Kontrola logu

ZHlavaty · Příspěvekod **ZHlavaty** » 24 říj 2011 14:51

Dobrý den,prosím o kontrolu logu z ComboFix a a z HJK.
V neděli mi začalo pomalé nabihaní Windows,přestalo fungovat připojení k internetu a u Avastu se sama vypnula rezidentní ochrana a nešla zapnout.Pomohla až nová instalace
Při spuštění ComboFix mi hlásil,že mám v PC Rootkit.ZeroAccess.Log jsem si bohužel přepsal dnešním spuštěním ComboFix.
Stav se po projeti s ComboFix nezměnil.
Náběh Windows je takřka stejný a k internetu se mohu stále připojit.

Přikládám dnešní log z Combofix a z HJK.

Děkuji za radu
Zdeněk Hlavatý

ComboFix 11-10-24.01 - Zdeněk - Hlavaty 24.10.2011 11:39:42.3.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.759 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdeněk - Hlavaty\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-24 do 2011-10-24 )))))))))))))))))))))))))))))))
.
.
2011-10-24 09:33 . 2011-10-24 09:33 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5C104A0-C2CC-4418-BC4B-1DC33AA8F451}\offreg.dll
2011-10-23 10:49 . 2011-10-23 10:49 -------- d-----w- c:\program files\Sophos
2011-10-23 10:00 . 2011-10-06 18:48 6668624 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5C104A0-C2CC-4418-BC4B-1DC33AA8F451}\mpengine.dll
2011-10-23 08:20 . 2011-10-23 08:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-10-23 07:15 . 2011-10-23 07:16 -------- d-----w- c:\program files\RegTweaker
2011-10-22 17:32 . 2011-10-22 17:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SecTaskMan
2011-10-22 17:32 . 2011-10-22 17:32 -------- d-----w- c:\program files\Security Task Manager
2011-10-22 10:25 . 2007-12-19 21:11 176128 ----a-w- c:\windows\system32\igfxres.dll
2011-10-22 10:16 . 2011-10-22 10:16 -------- d-----w- c:\program files\Elantech
2011-10-22 09:17 . 2011-10-22 09:17 -------- d-----w- c:\program files\Atheros Communications Inc
2011-10-22 09:12 . 2011-10-22 09:12 -------- d-----w- c:\windows\system32\Atheros_L1e
2011-10-22 08:31 . 2008-03-11 17:37 36864 ----a-w- c:\windows\system32\drivers\l1e51x86.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-10-22 08:07 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-22 08:07 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-22 08:07 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-22 08:07 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-22 08:07 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-22 08:07 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-10-22 08:07 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-10-22 08:07 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-22 08:06 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-22 08:06 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-22 07:28 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-21 16:32 . 2011-05-24 17:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-10-21 14:33 . 2011-10-21 14:34 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-21 14:07 . 2011-10-22 07:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-21 14:07 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-21 13:15 . 2011-10-22 08:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-10-21 13:15 . 2011-10-21 13:15 -------- d-----w- c:\program files\AVAST Software
2011-10-21 12:23 . 2011-10-21 12:23 -------- d-sh--w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\78e73b5c
2011-10-20 07:55 . 2011-10-20 08:32 -------- d-----w- C:\XPCD
2011-10-20 07:50 . 2011-10-20 08:36 -------- d-----w- c:\program files\nLite
2011-10-19 21:14 . 2011-10-19 21:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2011-10-18 10:43 . 2011-10-18 10:43 -------- d-----w- c:\program files\PowerQuest
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\LogicWeave Software
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\program files\LogicWeave
2011-10-13 15:20 . 2011-10-13 15:20 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\ElevatedDiagnostics
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2009-11-12 12:48 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-10-13 04:29 . 2011-10-21 16:47 -------- d-----w- c:\program files\CDBurnerXP
2011-10-13 03:49 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-10-12 14:27 . 2011-10-12 14:27 -------- d-----w- C:\DriveKey
2011-10-12 10:29 . 2011-10-12 10:29 -------- d-----w- c:\program files\Conduit
2011-10-12 10:29 . 2011-10-17 10:18 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Conduit
2011-10-12 10:28 . 2011-10-12 13:36 -------- d-----w- c:\program files\uTorrent
2011-10-12 10:27 . 2011-10-21 12:43 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\uTorrent
2011-10-12 10:27 . 2011-10-12 10:27 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\uTorrent
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 04:27 . 2011-10-07 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\GeoGet
2011-10-04 12:04 . 2011-10-04 12:04 -------- d-----w- c:\program files\Geopainting.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 19:41 . 2010-07-10 12:37 796672 ----a-w- c:\windows\GPInstall.exe
2011-10-19 19:05 . 2011-05-19 07:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2011-05-09 14:47 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2011-05-09 14:47 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2011-05-09 14:46 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-08 19:41 . 2011-09-08 19:34 466944 ------w- c:\windows\Setup1.exe
2011-09-08 19:41 . 2011-09-08 19:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-06 14:10 . 2011-05-09 14:47 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 07:17 . 2011-05-20 13:37 196608 ----a-w- c:\windows\system32\libssl32.dll
2011-08-22 23:41 . 2011-05-09 14:47 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2011-05-09 14:46 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2011-05-09 14:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2011-05-09 14:46 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2011-05-09 14:46 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2008-05-07 14:34 . 2010-07-09 12:21 15523560 ----a-w- c:\program files\U1 Setup.exe
2011-10-06 14:49 . 2011-04-04 11:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-10-24_09.15.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 17:20 . 2011-10-24 09:38 546040 c:\windows\system32\perfh009.dat
+ 2008-07-07 17:20 . 2011-10-24 09:38 543492 c:\windows\system32\perfh005.dat
+ 2008-07-07 17:20 . 2011-10-24 09:38 109888 c:\windows\system32\perfc009.dat
+ 2008-07-07 17:20 . 2011-10-24 09:38 124788 c:\windows\system32\perfc005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}]
2011-03-02 21:20 242688 ----a-w- c:\program files\RegTweaker\key.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-06-03 98304]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-06-03 479232]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"fxredir"="c:\windows\system32\fxredir.exe" [2001-12-12 65536]
"MPTBox"="c:\program files\Canon\MultiPASS4\MPTBox.exe" [2001-12-12 151552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-28 16861696]
"SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-7 600680]
SuperHybridEngine.lnk - c:\program files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2010-7-9 303104]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Garmin\\UMP-pcPL\\rsync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\GeoGet\\geoget.exe"=
"d:\\Discovery\\geoget.exe"=
"d:\\Munisek\\geoget.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
S0 wiyot;wiyot;c:\windows\system32\drivers\eirtr.sys --> c:\windows\system32\drivers\eirtr.sys [?]
S1 aklnecyw;aklnecyw;\??\c:\windows\system32\drivers\aklnecyw.sys --> c:\windows\system32\drivers\aklnecyw.sys [?]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [22.10.2011 10:07 442200]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.10.2011 10:07 320856]
S1 ksagkozh;ksagkozh;\??\c:\windows\system32\drivers\ksagkozh.sys --> c:\windows\system32\drivers\ksagkozh.sys [?]
S1 MpKslc47b0d3c;MpKslc47b0d3c;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F7B09BC-C430-420F-B3B3-9EDE359A8CAC}\MpKslc47b0d3c.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F7B09BC-C430-420F-B3B3-9EDE359A8CAC}\MpKslc47b0d3c.sys [?]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.10.2011 10:07 20568]
S2 MSSQL$ELISKACLIENT2008;SQL Server (ELISKACLIENT2008);c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe [30.3.2009 3:25 43010392]
S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [10.6.2011 7:40 140848]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30.3.2011 20:28 1691480]
S3 fsbl-standalone;F-Secure BlackLight Beta Engine Driver;\??\c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys [?]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [2.7.2011 22:45 94336]
S3 LOOZ;LOOZ;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe [?]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\A.tmp --> c:\windows\system32\A.tmp [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9.7.2010 13:59 625024]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [9.5.2011 16:47 14336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [31.3.2009 6:55 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30.3.2009 3:09 239336]
S4 SQLAgent$ELISKACLIENT2008;SQL Server Agent (ELISKACLIENT2008);c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE [30.3.2009 3:23 366936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-24 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
2011-10-24 c:\windows\Tasks\User_Feed_Synchronization-{4199CB7F-1E72-477B-8BA5-CC6A4786ABD2}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_cs
uInternet Connection Wizard,ShellNext = hxxp://eeepc.asus.com/global
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: csobpoj.cz\app
Trusted Zone: csobpoj.cz\appakc
TCP: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
FF - ProfilePath - c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://web.volny.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-24 12:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\A.tmp"
.
Celkový čas: 2011-10-24 12:13:07
ComboFix-quarantined-files.txt 2011-10-24 10:13
ComboFix2.txt 2011-10-24 09:20
ComboFix3.txt 2011-10-23 09:58
.
Před spuštěním: 9 966 080 000
Po spuštění: 9 956 118 528
.
- - End Of File - - A46CFF7E10B17144AD68FA3C99A8BCAF
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:38:38, on 24.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\fxredir.exe
C:\Program Files\Canon\MultiPASS4\MPTBox.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Zdeněk - Hlavaty\Plocha\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://eeepc.asus.com/global
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: QuickNet - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - C:\Program Files\RegTweaker\key.dll (file missing)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [fxredir] C:\WINDOWS\system32\fxredir.exe
O4 - HKLM\..\Run: [MPTBox] C:\Program Files\Canon\MultiPASS4\MPTBox.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe (User 'Default user')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support-org.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LOOZ - Unknown owner - C:\DOCUME~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe (file missing)
O23 - Service: MpService - Canon Inc - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

--
End of file - 10021 bytes

Reklama

Příspěvekod **Žbeky** » 24 říj 2011 18:15

Jistě ti nějaký odborník CF doporučil a dle jeho rad ses řídil. Stejně jak je napsáno ve varování před jeho spuštěním. Tak co chceš po nás?
A jen tak mimochodem máš 2 antiviry

ZHlavaty · Příspěvekod **ZHlavaty** » 25 říj 2011 10:01

Dobrý den,
MS Essentials jsem tam nainstaloval až po tom co mi přestalo fungovat připojení k internetu a u Avastu se sama vypnula rezidentní ochrana a nešla zapnout.Už jsem ho odinstaloval.
CF mi nikdo neradil.Kdysi jsem ho už jednou použil k odstranění problémů.
Ten první log CF jsem našel.
Chtěl jsem poradit co dál.

Příspěvekod **jaro3** » 25 říj 2011 13:44

Příště používej Combofix jen na požádání rádce!

Odinstaluj:
uTorrentBar Toolbar
uTorrentBar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: QuickNet - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - C:\Program Files\RegTweaker\key.dll (file missing)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support-org.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: LOOZ - Unknown owner - C:\DOCUME~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

ZHlavaty · Příspěvekod **ZHlavaty** » 25 říj 2011 15:09

Dobry den,
tak snad vše provedeno podle návodu.
Připojení k internetu mi po té události v neděli stále nejde a tak je kontrola Malwarebytes' Anti-Malware provedena bez aktualizace.
Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

25.10.2011 15:00:04
mbam-log-2011-10-25 (15-00-04).txt

Typ: Rychlá kontrola
Kontrolované objekty: 167698
Uplynulý čas: 11 minut, 6 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Příspěvekod **jaro3** » 25 říj 2011 18:39

To připojení nejde znovu nakonfigurovat?

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si (odjinud!)ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

ZHlavaty · Příspěvekod **ZHlavaty** » 26 říj 2011 17:03

Dobrý den,
připojení na internet stále nefunguje.U WIFI i u místní sítě končím u načítaní síťové adresy.Nenačte se.

Log z CF

ComboFix 11-10-26.03 - Zdeněk - Hlavaty 26.10.2011 16:24:39.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.389 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdeněk - Hlavaty\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-26 do 2011-10-26 )))))))))))))))))))))))))))))))
.
.
2011-10-25 14:44 . 2011-10-25 14:44 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\DoctorWeb
2011-10-25 12:47 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-25 12:43 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-25 12:43 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-25 12:43 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-25 12:43 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-25 12:43 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-25 12:43 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-10-25 12:43 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-10-25 12:43 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-25 12:43 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-25 12:43 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-25 11:39 . 2011-10-25 13:53 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2011-10-24 12:18 . 2011-10-24 12:18 -------- d-----w- c:\program files\trend micro
2011-10-24 12:01 . 2011-10-24 12:01 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\OTM-World
2011-10-23 10:49 . 2011-10-23 10:49 -------- d-----w- c:\program files\Sophos
2011-10-23 08:20 . 2011-10-23 08:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-10-22 17:32 . 2011-10-26 14:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SecTaskMan
2011-10-22 10:25 . 2007-12-19 21:11 176128 ----a-w- c:\windows\system32\igfxres.dll
2011-10-22 10:16 . 2011-10-22 10:16 -------- d-----w- c:\program files\Elantech
2011-10-22 09:17 . 2011-10-22 09:17 -------- d-----w- c:\program files\Atheros Communications Inc
2011-10-22 09:12 . 2011-10-22 09:12 -------- d-----w- c:\windows\system32\Atheros_L1e
2011-10-22 08:31 . 2008-03-11 17:37 36864 ----a-w- c:\windows\system32\drivers\l1e51x86.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-10-21 16:32 . 2011-05-24 17:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-10-21 14:33 . 2011-10-24 11:18 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-21 14:07 . 2011-10-25 12:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-21 13:15 . 2011-10-25 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-10-21 13:15 . 2011-10-21 13:15 -------- d-----w- c:\program files\AVAST Software
2011-10-21 12:23 . 2011-10-21 12:23 -------- d-sh--w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\78e73b5c
2011-10-20 07:55 . 2011-10-20 08:32 -------- d-----w- C:\XPCD
2011-10-20 07:50 . 2011-10-20 08:36 -------- d-----w- c:\program files\nLite
2011-10-19 21:14 . 2011-10-19 21:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2011-10-18 10:43 . 2011-10-18 10:43 -------- d-----w- c:\program files\PowerQuest
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\LogicWeave Software
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\program files\LogicWeave
2011-10-13 15:20 . 2011-10-13 15:20 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\ElevatedDiagnostics
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2009-11-12 12:48 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-10-13 04:29 . 2011-10-21 16:47 -------- d-----w- c:\program files\CDBurnerXP
2011-10-13 03:49 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-10-12 10:29 . 2011-10-12 10:29 -------- d-----w- c:\program files\Conduit
2011-10-12 10:29 . 2011-10-25 12:05 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Conduit
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 04:27 . 2011-10-07 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\GeoGet
2011-10-04 12:04 . 2011-10-04 12:04 -------- d-----w- c:\program files\Geopainting.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 19:41 . 2010-07-10 12:37 796672 ----a-w- c:\windows\GPInstall.exe
2011-10-19 19:05 . 2011-05-19 07:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2011-05-09 14:47 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2011-05-09 14:47 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2011-05-09 14:46 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-08 19:41 . 2011-09-08 19:34 466944 ------w- c:\windows\Setup1.exe
2011-09-08 19:41 . 2011-09-08 19:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-06 14:10 . 2011-05-09 14:47 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 07:17 . 2011-05-20 13:37 196608 ----a-w- c:\windows\system32\libssl32.dll
2011-08-22 23:41 . 2011-05-09 14:47 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2011-05-09 14:46 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2011-05-09 14:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2011-05-09 14:46 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2011-05-09 14:46 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2008-05-07 14:34 . 2010-07-09 12:21 15523560 ----a-w- c:\program files\U1 Setup.exe
2011-10-06 14:49 . 2011-04-04 11:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-06-03 98304]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-06-03 479232]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"fxredir"="c:\windows\system32\fxredir.exe" [2001-12-12 65536]
"MPTBox"="c:\program files\Canon\MultiPASS4\MPTBox.exe" [2001-12-12 151552]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-28 16861696]
"SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-7 600680]
SuperHybridEngine.lnk - c:\program files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2010-7-9 303104]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Garmin\\UMP-pcPL\\rsync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\GeoGet\\geoget.exe"=
"d:\\Discovery\\geoget.exe"=
"d:\\Munisek\\geoget.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.10.2011 14:43 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.10.2011 14:43 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2011 14:43 20568]
R2 MSSQL$ELISKACLIENT2008;SQL Server (ELISKACLIENT2008);c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe [30.3.2009 3:25 43010392]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [10.6.2011 7:40 140848]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9.7.2010 13:59 625024]
S0 wiyot;wiyot;c:\windows\system32\drivers\eirtr.sys --> c:\windows\system32\drivers\eirtr.sys [?]
S1 aklnecyw;aklnecyw;\??\c:\windows\system32\drivers\aklnecyw.sys --> c:\windows\system32\drivers\aklnecyw.sys [?]
S1 ksagkozh;ksagkozh;\??\c:\windows\system32\drivers\ksagkozh.sys --> c:\windows\system32\drivers\ksagkozh.sys [?]
S1 MpKslc47b0d3c;MpKslc47b0d3c;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F7B09BC-C430-420F-B3B3-9EDE359A8CAC}\MpKslc47b0d3c.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F7B09BC-C430-420F-B3B3-9EDE359A8CAC}\MpKslc47b0d3c.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30.3.2011 20:28 1691480]
S3 BV;BV;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\BV.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\BV.exe [?]
S3 fsbl-standalone;F-Secure BlackLight Beta Engine Driver;\??\c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys [?]
S3 GRTXNCIIUXAMY;GRTXNCIIUXAMY;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\GRTXNCIIUXAMY.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\GRTXNCIIUXAMY.exe [?]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [2.7.2011 22:45 94336]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\3.tmp --> c:\windows\system32\3.tmp [?]
S3 MSWYM;MSWYM;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\MSWYM.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\MSWYM.exe [?]
S3 NDHYIV;NDHYIV;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\NDHYIV.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\NDHYIV.exe [?]
S3 VVKELXGVTM;VVKELXGVTM;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\VVKELXGVTM.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\VVKELXGVTM.exe [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [9.5.2011 16:47 14336]
S3 ZPJJG;ZPJJG;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\ZPJJG.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\ZPJJG.exe [?]
S4 LOOZ;LOOZ;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [31.3.2009 6:55 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30.3.2009 3:09 239336]
S4 SQLAgent$ELISKACLIENT2008;SQL Server Agent (ELISKACLIENT2008);c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE [30.3.2009 3:23 366936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-26 c:\windows\Tasks\User_Feed_Synchronization-{4199CB7F-1E72-477B-8BA5-CC6A4786ABD2}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_cs
uInternet Connection Wizard,ShellNext = hxxp://eeepc.asus.com/global
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: csobpoj.cz\app
Trusted Zone: csobpoj.cz\appakc
TCP: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
FF - ProfilePath - c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://web.volny.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-26 16:43
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\3.tmp"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3516)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2011-10-26 16:49:44
ComboFix-quarantined-files.txt 2011-10-26 14:49
.
Před spuštěním: 9 168 322 560
Po spuštění: 9 201 623 040
.
- - End Of File - - 71EFD42F61CCBF8CBB5B97666DE63AC2

Příspěvekod **jaro3** » 26 říj 2011 18:37

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\eirtr.sys
c:\windows\system32\drivers\ksagkozh.sys
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\BV.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys
c:\windows\system32\3.tmp
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\MSWYM.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\NDHYIV.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\VVKELXGVTM.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\ZPJJG.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe

Folder::
c:\program files\Microsoft Security Client
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure

Driver::
wiyot
aklnecyw
MpKslc47b0d3c
BV
fsbl-standalone
MEMSWEEP2
MSWYM
NDHYIV
VVKELXGVTM
ZPJJG
LOOZ

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\GPInstall.exe
c:\program files\U1 Setup.exe
c:\windows\system32\appmgmts.dll
c:\windows\system32\drivers\RsFx0103.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

ZHlavaty · Příspěvekod **ZHlavaty** » 26 říj 2011 21:09

Dobrý den,

protože se nemohu stále připojit,zkopíroval jsem soubory na USB flash disk a poté provedl kontrolu z druhého PC.

Ještě nemohu odinstalovat IObit Toolbar v4.4.ktery mi zůstal v PC po odinstalaci IObytu,kterou jsem provedl když nastaly problémy.
Při pokusu o odinstalování se objeví hlaška

Funkce kterou chcete použít se nachází na síťovém prostředku,který není přistupný.
Klepnuím na OK akci opakujte,nebo zadejte do uvedeného pole jinou cestu obsahující instalační balíček IObit Toolbar.msi

Tu však nikde nemohu najít.

ComboFix 11-10-26.03 - Zdeněk - Hlavaty 26.10.2011 19:39:03.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.401 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdenýk - Hlavaty\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Zdenýk - Hlavaty\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-26 do 2011-10-26 )))))))))))))))))))))))))))))))
.
.
2011-10-26 15:25 . 2011-10-26 15:25 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\IObit
2011-10-25 14:44 . 2011-10-25 14:44 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\DoctorWeb
2011-10-25 12:47 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-25 12:43 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-25 12:43 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-25 12:43 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-25 12:43 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-25 12:43 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-25 12:43 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-10-25 12:43 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-10-25 12:43 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-25 12:43 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-25 12:43 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-25 11:39 . 2011-10-25 13:53 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2011-10-24 12:18 . 2011-10-24 12:18 -------- d-----w- c:\program files\trend micro
2011-10-24 12:01 . 2011-10-24 12:01 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\OTM-World
2011-10-23 10:49 . 2011-10-23 10:49 -------- d-----w- c:\program files\Sophos
2011-10-23 08:20 . 2011-10-23 08:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-10-22 17:32 . 2011-10-26 14:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SecTaskMan
2011-10-22 10:25 . 2007-12-19 21:11 176128 ----a-w- c:\windows\system32\igfxres.dll
2011-10-22 10:16 . 2011-10-22 10:16 -------- d-----w- c:\program files\Elantech
2011-10-22 09:17 . 2011-10-22 09:17 -------- d-----w- c:\program files\Atheros Communications Inc
2011-10-22 09:12 . 2011-10-22 09:12 -------- d-----w- c:\windows\system32\Atheros_L1e
2011-10-22 08:31 . 2008-03-11 17:37 36864 ----a-w- c:\windows\system32\drivers\l1e51x86.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-10-21 16:32 . 2011-05-24 17:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-10-21 14:33 . 2011-10-24 11:18 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-21 14:07 . 2011-10-25 12:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-21 13:15 . 2011-10-25 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-10-21 13:15 . 2011-10-21 13:15 -------- d-----w- c:\program files\AVAST Software
2011-10-21 12:23 . 2011-10-21 12:23 -------- d-sh--w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\78e73b5c
2011-10-20 07:55 . 2011-10-20 08:32 -------- d-----w- C:\XPCD
2011-10-20 07:50 . 2011-10-20 08:36 -------- d-----w- c:\program files\nLite
2011-10-19 21:14 . 2011-10-19 21:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2011-10-18 10:43 . 2011-10-18 10:43 -------- d-----w- c:\program files\PowerQuest
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\LogicWeave Software
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\program files\LogicWeave
2011-10-13 15:20 . 2011-10-13 15:20 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\ElevatedDiagnostics
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2009-11-12 12:48 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-10-13 04:29 . 2011-10-21 16:47 -------- d-----w- c:\program files\CDBurnerXP
2011-10-13 03:49 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-10-12 10:29 . 2011-10-12 10:29 -------- d-----w- c:\program files\Conduit
2011-10-12 10:29 . 2011-10-25 12:05 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Conduit
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 04:27 . 2011-10-07 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\GeoGet
2011-10-04 12:04 . 2011-10-04 12:04 -------- d-----w- c:\program files\Geopainting.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 19:41 . 2010-07-10 12:37 796672 ----a-w- c:\windows\GPInstall.exe
2011-10-19 19:05 . 2011-05-19 07:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2011-05-09 14:47 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2011-05-09 14:47 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2011-05-09 14:46 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-08 19:41 . 2011-09-08 19:34 466944 ------w- c:\windows\Setup1.exe
2011-09-08 19:41 . 2011-09-08 19:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-06 14:10 . 2011-05-09 14:47 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 07:17 . 2011-05-20 13:37 196608 ----a-w- c:\windows\system32\libssl32.dll
2011-08-22 23:41 . 2011-05-09 14:47 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2011-05-09 14:46 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2011-05-09 14:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2011-05-09 14:46 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2011-05-09 14:46 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2008-05-07 14:34 . 2010-07-09 12:21 15523560 ----a-w- c:\program files\U1 Setup.exe
2011-10-06 14:49 . 2011-04-04 11:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-06-03 98304]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-06-03 479232]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"fxredir"="c:\windows\system32\fxredir.exe" [2001-12-12 65536]
"MPTBox"="c:\program files\Canon\MultiPASS4\MPTBox.exe" [2001-12-12 151552]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-28 16861696]
"SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-7 600680]
SuperHybridEngine.lnk - c:\program files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2010-7-9 303104]
.
c:\documents and settings\Zdeněk - Hlavaty\Nabídka Start\Programy\Po spuštění\
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2007-8-17 122880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Garmin\\UMP-pcPL\\rsync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\GeoGet\\geoget.exe"=
"d:\\Discovery\\geoget.exe"=
"d:\\Munisek\\geoget.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.10.2011 14:43 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.10.2011 14:43 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2011 14:43 20568]
R2 MSSQL$ELISKACLIENT2008;SQL Server (ELISKACLIENT2008);c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\sqlservr.exe [30.3.2009 3:25 43010392]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [10.6.2011 7:40 140848]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [9.7.2010 13:59 625024]
S0 wiyot;wiyot;c:\windows\system32\drivers\eirtr.sys --> c:\windows\system32\drivers\eirtr.sys [?]
S1 aklnecyw;aklnecyw;\??\c:\windows\system32\drivers\aklnecyw.sys --> c:\windows\system32\drivers\aklnecyw.sys [?]
S1 ksagkozh;ksagkozh;\??\c:\windows\system32\drivers\ksagkozh.sys --> c:\windows\system32\drivers\ksagkozh.sys [?]
S1 MpKslc47b0d3c;MpKslc47b0d3c;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F7B09BC-C430-420F-B3B3-9EDE359A8CAC}\MpKslc47b0d3c.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2F7B09BC-C430-420F-B3B3-9EDE359A8CAC}\MpKslc47b0d3c.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [30.3.2011 20:28 1691480]
S3 BV;BV;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\BV.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\BV.exe [?]
S3 fsbl-standalone;F-Secure BlackLight Beta Engine Driver;\??\c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys [?]
S3 GRTXNCIIUXAMY;GRTXNCIIUXAMY;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\GRTXNCIIUXAMY.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\GRTXNCIIUXAMY.exe [?]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [2.7.2011 22:45 94336]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\3.tmp --> c:\windows\system32\3.tmp [?]
S3 MSWYM;MSWYM;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\MSWYM.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\MSWYM.exe [?]
S3 NDHYIV;NDHYIV;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\NDHYIV.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\NDHYIV.exe [?]
S3 VVKELXGVTM;VVKELXGVTM;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\VVKELXGVTM.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\VVKELXGVTM.exe [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [9.5.2011 16:47 14336]
S3 ZPJJG;ZPJJG;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\ZPJJG.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\ZPJJG.exe [?]
S4 LOOZ;LOOZ;c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe --> c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [31.3.2009 6:55 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30.3.2009 3:09 239336]
S4 SQLAgent$ELISKACLIENT2008;SQL Server Agent (ELISKACLIENT2008);c:\program files\eLiska3\MSSQL10.ELISKACLIENT2008\MSSQL\Binn\SQLAGENT.EXE [30.3.2009 3:23 366936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-26 c:\windows\Tasks\User_Feed_Synchronization-{4199CB7F-1E72-477B-8BA5-CC6A4786ABD2}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_cs
uInternet Connection Wizard,ShellNext = hxxp://eeepc.asus.com/global
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: csobpoj.cz\app
Trusted Zone: csobpoj.cz\appakc
TCP: DhcpNameServer = 192.168.101.1 192.168.102.1 212.24.128.8 212.24.132.132
FF - ProfilePath - c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Mozilla\Firefox\Profiles\2vfd6o4p.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://web.volny.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-26 20:01
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\3.tmp"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3504)
c:\windows\system32\btmmhook.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2011-10-26 20:07:35
ComboFix-quarantined-files.txt 2011-10-26 18:07
ComboFix2.txt 2011-10-26 14:49
.
Před spuštěním: 9 182 359 552
Po spuštění: 9 159 405 568
.
- - End Of File - - 9E3BA895597DE22C27865DBFF8AA2BA4

http://www.virustotal.com/file-scan/rep ... 1319652785

http://www.virustotal.com/file-scan/rep ... 1319653199

http://www.virustotal.com/file-scan/rep ... 1319653649

http://www.virustotal.com/file-scan/rep ... 1319653530

Příspěvekod **jaro3** » 26 říj 2011 21:39

Ten script je potřeba udělat celý ( je tam vpravo posuvník) !!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\eirtr.sys
c:\windows\system32\drivers\ksagkozh.sys
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\BV.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure\BlackLight\fsbldrv.sys
c:\windows\system32\3.tmp
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\MSWYM.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\NDHYIV.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\VVKELXGVTM.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\ZPJJG.exe
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\LOOZ.exe
c:\windows\GPInstall.exe

Folder::
c:\program files\Microsoft Security Client
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware
c:\docume~1\ZDENK-~1\LOCALS~1\Temp\F-Secure

Driver::
wiyot
aklnecyw
MpKslc47b0d3c
BV
fsbl-standalone
MEMSWEEP2
MSWYM
NDHYIV
VVKELXGVTM
ZPJJG
LOOZ

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

ZHlavaty · Příspěvekod **ZHlavaty** » 27 říj 2011 10:21

Dobrý den,
chybička se vloudila.

ComboFix 11-10-26.03 - Zdeněk - Hlavaty 27.10.2011 9:33.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.425 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdenýk - Hlavaty\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Zdenýk - Hlavaty\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-27 do 2011-10-27 )))))))))))))))))))))))))))))))
.
.
2011-10-26 15:25 . 2011-10-26 15:25 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\IObit
2011-10-25 14:44 . 2011-10-25 14:44 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\DoctorWeb
2011-10-25 12:47 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-25 12:43 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-25 12:43 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-25 12:43 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-25 12:43 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-25 12:43 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-25 12:43 . 2011-09-06 20:36 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-10-25 12:43 . 2011-09-06 20:36 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-10-25 12:43 . 2011-09-06 20:33 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-25 12:43 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-25 12:43 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-25 11:39 . 2011-10-25 13:53 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2011-10-24 12:18 . 2011-10-24 12:18 -------- d-----w- c:\program files\trend micro
2011-10-24 12:01 . 2011-10-24 12:01 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\OTM-World
2011-10-23 10:49 . 2011-10-23 10:49 -------- d-----w- c:\program files\Sophos
2011-10-23 08:20 . 2011-10-23 08:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-10-22 17:32 . 2011-10-26 14:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SecTaskMan
2011-10-22 10:25 . 2007-12-19 21:11 176128 ----a-w- c:\windows\system32\igfxres.dll
2011-10-22 10:16 . 2011-10-22 10:16 -------- d-----w- c:\program files\Elantech
2011-10-22 09:17 . 2011-10-22 09:17 -------- d-----w- c:\program files\Atheros Communications Inc
2011-10-22 09:12 . 2011-10-22 09:12 -------- d-----w- c:\windows\system32\Atheros_L1e
2011-10-22 08:31 . 2008-03-11 17:37 36864 ----a-w- c:\windows\system32\drivers\l1e51x86.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys
2011-10-22 08:12 . 2008-04-14 05:51 52096 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-10-21 16:32 . 2011-05-24 17:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-21 14:34 . 2011-10-21 14:34 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-10-21 14:33 . 2011-10-24 11:18 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-21 14:07 . 2011-10-25 12:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-21 13:15 . 2011-10-25 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-10-21 13:15 . 2011-10-21 13:15 -------- d-----w- c:\program files\AVAST Software
2011-10-21 12:23 . 2011-10-21 12:23 -------- d-sh--w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\78e73b5c
2011-10-20 07:55 . 2011-10-20 08:32 -------- d-----w- C:\XPCD
2011-10-20 07:50 . 2011-10-20 08:36 -------- d-----w- c:\program files\nLite
2011-10-19 21:14 . 2011-10-19 21:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2011-10-18 10:43 . 2011-10-18 10:43 -------- d-----w- c:\program files\PowerQuest
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\LogicWeave Software
2011-10-17 10:12 . 2011-10-17 10:12 -------- d-----w- c:\program files\LogicWeave
2011-10-13 15:20 . 2011-10-13 15:20 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\ElevatedDiagnostics
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2011-10-13 04:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2011-10-13 04:30 . 2009-11-12 12:48 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2011-10-13 04:29 . 2011-10-21 16:47 -------- d-----w- c:\program files\CDBurnerXP
2011-10-13 03:49 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-10-12 10:29 . 2011-10-12 10:29 -------- d-----w- c:\program files\Conduit
2011-10-12 10:29 . 2011-10-25 12:05 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Local Settings\Data aplikací\Conduit
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 04:27 . 2011-10-07 04:30 -------- d-----w- c:\documents and settings\Zdeněk - Hlavaty\Data aplikací\GeoGet
2011-10-04 12:04 . 2011-10-04 12:04 -------- d-----w- c:\program files\Geopainting.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 19:41 . 2010-07-10 12:37 796672 ----a-w- c:\windows\GPInstall.exe
2011-10-19 19:05 . 2011-05-19 07:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2011-05-09 14:47 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2011-05-09 14:47 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2011-05-09 14:46 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-08 19:41 . 2011-09-08 19:34 466944 ------w- c:\windows\Setup1.exe
2011-09-08 19:41 . 2011-09-08 19:33 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-09-06 14:10 . 2011-05-09 14:47 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 07:17 . 2011-05-20 13:37 196608 ----a-w- c:\windows\system32\libssl32.dll
2011-08-22 23:41 . 2011-05-09 14:47 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2011-05-09 14:46 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2011-05-09 14:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2011-05-09 14:46 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2011-05-09 14:46 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2008-05-07 14:34 . 2010-07-09 12:21 15523560 ----a-w- c:\program files\U1 Setup.exe
2011-10-06 14:49 . 2011-04-04 11:47 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll

ZHlavaty · Příspěvekod **ZHlavaty** » 27 říj 2011 10:25

Část 2
((((((((((((((((((((((((((((( SnapShot@2011-10-26_18.01.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2005-09-22 23:16 . 2005-09-22 23:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-22 23:16 . 2005-09-22 23:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2011-10-26 19:12 . 2011-10-26 19:12 16384 c:\windows\temp\Perflib_Perfdata_134.dat
+ 2008-04-14 08:52 . 2008-04-14 12:00 52736 c:\windows\system32\wzcsapi.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 13824 c:\windows\system32\wowfaxui.dll
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud.drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(9).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(8).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(7).drv
+ 2008-04-14 08:53 . 2008-04-14 06:53 23552 c:\windows\system32\wdmaud(6).drv
+ 2008-04-14 08:53 . 2008-04-14 06:53 23552 c:\windows\system32\wdmaud(5).drv
+ 2008-04-14 08:53 . 2008-04-14 06:53 23552 c:\windows\system32\wdmaud(4).drv
+ 2008-04-14 08:53 . 2008-04-14 06:53 23552 c:\windows\system32\wdmaud(3).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(26).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(25).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(24).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(23).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(22).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(21).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(20).drv
+ 2008-04-14 08:53 . 2008-04-14 06:53 23552 c:\windows\system32\wdmaud(2).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(19).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(18).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(17).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(16).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(15).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(14).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(13).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(12).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(11).drv
+ 2008-04-14 08:53 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud(10).drv
+ 2008-07-07 17:20 . 2008-04-14 12:00 20535 c:\windows\system32\vfpodbc.dll
+ 1999-11-25 00:40 . 1999-11-25 00:40 40960 c:\windows\system32\VBAME.DLL
+ 2001-10-24 12:25 . 2008-04-14 12:00 49211 c:\windows\system32\usrvpa.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 45116 c:\windows\system32\usrvoica.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 49209 c:\windows\system32\usrv80a.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 41019 c:\windows\system32\usrsvpia.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 69700 c:\windows\system32\usrshuta.exe
+ 2001-10-24 12:25 . 2008-04-14 12:00 49211 c:\windows\system32\usrsdpia.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 77883 c:\windows\system32\usrrtosa.dll
+ 2001-08-18 06:37 . 2008-04-14 12:00 61508 c:\windows\system32\usrprbda.exe
+ 2001-10-24 12:25 . 2008-04-14 12:00 77891 c:\windows\system32\usrmlnka.exe
+ 2001-10-24 12:25 . 2008-04-14 12:00 53305 c:\windows\system32\usrlbva.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 86073 c:\windows\system32\usrfaxa.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 77890 c:\windows\system32\usrdpa.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 69699 c:\windows\system32\usrcoina.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 61500 c:\windows\system32\usrcntra.dll
+ 2008-04-14 08:52 . 2008-04-14 06:52 75264 c:\windows\system32\usbui.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 49152 c:\windows\system32\URTTemp\regtlib.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2001-10-24 12:25 . 2008-04-14 12:00 72192 c:\windows\system32\sprio800.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 70656 c:\windows\system32\sprio600.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 69632 c:\windows\system32\spnike.dll
+ 2007-10-18 09:31 . 2007-10-18 09:31 51224 c:\windows\system32\sirenacm.dll
+ 2008-04-14 08:51 . 2008-04-14 12:00 29184 c:\windows\system32\sdhcinst.dll
+ 1998-03-25 03:54 . 1998-03-25 03:54 15872 c:\windows\system32\SCP32.DLL
+ 1996-10-08 23:00 . 1996-10-08 23:00 24576 c:\windows\system32\Sbtrvd32.dll
+ 1998-01-21 23:00 . 1998-01-21 23:00 66560 c:\windows\system32\s2dtconv.dll
+ 2008-04-14 08:51 . 2008-04-14 12:00 15360 c:\windows\system32\pjlmon.dll
+ 2005-10-28 22:26 . 2005-10-28 22:26 84992 c:\windows\system32\pintool.exe
+ 2008-04-14 08:51 . 2008-04-14 12:00 35328 c:\windows\system32\pid.dll
+ 2008-04-14 08:51 . 2009-11-27 17:14 17920 c:\windows\system32\msyuv.dll
+ 1998-08-09 17:07 . 1998-08-09 17:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 2003-11-21 20:45 . 2003-11-21 20:45 91136 c:\windows\system32\msls2.dll
+ 2007-08-13 17:36 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe
+ 2007-08-13 17:54 . 2011-08-22 23:41 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 83968 c:\windows\system32\mscories.dll
+ 1999-03-26 14:59 . 1999-03-26 14:59 53248 c:\windows\system32\MFC42CSY.DLL
+ 2008-04-14 08:51 . 2009-11-27 16:09 48128 c:\windows\system32\iyuv_32.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 97800 c:\windows\system32\infocardapi.dll
+ 2000-08-04 13:25 . 2000-08-04 13:25 49152 c:\windows\system32\INETWH32.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24 11264 c:\windows\system32\icardres.dll
+ 2007-08-13 17:36 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll
+ 2005-06-10 18:05 . 2005-06-10 18:05 31744 c:\windows\system32\hlp95en.dll
+ 2008-04-14 08:51 . 2008-04-14 12:00 21504 c:\windows\system32\hidserv.dll
+ 2008-04-14 08:51 . 2008-04-14 12:00 20992 c:\windows\system32\hid.dll
+ 2007-03-22 17:17 . 2007-03-22 17:17 35440 c:\windows\system32\FM20ENU.DLL
+ 2008-07-29 19:10 . 2008-07-29 19:10 73720 c:\windows\system32\dxva2.dll
+ 2001-10-24 12:25 . 2008-04-14 12:00 56320 c:\windows\system32\dvdplay.exe
+ 2008-04-14 00:47 . 2008-04-13 22:47 83072 c:\windows\system32\drivers\wdmaud.sys
+ 2008-04-14 07:43 . 2006-11-06 16:04 28672 c:\windows\system32\drivers\wceusbsh.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 42240 c:\windows\system32\drivers\viaagp.sys
+ 2001-08-17 22:02 . 2008-04-14 12:00 58112 c:\windows\system32\drivers\vdmindvd.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 26368 c:\windows\system32\drivers\usbstor.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 15872 c:\windows\system32\drivers\usbintel.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 59520 c:\windows\system32\drivers\usbhub.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 30208 c:\windows\system32\drivers\usbehci.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 32128 c:\windows\system32\drivers\usbccgp.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 25728 c:\windows\system32\drivers\usbcamd2.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 25600 c:\windows\system32\drivers\usbcamd.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 44672 c:\windows\system32\drivers\uagp35.sys
+ 2008-04-14 00:26 . 2008-04-14 12:00 12288 c:\windows\system32\drivers\tunmp.sys
+ 2001-08-17 22:06 . 2008-04-14 12:00 21376 c:\windows\system32\drivers\tsbvcap.sys
+ 2001-08-17 22:01 . 2008-04-14 12:00 51712 c:\windows\system32\drivers\tosdvd.sys
+ 2008-04-14 00:45 . 2008-04-13 22:45 60800 c:\windows\system32\drivers\sysaudio.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 56576 c:\windows\system32\drivers\swmidi.sys
+ 2008-04-14 00:16 . 2008-04-14 12:00 15232 c:\windows\system32\drivers\streamip.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 00:16 . 2008-04-14 12:00 25344 c:\windows\system32\drivers\sonydcam.sys
+ 2008-04-14 00:16 . 2008-04-14 12:00 11136 c:\windows\system32\drivers\slip.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 40960 c:\windows\system32\drivers\sisagp.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 11392 c:\windows\system32\drivers\sfloppy.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 11008 c:\windows\system32\drivers\sffp_sd.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 10240 c:\windows\system32\drivers\sffp_mmc.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 11904 c:\windows\system32\drivers\sffdisk.sys
+ 2008-04-14 07:51 . 2008-04-14 12:00 64256 c:\windows\system32\drivers\serial.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 15744 c:\windows\system32\drivers\serenum.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 79232 c:\windows\system32\drivers\sdbus.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 96384 c:\windows\system32\drivers\scsiport.sys
+ 2001-08-17 21:24 . 2008-04-14 12:00 12032 c:\windows\system32\drivers\riodrv.sys
+ 2001-08-17 21:24 . 2008-04-14 12:00 12032 c:\windows\system32\drivers\rio8drv.sys
+ 2008-04-14 07:41 . 2008-04-14 12:00 39680 c:\windows\system32\drivers\processr.sys
+ 2008-04-14 00:10 . 2008-04-13 22:10 24960 c:\windows\system32\drivers\pciidex.sys
+ 2008-04-14 08:10 . 2008-04-14 06:10 68736 c:\windows\system32\drivers\pci.sys
+ 2008-04-14 08:10 . 2008-04-14 12:00 80000 c:\windows\system32\drivers\parport.sys
+ 2008-04-14 08:10 . 2008-04-14 12:00 46592 c:\windows\system32\drivers\p3.sys
+ 2001-08-17 21:24 . 2008-04-14 12:00 12032 c:\windows\system32\drivers\nikedrv.sys
+ 2008-04-14 00:21 . 2008-04-14 12:00 61824 c:\windows\system32\drivers\nic1394.sys
+ 2008-04-14 00:26 . 2008-04-14 12:00 14592 c:\windows\system32\drivers\ndisuio.sys
+ 2008-04-14 00:16 . 2008-04-13 22:16 10880 c:\windows\system32\drivers\NdisIP.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 15488 c:\windows\system32\drivers\mssmbios.sys
+ 2001-10-24 11:54 . 2008-04-14 12:00 12160 c:\windows\system32\drivers\mouhid.sys
+ 2008-04-14 07:36 . 2008-04-14 05:36 23040 c:\windows\system32\drivers\mouclass.sys
+ 2008-04-14 07:36 . 2008-04-14 12:00 30080 c:\windows\system32\drivers\modem.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 63744 c:\windows\system32\drivers\mf.sys
+ 2008-04-14 07:59 . 2008-04-14 12:00 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2008-04-14 07:59 . 2008-04-14 05:59 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-14 07:57 . 2008-04-14 05:57 37248 c:\windows\system32\drivers\isapnp.sys
+ 2008-04-14 07:55 . 2008-04-14 05:55 40192 c:\windows\system32\drivers\intelppm.sys
+ 2008-04-14 00:11 . 2008-04-14 12:00 42112 c:\windows\system32\drivers\imapi.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 10368 c:\windows\system32\drivers\hidusb.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 24960 c:\windows\system32\drivers\hidparse.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 36864 c:\windows\system32\drivers\hidclass.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 46464 c:\windows\system32\drivers\gagp30kx.sys
+ 2001-10-24 11:55 . 2008-04-14 12:00 12160 c:\windows\system32\drivers\fsvga.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 20480 c:\windows\system32\drivers\flpydisk.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 27392 c:\windows\system32\drivers\fdc.sys
+ 2008-05-21 11:20 . 2008-07-14 06:12 25088 c:\windows\system32\drivers\ETD.sys
+ 2006-08-21 21:38 . 2007-06-14 11:34 30208 c:\windows\system32\drivers\emOEM.sys
+ 2005-11-01 00:33 . 2007-06-14 11:34 22912 c:\windows\system32\drivers\emAudio.sys
+ 2008-04-14 00:08 . 2008-04-14 12:00 71168 c:\windows\system32\drivers\dxg.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 60160 c:\windows\system32\drivers\drmk.sys
+ 2008-04-14 00:10 . 2008-04-13 22:10 36352 c:\windows\system32\drivers\disk.sys
+ 2008-04-14 07:56 . 2008-04-14 12:00 40576 c:\windows\system32\drivers\crusoe.sys
+ 2001-08-17 21:24 . 2008-04-14 12:00 11776 c:\windows\system32\drivers\cpqdap01.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 10240 c:\windows\system32\drivers\compbatt.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 13952 c:\windows\system32\drivers\CmBatt.sys
+ 2008-04-14 00:10 . 2008-04-14 12:00 62976 c:\windows\system32\drivers\cdrom.sys
+ 2001-08-17 21:52 . 2008-04-14 12:00 18688 c:\windows\system32\drivers\cdaudio.sys
+ 2001-08-17 21:52 . 2008-04-14 12:00 13952 c:\windows\system32\drivers\cbidf2k.sys
+ 2008-07-30 09:59 . 2008-06-11 06:14 47272 c:\windows\system32\drivers\btwusb.sys
+ 2008-07-30 09:59 . 2008-02-04 09:57 37160 c:\windows\system32\drivers\btport.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 14208 c:\windows\system32\drivers\battc.sys
+ 2008-04-14 00:10 . 2008-04-13 22:10 96512 c:\windows\system32\drivers\atapi.sys
+ 2008-04-14 00:21 . 2008-04-14 12:00 60800 c:\windows\system32\drivers\arp1394.sys
+ 2008-04-14 07:38 . 2008-04-14 12:00 41600 c:\windows\system32\drivers\amdk7.sys
+ 2008-04-14 07:38 . 2008-04-14 12:00 41216 c:\windows\system32\drivers\amdk6.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 43008 c:\windows\system32\drivers\amdagp.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 42752 c:\windows\system32\drivers\alim1541.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 44928 c:\windows\system32\drivers\agpcpq.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 42368 c:\windows\system32\drivers\agp440.sys
+ 2001-10-24 11:42 . 2001-10-24 09:42 11776 c:\windows\system32\drivers\acpiec.sys
+ 2008-04-14 08:51 . 2008-04-14 12:00 51200 c:\windows\system32\dmutil.dll
+ 2008-04-14 00:47 . 2008-04-13 22:47 83072 c:\windows\system32\dllcache\wdmaud.sys
+ 2008-04-14 07:43 . 2006-11-06 16:04 28672 c:\windows\system32\dllcache\wceusbsh.sys
+ 2008-04-14 08:52 . 2008-04-14 06:52 75264 c:\windows\system32\dllcache\usbui.dll
+ 2008-04-14 00:15 . 2008-04-13 22:15 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 32128 c:\windows\system32\dllcache\usbccgp.sys
+ 2008-04-14 00:45 . 2008-04-13 22:45 60800 c:\windows\system32\dllcache\sysaudio.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 49408 c:\windows\system32\dllcache\stream.sys
+ 2008-04-14 00:10 . 2008-04-13 22:10 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2008-04-14 08:10 . 2008-04-14 06:10 68736 c:\windows\system32\dllcache\pci.sys
+ 2008-04-14 00:16 . 2008-04-13 22:16 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2008-04-14 08:51 . 2009-11-27 17:14 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2008-04-14 00:06 . 2008-04-13 22:06 15488 c:\windows\system32\dllcache\mssmbios.sys
+ 2008-04-14 07:36 . 2008-04-14 05:36 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2008-04-14 07:59 . 2008-04-14 05:59 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2008-04-14 08:51 . 2009-11-27 16:09 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2008-04-14 07:57 . 2008-04-14 05:57 37248 c:\windows\system32\dllcache\isapnp.sys
+ 2008-04-14 07:55 . 2008-04-14 05:55 40192 c:\windows\system32\dllcache\intelppm.sys
+ 2008-04-14 00:15 . 2008-04-13 22:15 60160 c:\windows\system32\dllcache\drmk.sys
+ 2008-04-14 00:10 . 2008-04-13 22:10 36352 c:\windows\system32\dllcache\disk.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 10240 c:\windows\system32\dllcache\compbatt.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 13952 c:\windows\system32\dllcache\cmbatt.sys
+ 2008-04-14 00:06 . 2008-04-13 22:06 14208 c:\windows\system32\dllcache\battc.sys
+ 2008-04-14 00:10 . 2008-04-13 22:10 96512 c:\windows\system32\dllcache\atapi.sys
+ 2001-10-24 11:42 . 2001-10-24 09:42 11776 c:\windows\system32\dllcache\acpiec.sys
+ 2008-07-30 09:46 . 2011-05-09 15:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-30 09:46 . 2011-05-09 15:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-04-14 08:51 . 2008-04-14 12:00 49152 c:\windows\system32\cnbjmon.dll
+ 2006-11-13 14:49 . 2006-11-13 14:49 23336 c:\windows\system32\ceutil.dll
+ 2008-07-07 12:53 . 2008-07-07 12:53 24576 c:\windows\system32\BtXpShell.dll
+ 2008-07-07 12:55 . 2008-07-07 12:55 61440 c:\windows\system32\btwpimif.dll
+ 2008-07-07 13:10 . 2008-07-07 13:10 90112 c:\windows\system32\BtWiaExt.dll
+ 2008-07-07 12:58 . 2008-07-07 12:58 49152 c:\windows\system32\btsendto_notes.dll
+ 2008-07-07 13:00 . 2008-07-07 13:00 81920 c:\windows\system32\btsendto_ie.dll
+ 2008-07-07 12:46 . 2008-07-07 12:46 94208 c:\windows\system32\btrezxp.dll
+ 2008-07-07 12:56 . 2008-07-07 12:56 77824 c:\windows\system32\btprn2k.dll
+ 2008-07-07 12:45 . 2008-07-07 12:45 49152 c:\windows\system32\BTNCopy.dll
+ 2008-07-07 13:11 . 2008-07-07 13:11 73728 c:\windows\system32\BtMmHook.dll
+ 2008-04-14 08:51 . 2008-04-14 12:00 30208 c:\windows\system32\bthserv.dll
+ 2008-04-14 08:51 . 2008-04-14 12:00 20992 c:\windows\system32\bthci.dll
+ 2008-07-07 12:47 . 2008-07-07 12:47 36864 c:\windows\system32\btdev.dll
+ 2008-07-07 12:52 . 2008-07-07 12:52 65536 c:\windows\system32\BtAudioHelper.dll
+ 2005-10-28 22:26 . 2005-10-28 22:26 26112 c:\windows\system32\bcsprsrc.dll
+ 2005-10-28 14:40 . 2005-10-28 14:40 96792 c:\windows\system32\basecsp.dll
+ 2003-03-18 17:05 . 2003-03-18 17:05 89088 c:\windows\system32\atl71.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 17:32 . 2008-07-29 17:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2004-07-15 00:11 . 2004-07-15 00:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-14 22:35 . 2004-07-14 22:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2003-03-05 03:02 . 2003-03-05 03:02 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll
+ 2004-07-14 22:34 . 2004-07-14 22:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3280\_PerfCounter.dll
+ 2007-04-13 18:58 . 2007-04-13 18:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3280\_mscorsn.dll
+ 2007-04-13 18:57 . 2007-04-13 18:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3280\_CORPerfMonExt.dll
+ 2004-07-14 22:34 . 2004-07-14 22:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2456\_PerfCounter.dll
+ 2003-03-05 02:57 . 2003-03-05 02:57 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2456\_mscorsn.dll
+ 2004-07-14 22:32 . 2004-07-14 22:32 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2456\_CORPerfMonExt.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe
+ 2004-07-15 12:28 . 2004-07-15 12:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe
+ 2004-07-14 22:34 . 2004-07-14 22:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2003-03-05 02:57 . 2003-03-05 02:57 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe
+ 2007-01-15 14:11 . 2007-01-15 14:11 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2003-03-05 02:57 . 2003-03-05 02:57 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll
+ 2003-03-05 02:57 . 2003-03-05 02:57 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll
+ 2004-07-14 22:33 . 2004-07-14 22:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2003-03-05 02:57 . 2003-03-05 02:57 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
+ 2004-07-14 22:32 . 2004-07-14 22:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2004-07-15 12:28 . 2004-07-15 12:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2003-03-05 02:58 . 2003-03-05 02:58 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-03-05 03:02 . 2003-03-05 03:02 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2003-03-05 02:58 . 2003-03-05 02:58 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-03-05 02:57 . 2003-03-05 02:57 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-03-05 03:02 . 2003-03-05 03:02 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2004-07-15 12:31 . 2004-07-15 12:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-10-08 12:30 . 2003-10-08 12:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
+ 2003-03-05 02:58 . 2003-03-05 02:58 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-03-05 02:58 . 2003-03-05 02:58 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2004-07-15 09:23 . 2004-07-15 09:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2003-03-05 02:58 . 2003-03-05 02:58 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2003-03-05 02:58 . 2003-03-05 02:58 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2004-07-14 23:49 . 2004-07-14 23:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-14 23:49 . 2004-07-14 23:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2003-03-05 02:57 . 2003-03-05 02:57 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2003-03-05 03:02 . 2003-03-05 03:02 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-03-05 02:58 . 2003-03-05 02:58 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-29 19:07 . 2008-07-29 19:07 23040 c:\windows\Installer\14c255.msp
+ 2008-07-30 09:59 . 2008-07-30 09:59 33982 c:\windows\Installer\{84814E6B-2581-46EC-926A-823BD1C670F6}\ARPPRODUCTICON.exe
+ 2007-03-22 17:07 . 2007-03-22 17:07 78168 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\RM.DLL
+ 2007-03-22 17:07 . 2007-03-22 17:07 41824 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\RECALL.DLL
+ 2007-03-22 17:05 . 2007-03-22 17:05 97632 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\PP7X32.DLL
+ 2007-04-19 11:53 . 2007-04-19 11:53 69984 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\OUTLRPC.DLL
+ 2007-03-22 17:13 . 2007-03-22 17:13 23904 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\IPDMCTRL.DLL
+ 2007-03-22 17:07 . 2007-03-22 17:07 80224 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\DLGSETP.DLL
+ 2007-03-22 17:07 . 2007-03-22 17:07 91488 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\ADDRPARS.DLL
+ 2003-07-15 05:00 . 2003-07-15 05:00 99904 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL
+ 2003-07-15 04:53 . 2003-07-15 04:53 11848 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE
+ 2003-07-14 20:57 . 2003-07-14 20:57 58944 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL
+ 2003-07-15 04:44 . 2003-07-15 04:44 66616 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 74288 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\RM.DLL
+ 2003-07-15 04:57 . 2003-07-15 04:57 40512 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL
+ 2003-05-09 03:54 . 2003-05-09 03:54 77824 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL
+ 2003-07-15 04:42 . 2003-07-15 04:42 37432 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\RECALL.DLL
+ 2003-07-15 04:40 . 2003-07-15 04:40 51256 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL
+ 2003-07-15 09:18 . 2003-07-15 09:18 93752 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 49208 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 64056 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL
+ 2003-07-15 04:44 . 2003-07-15 04:44 88128 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL
+ 2003-07-15 04:41 . 2003-07-15 04:41 24640 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL
+ 2003-07-15 09:14 . 2003-07-15 09:14 27192 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL
+ 2003-07-15 04:56 . 2003-07-15 04:56 13888 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL
+ 2003-07-15 04:57 . 2003-07-15 04:57 56888 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 41528 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 16384 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL
+ 2003-07-15 04:45 . 2003-07-15 04:45 39488 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL
+ 2003-07-15 04:45 . 2003-07-15 04:45 55360 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE
+ 2003-07-15 04:46 . 2003-07-15 04:46 42040 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL
+ 2003-07-15 04:53 . 2003-07-15 04:53 39488 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 35896 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL
+ 2003-07-14 20:52 . 2003-07-14 20:52 28224 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 55360 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE
+ 2003-07-15 04:44 . 2003-07-15 04:44 25144 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 27704 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 17464 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL
+ 2003-07-15 04:51 . 2003-07-15 04:51 87104 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 35328 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 18944 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL
+ 2003-06-18 23:31 . 2003-06-18 23:31 17920 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL
+ 2003-07-15 04:45 . 2003-07-15 04:45 58944 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL
+ 2003-07-14 20:57 . 2003-07-14 20:57 87096 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
+ 2003-07-15 04:41 . 2003-07-15 04:41 13368 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE
+ 2003-07-15 04:53 . 2003-07-15 04:53 34880 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\DWTRIG20.EXE
+ 2003-07-15 04:52 . 2003-07-15 04:52 39992 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\DWDCW20.DLL
+ 2003-07-15 04:57 . 2003-07-15 04:57 98360 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE
+ 2003-07-15 04:56 . 2003-07-15 04:56 14904 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL
+ 2003-07-26 00:57 . 2003-07-26 00:57 75832 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL
+ 2003-07-15 09:18 . 2003-07-15 09:18 47160 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE
+ 2003-07-15 04:53 . 2003-07-15 04:53 94768 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\AW.DLL
+ 2003-07-15 04:57 . 2003-07-15 04:57 38968 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL
+ 2003-07-15 04:43 . 2003-07-15 04:43 87616 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Kdo je online