUXMP;My WiFi PAN MUX-IM Virtual Miniport Driver;c:\windows\system32\DRIVERS\mux.sys [2009-09-24 30768]
S3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-09-15 6000640]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'

2010-03-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2009-02-20 20:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-21 10:14
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

c:\windows\TEMP\TMP00000009B23FC18F204B1A12 524288 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5824)
c:\program files\ThinkPad\Bluetooth Software\btmmhook.dll
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
c:\program files\ThinkPad\Bluetooth Software\btncopy.dll
c:\program files\Lenovo\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\program files\Lenovo\Drag-to-Disc\ShellRes.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Lenovo\Client Security Solution\tvttcsd.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\ThinkPad\Utilities\EZEJMNAP.EXE
c:\program files\Lenovo\NPDIRECT\tpfnf7sp.exe
c:\windows\System32\TpShocks.exe
c:\program files\ThinkVantage\PrdCtr\LPMGR.EXE
c:\program files\ThinkVantage\PrdCtr\LPMLCHK.EXE
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\windows\System32\rundll32.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files\ThinkVantage\AMSG\Amsg.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxext.exe
c:\progra~1\ThinkPad\UTILIT~1\PWMUIAux.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\progra~1\ThinkPad\UTILIT~1\PWMUIAux.exe
.
**************************************************************************
.
Celkový čas: 2010-05-21 10:22:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-21 08:22

Před spuštěním: Volných bajtů: 147 396 231 168
Po spuštění: Volných bajtů: 146 055 589 888

- - End Of File - - 7211574A1CF25A4BEAD9BA444C6D5158

#4 Příspěvek od **riffman** » 21 kvě 2010 11:11

stahnete GMER , rozbalte a spustte

probehne sken, po jehoz ukonceni na vas bafnou vysledky

pote kliknete na Save a ulozite tak log, jehoz obsah sem vlozte

pote dle tohoto navodu absolvujte druhy sken a opet obsah logu sem

korn19771 · #5 Příspěvek od **korn19771** » 24 kvě 2010 12:00

Log1:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-24 12:35:05
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\BARTOS~1\AppData\Local\Temp\fxdcruoc.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Log2:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 12:58:22
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\BARTOS~1\AppData\Local\Temp\fxdcruoc.sys

---- Kernel code sections - GMER 1.0.15 ----

? C:\Users\BARTOS~1\AppData\Local\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !
? C:\ComboFix\catchme.sys Systém nemůže nalézt uvedený soubor. !
? C:\Windows\system32\Drivers\PROCEXP113.SYS Systém nemůže nalézt uvedený soubor. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[2156] kernel32.dll!SetUnhandledExceptionFilter 75EAA84F 4 Bytes [C2, 04, 00, 00]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)

---- Files - GMER 1.0.15 ----

File C:\RRbackups\common 0 bytes
File C:\RRbackups\common\bmgrmode.dat 29 bytes
File C:\RRbackups\common\css.dat 8192 bytes
File C:\RRbackups\common\hints.dat 8192 bytes
File C:\RRbackups\common\mnd.dat 8192 bytes
File C:\RRbackups\common\regcerts.dat 8192 bytes
File C:\RRbackups\common\restore.log 110 bytes
File C:\RRbackups\common\rr.log 775 bytes
File C:\RRbackups\common\rr_bcdenum.dat 4332 bytes
File C:\RRbackups\common\SAM 262144 bytes
File C:\RRbackups\common\secpolicy.dat 20480 bytes
File C:\RRbackups\common\settings.dat 32768 bytes
File C:\RRbackups\common\system.dat 12288 bytes
File C:\RRbackups\common\tvtcmn.dat 8192 bytes
File C:\RRbackups\common\usersids.dat 17680 bytes
File C:\RRbackups\Documents and Settings 0 bytes
File C:\RRbackups\Documents and Settings\Administrator 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Crypto 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Crypto\RSA 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1145726384-3871625555-672404016-500 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1145726384-3871625555-672404016-500\83aa4cc77f591dfc2374580bbd95f6ba_cf4c4c06-a400-44d2-b730-e84730a788e6 45 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1145726384-3871625555-672404016-500\8f71098770f72c7a67cd8f1151619865_cf4c4c06-a400-44d2-b730-e84730a788e6 54 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1145726384-3871625555-672404016-500\a077ead69703e3bf1fd373a3c9376faa_cf4c4c06-a400-44d2-b730-e84730a788e6 77 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\CREDHIST 24 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-1145726384-3871625555-672404016-500 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-1145726384-3871625555-672404016-500\ae0dea3f-d9ca-4f8f-81cd-4dce8c10383e 388 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-1145726384-3871625555-672404016-500\Preferred 24 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-946592493-3211520402-3949043191-500 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-946592493-3211520402-3949043191-500\1e617109-803e-4be7-9818-0d7338a89cf9 388 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-946592493-3211520402-3949043191-500\Preferred 24 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\SystemCertificates 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs 0 bytes
File C:\RRbackups\Documents and Settings\Administrator\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs 0 bytes
File C:\RRbackups\Documents and Settings\Servis 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Lenovo 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Lenovo\Client Security Solution 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\Protect 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\Protect\CREDHIST 24 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\Protect\S-1-5-21-1145726384-3871625555-672404016-1000 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\Protect\S-1-5-21-1145726384-3871625555-672404016-1000\f08e0ced-81cd-4c41-9ffa-9925d3284267 388 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\Protect\S-1-5-21-1145726384-3871625555-672404016-1000\Preferred 24 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\SystemCertificates 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\SystemCertificates\My 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs 0 bytes
File C:\RRbackups\Documents and Settings\Servis\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs 0 bytes
File C:\RRbackups\ProgramData 0 bytes
File C:\RRbackups\ProgramData\Microsoft 0 bytes
File C:\RRbackups\ProgramData\Microsoft\Crypto 0 bytes
File C:\RRbackups\ProgramData\Microsoft\Crypto\RSA 0 bytes
File C:\RRbackups\ProgramData\Microsoft\Crypto\RSA\MachineKeys 0 bytes
File C:\RRbackups\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a077ead69703e3bf1fd373a3c9376faa_cf4c4c06-a400-44d2-b730-e84730a788e6 77 bytes
File C:\RRbackups\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 0 bytes
File C:\RRbackups\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\d42cc0c3858a58db2db37658219e6400_cf4c4c06-a400-44d2-b730-e84730a788e6 893 bytes

---- EOF - GMER 1.0.15 ----

#6 Příspěvek od **riffman** » 24 kvě 2010 12:46

smazte nepotrebne soubory:

- bud rucne v Tempech a Temporary Internet Files
- nebo pomoci Ccleaneru

navod prosty:

polozka Cleaner - zde vycistite stroj od nepotrebnych souboru vcetne vysypani Kose a vymazu docasnych souboru prohlizecu vcetne Cookies
polozka Issues - zde vycistite registry; pred aplikaci doporucuji jejich zalohu, kterou Ccleaner pred Fix Registry nabizi; cisteni registru je treba nekolikrat za sebou zopakovat!

vycistit stroj muzete i CleanUpem

pripadne muzete pouzit i jine uklidove programy, dulezite je vycistit stroj od balastu a smazat neplatne klice v registrech

urychleni spousteni pocitace i programu pomuzete i defragmentaci disku bud pouzitim integrovaneho windowsoidniho nastroje, ci pomoci externi aplikace, napr. O&O Defrag...

korn19771 · #7 Příspěvek od **korn19771** » 24 kvě 2010 13:11

OK, děkuji. Takže žádný vir v PC nebyl ?

#8 Příspěvek od **riffman** » 24 kvě 2010 13:19

nevidim zadny skodlivy kod

VIRY.CZ

Prosím o preventivní kontrolu logu. PC je zpomalené.

Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.

Re: Prosím o preventivní kontrolu logu. PC je zpomalené.