pěkně prosím o kontrolu z HJT

bledulka · Příspěvekod **bledulka** » 21 čer 2010 11:31

Prosím tě, já ten log musím pořádně nastudovat, mrknu na to večer.

Reklama

bledulka · Příspěvekod **bledulka** » 21 čer 2010 21:43

Otestuj na http://www.virustotal.com

C:\Windows\system32\DRIVERS\cdfs.sys
C:\Windows\system32\drivers\crcdisk.sys

-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.

Spusť znovu combofix bez skriptu.

henrix · Příspěvekod **henrix** » 22 čer 2010 10:53

http://www.virustotal.com/cs/analisis/0 ... 1277196467
http://www.virustotal.com/cs/analisis/1 ... 1277196674

henrix · Příspěvekod **henrix** » 22 čer 2010 11:25

ComboFix 10-06-21.01 - Hanička 22.06.2010 11:03:08.3.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.765.261 [GMT 2:00]
Spuštěný z: c:\users\Hanička\Desktop\zelva.com.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-05-22 do 2010-06-22 )))))))))))))))))))))))))))))))
.

2010-06-22 09:13 . 2010-06-22 09:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-06-22 09:13 . 2010-06-22 09:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-20 18:14 . 2010-06-20 18:14 -------- d-----w- c:\programdata\Kaspersky Lab
2010-06-20 11:33 . 2010-06-20 11:33 -------- d---a-w- c:\windows\VDLL.DLL
2010-06-20 11:33 . 2010-06-20 11:33 -------- d---a-w- c:\windows\system32\runouce.exe
2010-06-20 11:33 . 2010-06-20 11:33 -------- d---a-w- c:\windows\rundll16.exe
2010-06-20 11:33 . 2010-06-20 11:33 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-06-20 11:33 . 2010-06-20 11:33 -------- d---a-w- c:\windows\logo1_.exe
2010-06-20 11:33 . 2010-06-20 11:33 -------- d---a-w- c:\windows\logo_1.exe
2010-06-20 11:29 . 2010-06-20 11:29 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-06-20 11:29 . 2010-06-20 11:29 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-06-20 11:29 . 2010-06-20 11:29 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-06-20 11:29 . 2010-06-20 11:29 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-06-20 11:28 . 2010-06-20 11:29 -------- d-----w- c:\programdata\MicroWorld
2010-06-17 21:24 . 2010-06-17 21:48 -------- d-----w- C:\zelva.com
2010-06-17 20:59 . 2010-06-17 20:59 -------- d-----w- C:\_OTL
2010-06-17 20:55 . 2010-06-17 20:55 -------- d-----w- c:\program files\VistaCodecPack
2010-06-17 20:51 . 2010-06-17 20:55 -------- d-----w- c:\programdata\VistaCodecs
2010-06-17 20:41 . 2010-06-17 20:41 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-17 20:33 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-17 20:32 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-06-17 20:32 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-06-17 20:32 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-06-17 20:26 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-06-17 20:26 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-17 20:26 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-17 17:12 . 2010-06-17 17:14 -------- d-----w- c:\windows\system32\ca-ES
2010-06-17 17:12 . 2010-06-17 17:14 -------- d-----w- c:\windows\system32\eu-ES
2010-06-17 17:12 . 2010-06-17 17:13 -------- d-----w- c:\windows\system32\vi-VN
2010-06-17 17:09 . 2010-06-17 17:09 -------- d-----w- c:\programdata\WindowsSearch
2010-06-17 16:42 . 2010-06-17 16:42 -------- d-----w- c:\windows\system32\EventProviders
2010-06-17 05:58 . 2010-06-17 05:58 -------- d-----w- c:\windows\Sun
2010-06-16 15:43 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-06-16 14:57 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-06-16 14:57 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2010-06-16 14:57 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2010-06-16 14:57 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2010-06-16 14:57 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2010-06-16 14:57 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-06-16 14:57 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2010-06-16 14:57 . 2009-04-11 02:52 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2010-06-16 14:57 . 2009-04-11 06:28 1576960 ----a-w- c:\windows\system32\tquery.dll
2010-06-16 14:57 . 2009-02-18 18:39 779136 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2010-06-16 14:57 . 2009-04-11 04:42 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2010-06-16 14:55 . 2009-04-11 06:28 643072 ----a-w- c:\windows\system32\msrepl40.dll
2010-06-16 14:54 . 2009-04-11 06:28 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-06-16 14:53 . 2009-04-11 06:28 1671680 ----a-w- c:\windows\system32\wlanpref.dll
2010-06-16 14:51 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-06-16 14:51 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-06-16 14:51 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-06-16 14:51 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-06-16 14:51 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-06-16 14:51 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-06-16 14:51 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-06-16 14:51 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-06-16 14:51 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-06-16 14:51 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-06-16 14:49 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-06-16 13:44 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-06-16 13:43 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-16 13:43 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-06-16 13:41 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-16 13:41 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-16 13:40 . 2010-06-16 13:40 -------- d-----w- c:\program files\Trend Micro
2010-06-16 13:36 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-06-16 11:16 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-16 11:16 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-16 11:16 . 2010-06-16 11:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-15 15:49 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-06-15 15:41 . 2010-06-15 15:42 -------- d-----w- c:\program files\CCleaner
2010-06-15 15:15 . 2010-06-15 15:15 -------- d-----w- C:\PerfLogs
2010-06-15 12:36 . 2010-06-15 12:36 -------- d-----w- c:\programdata\F-Secure

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-22 08:35 . 2007-01-08 21:10 598838 ----a-w- c:\windows\system32\perfh005.dat
2010-06-22 08:35 . 2007-01-08 21:10 115014 ----a-w- c:\windows\system32\perfc005.dat
2010-06-18 13:07 . 2007-01-12 06:00 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-06-18 13:07 . 2007-01-12 06:01 -------- d-----w- c:\programdata\Symantec
2010-06-17 20:41 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-06-17 20:41 . 2010-06-17 20:41 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-06-17 20:41 . 2010-06-17 20:41 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-06-17 19:34 . 2007-01-12 05:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-17 19:34 . 2009-09-20 21:17 -------- d-----w- c:\program files\Acer Inc
2010-06-17 17:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2010-06-17 17:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-17 17:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2010-06-17 17:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2010-06-17 17:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2010-06-17 17:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2010-06-17 17:11 . 2010-06-17 17:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-17 17:11 . 2010-06-17 17:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-06-15 14:47 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-06-15 14:47 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-05-21 12:14 . 2009-10-03 00:16 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 14:47 . 2010-05-20 14:47 -------- d-----w- c:\program files\ESET
2010-05-20 14:46 . 2010-05-20 14:46 -------- d-----w- c:\program files\Common Files\Java
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\26557\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\26557\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\26557\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\26557\AcrobatUpdater.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 4186112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 464168]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2007-01-08 151552]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-08 614400]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-1-12 528384]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ca,c6,cb,fe,41,0e,cb,01

R3 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 31232]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - COMHOST
*Deregistered* - comHost

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Hanička\AppData\Roaming\Mozilla\Firefox\Profiles\ttda3751.default\
FF - prefs.js: browser.search.selectedEngine - Seznam Search
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\programy\Mozilla Firefox 3 Beta 4\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\programy\Mozilla Firefox 3 Beta 4\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programy\Mozilla Firefox 3 Beta 4\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programy\Mozilla Firefox 3 Beta 4\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\programy\Mozilla Firefox 3 Beta 4\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programy\Mozilla Firefox 3 Beta 4\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programy\Mozilla Firefox 3 Beta 4\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-22 11:13
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3908)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\ShowErrMsg.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Celkový čas: 2010-06-22 11:24:00
ComboFix-quarantined-files.txt 2010-06-22 09:23
ComboFix2.txt 2010-06-18 17:19
ComboFix3.txt 2010-06-17 21:48

Před spuštěním: Volných bajtů: 18 521 116 672
Po spuštění: Volných bajtů: 18 772 578 304

- - End Of File - - 2511FBCCEBFC657479AE416A4D522572

bledulka · Příspěvekod **bledulka** » 22 čer 2010 11:37

Smaž složky
c:\program files\Common Files\Symantec Shared
c:\programdata\Symantec

Odinstaluj combofix přes
Start >> Spustit zkopíruj do okénka:
ComboFix /Uninstall

stiskni Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

**********************************************

Stáhni T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusť,pro potvrzení volby mačkej klávesu A, Enter
-po použití prográmek vymaž.Pozor,antiviry ho mohou falešně označit za vir

**********************************************

Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt,obsah vlož zde

*********************************************

Zkus opravu vista managerem - system repair
http://www.slunecnice.cz/sw/vista-manager/

henrix · Příspěvekod **henrix** » 22 čer 2010 14:19

Logfile of random's system information tool 1.07 (written by random/random)
Run by Hanička at 2010-06-22 14:13:51
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 18 GB (33%) free of 54 GB
Total RAM: 765 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:14:08, on 22.6.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\Explorer.exe
C:\Programy\Mozilla Firefox 3 Beta 4\firefox.exe
C:\Windows\system32\conime.exe
C:\Users\Hanička\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Hanička.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Startup: _uninst_setup_9.0.0.722_20.06.2010_21-41.exe.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\eNetHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5819 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2007-01-09 151552]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-08 614400]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-11 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Users\Hanička\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
_uninst_setup_9.0.0.722_20.06.2010_21-41.exe.lnk - C:\Users\Hanička\AppData\Local\temp\_uninst_setup_9.0.0.722_20.06.2010_21-41.exe.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rootrepeal.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2010-06-22 14:13:51 ----D---- C:\rsit
2010-06-22 14:03:49 ----SD---- C:\zelva.com15750z
2010-06-22 11:24:00 ----A---- C:\ComboFix.txt
2010-06-22 11:22:30 ----SHD---- C:\$RECYCLE.BIN
2010-06-22 11:00:49 ----D---- C:\zelva.com16052z
2010-06-21 09:16:43 ----A---- C:\RootRepeal report 06-21-10 (09-16-43).txt
2010-06-21 09:10:34 ----A---- C:\RootRepeal report 06-21-10 (09-10-34).txt
2010-06-21 00:45:33 ----A---- C:\RootRepeal report 06-21-10 (00-45-33).txt
2010-06-21 00:42:44 ----A---- C:\RootRepeal report 06-21-10 (00-42-44).txt
2010-06-20 20:14:13 ----D---- C:\ProgramData\Kaspersky Lab
2010-06-20 13:33:59 ----AD---- C:\Windows\VDLL.DLL
2010-06-20 13:33:59 ----AD---- C:\Windows\system32\runouce.exe
2010-06-20 13:33:59 ----AD---- C:\Windows\rundll16.exe
2010-06-20 13:33:59 ----AD---- C:\Windows\RUNDL132.EXE
2010-06-20 13:33:59 ----AD---- C:\Windows\logo1_.exe
2010-06-20 13:33:59 ----AD---- C:\Windows\logo_1.exe
2010-06-20 13:29:48 ----A---- C:\Windows\system32\msvcr80.dll
2010-06-20 13:29:47 ----A---- C:\Windows\system32\msvcp80.dll
2010-06-20 13:29:45 ----A---- C:\Windows\system32\eEmpty.exe
2010-06-20 13:29:41 ----D---- C:\Program Files\Common Files\MicroWorld
2010-06-20 13:28:58 ----D---- C:\ProgramData\MicroWorld
2010-06-17 23:24:44 ----D---- C:\Windows\ERDNT
2010-06-17 23:24:42 ----D---- C:\zelva.com
2010-06-17 22:59:29 ----D---- C:\_OTL
2010-06-17 22:55:27 ----D---- C:\Users\Hanička\AppData\Roaming\VistaCodecs
2010-06-17 22:55:16 ----D---- C:\Program Files\VistaCodecPack
2010-06-17 22:51:24 ----D---- C:\ProgramData\VistaCodecs
2010-06-17 22:41:54 ----D---- C:\Program Files\Windows Portable Devices
2010-06-17 22:34:46 ----A---- C:\Windows\system32\UIAnimation.dll
2010-06-17 22:34:45 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-06-17 22:34:45 ----A---- C:\Windows\system32\UIRibbon.dll
2010-06-17 22:34:12 ----A---- C:\Windows\system32\WMPhoto.dll
2010-06-17 22:34:11 ----A---- C:\Windows\system32\cdd.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-06-17 22:34:10 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\dxdiagn.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\dxdiag.exe
2010-06-17 22:34:10 ----A---- C:\Windows\system32\d3d10warp.dll
2010-06-17 22:34:10 ----A---- C:\Windows\system32\d2d1.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\xpsservices.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\XpsPrint.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\OpcServices.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\FntCache.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\DWrite.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\d3d11.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\d3d10level9.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\d3d10core.dll
2010-06-17 22:34:09 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-06-17 22:34:08 ----A---- C:\Windows\system32\dxgi.dll
2010-06-17 22:34:08 ----A---- C:\Windows\system32\d3d10_1.dll
2010-06-17 22:34:08 ----A---- C:\Windows\system32\d3d10.dll
2010-06-17 22:33:31 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-06-17 22:33:30 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-06-17 22:33:30 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-06-17 22:33:26 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-06-17 22:33:23 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-06-17 22:33:23 ----A---- C:\Windows\system32\WpdConns.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\WPDSp.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\wpdshext.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\WpdMtp.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\wpd_ci.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-06-17 22:33:22 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-06-17 22:32:15 ----A---- C:\Windows\system32\oleaccrc.dll
2010-06-17 22:32:14 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-06-17 22:32:14 ----A---- C:\Windows\system32\oleacc.dll
2010-06-17 22:26:44 ----A---- C:\Windows\system32\gameux.dll
2010-06-17 22:26:42 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-17 22:26:41 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-17 19:12:55 ----D---- C:\Windows\system32\eu-ES
2010-06-17 19:12:55 ----D---- C:\Windows\system32\ca-ES
2010-06-17 19:12:52 ----D---- C:\Windows\system32\vi-VN
2010-06-17 19:09:12 ----D---- C:\ProgramData\WindowsSearch
2010-06-17 18:42:32 ----D---- C:\Windows\system32\EventProviders
2010-06-17 07:58:53 ----D---- C:\Windows\Sun
2010-06-16 16:57:35 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-06-16 16:57:28 ----A---- C:\Windows\system32\SLCExt.dll
2010-06-16 16:57:27 ----A---- C:\Windows\system32\SLsvc.exe
2010-06-16 16:57:18 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-06-16 16:57:18 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-06-16 16:57:13 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-06-16 16:57:08 ----A---- C:\Windows\system32\mssrch.dll
2010-06-16 16:57:03 ----A---- C:\Windows\system32\tquery.dll
2010-06-16 16:57:01 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-06-16 16:56:59 ----A---- C:\Windows\system32\scavenge.dll
2010-06-16 16:56:56 ----A---- C:\Windows\system32\msi.dll
2010-06-16 16:56:54 ----A---- C:\Windows\system32\imapi2fs.dll
2010-06-16 16:56:53 ----A---- C:\Windows\system32\WscEapPr.dll
2010-06-16 16:56:53 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-06-16 16:56:53 ----A---- C:\Windows\system32\sysmain.dll
2010-06-16 16:56:50 ----A---- C:\Windows\system32\icardagt.exe
2010-06-16 16:56:48 ----A---- C:\Windows\system32\EhStorShell.dll
2010-06-16 16:56:45 ----A---- C:\Windows\system32\spreview.exe
2010-06-16 16:56:45 ----A---- C:\Windows\system32\spinstall.exe
2010-06-16 16:56:44 ----A---- C:\Windows\system32\drmv2clt.dll
2010-06-16 16:56:42 ----A---- C:\Windows\system32\spwizui.dll
2010-06-16 16:56:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-06-16 16:56:41 ----A---- C:\Windows\system32\shell32.dll
2010-06-16 16:56:39 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-06-16 16:56:39 ----A---- C:\Windows\system32\p2psvc.dll
2010-06-16 16:56:39 ----A---- C:\Windows\system32\mssvp.dll
2010-06-16 16:56:38 ----A---- C:\Windows\system32\mscoree.dll
2010-06-16 16:56:37 ----A---- C:\Windows\system32\mssphtb.dll
2010-06-16 16:56:37 ----A---- C:\Windows\system32\mssph.dll
2010-06-16 16:56:36 ----A---- C:\Windows\system32\imapi2.dll
2010-06-16 16:56:35 ----A---- C:\Windows\system32\sdohlp.dll
2010-06-16 16:56:34 ----A---- C:\Windows\system32\esent.dll
2010-06-16 16:56:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-06-16 16:56:33 ----A---- C:\Windows\system32\DevicePairing.dll
2010-06-16 16:56:31 ----A---- C:\Windows\system32\sperror.dll
2010-06-16 16:56:30 ----A---- C:\Windows\system32\wevtsvc.dll
2010-06-16 16:56:30 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-16 16:56:30 ----A---- C:\Windows\system32\korwbrkr.dll
2010-06-16 16:56:29 ----A---- C:\Windows\system32\SLC.dll
2010-06-16 16:56:29 ----A---- C:\Windows\system32\msshsq.dll
2010-06-16 16:56:24 ----A---- C:\Windows\system32\msjet40.dll
2010-06-16 16:56:24 ----A---- C:\Windows\system32\MPSSVC.dll
2010-06-16 16:56:21 ----A---- C:\Windows\system32\Query.dll
2010-06-16 16:56:21 ----A---- C:\Windows\system32\qmgr.dll
2010-06-16 16:56:20 ----A---- C:\Windows\system32\msexch40.dll
2010-06-16 16:56:19 ----A---- C:\Windows\system32\P2PGraph.dll
2010-06-16 16:56:19 ----A---- C:\Windows\system32\diagperf.dll
2010-06-16 16:56:18 ----A---- C:\Windows\system32\ole32.dll
2010-06-16 16:56:18 ----A---- C:\Windows\system32\ntdll.dll
2010-06-16 16:56:18 ----A---- C:\Windows\system32\IasMigReader.exe
2010-06-16 16:56:17 ----A---- C:\Windows\system32\winload.exe
2010-06-16 16:56:17 ----A---- C:\Windows\system32\srchadmin.dll
2010-06-16 16:56:16 ----A---- C:\Windows\system32\mblctr.exe
2010-06-16 16:56:16 ----A---- C:\Windows\system32\EncDec.dll
2010-06-16 16:56:15 ----A---- C:\Windows\system32\uDWM.dll
2010-06-16 16:56:15 ----A---- C:\Windows\system32\mmc.exe
2010-06-16 16:56:15 ----A---- C:\Windows\system32\dfsr.exe
2010-06-16 16:56:14 ----A---- C:\Windows\system32\riched20.dll
2010-06-16 16:56:14 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-06-16 16:56:13 ----A---- C:\Windows\system32\fdBth.dll
2010-06-16 16:56:12 ----A---- C:\Windows\system32\RacEngn.dll
2010-06-16 16:56:11 ----A---- C:\Windows\system32\kernel32.dll
2010-06-16 16:56:10 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-06-16 16:56:10 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-06-16 16:56:10 ----A---- C:\Windows\system32\milcore.dll
2010-06-16 16:56:09 ----A---- C:\Windows\system32\spoolss.dll
2010-06-16 16:56:09 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-06-16 16:56:09 ----A---- C:\Windows\system32\CertEnroll.dll
2010-06-16 16:56:08 ----A---- C:\Windows\system32\schedsvc.dll
2010-06-16 16:56:08 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-06-16 16:56:06 ----A---- C:\Windows\system32\WinSAT.exe
2010-06-16 16:56:06 ----A---- C:\Windows\system32\msvcp60.dll
2010-06-16 16:56:06 ----A---- C:\Windows\system32\msjtes40.dll
2010-06-16 16:56:06 ----A---- C:\Windows\system32\infocardapi.dll
2010-06-16 16:56:06 ----A---- C:\Windows\system32\gpedit.dll
2010-06-16 16:56:05 ----A---- C:\Windows\system32\es.dll
2010-06-16 16:56:04 ----A---- C:\Windows\system32\mstext40.dll
2010-06-16 16:56:04 ----A---- C:\Windows\system32\Magnify.exe
2010-06-16 16:56:04 ----A---- C:\Windows\system32\advapi32.dll
2010-06-16 16:56:03 ----A---- C:\Windows\system32\WebClnt.dll
2010-06-16 16:56:03 ----A---- C:\Windows\system32\msexcl40.dll
2010-06-16 16:56:02 ----A---- C:\Windows\system32\slwmi.dll
2010-06-16 16:56:02 ----A---- C:\Windows\system32\msxbde40.dll
2010-06-16 16:56:02 ----A---- C:\Windows\system32\comsvcs.dll
2010-06-16 16:56:01 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-06-16 16:56:01 ----A---- C:\Windows\system32\vssapi.dll
2010-06-16 16:56:00 ----A---- C:\Windows\system32\authui.dll
2010-06-16 16:55:58 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-16 16:55:58 ----A---- C:\Windows\system32\msrepl40.dll
2010-06-16 16:55:57 ----A---- C:\Windows\system32\propsys.dll
2010-06-16 16:55:57 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-06-16 16:55:57 ----A---- C:\Windows\system32\newdev.dll
2010-06-16 16:55:57 ----A---- C:\Windows\system32\iasrecst.dll
2010-06-16 16:55:57 ----A---- C:\Windows\system32\gpsvc.dll
2010-06-16 16:55:57 ----A---- C:\Windows\system32\eudcedit.exe
2010-06-16 16:55:57 ----A---- C:\Windows\system32\crypt32.dll
2010-06-16 16:55:56 ----A---- C:\Windows\system32\rpcss.dll
2010-06-16 16:55:56 ----A---- C:\Windows\explorer.exe
2010-06-16 16:55:55 ----A---- C:\Windows\system32\setupapi.dll
2010-06-16 16:55:55 ----A---- C:\Windows\system32\mspbde40.dll
2010-06-16 16:55:55 ----A---- C:\Windows\system32\d3d9.dll
2010-06-16 16:55:53 ----A---- C:\Windows\system32\shlwapi.dll
2010-06-16 16:55:53 ----A---- C:\Windows\system32\msltus40.dll
2010-06-16 16:55:53 ----A---- C:\Windows\system32\mfc42.dll
2010-06-16 16:55:53 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-06-16 16:55:53 ----A---- C:\Windows\system32\davclnt.dll
2010-06-16 16:55:52 ----A---- C:\Windows\system32\msrd3x40.dll
2010-06-16 16:55:52 ----A---- C:\Windows\system32\msdtctm.dll
2010-06-16 16:55:52 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-06-16 16:55:51 ----A---- C:\Windows\system32\wevtapi.dll
2010-06-16 16:55:51 ----A---- C:\Windows\system32\photowiz.dll
2010-06-16 16:55:51 ----A---- C:\Windows\system32\nlhtml.dll
2010-06-16 16:55:51 ----A---- C:\Windows\system32\browseui.dll
2010-06-16 16:55:48 ----A---- C:\Windows\system32\user32.dll
2010-06-16 16:55:47 ----A---- C:\Windows\system32\samsrv.dll
2010-06-16 16:55:47 ----A---- C:\Windows\system32\ci.dll
2010-06-16 16:55:46 ----A---- C:\Windows\system32\win32spl.dll
2010-06-16 16:55:46 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-06-16 16:55:45 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-06-16 16:55:45 ----A---- C:\Windows\system32\oleaut32.dll
2010-06-16 16:55:45 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-06-16 16:55:44 ----A---- C:\Windows\system32\netshell.dll
2010-06-16 16:55:44 ----A---- C:\Windows\system32\compcln.exe
2010-06-16 16:55:43 ----A---- C:\Windows\system32\apds.dll
2010-06-16 16:55:42 ----A---- C:\Windows\system32\xmlfilter.dll
2010-06-16 16:55:42 ----A---- C:\Windows\system32\mswstr10.dll
2010-06-16 16:55:42 ----A---- C:\Windows\system32\audiosrv.dll
2010-06-16 16:55:41 ----A---- C:\Windows\system32\msctf.dll
2010-06-16 16:55:41 ----A---- C:\Windows\system32\emdmgmt.dll
2010-06-16 16:55:40 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-06-16 16:55:40 ----A---- C:\Windows\system32\msvcrt.dll
2010-06-16 16:55:40 ----A---- C:\Windows\system32\gdi32.dll
2010-06-16 16:55:39 ----A---- C:\Windows\system32\VSSVC.exe
2010-06-16 16:55:39 ----A---- C:\Windows\system32\mfc42u.dll
2010-06-16 16:55:38 ----A---- C:\Windows\system32\SLUI.exe
2010-06-16 16:55:38 ----A---- C:\Windows\system32\msrd2x40.dll
2010-06-16 16:55:38 ----A---- C:\Windows\system32\eapphost.dll
2010-06-16 16:55:37 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-06-16 16:55:36 ----A---- C:\Windows\system32\winresume.exe
2010-06-16 16:55:36 ----A---- C:\Windows\system32\propdefs.dll
2010-06-16 16:55:36 ----A---- C:\Windows\system32\odbc32.dll
2010-06-16 16:55:34 ----A---- C:\Windows\system32\shdocvw.dll
2010-06-16 16:55:33 ----A---- C:\Windows\system32\wevtutil.exe
2010-06-16 16:55:33 ----A---- C:\Windows\system32\mssitlb.dll
2010-06-16 16:55:33 ----A---- C:\Windows\system32\dbgeng.dll
2010-06-16 16:55:29 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-16 16:55:29 ----A---- C:\Windows\system32\swprv.dll
2010-06-16 16:55:28 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-06-16 16:55:27 ----A---- C:\Windows\system32\usp10.dll
2010-06-16 16:55:26 ----A---- C:\Windows\system32\vds.exe
2010-06-16 16:55:26 ----A---- C:\Windows\system32\drvinst.exe
2010-06-16 16:55:26 ----A---- C:\Windows\system32\devmgr.dll
2010-06-16 16:55:25 ----A---- C:\Windows\system32\netlogon.dll
2010-06-16 16:55:25 ----A---- C:\Windows\system32\msscb.dll
2010-06-16 16:55:25 ----A---- C:\Windows\system32\msctfp.dll
2010-06-16 16:55:25 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-06-16 16:55:25 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-06-16 16:55:25 ----A---- C:\Windows\system32\BFE.DLL
2010-06-16 16:55:25 ----A---- C:\Windows\system32\adsldpc.dll
2010-06-16 16:55:24 ----A---- C:\Windows\system32\Wldap32.dll
2010-06-16 16:55:24 ----A---- C:\Windows\system32\wcnwiz.dll
2010-06-16 16:55:24 ----A---- C:\Windows\system32\evr.dll
2010-06-16 16:55:23 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-06-16 16:55:22 ----A---- C:\Windows\system32\services.exe
2010-06-16 16:55:21 ----A---- C:\Windows\system32\wercon.exe
2010-06-16 16:55:21 ----A---- C:\Windows\system32\mimefilt.dll
2010-06-16 16:55:21 ----A---- C:\Windows\system32\comdlg32.dll
2010-06-16 16:55:21 ----A---- C:\Windows\system32\adtschema.dll
2010-06-16 16:55:20 ----A---- C:\Windows\system32\wcncsvc.dll
2010-06-16 16:55:20 ----A---- C:\Windows\system32\certcli.dll
2010-06-16 16:55:19 ----A---- C:\Windows\system32\taskeng.exe
2010-06-16 16:55:19 ----A---- C:\Windows\system32\reg.exe
2010-06-16 16:55:19 ----A---- C:\Windows\system32\mswdat10.dll
2010-06-16 16:55:19 ----A---- C:\Windows\system32\msjter40.dll
2010-06-16 16:55:19 ----A---- C:\Windows\system32\msdtcprx.dll
2010-06-16 16:55:19 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-06-16 16:55:18 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-06-16 16:55:18 ----A---- C:\Windows\system32\rtffilt.dll
2010-06-16 16:55:18 ----A---- C:\Windows\system32\dnsapi.dll
2010-06-16 16:55:18 ----A---- C:\Windows\system32\certutil.exe
2010-06-16 16:55:17 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-06-16 16:55:17 ----A---- C:\Windows\system32\w32time.dll
2010-06-16 16:55:17 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-06-16 16:55:16 ----A---- C:\Windows\system32\msshooks.dll
2010-06-16 16:55:16 ----A---- C:\Windows\system32\msscntrs.dll
2010-06-16 16:55:16 ----A---- C:\Windows\system32\bthserv.dll
2010-06-16 16:55:16 ----A---- C:\Windows\system32\bcrypt.dll
2010-06-16 16:55:15 ----A---- C:\Windows\system32\rsaenh.dll
2010-06-16 16:55:15 ----A---- C:\Windows\system32\msihnd.dll
2010-06-16 16:55:14 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-06-16 16:55:14 ----A---- C:\Windows\system32\msstrc.dll
2010-06-16 16:55:14 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-06-16 16:55:13 ----A---- C:\Windows\system32\netapi32.dll
2010-06-16 16:55:13 ----A---- C:\Windows\system32\inetpp.dll
2010-06-16 16:55:13 ----A---- C:\Windows\system32\dfshim.dll
2010-06-16 16:55:12 ----A---- C:\Windows\system32\mtxclu.dll
2010-06-16 16:55:12 ----A---- C:\Windows\system32\mscories.dll
2010-06-16 16:55:12 ----A---- C:\Windows\system32\hidserv.dll
2010-06-16 16:55:12 ----A---- C:\Windows\system32\fundisc.dll
2010-06-16 16:55:12 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-06-16 16:55:12 ----A---- C:\Windows\system32\cryptsvc.dll
2010-06-16 16:55:11 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-06-16 16:55:11 ----A---- C:\Windows\system32\termsrv.dll
2010-06-16 16:55:11 ----A---- C:\Windows\system32\profsvc.dll
2010-06-16 16:55:10 ----A---- C:\Windows\system32\shsvcs.dll
2010-06-16 16:55:10 ----A---- C:\Windows\system32\msiexec.exe
2010-06-16 16:55:10 ----A---- C:\Windows\system32\imapi.dll
2010-06-16 16:55:09 ----A---- C:\Windows\system32\wdc.dll
2010-06-16 16:55:08 ----A---- C:\Windows\system32\chsbrkr.dll
2010-06-16 16:55:06 ----A---- C:\Windows\system32\rasmans.dll
2010-06-16 16:55:06 ----A---- C:\Windows\system32\pnidui.dll
2010-06-16 16:55:06 ----A---- C:\Windows\system32\iassdo.dll
2010-06-16 16:55:05 ----A---- C:\Windows\system32\spoolsv.exe
2010-06-16 16:55:05 ----A---- C:\Windows\system32\icardres.dll
2010-06-16 16:55:05 ----A---- C:\Windows\system32\autofmt.exe
2010-06-16 16:55:03 ----A---- C:\Windows\system32\wersvc.dll
2010-06-16 16:55:03 ----A---- C:\Windows\system32\slmgr.vbs
2010-06-16 16:55:03 ----A---- C:\Windows\system32\scrrun.dll
2010-06-16 16:55:03 ----A---- C:\Windows\system32\PSHED.DLL
2010-06-16 16:55:02 ----A---- C:\Windows\system32\pdh.dll
2010-06-16 16:55:02 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-06-16 16:55:01 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-06-16 16:55:01 ----A---- C:\Windows\system32\azroles.dll
2010-06-16 16:55:00 ----A---- C:\Windows\system32\pidgenx.dll
2010-06-16 16:54:52 ----A---- C:\Windows\system32\wmpmde.dll
2010-06-16 16:54:52 ----A---- C:\Windows\system32\winlogon.exe
2010-06-16 16:54:51 ----A---- C:\Windows\system32\SyncCenter.dll
2010-06-16 16:54:49 ----A---- C:\Windows\system32\SLUINotify.dll
2010-06-16 16:54:49 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-06-16 16:54:48 ----A---- C:\Windows\system32\comuid.dll
2010-06-16 16:54:47 ----A---- C:\Windows\system32\ncrypt.dll
2010-06-16 16:54:47 ----A---- C:\Windows\system32\certmgr.dll
2010-06-16 16:54:46 ----A---- C:\Windows\system32\sethc.exe
2010-06-16 16:54:46 ----A---- C:\Windows\system32\kd1394.dll
2010-06-16 16:54:46 ----A---- C:\Windows\system32\iassam.dll
2010-06-16 16:54:45 ----A---- C:\Windows\system32\untfs.dll
2010-06-16 16:54:45 ----A---- C:\Windows\system32\spp.dll
2010-06-16 16:54:45 ----A---- C:\Windows\system32\scrobj.dll
2010-06-16 16:54:44 ----A---- C:\Windows\system32\wisptis.exe
2010-06-16 16:54:44 ----A---- C:\Windows\system32\rtutils.dll
2010-06-16 16:54:43 ----A---- C:\Windows\system32\taskcomp.dll
2010-06-16 16:54:43 ----A---- C:\Windows\system32\dwm.exe
2010-06-16 16:54:42 ----A---- C:\Windows\system32\autochk.exe
2010-06-16 16:54:41 ----A---- C:\Windows\system32\printui.dll
2010-06-16 16:54:41 ----A---- C:\Windows\system32\iasnap.dll
2010-06-16 16:54:40 ----A---- C:\Windows\system32\autoconv.exe
2010-06-16 16:54:39 ----A---- C:\Windows\system32\winsrv.dll
2010-06-16 16:54:38 ----A---- C:\Windows\system32\kdcom.dll
2010-06-16 16:54:38 ----A---- C:\Windows\system32\cscript.exe
2010-06-16 16:54:37 ----A---- C:\Windows\system32\userenv.dll
2010-06-16 16:54:37 ----A---- C:\Windows\system32\onex.dll
2010-06-16 16:54:37 ----A---- C:\Windows\system32\basecsp.dll
2010-06-16 16:54:37 ----A---- C:\Windows\system32\audiodg.exe
2010-06-16 16:54:36 ----A---- C:\Windows\system32\wow32.dll
2010-06-16 16:54:36 ----A---- C:\Windows\system32\osk.exe
2010-06-16 16:54:36 ----A---- C:\Windows\system32\mswsock.dll
2010-06-16 16:54:34 ----A---- C:\Windows\system32\winmm.dll
2010-06-16 16:54:34 ----A---- C:\Windows\system32\RelMon.dll
2010-06-16 16:54:34 ----A---- C:\Windows\system32\rdpencom.dll
2010-06-16 16:54:34 ----A---- C:\Windows\system32\kdusb.dll
2010-06-16 16:54:33 ----A---- C:\Windows\system32\WinSCard.dll
2010-06-16 16:54:33 ----A---- C:\Windows\system32\msftedit.dll
2010-06-16 16:54:32 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-06-16 16:54:32 ----A---- C:\Windows\system32\spcmsg.dll
2010-06-16 16:54:31 ----A---- C:\Windows\system32\offfilt.dll
2010-06-16 16:54:31 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-06-16 16:54:28 ----A---- C:\Windows\system32\Utilman.exe
2010-06-16 16:54:27 ----A---- C:\Windows\system32\WerFault.exe
2010-06-16 16:54:26 ----A---- C:\Windows\system32\wsepno.dll
2010-06-16 16:54:26 ----A---- C:\Windows\system32\stobject.dll
2010-06-16 16:54:26 ----A---- C:\Windows\system32\mfplat.dll
2010-06-16 16:54:26 ----A---- C:\Windows\system32\diskraid.exe
2010-06-16 16:54:25 ----A---- C:\Windows\system32\apphelp.dll
2010-06-16 16:54:24 ----A---- C:\Windows\system32\SndVol.exe
2010-06-16 16:54:24 ----A---- C:\Windows\system32\msnetobj.dll
2010-06-16 16:54:24 ----A---- C:\Windows\system32\mscms.dll
2010-06-16 16:54:23 ----A---- C:\Windows\system32\sysclass.dll
2010-06-16 16:54:23 ----A---- C:\Windows\system32\prnntfy.dll
2010-06-16 16:54:23 ----A---- C:\Windows\system32\adsmsext.dll
2010-06-16 16:54:22 ----A---- C:\Windows\system32\wiaservc.dll
2010-06-16 16:54:21 ----A---- C:\Windows\system32\wscript.exe
2010-06-16 16:54:21 ----A---- C:\Windows\system32\ulib.dll
2010-06-16 16:54:21 ----A---- C:\Windows\system32\odbccp32.dll
2010-06-16 16:54:21 ----A---- C:\Windows\system32\iasdatastore.dll
2010-06-16 16:54:20 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-06-16 16:54:20 ----A---- C:\Windows\system32\dsound.dll
2010-06-16 16:54:20 ----A---- C:\Windows\system32\cryptui.dll
2010-06-16 16:54:19 ----A---- C:\Windows\system32\wscntfy.dll
2010-06-16 16:54:19 ----A---- C:\Windows\system32\rastapi.dll
2010-06-16 16:54:19 ----A---- C:\Windows\system32\pnpsetup.dll
2010-06-16 16:54:19 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-06-16 16:54:19 ----A---- C:\Windows\system32\fdProxy.dll
2010-06-16 16:54:18 ----A---- C:\Windows\system32\wlangpui.dll
2010-06-16 16:54:18 ----A---- C:\Windows\system32\gpapi.dll
2010-06-16 16:54:18 ----A---- C:\Windows\system32\diskpart.exe
2010-06-16 16:54:18 ----A---- C:\Windows\system32\brcpl.dll
2010-06-16 16:54:17 ----A---- C:\Windows\system32\wscsvc.dll
2010-06-16 16:54:17 ----A---- C:\Windows\system32\vdsdyn.dll
2010-06-16 16:54:17 ----A---- C:\Windows\system32\logman.exe
2010-06-16 16:54:17 ----A---- C:\Windows\system32\iashlpr.dll
2010-06-16 16:54:16 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-06-16 16:54:16 ----A---- C:\Windows\system32\rasapi32.dll
2010-06-16 16:54:15 ----A---- C:\Windows\system32\wusa.exe
2010-06-16 16:54:15 ----A---- C:\Windows\system32\regsvc.dll
2010-06-16 16:54:15 ----A---- C:\Windows\system32\ntprint.dll
2010-06-16 16:54:15 ----A---- C:\Windows\system32\mscorier.dll
2010-06-16 16:54:14 ----A---- C:\Windows\system32\zipfldr.dll
2010-06-16 16:54:14 ----A---- C:\Windows\system32\wshext.dll
2010-06-16 16:54:14 ----A---- C:\Windows\system32\iasrad.dll
2010-06-16 16:54:14 ----A---- C:\Windows\system32\findstr.exe
2010-06-16 16:54:13 ----A---- C:\Windows\system32\wpccpl.dll
2010-06-16 16:54:12 ----A---- C:\Windows\system32\netcenter.dll
2010-06-16 16:54:11 ----A---- C:\Windows\system32\wer.dll
2010-06-16 16:54:11 ----A---- C:\Windows\system32\rasdlg.dll
2010-06-16 16:54:11 ----A---- C:\Windows\system32\iassvcs.dll
2010-06-16 16:54:10 ----A---- C:\Windows\system32\wsnmp32.dll
2010-06-16 16:54:10 ----A---- C:\Windows\system32\themecpl.dll
2010-06-16 16:54:08 ----A---- C:\Windows\system32\uxsms.dll
2010-06-16 16:54:08 ----A---- C:\Windows\system32\srvsvc.dll
2010-06-16 16:54:08 ----A---- C:\Windows\system32\ntmarta.dll
2010-06-16 16:54:08 ----A---- C:\Windows\system32\mssprxy.dll
2010-06-16 16:54:07 ----A---- C:\Windows\system32\slcc.dll
2010-06-16 16:54:07 ----A---- C:\Windows\system32\scansetting.dll
2010-06-16 16:54:07 ----A---- C:\Windows\system32\msutb.dll
2010-06-16 16:54:07 ----A---- C:\Windows\system32\mstlsapi.dll
2010-06-16 16:54:07 ----A---- C:\Windows\system32\iasads.dll
2010-06-16 16:54:06 ----A---- C:\Windows\system32\powrprof.dll
2010-06-16 16:54:06 ----A---- C:\Windows\system32\mstsc.exe
2010-06-16 16:54:06 ----A---- C:\Windows\system32\iasacct.dll
2010-06-16 16:54:05 ----A---- C:\Windows\system32\powercpl.dll
2010-06-16 16:54:05 ----A---- C:\Windows\system32\networkmap.dll
2010-06-16 16:54:04 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-06-16 16:54:04 ----A---- C:\Windows\system32\newdev.exe
2010-06-16 16:54:04 ----A---- C:\Windows\system32\authz.dll
2010-06-16 16:54:03 ----A---- C:\Windows\system32\sud.dll
2010-06-16 16:54:03 ----A---- C:\Windows\system32\dot3svc.dll
2010-06-16 16:54:03 ----A---- C:\Windows\system32\connect.dll
2010-06-16 16:54:02 ----A---- C:\Windows\system32\systemcpl.dll
2010-06-16 16:54:02 ----A---- C:\Windows\system32\pcaui.dll
2010-06-16 16:54:01 ----A---- C:\Windows\system32\themeui.dll
2010-06-16 16:54:01 ----A---- C:\Windows\system32\samlib.dll
2010-06-16 16:54:01 ----A---- C:\Windows\system32\mmci.dll
2010-06-16 16:54:01 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-06-16 16:54:00 ----A---- C:\Windows\system32\usercpl.dll
2010-06-16 16:54:00 ----A---- C:\Windows\system32\qdvd.dll
2010-06-16 16:54:00 ----A---- C:\Windows\system32\autoplay.dll
2010-06-16 16:53:59 ----A---- C:\Windows\system32\wlanpref.dll
2010-06-16 16:53:59 ----A---- C:\Windows\system32\rpchttp.dll
2010-06-16 16:53:58 ----A---- C:\Windows\system32\wpcao.dll
2010-06-16 16:53:58 ----A---- C:\Windows\system32\vdsutil.dll
2010-06-16 16:53:58 ----A---- C:\Windows\system32\regapi.dll
2010-06-16 16:53:58 ----A---- C:\Windows\system32\msinfo32.exe
2010-06-16 16:53:57 ----A---- C:\Windows\system32\tapisrv.dll

henrix · Příspěvekod **henrix** » 22 čer 2010 14:20

2010-06-16 16:53:57 ----A---- C:\Windows\system32\scksp.dll
2010-06-16 16:53:57 ----A---- C:\Windows\system32\feclient.dll
2010-06-16 16:53:56 ----A---- C:\Windows\system32\scesrv.dll
2010-06-16 16:53:56 ----A---- C:\Windows\system32\psisdecd.dll
2010-06-16 16:53:56 ----A---- C:\Windows\system32\oleprn.dll
2010-06-16 16:53:56 ----A---- C:\Windows\system32\mpr.dll
2010-06-16 16:53:56 ----A---- C:\Windows\system32\imm32.dll
2010-06-16 16:53:56 ----A---- C:\Windows\system32\AudioSes.dll
2010-06-16 16:53:55 ----A---- C:\Windows\system32\wscisvif.dll
2010-06-16 16:53:55 ----A---- C:\Windows\system32\rekeywiz.exe
2010-06-16 16:53:55 ----A---- C:\Windows\system32\iaspolcy.dll
2010-06-16 16:53:55 ----A---- C:\Windows\system32\Faultrep.dll
2010-06-16 16:53:55 ----A---- C:\Windows\system32\dot3msm.dll
2010-06-16 16:53:54 ----A---- C:\Windows\system32\sdclt.exe
2010-06-16 16:53:54 ----A---- C:\Windows\system32\dpapimig.exe
2010-06-16 16:53:54 ----A---- C:\Windows\system32\DeviceEject.exe
2010-06-16 16:53:53 ----A---- C:\Windows\system32\qedit.dll
2010-06-16 16:53:53 ----A---- C:\Windows\system32\perfdisk.dll
2010-06-16 16:53:53 ----A---- C:\Windows\system32\ncryptui.dll
2010-06-16 16:53:52 ----A---- C:\Windows\system32\scecli.dll
2010-06-16 16:53:52 ----A---- C:\Windows\system32\rasgcw.dll
2010-06-16 16:53:52 ----A---- C:\Windows\system32\pnpui.dll
2010-06-16 16:53:52 ----A---- C:\Windows\system32\hdwwiz.exe
2010-06-16 16:53:52 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-06-16 16:53:52 ----A---- C:\Windows\system32\certreq.exe
2010-06-16 16:53:51 ----A---- C:\Windows\system32\TSTheme.exe
2010-06-16 16:53:51 ----A---- C:\Windows\system32\spwinsat.dll
2010-06-16 16:53:51 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-06-16 16:53:51 ----A---- C:\Windows\system32\rasplap.dll
2010-06-16 16:53:50 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-06-16 16:53:50 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-06-16 16:53:50 ----A---- C:\Windows\system32\cmmon32.exe
2010-06-16 16:53:49 ----A---- C:\Windows\system32\whealogr.dll
2010-06-16 16:53:49 ----A---- C:\Windows\system32\tcpmon.dll
2010-06-16 16:53:49 ----A---- C:\Windows\system32\srcore.dll
2010-06-16 16:53:49 ----A---- C:\Windows\system32\fdWSD.dll
2010-06-16 16:53:48 ----A---- C:\Windows\system32\SCardSvr.dll
2010-06-16 16:53:48 ----A---- C:\Windows\system32\conime.exe
2010-06-16 16:53:48 ----A---- C:\Windows\system32\cmdial32.dll
2010-06-16 16:53:47 ----A---- C:\Windows\system32\raschap.dll
2010-06-16 16:53:47 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-06-16 16:53:47 ----A---- C:\Windows\system32\fontext.dll
2010-06-16 16:53:46 ----A---- C:\Windows\system32\wiaaut.dll
2010-06-16 16:53:45 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-06-16 16:53:45 ----A---- C:\Windows\system32\wlanui.dll
2010-06-16 16:53:45 ----A---- C:\Windows\system32\shwebsvc.dll
2010-06-16 16:53:45 ----A---- C:\Windows\system32\rasppp.dll
2010-06-16 16:53:45 ----A---- C:\Windows\system32\PnPutil.exe
2010-06-16 16:53:45 ----A---- C:\Windows\system32\dsprop.dll
2010-06-16 16:53:44 ----A---- C:\Windows\system32\dimsroam.dll
2010-06-16 16:53:43 ----A---- C:\Windows\system32\oobefldr.dll
2010-06-16 16:53:42 ----A---- C:\Windows\system32\shsetup.dll
2010-06-16 16:53:42 ----A---- C:\Windows\system32\rasmontr.dll
2010-06-16 16:53:42 ----A---- C:\Windows\system32\mscandui.dll
2010-06-16 16:53:42 ----A---- C:\Windows\system32\modemui.dll
2010-06-16 16:53:40 ----A---- C:\Windows\system32\chtbrkr.dll
2010-06-16 16:53:39 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-06-16 16:53:39 ----A---- C:\Windows\system32\dataclen.dll
2010-06-16 16:53:38 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-06-16 16:53:38 ----A---- C:\Windows\system32\rdpwsx.dll
2010-06-16 16:53:38 ----A---- C:\Windows\system32\blackbox.dll
2010-06-16 16:53:37 ----A---- C:\Windows\system32\WSDMon.dll
2010-06-16 16:53:37 ----A---- C:\Windows\system32\smss.exe
2010-06-16 16:53:37 ----A---- C:\Windows\system32\netplwiz.dll
2010-06-16 16:53:37 ----A---- C:\Windows\system32\credui.dll
2010-06-16 16:53:36 ----A---- C:\Windows\system32\wmpeffects.dll
2010-06-16 16:53:36 ----A---- C:\Windows\system32\certprop.dll
2010-06-16 16:53:35 ----A---- C:\Windows\system32\networkexplorer.dll
2010-06-16 16:53:34 ----A---- C:\Windows\system32\wpcsvc.dll
2010-06-16 16:53:34 ----A---- C:\Windows\system32\msscp.dll
2010-06-16 16:53:34 ----A---- C:\Windows\system32\logagent.exe
2010-06-16 16:53:34 ----A---- C:\Windows\system32\InkEd.dll
2010-06-16 16:53:34 ----A---- C:\Windows\system32\ifmon.dll
2010-06-16 16:53:34 ----A---- C:\Windows\system32\cipher.exe
2010-06-16 16:53:33 ----A---- C:\Windows\system32\wscapi.dll
2010-06-16 16:53:33 ----A---- C:\Windows\system32\msimtf.dll
2010-06-16 16:53:33 ----A---- C:\Windows\system32\gpresult.exe
2010-06-16 16:53:32 ----A---- C:\Windows\system32\thawbrkr.dll
2010-06-16 16:53:32 ----A---- C:\Windows\system32\softkbd.dll
2010-06-16 16:53:32 ----A---- C:\Windows\system32\sendmail.dll
2010-06-16 16:53:32 ----A---- C:\Windows\system32\msctfui.dll
2010-06-16 16:53:32 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-06-16 16:53:31 ----A---- C:\Windows\system32\olepro32.dll
2010-06-16 16:53:31 ----A---- C:\Windows\system32\dmsynth.dll
2010-06-16 16:53:30 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-06-16 16:53:29 ----A---- C:\Windows\system32\version.dll
2010-06-16 16:53:29 ----A---- C:\Windows\system32\puiapi.dll
2010-06-16 16:53:29 ----A---- C:\Windows\system32\input.dll
2010-06-16 16:53:29 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-06-16 16:53:28 ----A---- C:\Windows\system32\wshbth.dll
2010-06-16 16:53:28 ----A---- C:\Windows\system32\SLLUA.exe
2010-06-16 16:53:28 ----A---- C:\Windows\system32\msisip.dll
2010-06-16 16:53:28 ----A---- C:\Windows\system32\mprapi.dll
2010-06-16 16:53:28 ----A---- C:\Windows\system32\fc.exe
2010-06-16 16:53:27 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-06-16 16:53:27 ----A---- C:\Windows\system32\fdSSDP.dll
2010-06-16 16:53:27 ----A---- C:\Windows\system32\dmusic.dll
2010-06-16 16:53:26 ----A---- C:\Windows\system32\msjint40.dll
2010-06-16 16:53:26 ----A---- C:\Windows\system32\l2nacp.dll
2010-06-16 16:53:26 ----A---- C:\Windows\system32\ftp.exe
2010-06-16 16:53:26 ----A---- C:\Windows\system32\eapp3hst.dll
2010-06-16 16:53:26 ----A---- C:\Windows\system32\cscdll.dll
2010-06-16 16:53:26 ----A---- C:\Windows\system32\cscapi.dll
2010-06-16 16:53:25 ----A---- C:\Windows\system32\wsdchngr.dll
2010-06-16 16:53:24 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-06-16 16:53:23 ----A---- C:\Windows\system32\Storprop.dll
2010-06-16 16:53:23 ----A---- C:\Windows\system32\rasdial.exe
2010-06-16 16:53:23 ----A---- C:\Windows\system32\rasdiag.dll
2010-06-16 16:53:23 ----A---- C:\Windows\system32\fdWCN.dll
2010-06-16 16:53:23 ----A---- C:\Windows\system32\dot3cfg.dll
2010-06-16 16:53:23 ----A---- C:\Windows\system32\bthudtask.exe
2010-06-16 16:53:23 ----A---- C:\Windows\system32\bthci.dll
2010-06-16 16:53:22 ----A---- C:\Windows\system32\tscupgrd.exe
2010-06-16 16:53:22 ----A---- C:\Windows\system32\slcinst.dll
2010-06-16 16:53:22 ----A---- C:\Windows\system32\ipconfig.exe
2010-06-16 16:53:22 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-06-16 16:53:22 ----A---- C:\Windows\system32\eappcfg.dll
2010-06-16 16:53:21 ----A---- C:\Windows\system32\nslookup.exe
2010-06-16 16:53:21 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-06-16 16:53:20 ----A---- C:\Windows\system32\ocsetup.exe
2010-06-16 16:53:20 ----A---- C:\Windows\system32\hbaapi.dll
2010-06-16 16:53:20 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-06-16 16:53:20 ----A---- C:\Windows\system32\fdeploy.dll
2010-06-16 16:53:20 ----A---- C:\Windows\system32\eappgnui.dll
2010-06-16 16:53:18 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-06-16 16:53:18 ----A---- C:\Windows\system32\mmcico.dll
2010-06-16 16:53:17 ----A---- C:\Windows\system32\gpupdate.exe
2010-06-16 16:53:15 ----A---- C:\Windows\system32\csrstub.exe
2010-06-16 16:53:15 ----A---- C:\Windows\system32\cbsra.exe
2010-06-16 16:53:15 ----A---- C:\Windows\system32\bitsigd.dll
2010-06-16 16:53:14 ----A---- C:\Windows\system32\iscsilog.dll
2010-06-16 16:53:13 ----A---- C:\Windows\system32\NcdProp.dll
2010-06-16 16:53:12 ----A---- C:\Windows\system32\vdmdbg.dll
2010-06-16 16:53:12 ----A---- C:\Windows\system32\odbcconf.dll
2010-06-16 16:53:11 ----A---- C:\Windows\system32\winrnr.dll
2010-06-16 16:53:11 ----A---- C:\Windows\system32\slwga.dll
2010-06-16 16:53:11 ----A---- C:\Windows\system32\midimap.dll
2010-06-16 16:53:11 ----A---- C:\Windows\system32\inetppui.dll
2010-06-16 16:53:06 ----A---- C:\Windows\system32\msimsg.dll
2010-06-16 16:53:06 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-06-16 16:51:34 ----A---- C:\Windows\system32\SmiEngine.dll
2010-06-16 16:51:09 ----A---- C:\Windows\system32\wdscore.dll
2010-06-16 16:51:09 ----A---- C:\Windows\system32\PkgMgr.exe
2010-06-16 16:49:56 ----A---- C:\Windows\system32\drvstore.dll
2010-06-16 15:44:09 ----A---- C:\Windows\system32\inetcomm.dll
2010-06-16 15:43:32 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-16 15:43:09 ----A---- C:\Windows\system32\tzres.dll
2010-06-16 15:41:46 ----A---- C:\Windows\system32\atmfd.dll
2010-06-16 15:41:43 ----A---- C:\Windows\system32\atmlib.dll
2010-06-16 15:40:33 ----D---- C:\Program Files\Trend Micro
2010-06-16 13:16:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-15 17:49:51 ----A---- C:\Windows\system32\vbscript.dll
2010-06-15 17:49:48 ----A---- C:\Windows\system32\jscript.dll
2010-06-15 17:41:54 ----D---- C:\Program Files\CCleaner
2010-06-15 17:15:13 ----D---- C:\PerfLogs
2010-06-15 15:56:38 ----A---- C:\Windows\system32\mstime.dll
2010-06-15 15:56:37 ----A---- C:\Windows\system32\occache.dll
2010-06-15 15:56:37 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-15 15:56:37 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-15 15:56:37 ----A---- C:\Windows\system32\iepeers.dll
2010-06-15 15:56:36 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-15 15:56:36 ----A---- C:\Windows\system32\ieui.dll
2010-06-15 15:56:36 ----A---- C:\Windows\system32\iesetup.dll
2010-06-15 15:56:36 ----A---- C:\Windows\system32\iernonce.dll
2010-06-15 15:56:35 ----A---- C:\Windows\system32\wininet.dll
2010-06-15 15:56:35 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-15 15:56:34 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-15 15:56:34 ----A---- C:\Windows\system32\iertutil.dll
2010-06-15 15:56:34 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-15 15:56:33 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-15 15:56:33 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-15 15:56:31 ----A---- C:\Windows\system32\urlmon.dll
2010-06-15 15:56:26 ----A---- C:\Windows\system32\ieframe.dll
2010-06-15 15:56:25 ----A---- C:\Windows\system32\mshtml.dll
2010-06-15 15:53:14 ----A---- C:\Windows\system32\mshtmled.dll
2010-06-15 15:53:14 ----A---- C:\Windows\system32\icardie.dll
2010-06-15 15:53:13 ----A---- C:\Windows\system32\mshtmler.dll
2010-06-15 15:53:13 ----A---- C:\Windows\system32\admparse.dll
2010-06-15 15:53:12 ----A---- C:\Windows\system32\msls31.dll
2010-06-15 15:53:12 ----A---- C:\Windows\system32\corpol.dll
2010-06-15 15:53:11 ----A---- C:\Windows\system32\imgutil.dll
2010-06-15 15:53:11 ----A---- C:\Windows\system32\ieakeng.dll
2010-06-15 15:53:11 ----A---- C:\Windows\system32\dxtmsft.dll
2010-06-15 15:53:10 ----A---- C:\Windows\system32\dxtrans.dll
2010-06-15 15:53:09 ----A---- C:\Windows\system32\webcheck.dll
2010-06-15 15:53:09 ----A---- C:\Windows\system32\msrating.dll
2010-06-15 15:53:09 ----A---- C:\Windows\system32\licmgr10.dll
2010-06-15 15:53:09 ----A---- C:\Windows\system32\inseng.dll
2010-06-15 15:53:09 ----A---- C:\Windows\system32\ieaksie.dll
2010-06-15 15:53:08 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-06-15 15:53:08 ----A---- C:\Windows\system32\wextract.exe
2010-06-15 15:53:08 ----A---- C:\Windows\system32\ieakui.dll
2010-06-15 15:53:07 ----A---- C:\Windows\system32\pngfilt.dll
2010-06-15 15:53:07 ----A---- C:\Windows\system32\advpack.dll
2010-06-15 15:53:06 ----A---- C:\Windows\system32\ieapfltr.dll
2010-06-15 15:53:05 ----A---- C:\Windows\system32\url.dll
2010-06-15 15:53:03 ----A---- C:\Windows\system32\mshta.exe
2010-06-15 15:53:03 ----A---- C:\Windows\system32\iexpress.exe
2010-06-15 15:53:02 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-06-15 15:53:02 ----A---- C:\Windows\system32\SetDepNx.exe
2010-06-15 15:53:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-06-15 15:53:02 ----A---- C:\Windows\system32\PDMSetup.exe
2010-05-20 16:47:55 ----D---- C:\ProgramData\ESET
2010-05-20 16:47:55 ----D---- C:\Program Files\ESET
2010-05-20 16:46:31 ----D---- C:\ProgramData\Sun
2010-05-20 16:46:29 ----D---- C:\Program Files\Common Files\Java
2010-05-20 16:45:47 ----A---- C:\Windows\system32\javaws.exe
2010-05-20 16:45:47 ----A---- C:\Windows\system32\javaw.exe
2010-05-20 16:45:47 ----A---- C:\Windows\system32\java.exe
2010-05-20 16:45:47 ----A---- C:\Windows\system32\deployJava1.dll
2010-05-20 16:15:31 ----D---- C:\Program Files\Java
2010-05-20 14:34:00 ----A---- C:\mbam-error.txt
2010-05-20 14:33:15 ----D---- C:\Users\Hanička\AppData\Roaming\Malwarebytes
2010-05-20 14:33:07 ----D---- C:\ProgramData\Malwarebytes
2010-05-20 13:59:15 ----D---- C:\ProgramData\Adobe
2010-05-20 13:58:21 ----D---- C:\Program Files\Common Files\Adobe
2010-05-20 13:58:21 ----D---- C:\Program Files\Adobe
2010-05-20 13:08:10 ----D---- C:\Users\Hanička\AppData\Roaming\IObit
2010-05-20 13:08:10 ----D---- C:\Program Files\IObit
2010-05-20 12:01:39 ----D---- C:\Users\Hanička\AppData\Roaming\VSRevoGroup
2010-05-20 11:37:13 ----D---- C:\Program Files\VS Revo Group
2010-05-18 17:58:24 ----A---- C:\Windows\system32\VSFilter.dll
2010-05-18 01:47:52 ----A---- C:\Windows\system32\ff_vfw.dll
2010-04-14 03:45:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 03:45:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 03:45:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-13 22:15:05 ----A---- C:\Windows\system32\wintrust.dll
2010-04-13 22:15:00 ----A---- C:\Windows\system32\cabview.dll

======List of files/folders modified in the last 3 months======

2010-06-22 14:13:59 ----D---- C:\Windows\Temp
2010-06-22 14:04:14 ----D---- C:\Windows
2010-06-22 14:01:58 ----D---- C:\ProgramData
2010-06-22 14:00:52 ----D---- C:\Program Files\Common Files
2010-06-22 11:13:59 ----A---- C:\Windows\system.ini
2010-06-22 11:08:44 ----D---- C:\Windows\system32\drivers
2010-06-22 11:08:44 ----D---- C:\Windows\System32
2010-06-22 11:08:44 ----D---- C:\Windows\AppPatch
2010-06-22 10:59:42 ----D---- C:\Windows\Prefetch
2010-06-22 10:34:59 ----D---- C:\Windows\inf
2010-06-22 10:34:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-21 16:04:34 ----SHD---- C:\System Volume Information
2010-06-20 14:25:59 ----D---- C:\Windows\Logs
2010-06-20 13:20:27 ----D---- C:\Program Files
2010-06-20 13:17:40 ----D---- C:\Windows\system32\catroot
2010-06-19 14:47:45 ----D---- C:\Windows\ModemLogs
2010-06-19 14:44:16 ----SD---- C:\Users\Hanička\AppData\Roaming\Microsoft
2010-06-18 19:00:08 ----D---- C:\Windows\system32\config
2010-06-18 19:00:08 ----D---- C:\Boot
2010-06-18 15:06:32 ----SHD---- C:\Windows\Installer
2010-06-17 23:21:30 ----D---- C:\Windows\rescache
2010-06-17 22:58:04 ----D---- C:\Windows\Microsoft.NET
2010-06-17 22:57:41 ----RSD---- C:\Windows\assembly
2010-06-17 22:46:41 ----D---- C:\Windows\system32\Tasks
2010-06-17 22:41:56 ----D---- C:\Windows\system32\cs-CZ
2010-06-17 22:41:53 ----D---- C:\Windows\system32\wbem
2010-06-17 22:41:50 ----D---- C:\Windows\system32\zh-HK
2010-06-17 22:41:50 ----D---- C:\Windows\system32\uk-UA
2010-06-17 22:41:50 ----D---- C:\Windows\system32\sl-SI
2010-06-17 22:41:50 ----D---- C:\Windows\system32\pt-PT
2010-06-17 22:41:50 ----D---- C:\Windows\system32\pt-BR
2010-06-17 22:41:50 ----D---- C:\Windows\system32\pl-PL
2010-06-17 22:41:50 ----D---- C:\Windows\system32\nl-NL
2010-06-17 22:41:50 ----D---- C:\Windows\system32\ko-KR
2010-06-17 22:41:50 ----D---- C:\Windows\system32\it-IT
2010-06-17 22:41:50 ----D---- C:\Windows\system32\hu-HU
2010-06-17 22:41:50 ----D---- C:\Windows\system32\hr-HR
2010-06-17 22:41:50 ----D---- C:\Windows\system32\he-IL
2010-06-17 22:41:50 ----D---- C:\Windows\system32\el-GR
2010-06-17 22:41:50 ----D---- C:\Windows\system32\bg-BG
2010-06-17 22:41:49 ----D---- C:\Windows\system32\zh-TW
2010-06-17 22:41:49 ----D---- C:\Windows\system32\zh-CN
2010-06-17 22:41:49 ----D---- C:\Windows\system32\tr-TR
2010-06-17 22:41:49 ----D---- C:\Windows\system32\th-TH
2010-06-17 22:41:49 ----D---- C:\Windows\system32\sv-SE
2010-06-17 22:41:49 ----D---- C:\Windows\system32\sr-Latn-CS
2010-06-17 22:41:49 ----D---- C:\Windows\system32\sk-SK
2010-06-17 22:41:49 ----D---- C:\Windows\system32\lv-LV
2010-06-17 22:41:49 ----D---- C:\Windows\system32\lt-LT
2010-06-17 22:41:49 ----D---- C:\Windows\system32\ja-JP
2010-06-17 22:41:49 ----D---- C:\Windows\system32\fr-FR
2010-06-17 22:41:49 ----D---- C:\Windows\system32\fi-FI
2010-06-17 22:41:49 ----D---- C:\Windows\system32\et-EE
2010-06-17 22:41:49 ----D---- C:\Windows\system32\es-ES
2010-06-17 22:41:49 ----D---- C:\Windows\system32\de-DE
2010-06-17 22:41:49 ----D---- C:\Windows\system32\ar-SA
2010-06-17 22:41:48 ----D---- C:\Windows\system32\ru-RU
2010-06-17 22:41:48 ----D---- C:\Windows\system32\ro-RO
2010-06-17 22:41:48 ----D---- C:\Windows\system32\nb-NO
2010-06-17 22:41:48 ----D---- C:\Windows\system32\en-US
2010-06-17 22:41:48 ----D---- C:\Windows\system32\da-DK
2010-06-17 22:35:11 ----D---- C:\Windows\winsxs
2010-06-17 22:34:57 ----D---- C:\Windows\system32\catroot2
2010-06-17 21:44:35 ----D---- C:\Programy
2010-06-17 21:34:52 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-17 21:34:45 ----D---- C:\Program Files\Acer Inc
2010-06-17 19:14:33 ----D---- C:\Program Files\Windows Mail
2010-06-17 19:14:33 ----D---- C:\Program Files\Windows Calendar
2010-06-17 19:14:33 ----D---- C:\Program Files\Movie Maker
2010-06-17 19:14:32 ----D---- C:\Program Files\Windows Sidebar
2010-06-17 19:14:31 ----D---- C:\Program Files\Windows Media Player
2010-06-17 19:14:31 ----D---- C:\Program Files\Windows Collaboration
2010-06-17 19:14:31 ----D---- C:\Program Files\Internet Explorer
2010-06-17 19:14:30 ----D---- C:\Program Files\Windows Photo Gallery
2010-06-17 19:14:30 ----D---- C:\Program Files\Common Files\System
2010-06-17 19:14:25 ----D---- C:\Windows\servicing
2010-06-17 19:14:25 ----D---- C:\Program Files\Windows Defender
2010-06-17 19:14:12 ----D---- C:\Windows\IME
2010-06-17 19:14:11 ----D---- C:\Windows\system32\XPSViewer
2010-06-17 19:14:09 ----D---- C:\Windows\system32\oobe
2010-06-17 19:14:09 ----D---- C:\Windows\system32\migration
2010-06-17 19:14:06 ----D---- C:\Windows\system32\AdvancedInstallers
2010-06-17 19:14:05 ----D---- C:\Windows\system32\setup
2010-06-17 19:14:05 ----D---- C:\Windows\system32\cs
2010-06-17 19:14:00 ----D---- C:\Windows\system32\SLUI
2010-06-17 19:13:59 ----D---- C:\Windows\system32\manifeststore
2010-06-17 19:13:54 ----D---- C:\Windows\system32\migwiz
2010-06-17 19:13:07 ----RSD---- C:\Windows\Fonts
2010-06-17 19:12:52 ----D---- C:\Windows\system32\Boot
2010-06-17 18:09:31 ----D---- C:\Windows\system32\LogFiles
2010-06-16 18:01:21 ----D---- C:\Windows\PolicyDefinitions
2010-06-15 17:49:01 ----D---- C:\Windows\Minidump
2010-06-15 17:49:01 ----D---- C:\Windows\Debug
2010-06-15 17:29:48 ----ASH---- C:\Program Files\desktop.ini
2010-06-15 17:17:48 ----D---- C:\Windows\MSAgent
2010-06-15 17:17:47 ----D---- C:\Windows\L2Schemas
2010-06-15 17:17:47 ----D---- C:\Windows\DigitalLocker
2010-06-15 17:17:45 ----D---- C:\Windows\system32\com
2010-06-15 17:17:43 ----D---- C:\Windows\system32\sysprep
2010-06-15 17:17:37 ----D---- C:\Windows\system32\ias
2010-06-15 17:15:24 ----D---- C:\Windows\Boot
2010-06-15 16:47:58 ----A---- C:\Windows\system32\ifxcardm.dll
2010-06-15 16:47:47 ----A---- C:\Windows\system32\axaltocm.dll
2010-06-14 14:44:41 ----D---- C:\Users\Hanička\AppData\Roaming\Skype
2010-06-14 14:41:00 ----D---- C:\Users\Hanička\AppData\Roaming\skypePM
2010-05-28 12:37:36 ----A---- C:\Windows\system32\mrt.exe
2010-05-21 14:14:28 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-20 15:51:41 ----D---- C:\Windows\Resources
2010-05-20 14:13:28 ----D---- C:\Windows\Tasks
2010-05-20 13:05:20 ----D---- C:\Users\Hanička\AppData\Roaming\WinRAR
2010-05-20 12:12:37 ----D---- C:\Program Files\Yahoo!
2010-04-18 21:46:05 ----D---- C:\Users\Hanička\AppData\Roaming\ICQ
2010-03-30 02:59:44 ----D---- C:\Windows\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2009-09-11 96408]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 Cam5607;Acer OrbiCam; C:\Windows\System32\Drivers\BisonC07.sys [2006-12-27 792368]
R3 catchme;catchme; \??\C:\Users\HANIKA~1\AppData\Local\Temp\catchme.sys []
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-01-12 6144]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 2313216]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-06 51200]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-10 506368]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2006-11-02 20992]
S3 mbr;mbr; \??\C:\Users\HANIKA~1\AppData\Local\Temp\mbr.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 SMSCIRDA;SMSC Infrared Device Driver; C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 31232]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-01-08 557056]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2007-01-09 254014]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2007-01-09 114748]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2007-01-09 1073152]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-11 735960]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-11-23 143360]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
S2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-11 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------

henrix · Příspěvekod **henrix** » 22 čer 2010 17:00

Tak system repair asi pomohl, protože Firewall po dvou restartech zůstal zapnutý.....myslím že je už vše v pořádku.

bledulka · Příspěvekod **bledulka** » 22 čer 2010 21:57

Stahni OTC
http://oldtimer.geekstogo.com/OTC.exe
-spusť
-počítač se restartuje
-tímto programem se vyčistí tempy a zbytky po programech
-po použití ho můžeš vymazat

****************************
Otestuj na http://www.virustotal.com
C:\Windows\system32\DRIVERS\UIUSYS.SYS

-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.
*****************************

Smaž
C:\zelva.com
C:\zelva.com15750z
C:\ComboFix.txt
C:\zelva.com16052z
C:\RootRepeal report 06-21-10 (09-16-43).txt
C:\RootRepeal report 06-21-10 (09-10-34).txt
C:\RootRepeal report 06-21-10 (00-45-33).txt
C:\RootRepeal report 06-21-10 (00-42-44).txt
C:\ProgramData\Kaspersky Lab

Použila jsi ten T-cleaner? Pokud ne, ještě ho použij.

*********************************

Otevři si Poznámkový blok a zkopíruj do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rootrepeal.sys]

-ulož jako  [b]smazani.reg[/b], typ: všechny soubory
-klikni  na uložit, pak na soubor standardně 2X klikni a potvrď dialogové okno.

*************************************
[color=#0000FF]
[b]Spustíš program HJT [/b][/color]
-klikni na tlačítko[b] Do a system scan and save a logfile[/b]
-Vyběhne tabulka, na začátku každého řádku je čtvereček.
-U řádku , který jsem označila, [color=#0000BF]dáš do čtverečku 
fajfku[/color]
[code]R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
O4 - Startup: _uninst_setup_9.0.0.722_20.06.2010_21-41.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

-nakonec zmáčkneš tlačítko Fix checked

henrix · Příspěvekod **henrix** » 24 čer 2010 13:56

Ahoj, vše jsem udělala podle Tvých rad. Jen ten soubor, který jsi chtěla otestovat na Virustotal tam neni! Mám sem dát nějaký log, nebo jseš spokojená, protože já ano....? Jen mi přestal fungovat touch pad na notesu, tak se podívám po novějším driveru....DÍKY.

bledulka · Příspěvekod **bledulka** » 24 čer 2010 14:23

Ten touchapad Ti přestal fungovat kdy? Nevypnula jsi ho třeba omylem?
Další log nepotřebuji, pokud je vše ok.

henrix · Příspěvekod **henrix** » 24 čer 2010 15:13

...ne, na nic jsem nešahala, dnes jsem PC pustila a nic, myš funguje v pohodě, ale touch pad je mrtvý. Když vrátím systém, tak zase budu muset vše znova čistit, stáhla jsem driver z acer.cz, ale bez změny.

pěkně prosím o kontrolu z HJT Vyřešeno

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Re: pěkně prosím o kontrolu z HJT

Kdo je online