services.exe 98% CPU Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

services.exe 98% CPU

Příspěvekod rmii » 25 dub 2012 20:57

Začal se mi sekat počítač. Zjistil jsem, že cca co 5 minut proces services.exe zabere CPU na 98 % na cca 30 vteřin. Pak zase "uklidní" a chvíli můžu pracovat.
Prosím o radu jak se toho zbavit.
Log z HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:54, on 25.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\WINDOWS\tsnp2uvc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7002 bytes

Reklama
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod Žbeky » 25 dub 2012 22:22

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 26 dub 2012 00:23

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.04.25.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: ROMAN [administrátor]

Ochrana: Povolena

25.4.2012 23:43:34
mbam-log-2012-04-25 (23-43-34).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 199881
Uplynulý čas: 27 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod jaro3 » 26 dub 2012 00:40

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 26 dub 2012 03:10

Tady je log. Skenování bylo o "trosku" delší. Hodně mě překvapilo mazání souborů na začátku logu. Jsou to soubory mnou psaného programu pro sklad. Je to v PC FANDu a jsou tam zahrnuty i datové soubory :-(

ComboFix 12-04-25.02 - Administrator 26.04.2012 1:23.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1212 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\a
c:\a\c_de\data\AARCHIV.000
c:\a\c_de\data\ADRESY.000
c:\a\c_de\data\ADRESY.T00
c:\a\c_de\data\AFAKTUR.000
c:\a\c_de\data\AHOJ\DOD.000
c:\a\c_de\data\AHOJ\DOD_POL.000
c:\a\c_de\data\AHOJ\GL_SK.000
c:\a\c_de\data\AHOJ\HLAVICKA.000
c:\a\c_de\data\AHOJ\HLAVICKA.X00
c:\a\c_de\data\AHOJ\ZAKOB.000
c:\a\c_de\data\AMALO.000
c:\a\c_de\data\ANAK_H_A.000
c:\a\c_de\data\ANAKUP_A.000
c:\a\c_de\data\APOHYB.000
c:\a\c_de\data\ARCHIV.000
c:\a\c_de\data\CAR_KOD.000
c:\a\c_de\data\CENIKDAT.000
c:\a\c_de\data\DNY_T.000
c:\a\c_de\data\DOD.000
c:\a\c_de\data\DPH.000
c:\a\c_de\data\DPH_CIS.000
c:\a\c_de\data\FAKTURY.000
c:\a\c_de\data\GL.000
c:\a\c_de\data\GL_MAPA.000
c:\a\c_de\data\GL_SIT.000
c:\a\c_de\data\GL1.000
c:\a\c_de\data\GL1.T00
c:\a\c_de\data\GL2.000
c:\a\c_de\data\GLOBAL.000
c:\a\c_de\data\INVENT.000
c:\a\c_de\data\JMENA.000
c:\a\c_de\data\MALO.000
c:\a\c_de\data\MALO_SK.000
c:\a\c_de\data\MAPA.000
c:\a\c_de\data\MESICE.000
c:\a\c_de\data\MESTA.000
c:\a\c_de\data\NAKUP.000
c:\a\c_de\data\NAKUP_AR.000
c:\a\c_de\data\NAKUP_C.000
c:\a\c_de\data\NAKUP_HL.000
c:\a\c_de\data\OBCE.000
c:\a\c_de\data\OBJ_HL.000
c:\a\c_de\data\OBJ_HL.T00
c:\a\c_de\data\PARAM.000
c:\a\c_de\data\POHYB.000
c:\a\c_de\data\SKLADY.000
c:\a\c_de\data\SLEVY.000
c:\a\c_de\data\TISK_PAR.000
c:\a\c_de\data\ZAKOB.000
c:\a\c_de\pgm\CEN_DPH.OVL
c:\a\c_de\pgm\CEN_DPH.TVL
c:\a\c_de\pgm\CENIK.BAT
c:\a\c_de\pgm\CENIK0.OVL
c:\a\c_de\pgm\CENIK0.TVL
c:\a\c_de\pgm\CENIK1.OVL
c:\a\c_de\pgm\CENIK1.TVL
c:\a\c_de\pgm\CENIK2.OVL
c:\a\c_de\pgm\CENIK2.TVL
c:\a\c_de\pgm\CENIK3.OVL
c:\a\c_de\pgm\CENIK3.TVL
c:\a\c_de\pgm\CENIK4.OVL
c:\a\c_de\pgm\CENIK4.TVL
c:\a\c_de\pgm\CENIK97.CAT
c:\a\c_de\pgm\CENIK97.RDB
c:\a\c_de\pgm\CENIK97.TTT
c:\a\c_de\pgm\CENIKHLP.000
c:\a\c_de\pgm\CENIKHLP.T00
c:\a\c_de\pgm\FAND.CFG
c:\a\c_de\pgm\FAND.RES
c:\a\c_de\pgm\FANDINST.EXE
c:\a\c_de\pgm\LICENCE.000
c:\a\c_de\pgm\novinky.txt
c:\a\c_de\pgm\OKNO.RDB
c:\a\c_de\pgm\OKNO.TTT
c:\a\c_de\pgm\UFAND.EXE
c:\a\c_de\pgm\UFAND.OVR
c:\a\c_de\pgm\UFANDHLP.000
c:\a\c_de\pgm\UFANDHLP.T00
c:\a\cen\data\ADRESY.X00
c:\a\cen\data\DNY.000
c:\a\cen\data\DOD.000
c:\a\cen\data\DPH.000
c:\a\cen\data\DPH_CIS.000
c:\a\cen\data\GL.000
c:\a\cen\data\GL_MAPA.000
c:\a\cen\data\GL_SIT.000
c:\a\cen\data\GL1.000
c:\a\cen\data\GL1.T00
c:\a\cen\data\GL2.000
c:\a\cen\data\GLOBAL.000
c:\a\cen\data\JMENA.000
c:\a\cen\data\MAPA.000
c:\a\cen\data\MESTA.000
c:\a\cen\data\OBCE.000
c:\a\cen\data\OBCE.X00
c:\a\cen\data\OBJ_HL.000
c:\a\cen\data\OBJ_HL.T00
c:\a\cen\data\PARAM.000
c:\a\cen\data\TISK_PAR.000
c:\a\cen\data\ZAKOB.000
c:\a\cen\pgm\CEN_DPH.OVL
c:\a\cen\pgm\CEN_DPH.TVL
c:\a\cen\pgm\CENIK.BAT
c:\a\cen\pgm\CENIK0.OVL
c:\a\cen\pgm\CENIK0.TVL
c:\a\cen\pgm\CENIK1.OVL
c:\a\cen\pgm\CENIK1.TVL
c:\a\cen\pgm\CENIK2.OVL
c:\a\cen\pgm\CENIK2.TVL
c:\a\cen\pgm\CENIK3.OVL
c:\a\cen\pgm\CENIK3.TVL
c:\a\cen\pgm\CENIK4.OVL
c:\a\cen\pgm\CENIK4.TVL
c:\a\cen\pgm\CENIK97.CAT
c:\a\cen\pgm\CENIK97.RDB
c:\a\cen\pgm\CENIK97.TTT
c:\a\cen\pgm\CENIKHLP.000
c:\a\cen\pgm\CENIKHLP.T00
c:\a\cen\pgm\FAND.CFG
c:\a\cen\pgm\FAND.RES
c:\a\cen\pgm\FANDINST.EXE
c:\a\cen\pgm\LICENCE.000
c:\a\cen\pgm\novinky.txt
c:\a\cen\pgm\OKNO.RDB
c:\a\cen\pgm\OKNO.TTT
c:\a\cen\pgm\UFAND.EXE
c:\a\cen\pgm\UFAND.OVR
c:\a\cen\pgm\UFANDHLP.000
c:\a\cen\pgm\UFANDHLP.T00
c:\a\cen_lat\cenik.zip
c:\a\cen_lat\data\AARCHIV.000
c:\a\cen_lat\data\AARCHIV.X00
c:\a\cen_lat\data\ADRESY.000
c:\a\cen_lat\data\ADRESY.T00
c:\a\cen_lat\data\ADRESY.X00
c:\a\cen_lat\data\AMALO.000
c:\a\cen_lat\data\AMALO.X00
c:\a\cen_lat\data\ANAK_H_A.000
c:\a\cen_lat\data\ANAK_H_A.X00
c:\a\cen_lat\data\ANAKUP_A.000
c:\a\cen_lat\data\ANAKUP_A.X00
c:\a\cen_lat\data\APOHYB.000
c:\a\cen_lat\data\APOHYB.X00
c:\a\cen_lat\data\ARCHIV.000
c:\a\cen_lat\data\ARCHIV.X00
c:\a\cen_lat\data\CAR_KOD.000
c:\a\cen_lat\data\CAR_KOD.X00
c:\a\cen_lat\data\CENIKDAT.000
c:\a\cen_lat\data\CENIKDAT.X00
c:\a\cen_lat\data\DNY_T.000
c:\a\cen_lat\data\DOD.000
c:\a\cen_lat\data\DOD_POL.000
c:\a\cen_lat\data\DPH.000
c:\a\cen_lat\data\DPH_CIS.000
c:\a\cen_lat\data\GL.000
c:\a\cen_lat\data\GL_MAPA.000
c:\a\cen_lat\data\GL_SIT.000
c:\a\cen_lat\data\GL_SK.000
c:\a\cen_lat\data\GL1.000
c:\a\cen_lat\data\GL1.T00
c:\a\cen_lat\data\GL2.000
c:\a\cen_lat\data\GLOBAL.000
c:\a\cen_lat\data\INVENT.000
c:\a\cen_lat\data\INVENT.X00
c:\a\cen_lat\data\JMENA.000
c:\a\cen_lat\data\MALO.000
c:\a\cen_lat\data\MALO.X00
c:\a\cen_lat\data\MALO_SK.000
c:\a\cen_lat\data\MAPA.000
c:\a\cen_lat\data\MESICE.000
c:\a\cen_lat\data\MESTA.000
c:\a\cen_lat\data\NAK_H_AR.000
c:\a\cen_lat\data\NAK_H_AR.X00
c:\a\cen_lat\data\NAKUP.000
c:\a\cen_lat\data\NAKUP_AR.000
c:\a\cen_lat\data\NAKUP_AR.X00
c:\a\cen_lat\data\NAKUP_C.000
c:\a\cen_lat\data\NAKUP_HL.000
c:\a\cen_lat\data\OBCE.000
c:\a\cen_lat\data\OBCE.X00
c:\a\cen_lat\data\OBJ_HL.000
c:\a\cen_lat\data\OBJ_HL.T00
c:\a\cen_lat\data\PARAM.000
c:\a\cen_lat\data\POHYB.000
c:\a\cen_lat\data\POHYB.X00
c:\a\cen_lat\data\SKLADY.000
c:\a\cen_lat\data\SKLADY.X00
c:\a\cen_lat\data\SLEVY.000
c:\a\cen_lat\data\SLEVY.X00
c:\a\cen_lat\data\TISK_PAR.000
c:\a\cen_lat\data\ZAKOB.000
c:\a\cen_lat\pgm\CEN_DPH.OVL
c:\a\cen_lat\pgm\CEN_DPH.TVL
c:\a\cen_lat\pgm\CENIK.BAT
c:\a\cen_lat\pgm\CENIK0.OVL
c:\a\cen_lat\pgm\CENIK0.TVL
c:\a\cen_lat\pgm\CENIK1.OVL
c:\a\cen_lat\pgm\CENIK1.TVL
c:\a\cen_lat\pgm\CENIK2.OVL
c:\a\cen_lat\pgm\CENIK2.TVL
c:\a\cen_lat\pgm\CENIK3.OVL
c:\a\cen_lat\pgm\CENIK3.TVL
c:\a\cen_lat\pgm\CENIK4.OVL
c:\a\cen_lat\pgm\CENIK4.TVL
c:\a\cen_lat\pgm\CENIK97.CAT
c:\a\cen_lat\pgm\CENIK97.RDB
c:\a\cen_lat\pgm\CENIK97.TTT
c:\a\cen_lat\pgm\CENIKHLP.000
c:\a\cen_lat\pgm\CENIKHLP.T00
c:\a\cen_lat\pgm\f.bat
c:\a\cen_lat\pgm\FAND.CFG
c:\a\cen_lat\pgm\FAND.RES
c:\a\cen_lat\pgm\FANDINST.EXE
c:\a\cen_lat\pgm\LICENCE.000
c:\a\cen_lat\pgm\novinky.txt
c:\a\cen_lat\pgm\OKNO.RDB
c:\a\cen_lat\pgm\OKNO.TTT
c:\a\cen_lat\pgm\UFAND.EXE
c:\a\cen_lat\pgm\UFAND.OVR
c:\a\cen_lat\pgm\UFANDHLP.000
c:\a\cen_lat\pgm\UFANDHLP.T00
c:\a\CENIK_RH.zip
c:\a\P1010458_D.avi
c:\a\rh\DATA\@.X00
c:\a\rh\DATA\AARCHIV.000
c:\a\rh\DATA\AARCHIV.X00
c:\a\rh\DATA\ABEL\DOD.000
c:\a\rh\DATA\ABEL\DOD_POL.000
c:\a\rh\DATA\ABEL\FAS_K.000
c:\a\rh\DATA\ABEL\GL_SK.000
c:\a\rh\DATA\ABEL\HLAVICKA.000
c:\a\rh\DATA\ABEL\HLAVICKA.X00
c:\a\rh\DATA\ABEL\POM_ZB.000
c:\a\rh\DATA\ABEL\POM_ZB.X00
c:\a\rh\DATA\ABEL\ZAKOB.000
c:\a\rh\DATA\ABEL\ZBOZI.000
c:\a\rh\DATA\ABEL\ZBOZI.X00
c:\a\rh\DATA\ACTIVA\DOD.000
c:\a\rh\DATA\ACTIVA\FAS_K.000
c:\a\rh\DATA\ACTIVA\ZAKOB.000
c:\a\rh\DATA\ADRESY.000
c:\a\rh\DATA\ADRESY.T00
c:\a\rh\DATA\ADRESY.X00
c:\a\rh\DATA\AFAKTUR.000
c:\a\rh\DATA\AFAKTUR.X00
c:\a\rh\DATA\AMALO.000
c:\a\rh\DATA\AMALO.X00
c:\a\rh\DATA\ANAK_H_A.000
c:\a\rh\DATA\ANAK_H_A.X00
c:\a\rh\DATA\ANAKUP_A.000
c:\a\rh\DATA\ANAKUP_A.X00
c:\a\rh\DATA\ANDERLE\DOD.000
c:\a\rh\DATA\ANDERLE\GL_SK.000
c:\a\rh\DATA\ANDERLE\POM_ZB.000
c:\a\rh\DATA\ANDERLE\POM_ZB.X00
c:\a\rh\DATA\ANDERLE\ZAKOB.000
c:\a\rh\DATA\APOHYB.000
c:\a\rh\DATA\APOHYB.X00
c:\a\rh\DATA\ARABASZ\DOD.000
c:\a\rh\DATA\ARABASZ\FAS_K.000
c:\a\rh\DATA\ARABASZ\POM_ZB.000
c:\a\rh\DATA\ARABASZ\POM_ZB.X00
c:\a\rh\DATA\ARABASZ\ZAKOB.000
c:\a\rh\DATA\ARCHIV.000
c:\a\rh\DATA\CAR_KOD.000
c:\a\rh\DATA\CAR_KOD.X00
c:\a\rh\DATA\CEN_PRAC.000
c:\a\rh\DATA\CENIKDAT.000
c:\a\rh\DATA\CENIKDAT.X00
c:\a\rh\DATA\CENIKY.000
c:\a\rh\DATA\CERNOCH\DOD.000
c:\a\rh\DATA\CERNOCH\GL_SK.000
c:\a\rh\DATA\CERNOCH\HLAVICKA.000
c:\a\rh\DATA\CERNOCH\HLAVICKA.X00
c:\a\rh\DATA\CERNOCH\ZAKOB.000
c:\a\rh\DATA\CERNOCH\ZBOZI.000
c:\a\rh\DATA\CERNOCH\ZBOZI.X00
c:\a\rh\DATA\CLIP.000
c:\a\rh\DATA\DD.000
c:\a\rh\DATA\DNY.000
c:\a\rh\DATA\DNY_T.000
c:\a\rh\DATA\DNY_T.X00
c:\a\rh\DATA\DOD.000
c:\a\rh\DATA\DPH.000
c:\a\rh\DATA\DPH_CIS.000
c:\a\rh\DATA\EPL\DOD.000
c:\a\rh\DATA\EPL\ZAKOB.000
c:\a\rh\DATA\FAKTURY.000
c:\a\rh\DATA\FB\DOD.000
c:\a\rh\DATA\FB\ZAKOB.000
c:\a\rh\DATA\FICEK\DOD.000
c:\a\rh\DATA\FICEK\FAS_K.000
c:\a\rh\DATA\FICEK\GL_SK.000
c:\a\rh\DATA\FICEK\HLAVICKA.000
c:\a\rh\DATA\FICEK\HLAVICKA.X00
c:\a\rh\DATA\FICEK\POM_ZB.000
c:\a\rh\DATA\FICEK\POM_ZB.X00
c:\a\rh\DATA\FICEK\ZAKOB.000
c:\a\rh\DATA\FICEK\ZBOZI.000
c:\a\rh\DATA\FICEK\ZBOZI.X00
c:\a\rh\DATA\GL.000
c:\a\rh\DATA\GL_MAPA.000
c:\a\rh\DATA\GL_SIT.000
c:\a\rh\DATA\GL1.000
c:\a\rh\DATA\GL1.T00
c:\a\rh\DATA\GL2.000
c:\a\rh\DATA\GLOBAL.000
c:\a\rh\DATA\HOLIK\DOD.000
c:\a\rh\DATA\HOLIK\GL_SK.000
c:\a\rh\DATA\HOLIK\HLAVICKA.000
c:\a\rh\DATA\HOLIK\ZAKOB.000
c:\a\rh\DATA\HOLIK\ZBOZI.000
c:\a\rh\DATA\INVENT.000
c:\a\rh\DATA\INVENT.X00
c:\a\rh\DATA\JMENA.000
c:\a\rh\DATA\KAREL\DOD.000
c:\a\rh\DATA\KAREL\GL_SK.000
c:\a\rh\DATA\KAREL\POM_ZB.000
c:\a\rh\DATA\KAREL\POM_ZB.X00
c:\a\rh\DATA\KAREL\ZAKOB.000
c:\a\rh\DATA\MALO.000
c:\a\rh\DATA\MAPA.000
c:\a\rh\DATA\MESICE.000
c:\a\rh\DATA\MESICE.X00
c:\a\rh\DATA\MESTA.000
c:\a\rh\DATA\NAK_H_AR.000
c:\a\rh\DATA\NAK_H_AR.X00
c:\a\rh\DATA\NAK_HL.000
c:\a\rh\DATA\NAKUP_AR.000
c:\a\rh\DATA\NAKUP_AR.X00
c:\a\rh\DATA\NAKUP_HL.000
c:\a\rh\DATA\OBCE.000
c:\a\rh\DATA\OBCE.X00
c:\a\rh\DATA\OBJ_AR.000
c:\a\rh\DATA\OBJ_AR.T00
c:\a\rh\DATA\OBJ_AR.X00
c:\a\rh\DATA\OBJ_AR_P.000
c:\a\rh\DATA\OBJ_AR_P.X00
c:\a\rh\DATA\OBJ_HL.000
c:\a\rh\DATA\OBJ_HL.T00
c:\a\rh\DATA\OBJ_POL.000
c:\a\rh\DATA\PARAM.000
c:\a\rh\DATA\POHYB.000
c:\a\rh\DATA\POL_AR.000
c:\a\rh\DATA\POL_NAK.000
c:\a\rh\DATA\POM.000
c:\a\rh\DATA\PREC_CEN.000
c:\a\rh\DATA\PRECIS.000
c:\a\rh\DATA\SKLADY.000
c:\a\rh\DATA\SKLADY.X00
c:\a\rh\DATA\TISK_PAR.000
c:\a\rh\DATA\TR_CAST.000
c:\a\rh\DATA\TRCKOVA\DOD.000
c:\a\rh\DATA\TRCKOVA\POM_ZB.000
c:\a\rh\DATA\TRCKOVA\POM_ZB.X00
c:\a\rh\DATA\TRCKOVA\ZAKOB.000
c:\a\rh\DATA\TRID_F.000
c:\a\rh\DATA\TRID_Z.000
c:\a\rh\DATA\UNIOS\DOD.000
c:\a\rh\DATA\UNIOS\FAS_K.000
c:\a\rh\DATA\UNIOS\GL_SK.000
c:\a\rh\DATA\UNIOS\HLAVICKA.000
c:\a\rh\DATA\UNIOS\HLAVICKA.X00
c:\a\rh\DATA\UNIOS\POM_ZB.000
c:\a\rh\DATA\UNIOS\POM_ZB.X00
c:\a\rh\DATA\UNIOS\ZAKOB.000
c:\a\rh\DATA\UNIOS\ZBOZI.000
c:\a\rh\DATA\UNIOS\ZBOZI.X00
c:\a\rh\DATA\ZAKOB.000
c:\a\rh\DATA\ZAKOBP.000
c:\a\rh\DATA\ZBOZ_OP.000
c:\a\rh\DATA\ZBOZI.CEN
c:\a\rh\DATA\ZUZKA\DOD.000
c:\a\rh\DATA\ZUZKA\GL_SK.000
c:\a\rh\DATA\ZUZKA\HLAVICKA.000
c:\a\rh\DATA\ZUZKA\HLAVICKA.X00
c:\a\rh\DATA\ZUZKA\ZAKOB.000
c:\a\rh\DATA\ZUZKA\ZBOZI.000
c:\a\rh\DATA\ZUZKA\ZBOZI.X00
c:\a\rh\PGM\01.TXT
c:\a\rh\PGM\2007_KON.DAT
c:\a\rh\PGM\2008_KON.DAT
c:\a\rh\PGM\2008_ZAC.DAT
c:\a\rh\PGM\2009_KON.DAT
c:\a\rh\PGM\20100509.DAT
c:\a\rh\PGM\20101231.DAT
c:\a\rh\PGM\20111231.DAT
c:\a\rh\PGM\20120101.DAT
c:\a\rh\PGM\AUKRO.TXT
c:\a\rh\PGM\AUKRO2.TXT
c:\a\rh\PGM\CEN_DPH.OVL
c:\a\rh\PGM\CEN_DPH.TVL
c:\a\rh\PGM\CENIK0.OVL
c:\a\rh\PGM\CENIK0.TVL
c:\a\rh\PGM\CENIK1.OVL
c:\a\rh\PGM\CENIK1.TVL
c:\a\rh\PGM\CENIK2.OVL
c:\a\rh\PGM\CENIK2.TVL
c:\a\rh\PGM\CENIK3.OVL
c:\a\rh\PGM\CENIK3.TVL
c:\a\rh\PGM\CENIK4.OVL
c:\a\rh\PGM\CENIK4.RD$
c:\a\rh\PGM\CENIK4.TT$
c:\a\rh\PGM\CENIK4.TVL
c:\a\rh\PGM\CENIK97.TTT
c:\a\rh\PGM\CENIKHLP.000
c:\a\rh\PGM\CENIKHLP.T00
c:\a\rh\PGM\DIC_EU.TTT
c:\a\rh\PGM\faktura.txt
c:\a\rh\PGM\FAND.RES
c:\a\rh\PGM\FANDCFG.BAK
c:\a\rh\PGM\ficek.xls
c:\a\rh\PGM\FIR_ZB.000
c:\a\rh\PGM\JC_PRUV.TXT
c:\a\rh\PGM\LICENCE.000
c:\a\rh\PGM\MALO.TXT
c:\a\rh\PGM\maloprodej.txt
c:\a\rh\PGM\novinky.txt
c:\a\rh\PGM\OBJ_EXP.DBF
c:\a\rh\PGM\POM_SKL.000
c:\a\rh\PGM\POM1.TXT
c:\a\rh\PGM\POM2.TXT
c:\a\rh\PGM\PR_LATIN.TXT
c:\a\rh\PGM\PR_NO.TXT
c:\a\rh\PGM\PR_WIN.TXT
c:\a\rh\PGM\PRINTER.TXT
c:\a\rh\PGM\TEXT_LAT.TXT
c:\a\rh\PGM\TEXT_NO.TXT
c:\a\rh\PGM\TEXT_WIN.TXT
c:\a\rh\PGM\UFAND.OVR
c:\a\rh\PGM\UFANDHLP.000
c:\a\rh\PGM\UFANDHLP.T00
c:\a\rh\PGM\UPGRADE.OVL
c:\a\rh\PGM\UPGRADE.TVL
c:\a\rh\PGM\zal\CENIK0.OVL
c:\a\rh\PGM\zal\CENIK0.TVL
c:\a\rh\PGM\zal\CENIK1.OVL
c:\a\rh\PGM\zal\CENIK1.TVL
c:\a\rh\PGM\zal\CENIK2.OVL
c:\a\rh\PGM\zal\CENIK2.TVL
c:\a\rh\PGM\zal\CENIK3.OVL
c:\a\rh\PGM\zal\CENIK3.TVL
c:\a\rh\PGM\zal\CENIK4.OVL
c:\a\rh\PGM\zal\CENIK4.TVL
c:\a\rh\PGM\zal\CENIK97.TTT
c:\a\rh\PGM\zal\CENIKHLP.000
c:\a\rh\PGM\zal\CENIKHLP.T00
c:\a\rh\PGM\zal\LICENCE.000
c:\a\rh\PGM\zal\UPGRADE.OVL
c:\a\rh\PGM\zal\UPGRADE.TVL
c:\a\rh\PGM\zal1\CEN_DPH.OVL
c:\a\rh\PGM\zal1\CEN_DPH.TVL
c:\a\rh\PGM\zal1\CENIK0.OVL
c:\a\rh\PGM\zal1\CENIK0.TVL
c:\a\rh\PGM\zal1\CENIK1.OVL
c:\a\rh\PGM\zal1\CENIK1.TVL
c:\a\rh\PGM\zal1\CENIK2.OVL
c:\a\rh\PGM\zal1\CENIK2.TVL
c:\a\rh\PGM\zal1\CENIK3.OVL
c:\a\rh\PGM\zal1\CENIK3.TVL
c:\a\rh\PGM\zal1\CENIK4.OVL
c:\a\rh\PGM\zal1\CENIK4.TVL
c:\a\rh\PGM\zal1\CENIK97.TTT
c:\a\rh\PGM\zal1\CENIKHLP.000
c:\a\rh\PGM\zal1\CENIKHLP.T00
c:\a\rh\PGM\zal1\LICENCE.000
c:\a\rh\PGM\zal1\UPGRADE.OVL
c:\a\rh\PGM\zal1\UPGRADE.TVL
c:\a\rh\PGM\ZAL2\CEN_DPH.OVL
c:\a\rh\PGM\ZAL2\CEN_DPH.TVL
c:\a\rh\PGM\ZAL2\CENIK0.OVL
c:\a\rh\PGM\ZAL2\CENIK0.TVL
c:\a\rh\PGM\ZAL2\CENIK1.OVL
c:\a\rh\PGM\ZAL2\CENIK1.TVL
c:\a\rh\PGM\ZAL2\CENIK2.OVL
c:\a\rh\PGM\ZAL2\CENIK2.TVL
c:\a\rh\PGM\ZAL2\CENIK3.OVL
c:\a\rh\PGM\ZAL2\CENIK3.TVL
c:\a\rh\PGM\ZAL2\CENIK4.OVL
c:\a\rh\PGM\ZAL2\CENIK4.TVL
c:\a\rh\PGM\ZAL2\CENIK97.TTT
c:\a\rh\PGM\ZAL2\NOVINKY.TXT
c:\a\rh\PGM\ZAL2\SILA\CEN_DPH.OVL
c:\a\rh\PGM\ZAL2\SILA\CEN_DPH.TVL
c:\a\rh\PGM\ZAL2\SILA\CEN_RH_4_32.zip
c:\a\rh\PGM\ZAL2\SILA\CENIK0.OVL
c:\a\rh\PGM\ZAL2\SILA\CENIK0.TVL
c:\a\rh\PGM\ZAL2\SILA\CENIK1.OVL
c:\a\rh\PGM\ZAL2\SILA\CENIK1.TVL
c:\a\rh\PGM\ZAL2\SILA\CENIK2.OVL
c:\a\rh\PGM\ZAL2\SILA\CENIK2.TVL
c:\a\rh\PGM\ZAL2\SILA\CENIK3.OVL
c:\a\rh\PGM\ZAL2\SILA\CENIK3.TVL
c:\a\rh\PGM\ZAL2\SILA\CENIK4.OVL
c:\a\rh\PGM\ZAL2\SILA\CENIK4.TVL
c:\a\rh\PGM\ZAL2\SILA\CENIK97.TTT
c:\a\rh\PGM\ZAL2\SILA\NOVINKY.TXT
c:\a\Thumbs.db
c:\a\zal\bookmarks-2012-01-03.json
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\offitems.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\msssc.dll
c:\windows\system32\PowerToyReadme.htm
c:\windows\system32\SET8C.tmp
c:\windows\system32\SET90.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SETDD.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE2.tmp
c:\windows\system32\urttemp
c:\windows\system32\urttemp\fusion.dll
c:\windows\system32\urttemp\mscoree.dll
c:\windows\system32\urttemp\mscoree.dll.local
c:\windows\system32\urttemp\mscorsn.dll
c:\windows\system32\urttemp\mscorwks.dll
c:\windows\system32\urttemp\msvcr71.dll
c:\windows\system32\urttemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-26 do 2012-04-26 )))))))))))))))))))))))))))))))
.
.
2012-04-25 20:44 . 2012-04-25 20:44 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2012-04-25 20:41 . 2012-04-25 20:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-04-25 20:41 . 2012-04-25 20:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-25 20:41 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-23 15:19 . 2012-04-23 15:19 -------- d-----w- c:\documents and settings\Administrator\kbpki
2012-04-23 15:15 . 2012-04-23 15:15 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\REN3EE.tmp
2012-04-23 15:15 . 2012-04-23 15:15 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-19 17:48 . 2012-04-19 17:48 -------- d-----w- c:\documents and settings\kdokoliv\Local Settings\Data aplikací\Mozilla
2012-04-19 17:46 . 2012-04-19 17:46 -------- d-sh--w- c:\documents and settings\kdokoliv\IETldCache
2012-04-19 17:45 . 2012-04-19 17:45 -------- d-----w- c:\documents and settings\kdokoliv\Data aplikací\PC Suite
2012-04-18 15:38 . 2012-03-01 10:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2012-04-18 15:38 . 2012-03-01 10:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-04-18 15:38 . 2012-03-01 10:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2012-04-17 20:44 . 2012-04-17 20:44 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2012-04-17 20:43 . 2012-04-17 20:43 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2012-04-17 20:34 . 2012-04-17 20:36 -------- dc-h--w- c:\windows\ie8
2012-04-04 15:48 . 2012-04-04 15:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Installations
2012-03-28 20:14 . 2012-03-28 20:20 -------- d-----w- c:\program files\Google
2012-03-28 20:14 . 2012-03-28 20:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2012-03-28 20:09 . 2012-03-28 20:09 -------- d-----w- c:\windows\system32\wbem\Repository
2012-03-28 20:03 . 2012-03-28 20:03 -------- d-----w- c:\documents and settings\kdokoliv\Data aplikací\Zoner
2012-03-28 20:03 . 2012-03-28 20:03 -------- d-----w- c:\documents and settings\kdokoliv\Data aplikací\OpenOffice.org
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-23 15:15 . 2011-10-15 19:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-01 10:59 . 2003-04-16 19:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2003-04-16 19:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2003-04-16 19:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2003-04-16 19:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2003-04-16 19:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2009-06-17 13:52 385024 ----a-w- c:\windows\system32\html.iec
2012-02-23 16:23 . 2010-08-13 13:48 41184 ----a-w- c:\windows\avastSS.scr
2012-02-23 16:23 . 2009-06-17 18:23 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-23 16:12 . 2011-06-03 18:08 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-23 16:12 . 2009-06-17 18:23 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-23 16:10 . 2009-06-17 18:23 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-23 16:10 . 2009-06-17 18:23 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-23 16:10 . 2009-06-17 18:23 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-02-23 16:10 . 2009-06-17 18:23 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-02-23 16:10 . 2009-06-17 18:23 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 16:07 . 2009-06-17 18:23 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-02-03 09:57 . 2003-04-16 19:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-02-23 20:12 . 2012-01-11 22:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
.
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[7] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[7] 2003-04-16 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[7] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
[7] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[7] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
.
[7] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
.
[7] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[7] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
.
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
.
[7] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[7] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[7] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[7] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2009-02-09 . BEF7BB41E666EAA34BE7E99C2B107DB8 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
.
[7] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[7] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[7] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[7] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2009-02-09 . 33081FED75032291EE0E008D5385E86F . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
.
[7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[7] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . DF7917138B80C79D15B3E8520D565311 . 111104 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
.
.

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 26 dub 2012 03:11

Druhá část logu:


[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[7] 2003-04-16 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2003-04-16 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
.
[7] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[7] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
.
[7] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[7] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[7] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[7] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-07-07 20:19 . 3440C414044935B124B5821C0994B37F . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[7] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
.
[7] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
.
[7] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[7] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[7] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[7] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2009-03-21 . 8D18BA8E854890074B6FB92D7D0C02FA . 987648 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
.
.
[7] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[7] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
.
[7] 2012-03-01 . 5DD330683B851ABDDB2FC4AADFB04E4D . 5978624 . . [8.00.6001.19222] . . c:\windows\SoftwareDistribution\Download\a248a2b707ac7c53f7766563d6869143\SP3GDR\mshtml.dll
[7] 2012-03-01 . 5DD330683B851ABDDB2FC4AADFB04E4D . 5978624 . . [8.00.6001.19222] . . c:\windows\system32\mshtml.dll
[7] 2012-03-01 . 5DD330683B851ABDDB2FC4AADFB04E4D . 5978624 . . [8.00.6001.19222] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2012-03-01 . 6ED3CE17792820A410AA715EED4B341E . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
[7] 2012-03-01 . 6ED3CE17792820A410AA715EED4B341E . 5980672 . . [8.00.6001.23318] . . c:\windows\SoftwareDistribution\Download\a248a2b707ac7c53f7766563d6869143\SP3QFE\mshtml.dll
[7] 2012-03-01 . 27E95D7DB53551199AAD5A2ED430A915 . 3616768 . . [7.00.6000.17109] . . c:\windows\ie8\mshtml.dll
[7] 2012-03-01 . 047679484D7482F2162C685E1262243F . 3619328 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\mshtml.dll
[7] 2011-12-19 . EA2E166D88CF5C1754E522A5FE6B1D86 . 3616768 . . [7.00.6000.17108] . . c:\windows\ie7updates\KB2675157-IE7\mshtml.dll
[7] 2011-12-19 . E8CE2C45A2BB1D5A8A91171FDC10053F . 3618816 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\mshtml.dll
[7] 2011-11-04 . 5DB7B7077FC5EEC29D8E8665AF4EF78F . 3616256 . . [7.00.6000.17107] . . c:\windows\ie7updates\KB2647516-IE7\mshtml.dll
[7] 2011-11-04 . 60B8B1BE46C986E5E7E27B7D509259F7 . 3618304 . . [7.00.6000.21309] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\mshtml.dll
[7] 2011-09-05 . 1CAB750DDF1B82232EB1202A098AD259 . 3615744 . . [7.00.6000.17104] . . c:\windows\ie7updates\KB2618444-IE7\mshtml.dll
[7] 2011-08-18 . D81B29DBD021AC77479B3D66E62728EC . 3617792 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\mshtml.dll
[7] 2011-07-22 . 917219C0D291CDE891C80D8BA59A21E6 . 3613696 . . [7.00.6000.17102] . . c:\windows\ie7updates\KB2586448-IE7\mshtml.dll
[7] 2011-07-22 . 985518A3361129FD7CACBB9611E13504 . 3615744 . . [7.00.6000.21305] . . c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\mshtml.dll
[7] 2011-04-25 . D6546C0AE29DF915DD99BB9193229D97 . 3608576 . . [7.00.6000.17098] . . c:\windows\ie7updates\KB2559049-IE7\mshtml.dll
.
[7] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[7] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[7] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[7] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[7] 2003-04-16 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2003-04-16 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll
.
[7] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[7] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[7] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[7] 2008-06-20 . 37BABA5DBD9027837FDC27E5D6EF33E1 . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[7] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[7] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[7] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
.
.
[7] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
.
[7] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[7] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
.
[7] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[7] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
.
[7] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
.
[7] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[7] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
.
[7] 2012-03-01 . BAFCED0AA095767500F8FC8D08BB1610 . 916992 . . [8.00.6001.19222] . . c:\windows\SoftwareDistribution\Download\a248a2b707ac7c53f7766563d6869143\SP3GDR\wininet.dll
[7] 2012-03-01 . BAFCED0AA095767500F8FC8D08BB1610 . 916992 . . [8.00.6001.19222] . . c:\windows\system32\wininet.dll
[7] 2012-03-01 . BAFCED0AA095767500F8FC8D08BB1610 . 916992 . . [8.00.6001.19222] . . c:\windows\system32\dllcache\wininet.dll
[7] 2012-03-01 . 32D1873A02F24FC9F8D1F77D4CEE681F . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[7] 2012-03-01 . 32D1873A02F24FC9F8D1F77D4CEE681F . 919552 . . [8.00.6001.23318] . . c:\windows\SoftwareDistribution\Download\a248a2b707ac7c53f7766563d6869143\SP3QFE\wininet.dll
[7] 2012-03-01 . 1F7319A4012069A843C0A605252D347F . 832512 . . [7.00.6000.17109] . . c:\windows\ie8\wininet.dll
[7] 2012-03-01 . 3946B24EACCC4848ED3BB06A52B63C1B . 841216 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\wininet.dll
[7] 2011-12-19 . EBEC5F0D8A324CA5A09E25FC73552D19 . 832512 . . [7.00.6000.17108] . . c:\windows\ie7updates\KB2675157-IE7\wininet.dll
[7] 2011-12-19 . E0F109B5E45E722CDB49145E209BBB57 . 841216 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\wininet.dll
[7] 2011-10-31 . CD34342BD1F18FF4848BF4460BC60CD5 . 832512 . . [7.00.6000.17106] . . c:\windows\ie7updates\KB2647516-IE7\wininet.dll
[7] 2011-10-31 . 4C09D8B0458B89CF9284634482D52CE7 . 841216 . . [7.00.6000.21308] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\wininet.dll
[7] 2011-08-17 . 19FA85847847BE21796030E414D9CCC2 . 832512 . . [7.00.6000.17103] . . c:\windows\ie7updates\KB2618444-IE7\wininet.dll
[7] 2011-08-17 . 7D5459911DB3B3FA335C8742663B9522 . 841216 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\wininet.dll
[7] 2011-06-21 . 62C2B47F17A3972798A4197E4AA5BEDE . 832512 . . [7.00.6000.17099] . . c:\windows\ie7updates\KB2586448-IE7\wininet.dll
[7] 2011-06-21 . 923CCA1F768308928E2CD58D10D964DA . 841216 . . [7.00.6000.21302] . . c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\wininet.dll
[7] 2011-04-25 . 541D6B55FAC20DD4A8E578109878D6C1 . 832512 . . [7.00.6000.17098] . . c:\windows\ie7updates\KB2559049-IE7\wininet.dll
[7] 2011-04-25 . DF61EDDB3EA1571C99D8C60B300817E2 . 841216 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\wininet.dll
[7] 2011-02-17 . 01F315784610D7CAD81478C091F57696 . 832512 . . [7.00.6000.17096] . . c:\windows\ie7updates\KB2530548-IE7\wininet.dll
[7] 2011-02-17 . 260B22FCC9582A5C360A309EC2C3D8D2 . 841216 . . [7.00.6000.21298] . . c:\windows\$hf_mig$\KB2497640-IE7\SP3QFE\wininet.dll
[7] 2010-12-20 . F027E93B402BBF2E95EC9A228D0E6AE0 . 841216 . . [7.00.6000.21297] . . c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\wininet.dll
[7] 2010-12-20 . 752EAE1131D99EF154F9AD7C4018D2A6 . 832512 . . [7.00.6000.17095] . . c:\windows\ie7updates\KB2497640-IE7\wininet.dll
[7] 2010-11-06 . 43A169D0367A4105491A76C2AAE6A1FD . 832512 . . [7.00.6000.17093] . . c:\windows\ie7updates\KB2482017-IE7\wininet.dll
[7] 2010-11-06 . 2BB8C340B7D1293B88587D2C4B72506F . 841216 . . [7.00.6000.21295] . . c:\windows\$hf_mig$\KB2416400-IE7\SP3QFE\wininet.dll
[7] 2010-09-09 . 41DD413E4546E25E0D0C5B8B7DEE1967 . 832512 . . [7.00.6000.17091] . . c:\windows\ie7updates\KB2416400-IE7\wininet.dll
[7] 2010-09-09 . 40B58A838D691766E19FA3C21B16EC41 . 841216 . . [7.00.6000.21293] . . c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\wininet.dll
[7] 2010-06-24 . 805149680A8D2E91234D065BA4EAAB7A . 832512 . . [7.00.6000.17080] . . c:\windows\ie7updates\KB2360131-IE7\wininet.dll
[7] 2010-06-24 . 5A2EC6E4AE30B8CAF53389A286E39C23 . 841216 . . [7.00.6000.21283] . . c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\wininet.dll
[7] 2010-05-04 . 1497FB3C1BC993A5F263FB57E0AD63D3 . 832512 . . [7.00.6000.17055] . . c:\windows\ie7updates\KB2183461-IE7\wininet.dll
[7] 2010-05-04 . 3D4713D326A245AAE068E7148C08AA77 . 841216 . . [7.00.6000.21256] . . c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
[7] 2010-03-11 . 366F583DBB53049DDFB04D6F7BF2795C . 832512 . . [7.00.6000.17023] . . c:\windows\ie7updates\KB982381-IE7\wininet.dll
[7] 2010-03-11 . 894D1910F23ABB82A19F4E2F1966271E . 841216 . . [7.00.6000.21228] . . c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\wininet.dll
[7] 2010-01-05 . 9BD776679C4656E0CEA5E8BFB9CFD33B . 832512 . . [7.00.6000.16981] . . c:\windows\ie7updates\KB980182-IE7\wininet.dll
[7] 2010-01-05 . 0D90D150ED0DD4C673C627C52D3F7149 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
[7] 2009-10-29 . 33D6B94981C3FB88F27CFBBE72B59122 . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
[7] 2009-10-29 . 7CD98B487F578D12281B163E2FEF7487 . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
[7] 2009-08-29 . 422C96661C35C7D6DAC7A58A1D6BB145 . 832512 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
[7] 2009-08-29 . 7CA27BB855E6B8CC4725582501197E39 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
[7] 2009-06-29 . 155CEA8BCA8349B1DB7B8142BA95F6AE . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[7] 2009-06-29 . 4121C2AFFC37600A4710F63AD8017CF9 . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll
[7] 2009-04-29 . 3331AF327AECD660831693C0C0ABFCD3 . 660480 . . [6.00.2900.3562] . . c:\windows\ie7\wininet.dll
[7] 2009-04-29 . D8B3732B92CF879ADE65CCE9361D36FB . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll
[7] 2009-04-29 . D8B3732B92CF879ADE65CCE9361D36FB . 827392 . . [7.00.6000.16850] . . c:\windows\SoftwareDistribution\Download\1ca4a669aeb0074a4bf49cf1b776c1b9\SP3GDR\wininet.dll
[7] 2009-04-29 . C6D7F3DF74C49ED8E01CB18272EA0CCA . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[7] 2009-04-29 . C6D7F3DF74C49ED8E01CB18272EA0CCA . 828928 . . [7.00.6000.21045] . . c:\windows\SoftwareDistribution\Download\1ca4a669aeb0074a4bf49cf1b776c1b9\SP3QFE\wininet.dll
[7] 2009-04-29 . E4A6A4E8806C154CCB7EB9FA77A9E8F5 . 667648 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll
[7] 2009-04-29 . 7643C04B99FC520B08CB9B0CE56D7440 . 669184 . . [6.00.2900.3562] . . c:\windows\$hf_mig$\KB969897\SP2QFE\wininet.dll
[7] 2009-04-29 . 30BA85CFADF955E3E7608161892E6AC7 . 669184 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll
[7] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
.
[7] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
.
[7] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[7] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
.
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
.
[7] 2011-11-01 . ED9B683C7A8BBAAAB9B377197D20832C . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[7] 2011-11-01 . ED9B683C7A8BBAAAB9B377197D20832C . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . B5EEF42BC72418EECC3DD3D93B2B5F34 . 1288704 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
.
[7] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[7] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[7] 2010-04-16 . 6BE004F9FCEECA6536385D5CB59BFD37 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[7] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
.
[7] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[7] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[7] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[7] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[7] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[7] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[7] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
.
.
[7] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[7] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
.
[7] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[7] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
.
[7] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[7] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
.
[7] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
.
[7] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[7] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
.
[7] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[7] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
.
[7] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
.
[7] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
.
[7] 2003-04-16 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[7] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\AGP440.SYS
.
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[7] 2010-09-18 07:18 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[7] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[7] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[7] 2008-04-14 03:21 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
.
[7] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[7] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
.
.
[7] 2011-10-26 . 8AE4032D26FB72F39BEA8BB4D4F8AC30 . 2071552 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2011-10-26 . 8AE4032D26FB72F39BEA8BB4D4F8AC30 . 2071552 . . [5.1.2600.6165] . . c:\windows\system32\ntkrnlpa.exe
[7] 2011-10-26 . 8AE4032D26FB72F39BEA8BB4D4F8AC30 . 2071552 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2011-10-26 . 64201EB5A7ECB3E7203ECCDB60FBE44E . 2071552 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-12-10 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . 76D45A9AFAD9FFE3070814DE95648EC7 . 2059904 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntkrnlpa.exe
[7] 2009-12-09 . D9FB61F23249B39EE9922A2CC3001DD0 . 2065280 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntkrnlpa.exe
[7] 2009-12-09 . 166530C022AB3A0F9EADB20633AE034E . 2068224 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntkrnlpa.exe
[7] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
.
[7] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[7] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
.
[7] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[7] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
.
[7] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[7] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
.
[7] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[7] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
.
.
[7] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[7] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
.
[7] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[7] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
.
[7] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[7] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
.
[7] 2012-02-29 . 50BA6A230D743A4D33BFFA2FA1113055 . 634680 . . [7.00.6000.17109] . . c:\windows\ie8\iexplore.exe
[7] 2012-02-29 . DF642AABFDACE36E3B4329091A07DE87 . 634680 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\iexplore.exe
[7] 2011-12-16 . 1C206B8FEEC6882B7F7F479E95D2BDD9 . 634680 . . [7.00.6000.17108] . . c:\windows\ie7updates\KB2675157-IE7\iexplore.exe
[7] 2011-12-16 . DB9D9A73FACB0B11992201D670D73E16 . 634680 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\iexplore.exe
[7] 2011-10-31 . 2E34CF22B5862AB02786F0819B9FD819 . 634504 . . [7.00.6000.17106] . . c:\windows\ie7updates\KB2647516-IE7\iexplore.exe
[7] 2011-10-31 . 1C5DA2D9EA2A59D0D5C116FA3A5A21AA . 634504 . . [7.00.6000.21308] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\iexplore.exe
[7] 2011-08-17 . 6A1D755C68C10863C598C78A597FA7C3 . 634632 . . [7.00.6000.17103] . . c:\windows\ie7updates\KB2618444-IE7\iexplore.exe
[7] 2011-08-17 . CB0AFAF9E5C5FE70EC7087E71275DD33 . 634632 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\iexplore.exe
[7] 2011-06-20 . 993F33696EF219C306BF9BBA34D85073 . 634648 . . [7.00.6000.17099] . . c:\windows\ie7updates\KB2586448-IE7\iexplore.exe
[7] 2011-06-20 . DE0F15DD275A36C3E67DC1E36F958F3A . 634648 . . [7.00.6000.21302] . . c:\windows\$hf_mig$\KB2559049-IE7\SP3QFE\iexplore.exe
[7] 2011-04-21 . B6E13F9C120C776A89D783E26D6C15C5 . 634648 . . [7.00.6000.17098] . . c:\windows\ie7updates\KB2559049-IE7\iexplore.exe
[7] 2011-04-21 . 3E23DBEBE1020D52C63235E4189FAC03 . 634648 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\iexplore.exe
[7] 2011-02-14 . E4A798DFDE7FE6E79F23548F0EF0F844 . 634648 . . [7.00.6000.17096] . . c:\windows\ie7updates\KB2530548-IE7\iexplore.exe
[7] 2011-02-14 . E3CC8CCF21BFDC954255BB17083FB9F0 . 634648 . . [7.00.6000.21298] . . c:\windows\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[7] 2010-12-20 . 091D358EFC9D22901BD879EF37F0DAC4 . 634648 . . [7.00.6000.17095] . . c:\windows\ie7updates\KB2497640-IE7\iexplore.exe
[7] 2010-12-20 . B74CBEBA34E3CAA2CCACC87FEE8A16C0 . 634648 . . [7.00.6000.21297] . . c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[7] 2010-10-18 . 72D1F43C4146D312B0DB6AB98C21340E . 634648 . . [7.00.6000.17093] . . c:\windows\ie7updates\KB2482017-IE7\iexplore.exe
[7] 2010-10-18 . DA6E1F0F1932B62DD2F6ED05541C555C . 634648 . . [7.00.6000.21295] . . c:\windows\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[7] 2010-08-25 . E5412ED9E07C42C20C48D3FF71E6B1E8 . 634648 . . [7.00.6000.17091] . . c:\windows\ie7updates\KB2416400-IE7\iexplore.exe
[7] 2010-08-25 . F047BEB9771E45A05F425499A30F9BBA . 634648 . . [7.00.6000.21293] . . c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[7] 2010-06-17 . 203E897F843D56496E2CC101DFF6CE34 . 634656 . . [7.00.6000.17080] . . c:\windows\ie7updates\KB2360131-IE7\iexplore.exe
[7] 2010-06-17 . B0BC6DC9C9277250C5C8F7B7A48A02CC . 634648 . . [7.00.6000.21283] . . c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . c:\windows\ie7updates\KB2183461-IE7\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[7] 2010-02-23 . B5116340B84824DDD0A641E36B126194 . 634648 . . [7.00.6000.17023] . . c:\windows\ie7updates\KB982381-IE7\iexplore.exe
[7] 2010-02-23 . C8DDA4028065D5CE39CBE7A156B72AB9 . 634648 . . [7.00.6000.21228] . . c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[7] 2009-12-18 . 53C291F3B01EECECBD7FD358EA3ACC94 . 634648 . . [7.00.6000.16981] . . c:\windows\ie7updates\KB980182-IE7\iexplore.exe
[7] 2009-12-18 . D19E56D5930C37CF211867DF450C372A . 634632 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[7] 2009-10-28 . 80675329E0FD54F016C4F8A83C616349 . 634632 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[7] 2009-10-28 . 4F9B04D546C23A295F3F0AE015BE51DB . 634632 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB978207-IE7\iexplore.exe
[7] 2009-08-27 . F232BA9F39BC0F722672C7E79E68EBEA . 634648 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\iexplore.exe
[7] 2009-08-27 . 332EC7562F3AA7364F2D4231C56DA986 . 634648 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[7] 2009-06-29 . 3CFC56F73D494FC1AA2B6E981DF15ACD . 634632 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\iexplore.exe
[7] 2009-06-29 . 02E2754D3E566C11A4934825920C47DD . 634632 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[7] 2009-04-25 . 092A7F2B49A19ECCE5369D3CB2276148 . 636088 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\iexplore.exe
[7] 2009-04-25 . 092A7F2B49A19ECCE5369D3CB2276148 . 636088 . . [7.00.6000.16850] . . c:\windows\SoftwareDistribution\Download\1ca4a669aeb0074a4bf49cf1b776c1b9\SP3GDR\iexplore.exe
[7] 2009-04-25 . C0503FD8D163652735C1EE900672A75C . 636088 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe
[7] 2009-04-25 . C0503FD8D163652735C1EE900672A75C . 636088 . . [7.00.6000.21045] . . c:\windows\SoftwareDistribution\Download\1ca4a669aeb0074a4bf49cf1b776c1b9\SP3QFE\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB969897-IE7\iexplore.exe
[7] 2004-08-17 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe
.
.
[7] 2011-10-26 . 702435ABA81209767F8AADD8813A1A73 . 2194944 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2011-10-26 . 702435ABA81209767F8AADD8813A1A73 . 2194944 . . [5.1.2600.6165] . . c:\windows\system32\ntoskrnl.exe
[7] 2011-10-26 . 702435ABA81209767F8AADD8813A1A73 . 2194944 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2011-10-26 . BCA329B5A39AB25CC2DCCB3549EE30BF . 2194944 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-12-10 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe
[7] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntoskrnl.exe
[7] 2009-12-09 . 7D9B31E0903E2809DA5FC10A94813091 . 2182528 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntoskrnl.exe
[7] 2009-12-09 . B214F89473F73C0733D9C402F36E2125 . 2188160 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntoskrnl.exe
[7] 2009-12-09 . 3B0DC252A20C8A938ED21073EE736AEA . 2191360 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntoskrnl.exe
[7] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
.
[7] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
.
[7] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[7] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
.
[7] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[7] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
.
[7] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[7] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 16:23 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-02-01 1083264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2003-05-05 88267]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-07-15 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-07-15 618496]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-11-13 335872]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-09-25 114741]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2003-07-17 184412]
"FixCamera"="c:\windows\FixCamera.exe" [2008-08-21 188928]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2008-08-01 675840]
"tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2009-11-13 320512]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-02-23 4031368]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\kdokoliv\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\QIP\\qip.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3.6.2011 20:08 610648]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.6.2009 20:23 337112]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.6.2009 20:23 20696]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [1.8.2007 22:30 16376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [25.4.2012 22:41 654408]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [25.4.2012 22:41 22344]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver;c:\windows\system32\drivers\wbsd.sys [17.6.2009 19:53 26240]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [8.1.2009 21:25 58608]
S3 GT680xNT;USB Scanner Driver;c:\windows\system32\drivers\Gt680x.sys [10.10.2009 16:21 17376]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [17.6.2009 23:11 51040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [21.2.2012 21:57 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [21.2.2012 21:57 8576]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - IPFILTERDRIVER
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSERVICE
*NewlyCreated* - PROCEXP152
*Deregistered* - PROCEXP152
.
.
------- Doplňkový sken -------
.
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: csob.cz\bb24
Trusted Zone: csob.cz\ib24
Trusted Zone: ica.cz\b
TCP: DhcpNameServer = 10.0.0.254 10.0.0.252
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\glnz562b.default\
FF - prefs.js: browser.startup.homepage - about:blank
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-26 02:04
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????????n??|?????? ?deB???????????????B? ??????
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1177238915-854245398-1343024091-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,cf,b4,81,15,61,14,4c,8c,6d,19,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,cf,b4,81,15,61,14,4c,8c,6d,19,\
.
Celkový čas: 2012-04-26 02:52:58
ComboFix-quarantined-files.txt 2012-04-26 00:52
.
Před spuštěním: 1 945 755 648
Po spuštění: 2 163 261 440
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - E8BB88E8EC0475B8CD07E2CED745D4FE

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod jaro3 » 26 dub 2012 08:49

Tu složku vrátíme zpět.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

DeQuarantine::
C:\Qoobox\Quarantine\C\a

Quit::


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\services.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 26 dub 2012 23:54

C:\Qoobox\Quarantine\C\a\CENIK_RH.zip -> C:\a\CENIK_RH.zip
C:\Qoobox\Quarantine\C\a\P1010458_D.avi -> C:\a\P1010458_D.avi
C:\Qoobox\Quarantine\C\a\Thumbs.db -> C:\a\Thumbs.db
C:\Qoobox\Quarantine\C\a\cen\data\ADRESY.X00 -> C:\a\cen\data\ADRESY.X00
C:\Qoobox\Quarantine\C\a\cen\data\DNY.000 -> C:\a\cen\data\DNY.000
C:\Qoobox\Quarantine\C\a\cen\data\DOD.000 -> C:\a\cen\data\DOD.000
C:\Qoobox\Quarantine\C\a\cen\data\DPH.000 -> C:\a\cen\data\DPH.000
C:\Qoobox\Quarantine\C\a\cen\data\DPH_CIS.000 -> C:\a\cen\data\DPH_CIS.000
C:\Qoobox\Quarantine\C\a\cen\data\GL.000 -> C:\a\cen\data\GL.000
C:\Qoobox\Quarantine\C\a\cen\data\GL1.000 -> C:\a\cen\data\GL1.000
C:\Qoobox\Quarantine\C\a\cen\data\GL1.T00 -> C:\a\cen\data\GL1.T00
C:\Qoobox\Quarantine\C\a\cen\data\GL2.000 -> C:\a\cen\data\GL2.000
C:\Qoobox\Quarantine\C\a\cen\data\GLOBAL.000 -> C:\a\cen\data\GLOBAL.000
C:\Qoobox\Quarantine\C\a\cen\data\GL_MAPA.000 -> C:\a\cen\data\GL_MAPA.000
C:\Qoobox\Quarantine\C\a\cen\data\GL_SIT.000 -> C:\a\cen\data\GL_SIT.000
C:\Qoobox\Quarantine\C\a\cen\data\JMENA.000 -> C:\a\cen\data\JMENA.000
C:\Qoobox\Quarantine\C\a\cen\data\MAPA.000 -> C:\a\cen\data\MAPA.000
C:\Qoobox\Quarantine\C\a\cen\data\MESTA.000 -> C:\a\cen\data\MESTA.000
C:\Qoobox\Quarantine\C\a\cen\data\OBCE.000 -> C:\a\cen\data\OBCE.000
C:\Qoobox\Quarantine\C\a\cen\data\OBCE.X00 -> C:\a\cen\data\OBCE.X00
C:\Qoobox\Quarantine\C\a\cen\data\OBJ_HL.000 -> C:\a\cen\data\OBJ_HL.000
C:\Qoobox\Quarantine\C\a\cen\data\OBJ_HL.T00 -> C:\a\cen\data\OBJ_HL.T00
C:\Qoobox\Quarantine\C\a\cen\data\PARAM.000 -> C:\a\cen\data\PARAM.000
C:\Qoobox\Quarantine\C\a\cen\data\TISK_PAR.000 -> C:\a\cen\data\TISK_PAR.000
C:\Qoobox\Quarantine\C\a\cen\data\ZAKOB.000 -> C:\a\cen\data\ZAKOB.000
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK.BAT -> C:\a\cen\pgm\CENIK.BAT
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK0.OVL -> C:\a\cen\pgm\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK0.TVL -> C:\a\cen\pgm\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK1.OVL -> C:\a\cen\pgm\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK1.TVL -> C:\a\cen\pgm\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK2.OVL -> C:\a\cen\pgm\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK2.TVL -> C:\a\cen\pgm\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK3.OVL -> C:\a\cen\pgm\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK3.TVL -> C:\a\cen\pgm\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK4.OVL -> C:\a\cen\pgm\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK4.TVL -> C:\a\cen\pgm\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK97.CAT -> C:\a\cen\pgm\CENIK97.CAT
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK97.RDB -> C:\a\cen\pgm\CENIK97.RDB
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIK97.TTT -> C:\a\cen\pgm\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIKHLP.000 -> C:\a\cen\pgm\CENIKHLP.000
C:\Qoobox\Quarantine\C\a\cen\pgm\CENIKHLP.T00 -> C:\a\cen\pgm\CENIKHLP.T00
C:\Qoobox\Quarantine\C\a\cen\pgm\CEN_DPH.OVL -> C:\a\cen\pgm\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\cen\pgm\CEN_DPH.TVL -> C:\a\cen\pgm\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\cen\pgm\FAND.CFG -> C:\a\cen\pgm\FAND.CFG
C:\Qoobox\Quarantine\C\a\cen\pgm\FAND.RES -> C:\a\cen\pgm\FAND.RES
C:\Qoobox\Quarantine\C\a\cen\pgm\FANDINST.EXE -> C:\a\cen\pgm\FANDINST.EXE
C:\Qoobox\Quarantine\C\a\cen\pgm\LICENCE.000 -> C:\a\cen\pgm\LICENCE.000
C:\Qoobox\Quarantine\C\a\cen\pgm\novinky.txt -> C:\a\cen\pgm\novinky.txt
C:\Qoobox\Quarantine\C\a\cen\pgm\OKNO.RDB -> C:\a\cen\pgm\OKNO.RDB
C:\Qoobox\Quarantine\C\a\cen\pgm\OKNO.TTT -> C:\a\cen\pgm\OKNO.TTT
C:\Qoobox\Quarantine\C\a\cen\pgm\UFAND.EXE -> C:\a\cen\pgm\UFAND.EXE
C:\Qoobox\Quarantine\C\a\cen\pgm\UFAND.OVR -> C:\a\cen\pgm\UFAND.OVR
C:\Qoobox\Quarantine\C\a\cen\pgm\UFANDHLP.000 -> C:\a\cen\pgm\UFANDHLP.000
C:\Qoobox\Quarantine\C\a\cen\pgm\UFANDHLP.T00 -> C:\a\cen\pgm\UFANDHLP.T00
C:\Qoobox\Quarantine\C\a\cen_lat\cenik.zip -> C:\a\cen_lat\cenik.zip
C:\Qoobox\Quarantine\C\a\cen_lat\data\AARCHIV.000 -> C:\a\cen_lat\data\AARCHIV.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\AARCHIV.X00 -> C:\a\cen_lat\data\AARCHIV.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\ADRESY.000 -> C:\a\cen_lat\data\ADRESY.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\ADRESY.T00 -> C:\a\cen_lat\data\ADRESY.T00
C:\Qoobox\Quarantine\C\a\cen_lat\data\ADRESY.X00 -> C:\a\cen_lat\data\ADRESY.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\AMALO.000 -> C:\a\cen_lat\data\AMALO.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\AMALO.X00 -> C:\a\cen_lat\data\AMALO.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\ANAKUP_A.000 -> C:\a\cen_lat\data\ANAKUP_A.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\ANAKUP_A.X00 -> C:\a\cen_lat\data\ANAKUP_A.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\ANAK_H_A.000 -> C:\a\cen_lat\data\ANAK_H_A.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\ANAK_H_A.X00 -> C:\a\cen_lat\data\ANAK_H_A.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\APOHYB.000 -> C:\a\cen_lat\data\APOHYB.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\APOHYB.X00 -> C:\a\cen_lat\data\APOHYB.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\ARCHIV.000 -> C:\a\cen_lat\data\ARCHIV.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\ARCHIV.X00 -> C:\a\cen_lat\data\ARCHIV.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\CAR_KOD.000 -> C:\a\cen_lat\data\CAR_KOD.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\CAR_KOD.X00 -> C:\a\cen_lat\data\CAR_KOD.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\CENIKDAT.000 -> C:\a\cen_lat\data\CENIKDAT.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\CENIKDAT.X00 -> C:\a\cen_lat\data\CENIKDAT.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\DNY_T.000 -> C:\a\cen_lat\data\DNY_T.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\DOD.000 -> C:\a\cen_lat\data\DOD.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\DOD_POL.000 -> C:\a\cen_lat\data\DOD_POL.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\DPH.000 -> C:\a\cen_lat\data\DPH.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\DPH_CIS.000 -> C:\a\cen_lat\data\DPH_CIS.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL.000 -> C:\a\cen_lat\data\GL.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL1.000 -> C:\a\cen_lat\data\GL1.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL1.T00 -> C:\a\cen_lat\data\GL1.T00
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL2.000 -> C:\a\cen_lat\data\GL2.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GLOBAL.000 -> C:\a\cen_lat\data\GLOBAL.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL_MAPA.000 -> C:\a\cen_lat\data\GL_MAPA.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL_SIT.000 -> C:\a\cen_lat\data\GL_SIT.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\GL_SK.000 -> C:\a\cen_lat\data\GL_SK.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\INVENT.000 -> C:\a\cen_lat\data\INVENT.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\INVENT.X00 -> C:\a\cen_lat\data\INVENT.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\JMENA.000 -> C:\a\cen_lat\data\JMENA.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\MALO.000 -> C:\a\cen_lat\data\MALO.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\MALO.X00 -> C:\a\cen_lat\data\MALO.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\MALO_SK.000 -> C:\a\cen_lat\data\MALO_SK.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\MAPA.000 -> C:\a\cen_lat\data\MAPA.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\MESICE.000 -> C:\a\cen_lat\data\MESICE.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\MESTA.000 -> C:\a\cen_lat\data\MESTA.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAKUP.000 -> C:\a\cen_lat\data\NAKUP.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAKUP_AR.000 -> C:\a\cen_lat\data\NAKUP_AR.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAKUP_AR.X00 -> C:\a\cen_lat\data\NAKUP_AR.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAKUP_C.000 -> C:\a\cen_lat\data\NAKUP_C.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAKUP_HL.000 -> C:\a\cen_lat\data\NAKUP_HL.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAK_H_AR.000 -> C:\a\cen_lat\data\NAK_H_AR.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\NAK_H_AR.X00 -> C:\a\cen_lat\data\NAK_H_AR.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\OBCE.000 -> C:\a\cen_lat\data\OBCE.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\OBCE.X00 -> C:\a\cen_lat\data\OBCE.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\OBJ_HL.000 -> C:\a\cen_lat\data\OBJ_HL.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\OBJ_HL.T00 -> C:\a\cen_lat\data\OBJ_HL.T00
C:\Qoobox\Quarantine\C\a\cen_lat\data\PARAM.000 -> C:\a\cen_lat\data\PARAM.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\POHYB.000 -> C:\a\cen_lat\data\POHYB.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\POHYB.X00 -> C:\a\cen_lat\data\POHYB.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\SKLADY.000 -> C:\a\cen_lat\data\SKLADY.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\SKLADY.X00 -> C:\a\cen_lat\data\SKLADY.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\SLEVY.000 -> C:\a\cen_lat\data\SLEVY.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\SLEVY.X00 -> C:\a\cen_lat\data\SLEVY.X00
C:\Qoobox\Quarantine\C\a\cen_lat\data\TISK_PAR.000 -> C:\a\cen_lat\data\TISK_PAR.000
C:\Qoobox\Quarantine\C\a\cen_lat\data\ZAKOB.000 -> C:\a\cen_lat\data\ZAKOB.000
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK.BAT -> C:\a\cen_lat\pgm\CENIK.BAT
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK0.OVL -> C:\a\cen_lat\pgm\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK0.TVL -> C:\a\cen_lat\pgm\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK1.OVL -> C:\a\cen_lat\pgm\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK1.TVL -> C:\a\cen_lat\pgm\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK2.OVL -> C:\a\cen_lat\pgm\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK2.TVL -> C:\a\cen_lat\pgm\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK3.OVL -> C:\a\cen_lat\pgm\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK3.TVL -> C:\a\cen_lat\pgm\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK4.OVL -> C:\a\cen_lat\pgm\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK4.TVL -> C:\a\cen_lat\pgm\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK97.CAT -> C:\a\cen_lat\pgm\CENIK97.CAT
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK97.RDB -> C:\a\cen_lat\pgm\CENIK97.RDB
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIK97.TTT -> C:\a\cen_lat\pgm\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIKHLP.000 -> C:\a\cen_lat\pgm\CENIKHLP.000
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CENIKHLP.T00 -> C:\a\cen_lat\pgm\CENIKHLP.T00
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CEN_DPH.OVL -> C:\a\cen_lat\pgm\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\CEN_DPH.TVL -> C:\a\cen_lat\pgm\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\f.bat -> C:\a\cen_lat\pgm\f.bat
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\FAND.CFG -> C:\a\cen_lat\pgm\FAND.CFG
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\FAND.RES -> C:\a\cen_lat\pgm\FAND.RES
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\FANDINST.EXE -> C:\a\cen_lat\pgm\FANDINST.EXE
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\LICENCE.000 -> C:\a\cen_lat\pgm\LICENCE.000
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\novinky.txt -> C:\a\cen_lat\pgm\novinky.txt
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\OKNO.RDB -> C:\a\cen_lat\pgm\OKNO.RDB
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\OKNO.TTT -> C:\a\cen_lat\pgm\OKNO.TTT
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\UFAND.EXE -> C:\a\cen_lat\pgm\UFAND.EXE
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\UFAND.OVR -> C:\a\cen_lat\pgm\UFAND.OVR
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\UFANDHLP.000 -> C:\a\cen_lat\pgm\UFANDHLP.000
C:\Qoobox\Quarantine\C\a\cen_lat\pgm\UFANDHLP.T00 -> C:\a\cen_lat\pgm\UFANDHLP.T00
C:\Qoobox\Quarantine\C\a\c_de\data\AARCHIV.000 -> C:\a\c_de\data\AARCHIV.000
C:\Qoobox\Quarantine\C\a\c_de\data\ADRESY.000 -> C:\a\c_de\data\ADRESY.000
C:\Qoobox\Quarantine\C\a\c_de\data\ADRESY.T00 -> C:\a\c_de\data\ADRESY.T00
C:\Qoobox\Quarantine\C\a\c_de\data\AFAKTUR.000 -> C:\a\c_de\data\AFAKTUR.000
C:\Qoobox\Quarantine\C\a\c_de\data\AMALO.000 -> C:\a\c_de\data\AMALO.000
C:\Qoobox\Quarantine\C\a\c_de\data\ANAKUP_A.000 -> C:\a\c_de\data\ANAKUP_A.000
C:\Qoobox\Quarantine\C\a\c_de\data\ANAK_H_A.000 -> C:\a\c_de\data\ANAK_H_A.000
C:\Qoobox\Quarantine\C\a\c_de\data\APOHYB.000 -> C:\a\c_de\data\APOHYB.000
C:\Qoobox\Quarantine\C\a\c_de\data\ARCHIV.000 -> C:\a\c_de\data\ARCHIV.000
C:\Qoobox\Quarantine\C\a\c_de\data\CAR_KOD.000 -> C:\a\c_de\data\CAR_KOD.000
C:\Qoobox\Quarantine\C\a\c_de\data\CENIKDAT.000 -> C:\a\c_de\data\CENIKDAT.000
C:\Qoobox\Quarantine\C\a\c_de\data\DNY_T.000 -> C:\a\c_de\data\DNY_T.000
C:\Qoobox\Quarantine\C\a\c_de\data\DOD.000 -> C:\a\c_de\data\DOD.000
C:\Qoobox\Quarantine\C\a\c_de\data\DPH.000 -> C:\a\c_de\data\DPH.000
C:\Qoobox\Quarantine\C\a\c_de\data\DPH_CIS.000 -> C:\a\c_de\data\DPH_CIS.000
C:\Qoobox\Quarantine\C\a\c_de\data\FAKTURY.000 -> C:\a\c_de\data\FAKTURY.000
C:\Qoobox\Quarantine\C\a\c_de\data\GL.000 -> C:\a\c_de\data\GL.000
C:\Qoobox\Quarantine\C\a\c_de\data\GL1.000 -> C:\a\c_de\data\GL1.000
C:\Qoobox\Quarantine\C\a\c_de\data\GL1.T00 -> C:\a\c_de\data\GL1.T00
C:\Qoobox\Quarantine\C\a\c_de\data\GL2.000 -> C:\a\c_de\data\GL2.000
C:\Qoobox\Quarantine\C\a\c_de\data\GLOBAL.000 -> C:\a\c_de\data\GLOBAL.000
C:\Qoobox\Quarantine\C\a\c_de\data\GL_MAPA.000 -> C:\a\c_de\data\GL_MAPA.000
C:\Qoobox\Quarantine\C\a\c_de\data\GL_SIT.000 -> C:\a\c_de\data\GL_SIT.000
C:\Qoobox\Quarantine\C\a\c_de\data\INVENT.000 -> C:\a\c_de\data\INVENT.000
C:\Qoobox\Quarantine\C\a\c_de\data\JMENA.000 -> C:\a\c_de\data\JMENA.000
C:\Qoobox\Quarantine\C\a\c_de\data\MALO.000 -> C:\a\c_de\data\MALO.000
C:\Qoobox\Quarantine\C\a\c_de\data\MALO_SK.000 -> C:\a\c_de\data\MALO_SK.000
C:\Qoobox\Quarantine\C\a\c_de\data\MAPA.000 -> C:\a\c_de\data\MAPA.000
C:\Qoobox\Quarantine\C\a\c_de\data\MESICE.000 -> C:\a\c_de\data\MESICE.000
C:\Qoobox\Quarantine\C\a\c_de\data\MESTA.000 -> C:\a\c_de\data\MESTA.000
C:\Qoobox\Quarantine\C\a\c_de\data\NAKUP.000 -> C:\a\c_de\data\NAKUP.000
C:\Qoobox\Quarantine\C\a\c_de\data\NAKUP_AR.000 -> C:\a\c_de\data\NAKUP_AR.000
C:\Qoobox\Quarantine\C\a\c_de\data\NAKUP_C.000 -> C:\a\c_de\data\NAKUP_C.000
C:\Qoobox\Quarantine\C\a\c_de\data\NAKUP_HL.000 -> C:\a\c_de\data\NAKUP_HL.000
C:\Qoobox\Quarantine\C\a\c_de\data\OBCE.000 -> C:\a\c_de\data\OBCE.000
C:\Qoobox\Quarantine\C\a\c_de\data\OBJ_HL.000 -> C:\a\c_de\data\OBJ_HL.000
C:\Qoobox\Quarantine\C\a\c_de\data\OBJ_HL.T00 -> C:\a\c_de\data\OBJ_HL.T00
C:\Qoobox\Quarantine\C\a\c_de\data\PARAM.000 -> C:\a\c_de\data\PARAM.000
C:\Qoobox\Quarantine\C\a\c_de\data\POHYB.000 -> C:\a\c_de\data\POHYB.000
C:\Qoobox\Quarantine\C\a\c_de\data\SKLADY.000 -> C:\a\c_de\data\SKLADY.000
C:\Qoobox\Quarantine\C\a\c_de\data\SLEVY.000 -> C:\a\c_de\data\SLEVY.000
C:\Qoobox\Quarantine\C\a\c_de\data\TISK_PAR.000 -> C:\a\c_de\data\TISK_PAR.000
C:\Qoobox\Quarantine\C\a\c_de\data\ZAKOB.000 -> C:\a\c_de\data\ZAKOB.000
C:\Qoobox\Quarantine\C\a\c_de\data\AHOJ\DOD.000 -> C:\a\c_de\data\AHOJ\DOD.000
C:\Qoobox\Quarantine\C\a\c_de\data\AHOJ\DOD_POL.000 -> C:\a\c_de\data\AHOJ\DOD_POL.000
C:\Qoobox\Quarantine\C\a\c_de\data\AHOJ\GL_SK.000 -> C:\a\c_de\data\AHOJ\GL_SK.000
C:\Qoobox\Quarantine\C\a\c_de\data\AHOJ\HLAVICKA.000 -> C:\a\c_de\data\AHOJ\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\c_de\data\AHOJ\HLAVICKA.X00 -> C:\a\c_de\data\AHOJ\HLAVICKA.X00
C:\Qoobox\Quarantine\C\a\c_de\data\AHOJ\ZAKOB.000 -> C:\a\c_de\data\AHOJ\ZAKOB.000
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK.BAT -> C:\a\c_de\pgm\CENIK.BAT
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK0.OVL -> C:\a\c_de\pgm\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK0.TVL -> C:\a\c_de\pgm\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK1.OVL -> C:\a\c_de\pgm\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK1.TVL -> C:\a\c_de\pgm\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK2.OVL -> C:\a\c_de\pgm\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK2.TVL -> C:\a\c_de\pgm\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK3.OVL -> C:\a\c_de\pgm\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK3.TVL -> C:\a\c_de\pgm\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK4.OVL -> C:\a\c_de\pgm\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK4.TVL -> C:\a\c_de\pgm\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK97.CAT -> C:\a\c_de\pgm\CENIK97.CAT
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK97.RDB -> C:\a\c_de\pgm\CENIK97.RDB
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIK97.TTT -> C:\a\c_de\pgm\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIKHLP.000 -> C:\a\c_de\pgm\CENIKHLP.000
C:\Qoobox\Quarantine\C\a\c_de\pgm\CENIKHLP.T00 -> C:\a\c_de\pgm\CENIKHLP.T00
C:\Qoobox\Quarantine\C\a\c_de\pgm\CEN_DPH.OVL -> C:\a\c_de\pgm\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\CEN_DPH.TVL -> C:\a\c_de\pgm\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\c_de\pgm\FAND.CFG -> C:\a\c_de\pgm\FAND.CFG
C:\Qoobox\Quarantine\C\a\c_de\pgm\FAND.RES -> C:\a\c_de\pgm\FAND.RES
C:\Qoobox\Quarantine\C\a\c_de\pgm\FANDINST.EXE -> C:\a\c_de\pgm\FANDINST.EXE
C:\Qoobox\Quarantine\C\a\c_de\pgm\LICENCE.000 -> C:\a\c_de\pgm\LICENCE.000
C:\Qoobox\Quarantine\C\a\c_de\pgm\novinky.txt -> C:\a\c_de\pgm\novinky.txt
C:\Qoobox\Quarantine\C\a\c_de\pgm\OKNO.RDB -> C:\a\c_de\pgm\OKNO.RDB
C:\Qoobox\Quarantine\C\a\c_de\pgm\OKNO.TTT -> C:\a\c_de\pgm\OKNO.TTT
C:\Qoobox\Quarantine\C\a\c_de\pgm\UFAND.EXE -> C:\a\c_de\pgm\UFAND.EXE
C:\Qoobox\Quarantine\C\a\c_de\pgm\UFAND.OVR -> C:\a\c_de\pgm\UFAND.OVR
C:\Qoobox\Quarantine\C\a\c_de\pgm\UFANDHLP.000 -> C:\a\c_de\pgm\UFANDHLP.000
C:\Qoobox\Quarantine\C\a\c_de\pgm\UFANDHLP.T00 -> C:\a\c_de\pgm\UFANDHLP.T00
C:\Qoobox\Quarantine\C\a\rh\DATA\@.X00 -> C:\a\rh\DATA\@.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\AARCHIV.000 -> C:\a\rh\DATA\AARCHIV.000
C:\Qoobox\Quarantine\C\a\rh\DATA\AARCHIV.X00 -> C:\a\rh\DATA\AARCHIV.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ADRESY.000 -> C:\a\rh\DATA\ADRESY.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ADRESY.T00 -> C:\a\rh\DATA\ADRESY.T00
C:\Qoobox\Quarantine\C\a\rh\DATA\ADRESY.X00 -> C:\a\rh\DATA\ADRESY.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\AFAKTUR.000 -> C:\a\rh\DATA\AFAKTUR.000
C:\Qoobox\Quarantine\C\a\rh\DATA\AFAKTUR.X00 -> C:\a\rh\DATA\AFAKTUR.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\AMALO.000 -> C:\a\rh\DATA\AMALO.000
C:\Qoobox\Quarantine\C\a\rh\DATA\AMALO.X00 -> C:\a\rh\DATA\AMALO.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ANAKUP_A.000 -> C:\a\rh\DATA\ANAKUP_A.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ANAKUP_A.X00 -> C:\a\rh\DATA\ANAKUP_A.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ANAK_H_A.000 -> C:\a\rh\DATA\ANAK_H_A.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ANAK_H_A.X00 -> C:\a\rh\DATA\ANAK_H_A.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\APOHYB.000 -> C:\a\rh\DATA\APOHYB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\APOHYB.X00 -> C:\a\rh\DATA\APOHYB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ARCHIV.000 -> C:\a\rh\DATA\ARCHIV.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CAR_KOD.000 -> C:\a\rh\DATA\CAR_KOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CAR_KOD.X00 -> C:\a\rh\DATA\CAR_KOD.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\CENIKDAT.000 -> C:\a\rh\DATA\CENIKDAT.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CENIKDAT.X00 -> C:\a\rh\DATA\CENIKDAT.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\CENIKY.000 -> C:\a\rh\DATA\CENIKY.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CEN_PRAC.000 -> C:\a\rh\DATA\CEN_PRAC.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CLIP.000 -> C:\a\rh\DATA\CLIP.000
C:\Qoobox\Quarantine\C\a\rh\DATA\DD.000 -> C:\a\rh\DATA\DD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\DNY.000 -> C:\a\rh\DATA\DNY.000
C:\Qoobox\Quarantine\C\a\rh\DATA\DNY_T.000 -> C:\a\rh\DATA\DNY_T.000
C:\Qoobox\Quarantine\C\a\rh\DATA\DNY_T.X00 -> C:\a\rh\DATA\DNY_T.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\DOD.000 -> C:\a\rh\DATA\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\DPH.000 -> C:\a\rh\DATA\DPH.000
C:\Qoobox\Quarantine\C\a\rh\DATA\DPH_CIS.000 -> C:\a\rh\DATA\DPH_CIS.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FAKTURY.000 -> C:\a\rh\DATA\FAKTURY.000
C:\Qoobox\Quarantine\C\a\rh\DATA\GL.000 -> C:\a\rh\DATA\GL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\GL1.000 -> C:\a\rh\DATA\GL1.000
C:\Qoobox\Quarantine\C\a\rh\DATA\GL1.T00 -> C:\a\rh\DATA\GL1.T00
C:\Qoobox\Quarantine\C\a\rh\DATA\GL2.000 -> C:\a\rh\DATA\GL2.000
C:\Qoobox\Quarantine\C\a\rh\DATA\GLOBAL.000 -> C:\a\rh\DATA\GLOBAL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\GL_MAPA.000 -> C:\a\rh\DATA\GL_MAPA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\GL_SIT.000 -> C:\a\rh\DATA\GL_SIT.000
C:\Qoobox\Quarantine\C\a\rh\DATA\INVENT.000 -> C:\a\rh\DATA\INVENT.000
C:\Qoobox\Quarantine\C\a\rh\DATA\INVENT.X00 -> C:\a\rh\DATA\INVENT.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\JMENA.000 -> C:\a\rh\DATA\JMENA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\MALO.000 -> C:\a\rh\DATA\MALO.000
C:\Qoobox\Quarantine\C\a\rh\DATA\MAPA.000 -> C:\a\rh\DATA\MAPA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\MESICE.000 -> C:\a\rh\DATA\MESICE.000
C:\Qoobox\Quarantine\C\a\rh\DATA\MESICE.X00 -> C:\a\rh\DATA\MESICE.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\MESTA.000 -> C:\a\rh\DATA\MESTA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\NAKUP_AR.000 -> C:\a\rh\DATA\NAKUP_AR.000
C:\Qoobox\Quarantine\C\a\rh\DATA\NAKUP_AR.X00 -> C:\a\rh\DATA\NAKUP_AR.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\NAKUP_HL.000 -> C:\a\rh\DATA\NAKUP_HL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\NAK_HL.000 -> C:\a\rh\DATA\NAK_HL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\NAK_H_AR.000 -> C:\a\rh\DATA\NAK_H_AR.000
C:\Qoobox\Quarantine\C\a\rh\DATA\NAK_H_AR.X00 -> C:\a\rh\DATA\NAK_H_AR.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\OBCE.000 -> C:\a\rh\DATA\OBCE.000
C:\Qoobox\Quarantine\C\a\rh\DATA\OBCE.X00 -> C:\a\rh\DATA\OBCE.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_AR.000 -> C:\a\rh\DATA\OBJ_AR.000
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_AR.T00 -> C:\a\rh\DATA\OBJ_AR.T00
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_AR.X00 -> C:\a\rh\DATA\OBJ_AR.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_AR_P.000 -> C:\a\rh\DATA\OBJ_AR_P.000
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_AR_P.X00 -> C:\a\rh\DATA\OBJ_AR_P.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_HL.000 -> C:\a\rh\DATA\OBJ_HL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_HL.T00 -> C:\a\rh\DATA\OBJ_HL.T00
C:\Qoobox\Quarantine\C\a\rh\DATA\OBJ_POL.000 -> C:\a\rh\DATA\OBJ_POL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\PARAM.000 -> C:\a\rh\DATA\PARAM.000
C:\Qoobox\Quarantine\C\a\rh\DATA\POHYB.000 -> C:\a\rh\DATA\POHYB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\POL_AR.000 -> C:\a\rh\DATA\POL_AR.000
C:\Qoobox\Quarantine\C\a\rh\DATA\POL_NAK.000 -> C:\a\rh\DATA\POL_NAK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\POM.000 -> C:\a\rh\DATA\POM.000
C:\Qoobox\Quarantine\C\a\rh\DATA\PRECIS.000 -> C:\a\rh\DATA\PRECIS.000
C:\Qoobox\Quarantine\C\a\rh\DATA\PREC_CEN.000 -> C:\a\rh\DATA\PREC_CEN.000
C:\Qoobox\Quarantine\C\a\rh\DATA\SKLADY.000 -> C:\a\rh\DATA\SKLADY.000
C:\Qoobox\Quarantine\C\a\rh\DATA\SKLADY.X00 -> C:\a\rh\DATA\SKLADY.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\TISK_PAR.000 -> C:\a\rh\DATA\TISK_PAR.000
C:\Qoobox\Quarantine\C\a\rh\DATA\TRID_F.000 -> C:\a\rh\DATA\TRID_F.000
C:\Qoobox\Quarantine\C\a\rh\DATA\TRID_Z.000 -> C:\a\rh\DATA\TRID_Z.000
C:\Qoobox\Quarantine\C\a\rh\DATA\TR_CAST.000 -> C:\a\rh\DATA\TR_CAST.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZAKOB.000 -> C:\a\rh\DATA\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZAKOBP.000 -> C:\a\rh\DATA\ZAKOBP.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZBOZI.CEN -> C:\a\rh\DATA\ZBOZI.CEN
C:\Qoobox\Quarantine\C\a\rh\DATA\ZBOZ_OP.000 -> C:\a\rh\DATA\ZBOZ_OP.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\DOD.000 -> C:\a\rh\DATA\ABEL\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\DOD_POL.000 -> C:\a\rh\DATA\ABEL\DOD_POL.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\FAS_K.000 -> C:\a\rh\DATA\ABEL\FAS_K.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\GL_SK.000 -> C:\a\rh\DATA\ABEL\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\HLAVICKA.000 -> C:\a\rh\DATA\ABEL\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\HLAVICKA.X00 -> C:\a\rh\DATA\ABEL\HLAVICKA.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\POM_ZB.000 -> C:\a\rh\DATA\ABEL\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\POM_ZB.X00 -> C:\a\rh\DATA\ABEL\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\ZAKOB.000 -> C:\a\rh\DATA\ABEL\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\ZBOZI.000 -> C:\a\rh\DATA\ABEL\ZBOZI.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ABEL\ZBOZI.X00 -> C:\a\rh\DATA\ABEL\ZBOZI.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ACTIVA\DOD.000 -> C:\a\rh\DATA\ACTIVA\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ACTIVA\FAS_K.000 -> C:\a\rh\DATA\ACTIVA\FAS_K.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ACTIVA\ZAKOB.000 -> C:\a\rh\DATA\ACTIVA\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ANDERLE\DOD.000 -> C:\a\rh\DATA\ANDERLE\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ANDERLE\GL_SK.000 -> C:\a\rh\DATA\ANDERLE\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ANDERLE\POM_ZB.000 -> C:\a\rh\DATA\ANDERLE\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ANDERLE\POM_ZB.X00 -> C:\a\rh\DATA\ANDERLE\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ANDERLE\ZAKOB.000 -> C:\a\rh\DATA\ANDERLE\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ARABASZ\DOD.000 -> C:\a\rh\DATA\ARABASZ\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ARABASZ\FAS_K.000 -> C:\a\rh\DATA\ARABASZ\FAS_K.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ARABASZ\POM_ZB.000 -> C:\a\rh\DATA\ARABASZ\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ARABASZ\POM_ZB.X00 -> C:\a\rh\DATA\ARABASZ\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ARABASZ\ZAKOB.000 -> C:\a\rh\DATA\ARABASZ\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\DOD.000 -> C:\a\rh\DATA\CERNOCH\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\GL_SK.000 -> C:\a\rh\DATA\CERNOCH\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\HLAVICKA.000 -> C:\a\rh\DATA\CERNOCH\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\HLAVICKA.X00 -> C:\a\rh\DATA\CERNOCH\HLAVICKA.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\ZAKOB.000 -> C:\a\rh\DATA\CERNOCH\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\ZBOZI.000 -> C:\a\rh\DATA\CERNOCH\ZBOZI.000
C:\Qoobox\Quarantine\C\a\rh\DATA\CERNOCH\ZBOZI.X00 -> C:\a\rh\DATA\CERNOCH\ZBOZI.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\EPL\DOD.000 -> C:\a\rh\DATA\EPL\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\EPL\ZAKOB.000 -> C:\a\rh\DATA\EPL\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FB\DOD.000 -> C:\a\rh\DATA\FB\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FB\ZAKOB.000 -> C:\a\rh\DATA\FB\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\DOD.000 -> C:\a\rh\DATA\FICEK\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\FAS_K.000 -> C:\a\rh\DATA\FICEK\FAS_K.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\GL_SK.000 -> C:\a\rh\DATA\FICEK\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\HLAVICKA.000 -> C:\a\rh\DATA\FICEK\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\HLAVICKA.X00 -> C:\a\rh\DATA\FICEK\HLAVICKA.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\POM_ZB.000 -> C:\a\rh\DATA\FICEK\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\POM_ZB.X00 -> C:\a\rh\DATA\FICEK\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\ZAKOB.000 -> C:\a\rh\DATA\FICEK\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\ZBOZI.000 -> C:\a\rh\DATA\FICEK\ZBOZI.000
C:\Qoobox\Quarantine\C\a\rh\DATA\FICEK\ZBOZI.X00 -> C:\a\rh\DATA\FICEK\ZBOZI.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\HOLIK\DOD.000 -> C:\a\rh\DATA\HOLIK\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\HOLIK\GL_SK.000 -> C:\a\rh\DATA\HOLIK\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\HOLIK\HLAVICKA.000 -> C:\a\rh\DATA\HOLIK\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\HOLIK\ZAKOB.000 -> C:\a\rh\DATA\HOLIK\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\HOLIK\ZBOZI.000 -> C:\a\rh\DATA\HOLIK\ZBOZI.000
C:\Qoobox\Quarantine\C\a\rh\DATA\KAREL\DOD.000 -> C:\a\rh\DATA\KAREL\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\KAREL\GL_SK.000 -> C:\a\rh\DATA\KAREL\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\KAREL\POM_ZB.000 -> C:\a\rh\DATA\KAREL\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\KAREL\POM_ZB.X00 -> C:\a\rh\DATA\KAREL\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\KAREL\ZAKOB.000 -> C:\a\rh\DATA\KAREL\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\TRCKOVA\DOD.000 -> C:\a\rh\DATA\TRCKOVA\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\TRCKOVA\POM_ZB.000 -> C:\a\rh\DATA\TRCKOVA\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\TRCKOVA\POM_ZB.X00 -> C:\a\rh\DATA\TRCKOVA\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\TRCKOVA\ZAKOB.000 -> C:\a\rh\DATA\TRCKOVA\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\DOD.000 -> C:\a\rh\DATA\UNIOS\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\FAS_K.000 -> C:\a\rh\DATA\UNIOS\FAS_K.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\GL_SK.000 -> C:\a\rh\DATA\UNIOS\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\HLAVICKA.000 -> C:\a\rh\DATA\UNIOS\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\HLAVICKA.X00 -> C:\a\rh\DATA\UNIOS\HLAVICKA.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\POM_ZB.000 -> C:\a\rh\DATA\UNIOS\POM_ZB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\POM_ZB.X00 -> C:\a\rh\DATA\UNIOS\POM_ZB.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\ZAKOB.000 -> C:\a\rh\DATA\UNIOS\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\ZBOZI.000 -> C:\a\rh\DATA\UNIOS\ZBOZI.000
C:\Qoobox\Quarantine\C\a\rh\DATA\UNIOS\ZBOZI.X00 -> C:\a\rh\DATA\UNIOS\ZBOZI.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\DOD.000 -> C:\a\rh\DATA\ZUZKA\DOD.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\GL_SK.000 -> C:\a\rh\DATA\ZUZKA\GL_SK.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\HLAVICKA.000 -> C:\a\rh\DATA\ZUZKA\HLAVICKA.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\HLAVICKA.X00 -> C:\a\rh\DATA\ZUZKA\HLAVICKA.X00
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\ZAKOB.000 -> C:\a\rh\DATA\ZUZKA\ZAKOB.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\ZBOZI.000 -> C:\a\rh\DATA\ZUZKA\ZBOZI.000
C:\Qoobox\Quarantine\C\a\rh\DATA\ZUZKA\ZBOZI.X00 -> C:\a\rh\DATA\ZUZKA\ZBOZI.X00
C:\Qoobox\Quarantine\C\a\rh\PGM\01.TXT -> C:\a\rh\PGM\01.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\2007_KON.DAT -> C:\a\rh\PGM\2007_KON.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\2008_KON.DAT -> C:\a\rh\PGM\2008_KON.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\2008_ZAC.DAT -> C:\a\rh\PGM\2008_ZAC.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\2009_KON.DAT -> C:\a\rh\PGM\2009_KON.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\20100509.DAT -> C:\a\rh\PGM\20100509.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\20101231.DAT -> C:\a\rh\PGM\20101231.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\20111231.DAT -> C:\a\rh\PGM\20111231.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\20120101.DAT -> C:\a\rh\PGM\20120101.DAT
C:\Qoobox\Quarantine\C\a\rh\PGM\AUKRO.TXT -> C:\a\rh\PGM\AUKRO.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\AUKRO2.TXT -> C:\a\rh\PGM\AUKRO2.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK0.OVL -> C:\a\rh\PGM\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK0.TVL -> C:\a\rh\PGM\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK1.OVL -> C:\a\rh\PGM\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK1.TVL -> C:\a\rh\PGM\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK2.OVL -> C:\a\rh\PGM\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK2.TVL -> C:\a\rh\PGM\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK3.OVL -> C:\a\rh\PGM\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK3.TVL -> C:\a\rh\PGM\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK4.OVL -> C:\a\rh\PGM\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK4.RD$ -> C:\a\rh\PGM\CENIK4.RD$
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK4.TT$ -> C:\a\rh\PGM\CENIK4.TT$
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK4.TVL -> C:\a\rh\PGM\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIK97.TTT -> C:\a\rh\PGM\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIKHLP.000 -> C:\a\rh\PGM\CENIKHLP.000
C:\Qoobox\Quarantine\C\a\rh\PGM\CENIKHLP.T00 -> C:\a\rh\PGM\CENIKHLP.T00
C:\Qoobox\Quarantine\C\a\rh\PGM\CEN_DPH.OVL -> C:\a\rh\PGM\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\CEN_DPH.TVL -> C:\a\rh\PGM\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\DIC_EU.TTT -> C:\a\rh\PGM\DIC_EU.TTT
C:\Qoobox\Quarantine\C\a\rh\PGM\faktura.txt -> C:\a\rh\PGM\faktura.txt
C:\Qoobox\Quarantine\C\a\rh\PGM\FAND.RES -> C:\a\rh\PGM\FAND.RES
C:\Qoobox\Quarantine\C\a\rh\PGM\FANDCFG.BAK -> C:\a\rh\PGM\FANDCFG.BAK
C:\Qoobox\Quarantine\C\a\rh\PGM\ficek.xls -> C:\a\rh\PGM\ficek.xls
C:\Qoobox\Quarantine\C\a\rh\PGM\FIR_ZB.000 -> C:\a\rh\PGM\FIR_ZB.000
C:\Qoobox\Quarantine\C\a\rh\PGM\JC_PRUV.TXT -> C:\a\rh\PGM\JC_PRUV.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\LICENCE.000 -> C:\a\rh\PGM\LICENCE.000
C:\Qoobox\Quarantine\C\a\rh\PGM\MALO.TXT -> C:\a\rh\PGM\MALO.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\maloprodej.txt -> C:\a\rh\PGM\maloprodej.txt
C:\Qoobox\Quarantine\C\a\rh\PGM\novinky.txt -> C:\a\rh\PGM\novinky.txt
C:\Qoobox\Quarantine\C\a\rh\PGM\OBJ_EXP.DBF -> C:\a\rh\PGM\OBJ_EXP.DBF
C:\Qoobox\Quarantine\C\a\rh\PGM\POM1.TXT -> C:\a\rh\PGM\POM1.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\POM2.TXT -> C:\a\rh\PGM\POM2.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\POM_SKL.000 -> C:\a\rh\PGM\POM_SKL.000
C:\Qoobox\Quarantine\C\a\rh\PGM\PRINTER.TXT -> C:\a\rh\PGM\PRINTER.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\PR_LATIN.TXT -> C:\a\rh\PGM\PR_LATIN.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\PR_NO.TXT -> C:\a\rh\PGM\PR_NO.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\PR_WIN.TXT -> C:\a\rh\PGM\PR_WIN.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\TEXT_LAT.TXT -> C:\a\rh\PGM\TEXT_LAT.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\TEXT_NO.TXT -> C:\a\rh\PGM\TEXT_NO.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\TEXT_WIN.TXT -> C:\a\rh\PGM\TEXT_WIN.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\UFAND.OVR -> C:\a\rh\PGM\UFAND.OVR
C:\Qoobox\Quarantine\C\a\rh\PGM\UFANDHLP.000 -> C:\a\rh\PGM\UFANDHLP.000
C:\Qoobox\Quarantine\C\a\rh\PGM\UFANDHLP.T00 -> C:\a\rh\PGM\UFANDHLP.T00
C:\Qoobox\Quarantine\C\a\rh\PGM\UPGRADE.OVL -> C:\a\rh\PGM\UPGRADE.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\UPGRADE.TVL -> C:\a\rh\PGM\UPGRADE.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK0.OVL -> C:\a\rh\PGM\zal\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK0.TVL -> C:\a\rh\PGM\zal\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK1.OVL -> C:\a\rh\PGM\zal\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK1.TVL -> C:\a\rh\PGM\zal\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK2.OVL -> C:\a\rh\PGM\zal\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK2.TVL -> C:\a\rh\PGM\zal\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK3.OVL -> C:\a\rh\PGM\zal\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK3.TVL -> C:\a\rh\PGM\zal\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK4.OVL -> C:\a\rh\PGM\zal\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK4.TVL -> C:\a\rh\PGM\zal\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIK97.TTT -> C:\a\rh\PGM\zal\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIKHLP.000 -> C:\a\rh\PGM\zal\CENIKHLP.000
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\CENIKHLP.T00 -> C:\a\rh\PGM\zal\CENIKHLP.T00
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\LICENCE.000 -> C:\a\rh\PGM\zal\LICENCE.000
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\UPGRADE.OVL -> C:\a\rh\PGM\zal\UPGRADE.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal\UPGRADE.TVL -> C:\a\rh\PGM\zal\UPGRADE.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK0.OVL -> C:\a\rh\PGM\zal1\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK0.TVL -> C:\a\rh\PGM\zal1\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK1.OVL -> C:\a\rh\PGM\zal1\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK1.TVL -> C:\a\rh\PGM\zal1\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK2.OVL -> C:\a\rh\PGM\zal1\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK2.TVL -> C:\a\rh\PGM\zal1\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK3.OVL -> C:\a\rh\PGM\zal1\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK3.TVL -> C:\a\rh\PGM\zal1\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK4.OVL -> C:\a\rh\PGM\zal1\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK4.TVL -> C:\a\rh\PGM\zal1\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIK97.TTT -> C:\a\rh\PGM\zal1\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIKHLP.000 -> C:\a\rh\PGM\zal1\CENIKHLP.000
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CENIKHLP.T00 -> C:\a\rh\PGM\zal1\CENIKHLP.T00
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CEN_DPH.OVL -> C:\a\rh\PGM\zal1\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\CEN_DPH.TVL -> C:\a\rh\PGM\zal1\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\LICENCE.000 -> C:\a\rh\PGM\zal1\LICENCE.000
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\UPGRADE.OVL -> C:\a\rh\PGM\zal1\UPGRADE.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\zal1\UPGRADE.TVL -> C:\a\rh\PGM\zal1\UPGRADE.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK0.OVL -> C:\a\rh\PGM\ZAL2\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK0.TVL -> C:\a\rh\PGM\ZAL2\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK1.OVL -> C:\a\rh\PGM\ZAL2\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK1.TVL -> C:\a\rh\PGM\ZAL2\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK2.OVL -> C:\a\rh\PGM\ZAL2\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK2.TVL -> C:\a\rh\PGM\ZAL2\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK3.OVL -> C:\a\rh\PGM\ZAL2\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK3.TVL -> C:\a\rh\PGM\ZAL2\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK4.OVL -> C:\a\rh\PGM\ZAL2\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK4.TVL -> C:\a\rh\PGM\ZAL2\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CENIK97.TTT -> C:\a\rh\PGM\ZAL2\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CEN_DPH.OVL -> C:\a\rh\PGM\ZAL2\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\CEN_DPH.TVL -> C:\a\rh\PGM\ZAL2\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\NOVINKY.TXT -> C:\a\rh\PGM\ZAL2\NOVINKY.TXT
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK0.OVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK0.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK0.TVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK0.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK1.OVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK1.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK1.TVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK1.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK2.OVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK2.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK2.TVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK2.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK3.OVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK3.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK3.TVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK3.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK4.OVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK4.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK4.TVL -> C:\a\rh\PGM\ZAL2\SILA\CENIK4.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CENIK97.TTT -> C:\a\rh\PGM\ZAL2\SILA\CENIK97.TTT
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CEN_DPH.OVL -> C:\a\rh\PGM\ZAL2\SILA\CEN_DPH.OVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CEN_DPH.TVL -> C:\a\rh\PGM\ZAL2\SILA\CEN_DPH.TVL
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\CEN_RH_4_32.zip -> C:\a\rh\PGM\ZAL2\SILA\CEN_RH_4_32.zip
C:\Qoobox\Quarantine\C\a\rh\PGM\ZAL2\SILA\NOVINKY.TXT -> C:\a\rh\PGM\ZAL2\SILA\NOVINKY.TXT
C:\Qoobox\Quarantine\C\a\zal\bookmarks-2012-01-03.json -> C:\a\zal\bookmarks-2012-01-03.json
499 zkopˇrovaněch soubor…

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 27 dub 2012 00:57

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-27 00:22:00
-----------------------------
00:22:00.932 OS Version: Windows 5.1.2600 Service Pack 3
00:22:00.932 Number of processors: 1 586 0x905
00:22:00.932 ComputerName: ROMAN UserName:
00:22:01.583 Initialize success
00:22:04.507 AVAST engine defs: 12042601
00:23:10.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
00:23:10.703 Disk 0 Vendor: HTS548040M9AT00 MG2OA53A Size: 38154MB BusType: 3
00:23:10.713 Disk 1 \Device\Harddisk1\DR2 -> \Device\00000091
00:23:10.713 Disk 1 Vendor: Winbond 0000 Size: 38154MB BusType: 0
00:23:10.733 Disk 0 MBR read successfully
00:23:10.743 Disk 0 MBR scan
00:23:10.743 Disk 0 Windows XP default MBR code
00:23:10.753 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38146 MB offset 63
00:23:10.803 Disk 0 scanning sectors +78125040
00:23:10.913 Disk 0 scanning C:\WINDOWS\system32\drivers
00:23:36.029 Service scanning
00:23:54.045 Modules scanning
00:24:27.443 Disk 0 trace - called modules:
00:24:27.833 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
00:24:27.833 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a0c9ab8]
00:24:27.844 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\00000083[0x8a0891c0]
00:24:27.844 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a0d6940]
00:24:28.444 AVAST engine scan C:\WINDOWS
00:24:45.008 AVAST engine scan C:\WINDOWS\system32
00:30:18.908 AVAST engine scan C:\WINDOWS\system32\drivers
00:31:04.053 AVAST engine scan C:\Documents and Settings\Administrator
00:48:28.024 AVAST engine scan C:\Documents and Settings\All Users
00:51:24.398 File: C:\Documents and Settings\All Users\Data aplikací\Installations\{653A52D8-127C-476D-BAD9-27117A3A4959}\Installer\CommonCustomActions\closeapp.exe **INFECTED** Win32:MalOb-EI [Cryp]
00:53:44.660 Scan finished successfully
00:56:17.159 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Plocha\MBR.dat"
00:56:17.169 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Plocha\aswMBR.txt"

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 27 dub 2012 01:00


Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod jaro3 » 27 dub 2012 09:57

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si windatfindbat of Karl83

Rozbal do složky, otevři jí poklepej na ní (ve vistě a win7 spusť jako správce). Otevře se okno DOS a posléze se objeví log.Jinak je pod názvem dirdat.txt v C:\ . Vlož sem prosím obsah toho logu, můžeš vybrat jen ty za poslední 3 měsíce.

Vlož nový log HJT+ info o vytížení a problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

rmii
nováček
Příspěvky: 10
Registrován: duben 12
Pohlaví: Muž
Stav:
Offline

Re: services.exe 98% CPU

Příspěvekod rmii » 27 dub 2012 20:36

Svazek v jednotce C nemá žádnou jmenovku.
Sériové číslo svazku je 3458-D543.

Výpis adresáře C:\

27.04.2012 20:33 0 dirdat.txt
26.04.2012 23:48 2 146 881 536 hiberfil.sys
26.04.2012 23:48 805 306 368 pagefile.sys
26.04.2012 23:37 38 543 DeQuarantine.txt
26.04.2012 01:17 327 boot.ini
21.04.2012 17:34 2 723 treeinfo.wc
18.02.2012 12:24 165 948 ODCITPOL.pdf
31 souborů, 2 955 332 909 bajtů
Adresářů: 0, Volných bajtů: 5 836 382 208
Svazek v jednotce C nemá žádnou jmenovku.
Sériové číslo svazku je 3458-D543.

Výpis adresáře C:\WINDOWS\system32

26.04.2012 23:49 2 206 wpa.dbl
23.04.2012 17:15 157 472 javaws.exe
23.04.2012 17:15 149 280 javaw.exe
23.04.2012 17:15 73 728 javacpl.cpl
23.04.2012 17:15 149 280 java.exe
23.04.2012 17:15 472 808 deployJava1.dll
23.04.2012 17:13 441 906 perfh009.dat
23.04.2012 17:13 438 518 perfh005.dat
23.04.2012 17:13 71 842 perfc009.dat
23.04.2012 17:13 83 198 perfc005.dat
23.04.2012 17:13 1 048 606 PerfStringBackup.INI
12.04.2012 23:58 55 154 568 MRT.exe
29.03.2012 09:45 130 888 FNTCACHE.DAT
28.03.2012 22:12 2 554 CONFIG.NT
02.03.2012 05:59 11 082 752 ieframe.dll
01.03.2012 12:59 387 584 iedkcs32.dll
01.03.2012 12:59 105 984 url.dll
01.03.2012 12:59 184 320 iepeers.dll
01.03.2012 12:59 1 212 416 urlmon.dll
01.03.2012 12:59 611 840 mstime.dll
01.03.2012 12:59 602 112 msfeeds.dll
01.03.2012 12:59 1 469 440 inetcpl.cpl
01.03.2012 12:59 55 296 msfeedsbs.dll
01.03.2012 12:59 2 000 384 iertutil.dll
01.03.2012 12:59 43 520 licmgr10.dll
01.03.2012 12:59 206 848 occache.dll
01.03.2012 12:59 5 978 624 mshtml.dll
01.03.2012 12:59 916 992 wininet.dll
01.03.2012 12:59 66 560 mshtmled.dll
01.03.2012 12:59 25 600 jsproxy.dll
01.03.2012 03:14 133 120 extmgr.dll
29.02.2012 16:10 148 480 imagehlp.dll
29.02.2012 16:10 177 664 wintrust.dll
29.02.2012 14:17 385 024 html.iec
29.02.2012 14:17 174 080 ie4uinit.exe
23.02.2012 18:23 201 352 aswBoot.exe
03.02.2012 11:57 1 860 096 win32k.sys
12.01.2012 00:40 414 368 FlashPlayerCPLApp.cpl
11.01.2012 21:07 3 072 iacenc.dll
2338 souborů, 612 773 361 bajtů
Adresářů: 0, Volných bajtů: 5 913 972 736
Svazek v jednotce C nemá žádnou jmenovku.
Sériové číslo svazku je 3458-D543.

Výpis adresáře C:\WINDOWS

27.04.2012 16:19 1 404 755 WindowsUpdate.log
26.04.2012 23:48 49 wiaservc.log
26.04.2012 23:48 159 wiadebug.log
26.04.2012 23:48 2 048 bootstat.dat
26.04.2012 23:31 32 564 SchedLgU.Txt
26.04.2012 02:05 227 system.ini
21.04.2012 17:36 2 606 wincmd.ini
04.04.2012 17:50 12 164 ModemLog_Nokia E52 USB Modem.txt
02.03.2012 22:24 1 191 win.ini
26.02.2012 14:12 717 wcx_ftp.ini
23.02.2012 18:23 41 184 avastSS.scr
01.01.2012 19:30 7 783 UEDIT32.INI
93 souborů, 9 072 906 bajtů
Adresářů: 0, Volných bajtů: 5 913 980 928
Svazek v jednotce C nemá žádnou jmenovku.
Sériové číslo svazku je 3458-D543.

Výpis adresáře C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

27.04.2012 20:33 164 420 DalMeasurementFile2.log
26.04.2012 23:51 0 qtsingleapp-NokiaO-b889-0-lockfile
2 souborů, 164 420 bajtů
Adresářů: 0, Volných bajtů: 5 913 980 928


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 73 hostů