Kontrola logu Vyřešeno

[Buzo]

Omlouvam se protože sem u vás poslední kontrolu dělal 4 října ale reinstaloval sem windowsi a stáhl pár prográmku tak se chci ujistit že je vše v pořádku. Možná to souvisí i z viewtopic.php?f=36&t=45820 ale to je jen taková doměnka.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:17, on 18.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab ... detect.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 5124 bytes

[Reklama]

[jaro3]

Nemáš antivir..

Odinstaluj:
ICQToolBar
Ask Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O13 - Gopher Prefix:
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab ... detect.cab


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Buzo]

Jo vim že nemam antivir jen hledam ten správnej kterej nebude moc zatěžovat procesor a bude spolehlivej.

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2979
Windows 5.1.2600 Service Pack 3

18.10.2009 17:02:00
mbam-log-2009-10-18 (17-02-00).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 89103
Uplynulý čas: 4 minute(s), 16 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[jaro3]

Zkus Aviru.

Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah

[Buzo]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Skálovi at 2009-10-19 11:48:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (57%) free of 57 GB
Total RAM: 1023 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:03, on 19.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Skálovi\Local Settings\Temporary Internet Files\Content.IE5\33ZWCCTB\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Skálovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 4306 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-15 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-21 61440]
"SiSUSBRG"=C:\WINDOWS\SiSUSBrg.exe [2002-07-12 106496]
"AudioHQ"=C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE [2000-05-11 205312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Free Ram Optimizer"=C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe [2003-08-22 57344]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-10-17 289072]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-21 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-09-28 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-09-28 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-09-28 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-10-19 11:48:59 ----D---- C:\rsit
2009-10-18 19:51:25 ----A---- C:\WINDOWS\CTRegRun.exe
2009-10-18 19:50:59 ----A---- C:\WINDOWS\SBWIN.INI
2009-10-18 19:50:52 ----A---- C:\WINDOWS\system32\Ahqcpres.dll
2009-10-18 19:50:34 ----D---- C:\Program Files\Creative
2009-10-18 19:50:31 ----A---- C:\WINDOWS\IsUninst.exe
2009-10-18 19:50:02 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2009-10-18 19:50:00 ----D---- C:\Program Files\Realtek
2009-10-18 19:44:52 ----D---- C:\Program Files\DOSBox-0.72
2009-10-18 19:35:15 ----D---- C:\Program Files\Driver-Soft
2009-10-18 19:34:30 ----D---- C:\Program Files\7-Zip
2009-10-18 19:30:38 ----A---- C:\WINDOWS\system32\XceedZip.dll
2009-10-18 19:15:35 ----A---- C:\WINDOWS\SiSUSBrg.exe
2009-10-18 19:15:35 ----A---- C:\WINDOWS\SIS_LIB.DLL
2009-10-18 19:15:13 ----A---- C:\WINDOWS\IsUn0405.exe
2009-10-18 18:49:10 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-10-18 18:48:56 ----D---- C:\Program Files\sisagp
2009-10-18 16:57:01 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Malwarebytes
2009-10-18 16:56:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-10-18 16:56:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-18 16:46:55 ----D---- C:\WINDOWS\system32\appmgmt
2009-10-18 13:54:14 ----D---- C:\Program Files\Trend Micro
2009-10-18 12:00:36 ----D---- C:\Program Files\SystemRequirementsLab
2009-10-18 08:55:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
2009-10-18 08:55:14 ----D---- C:\Program Files\Security Task Manager
2009-10-18 08:32:12 ----D---- C:\Program Files\FastStone Photo Resizer
2009-10-17 20:45:25 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-10-17 20:45:25 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-10-17 20:44:49 ----D---- C:\WINDOWS\system32\Futuremark
2009-10-17 20:42:38 ----D---- C:\Program Files\Futuremark
2009-10-17 15:45:01 ----D---- C:\Program Files\WM Converter
2009-10-17 15:40:06 ----D---- C:\Program Files\Total Video Converter
2009-10-17 14:30:38 ----D---- C:\Program Files\CamStudio
2009-10-17 13:00:37 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Windows Search
2009-10-17 12:41:47 ----D---- C:\Program Files\uTorrent
2009-10-17 12:41:27 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\uTorrent
2009-10-17 12:16:43 ----D---- C:\WINDOWS\pss
2009-10-17 09:14:58 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
2009-10-17 08:45:24 ----D---- C:\Program Files\AceLogix
2009-10-16 09:29:00 ----D---- C:\Program Files\IObit
2009-10-16 08:03:34 ----A---- C:\WINDOWS\system32\VGAunistlog.ini
2009-10-16 08:03:24 ----D---- C:\Program Files\Intel Desktop Board
2009-10-16 07:56:43 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{83FC5D7A-8875-4931-80D6-1E3AC725D336}
2009-10-16 07:56:38 ----D---- C:\Program Files\Uniblue
2009-10-16 07:56:38 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Uniblue
2009-10-16 07:56:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\DriverScanner
2009-10-16 04:19:35 ----D---- C:\Program Files\World of Warcraft
2009-10-16 04:16:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard
2009-10-16 04:15:17 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2009-10-15 22:44:48 ----A---- C:\WINDOWS\system32\h323log.txt
2009-10-15 22:41:01 ----A---- C:\WINDOWS\system32\sfman32.dll
2009-10-15 22:41:00 ----A---- C:\WINDOWS\system32\sblfx.dll
2009-10-15 22:41:00 ----A---- C:\WINDOWS\system32\devldr32.exe
2009-10-15 22:41:00 ----A---- C:\WINDOWS\system32\devcon32.dll
2009-10-15 22:41:00 ----A---- C:\WINDOWS\system32\ctwdm32.dll
2009-10-15 22:40:59 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-10-15 22:40:53 ----A---- C:\WINDOWS\system32\usbui.dll
2009-10-15 22:39:18 ----A---- C:\WINDOWS\imsins.BAK
2009-10-15 22:39:15 ----SHD---- C:\WINDOWS\Installer
2009-10-15 22:39:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-15 22:39:14 ----D---- C:\Program Files\Common Files\ODBC
2009-10-15 22:39:14 ----A---- C:\WINDOWS\ODBCINST.INI
2009-10-15 22:39:10 ----RD---- C:\Program Files
2009-10-15 22:39:10 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-10-15 22:39:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-10-15 22:39:10 ----D---- C:\Program Files\Common Files
2009-10-15 22:39:00 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-10-15 22:39:00 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-10-15 22:39:00 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-10-15 22:38:59 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-10-15 22:38:58 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-10-15 22:38:58 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-10-15 22:38:58 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-10-15 22:38:58 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-10-15 22:38:58 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-10-15 22:38:57 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-10-15 22:38:57 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-10-15 22:38:56 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-10-15 22:38:56 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-10-15 22:38:56 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-10-15 22:38:56 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-10-15 22:38:56 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-10-15 22:38:51 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-10-15 22:38:49 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-10-15 22:38:49 ----A---- C:\WINDOWS\system32\irclass.dll
2009-10-15 22:38:49 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-10-15 22:38:49 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-10-15 22:38:49 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-10-15 22:38:47 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-10-15 22:38:47 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-10-15 22:38:47 ----A---- C:\WINDOWS\system32\batt.dll
2009-10-15 22:38:46 ----A---- C:\WINDOWS\system32\storprop.dll
2009-10-15 22:38:46 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-10-15 22:38:35 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-10-15 22:38:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-15 22:38:14 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-15 22:38:09 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-10-15 22:37:54 ----A---- C:\WINDOWS\setuplog.txt
2009-10-15 22:37:49 ----D---- C:\Documents and Settings
2009-10-15 22:37:48 ----SHD---- C:\System Volume Information
2009-10-15 22:36:49 ----SH---- C:\boot.ini
2009-10-15 22:33:04 ----SD---- C:\WINDOWS\Offline Web Pages
2009-10-15 22:33:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-15 22:33:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-15 22:33:04 ----RSD---- C:\WINDOWS\Fonts
2009-10-15 22:33:04 ----RD---- C:\WINDOWS\Web
2009-10-15 22:33:04 ----HD---- C:\WINDOWS\inf
2009-10-15 22:33:04 ----D---- C:\WINDOWS\WinSxS
2009-10-15 22:33:04 ----D---- C:\WINDOWS\WBEM
2009-10-15 22:33:04 ----D---- C:\WINDOWS\twain_32
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Temp
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\wins
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\wbem
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\usmt
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\spool
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\ShellExt
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\Setup
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\ras
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\oobe
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\npp
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\mui
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\inetsrv
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\IME
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\icsxml
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\ias
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\export
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\drivers
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\dhcp
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\cs-cz
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\cs
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\config
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\3com_dmi
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\3076
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\2052
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1054
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1042
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1041
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1037
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1033
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1031
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1029
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1028
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32\1025
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system32
2009-10-15 22:33:04 ----D---- C:\WINDOWS\system
2009-10-15 22:33:04 ----D---- C:\WINDOWS\security
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Resources
2009-10-15 22:33:04 ----D---- C:\WINDOWS\repair
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Provisioning
2009-10-15 22:33:04 ----D---- C:\WINDOWS\pchealth
2009-10-15 22:33:04 ----D---- C:\WINDOWS\PeerNet
2009-10-15 22:33:04 ----D---- C:\WINDOWS\NLDRV
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Network Diagnostic
2009-10-15 22:33:04 ----D---- C:\WINDOWS\mui
2009-10-15 22:33:04 ----D---- C:\WINDOWS\msapps
2009-10-15 22:33:04 ----D---- C:\WINDOWS\msagent
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Media
2009-10-15 22:33:04 ----D---- C:\WINDOWS\L2Schemas
2009-10-15 22:33:04 ----D---- C:\WINDOWS\java
2009-10-15 22:33:04 ----D---- C:\WINDOWS\ime
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Help
2009-10-15 22:33:04 ----D---- C:\WINDOWS\ehome
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Driver Cache
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Debug
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Cursors
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Connection Wizard
2009-10-15 22:33:04 ----D---- C:\WINDOWS\Config
2009-10-15 22:33:04 ----D---- C:\WINDOWS\AppPatch
2009-10-15 22:33:04 ----D---- C:\WINDOWS\addins
2009-10-15 22:33:04 ----D---- C:\WINDOWS
2009-10-15 21:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 21:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 21:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 21:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 21:56:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 21:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 21:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 21:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 21:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-15 21:55:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-15 21:47:19 ----D---- C:\Program Files\ICQ6Toolbar
2009-10-15 21:47:16 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Mozilla
2009-10-15 21:47:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2009-10-15 21:46:56 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\ICQ
2009-10-15 21:46:29 ----D---- C:\Program Files\ICQ6.5
2009-10-15 21:21:56 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\ATI
2009-10-15 21:21:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2009-10-15 21:18:51 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-10-15 21:18:29 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-15 21:18:29 ----D---- C:\Program Files\ATI Technologies
2009-10-15 21:18:16 ----D---- C:\Program Files\Common Files\InstallShield
2009-10-15 21:17:52 ----D---- C:\ATI
2009-10-15 21:14:52 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Macromedia
2009-10-15 21:14:51 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Adobe
2009-10-15 21:13:47 ----SHD---- C:\RECYCLER
2009-10-15 21:12:16 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Windows Desktop Search
2009-10-15 21:11:50 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-10-15 21:11:48 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Identities
2009-10-15 21:11:44 ----HD---- C:\Program Files\Uninstall Information
2009-10-15 21:11:27 ----SD---- C:\Documents and Settings\Skálovi\Data aplikací\Microsoft
2009-10-15 21:11:27 ----D---- C:\Documents and Settings\Skálovi\Data aplikací\Sun
2009-10-15 21:11:27 ----ASH---- C:\Documents and Settings\Skálovi\Data aplikací\desktop.ini
2009-10-15 21:09:41 ----D---- C:\WINDOWS\Prefetch
2009-10-15 21:09:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-15 21:03:43 ----D---- C:\WINDOWS\system32\xircom
2009-10-15 21:03:43 ----D---- C:\Program Files\xerox
2009-10-15 21:03:43 ----D---- C:\Program Files\microsoft frontpage
2009-10-15 21:02:45 ----SD---- C:\WINDOWS\system32\Microsoft
2009-10-15 21:02:39 ----A---- C:\WINDOWS\system32\javaws.exe
2009-10-15 21:02:39 ----A---- C:\WINDOWS\system32\javaw.exe
2009-10-15 21:02:39 ----A---- C:\WINDOWS\system32\java.exe
2009-10-15 21:02:39 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-10-15 21:02:27 ----D---- C:\Program Files\Java
2009-10-15 21:01:21 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-15 21:01:19 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-15 21:00:34 ----D---- C:\WINDOWS\system32\XPSViewer
2009-10-15 21:00:34 ----D---- C:\WINDOWS\system32\en-US
2009-10-15 21:00:33 ----D---- C:\Program Files\MSBuild
2009-10-15 21:00:26 ----D---- C:\Program Files\Reference Assemblies
2009-10-15 21:00:17 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-10-15 21:00:14 ----A---- C:\WINDOWS\system32\rgb9rast_2.dll
2009-10-15 20:57:30 ----A---- C:\WINDOWS\control.ini
2009-10-15 20:57:30 ----A---- C:\AUTOEXEC.BAT
2009-10-15 20:56:48 ----A---- C:\WINDOWS\OEWABLog.txt
2009-10-15 20:56:43 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-10-15 20:55:18 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-10-15 20:55:13 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-10-15 20:55:05 ----HD---- C:\Program Files\WindowsUpdate
2009-10-15 20:55:00 ----D---- C:\Program Files\Online Services
2009-10-15 20:54:43 ----D---- C:\Program Files\Windows Media Connect 2
2009-10-15 20:54:30 ----D---- C:\WINDOWS\system32\DirectX
2009-10-15 20:54:23 ----A---- C:\WINDOWS\system32\atrace.dll
2009-10-15 20:54:21 ----A---- C:\WINDOWS\system32\desktop.ini
2009-10-15 20:54:21 ----A---- C:\WINDOWS\desktop.ini
2009-10-15 20:54:16 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-10-15 20:54:15 ----D---- C:\Program Files\Common Files\Services
2009-10-15 20:54:15 ----A---- C:\WINDOWS\system32\acctres.dll
2009-10-15 20:54:13 ----SD---- C:\WINDOWS\Tasks
2009-10-15 20:54:13 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-10-15 20:54:12 ----D---- C:\Program Files\Common Files\MSSoap
2009-10-15 20:54:06 ----D---- C:\WINDOWS\srchasst
2009-10-15 20:54:05 ----D---- C:\WINDOWS\system32\Macromed
2009-10-15 20:54:03 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-10-15 20:54:03 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-10-15 20:54:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-10-15 20:54:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\wups.dll
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-10-15 20:54:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-10-15 20:54:01 ----D---- C:\WINDOWS\system32\bits
2009-10-15 20:54:01 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-10-15 20:54:01 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-15 20:53:58 ----D---- C:\Program Files\Movie Maker
2009-10-15 20:53:43 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-10-15 20:53:43 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-10-15 20:53:43 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-10-15 20:53:43 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-10-15 20:53:40 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-10-15 20:53:40 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-10-15 20:53:39 ----D---- C:\WINDOWS\system32\Restore
2009-10-15 20:53:39 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-10-15 20:53:39 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-10-15 20:53:39 ----A---- C:\WINDOWS\system32\srclient.dll
2009-10-15 20:53:38 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-10-15 20:53:38 ----A---- C:\WINDOWS\system32\msconf.dll
2009-10-15 20:53:38 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-10-15 20:53:38 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-10-15 20:53:38 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-10-15 20:53:38 ----A---- C:\WINDOWS\system32\ils.dll
2009-10-15 20:53:36 ----D---- C:\Program Files\NetMeeting
2009-10-15 20:53:36 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-10-15 20:53:36 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-10-15 20:53:35 ----A---- C:\WINDOWS\system32\inetres.dll
2009-10-15 20:53:35 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-10-15 20:53:33 ----D---- C:\Program Files\Outlook Express
2009-10-15 20:53:33 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-10-15 20:53:33 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-10-15 20:53:33 ----A---- C:\WINDOWS\system32\mstask.dll
2009-10-15 20:53:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-10-15 20:53:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-10-15 20:53:32 ----A---- C:\WINDOWS\system32\isign32.dll
2009-10-15 20:53:32 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-10-15 20:53:28 ----D---- C:\Program Files\Common Files\System
2009-10-15 20:52:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2009-10-15 20:51:32 ----RSD---- C:\WINDOWS\assembly
2009-10-15 20:51:20 ----D---- C:\Program Files\ComPlus Applications
2009-10-15 20:51:18 ----A---- C:\WINDOWS\vbaddin.ini
2009-10-15 20:51:18 ----A---- C:\WINDOWS\vb.ini
2009-10-15 20:51:13 ----D---- C:\WINDOWS\Registration
2009-10-15 20:51:04 ----D---- C:\Program Files\Windows Media Player
2009-10-15 20:50:47 ----A---- C:\WINDOWS\system32\netfxperf.dll
2009-10-15 20:50:44 ----D---- C:\Program Files\Internet Explorer
2009-10-15 20:50:30 ----A---- C:\WINDOWS\system32\prntvpt.dll
2009-10-15 20:50:29 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2009-10-15 20:50:29 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2009-10-15 20:50:24 ----A---- C:\WINDOWS\system32\winUsbCoinstaller.dll
2009-10-15 20:50:23 ----A---- C:\WINDOWS\system32\WUDFUpdate_01007.dll
2009-10-15 20:50:23 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2009-10-15 20:50:22 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2009-10-15 20:50:22 ----A---- C:\WINDOWS\system32\imapi2.dll
2009-10-15 20:50:21 ----D---- C:\WINDOWS\system32\DRM
2009-10-15 20:50:21 ----A---- C:\WINDOWS\system32\SecProc_ssp_isv.dll
2009-10-15 20:50:21 ----A---- C:\WINDOWS\system32\SecProc_ssp.dll
2009-10-15 20:50:21 ----A---- C:\WINDOWS\system32\RmActivate_ssp_isv.exe
2009-10-15 20:50:21 ----A---- C:\WINDOWS\system32\RmActivate_ssp.exe
2009-10-15 20:50:20 ----A---- C:\WINDOWS\system32\SecProc_isv.dll
2009-10-15 20:50:20 ----A---- C:\WINDOWS\system32\SecProc.dll
2009-10-15 20:50:20 ----A---- C:\WINDOWS\system32\RmActivate_isv.exe
2009-10-15 20:50:20 ----A---- C:\WINDOWS\system32\RmActivate.exe
2009-10-15 20:50:19 ----A---- C:\WINDOWS\system32\UncRes.dll
2009-10-15 20:50:19 ----A---- C:\WINDOWS\system32\UncPH.dll
2009-10-15 20:50:19 ----A---- C:\WINDOWS\system32\UncNE.dll
2009-10-15 20:50:19 ----A---- C:\WINDOWS\system32\UncDMS.dll
2009-10-15 20:50:19 ----A---- C:\WINDOWS\system32\UncCplExt.dll
2009-10-15 20:50:19 ----A---- C:\WINDOWS\system32\msdrm.dll
2009-10-15 20:50:18 ----A---- C:\WINDOWS\system32\oephRes.dll
2009-10-15 20:50:18 ----A---- C:\WINDOWS\system32\oeph.dll
2009-10-15 20:50:14 ----D---- C:\Program Files\Windows Desktop Search
2009-10-15 20:50:13 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-10-15 20:50:13 ----A---- C:\WINDOWS\system32\propsys.dll.mui
2009-10-15 20:50:12 ----A---- C:\WINDOWS\system32\tquery.dll.mui
2009-10-15 20:50:12 ----A---- C:\WINDOWS\system32\srchadmin.dll.mui
2009-10-15 20:50:12 ----A---- C:\WINDOWS\system32\searchindexer.exe.mui
2009-10-15 20:50:12 ----A---- C:\WINDOWS\system32\mssrch.dll.mui
2009-10-15 20:50:12 ----A---- C:\WINDOWS\system32\mssphtb.dll.mui
2009-10-15 20:50:12 ----A---- C:\WINDOWS\system32\mssph.dll.mui
2009-10-15 20:50:11 ----A---- C:\WINDOWS\system32\xmlfilter.dll
2009-10-15 20:50:11 ----A---- C:\WINDOWS\system32\srchadmin.dll
2009-10-15 20:50:11 ----A---- C:\WINDOWS\system32\rtffilt.dll
2009-10-15 20:50:11 ----A---- C:\WINDOWS\system32\propsys.dll
2009-10-15 20:50:10 ----A---- C:\WINDOWS\system32\msshsq.dll
2009-10-15 20:50:10 ----A---- C:\WINDOWS\system32\msshooks.dll
2009-10-15 20:50:10 ----A---- C:\WINDOWS\system32\idxcntrs.ini
2009-10-15 20:50:10 ----A---- C:\WINDOWS\system32\gthrctr.ini
2009-10-15 20:50:10 ----A---- C:\WINDOWS\system32\gsrvctr.ini
2009-10-15 20:50:09 ----A---- C:\WINDOWS\system32\tquery.dll
2009-10-15 20:50:09 ----A---- C:\WINDOWS\system32\propdefs.dll
2009-10-15 20:50:09 ----A---- C:\WINDOWS\system32\msstrc.dll
2009-10-15 20:50:09 ----A---- C:\WINDOWS\system32\msscb.dll
2009-10-15 20:50:08 ----A---- C:\WINDOWS\system32\searchindexer.exe
2009-10-15 20:50:08 ----A---- C:\WINDOWS\system32\searchfilterhost.exe
2009-10-15 20:50:08 ----A---- C:\WINDOWS\system32\mssrch.dll
2009-10-15 20:50:08 ----A---- C:\WINDOWS\system32\mssprxy.dll
2009-10-15 20:50:08 ----A---- C:\WINDOWS\system32\mssphtb.dll
2009-10-15 20:50:08 ----A---- C:\WINDOWS\system32\mssph.dll
2009-10-15 20:50:07 ----A---- C:\WINDOWS\system32\searchprotocolhost.exe
2009-10-15 20:50:07 ----A---- C:\WINDOWS\system32\mssitlb.dll
2009-10-15 20:50:07 ----A---- C:\WINDOWS\system32\msscntrs.dll
2009-10-15 20:50:06 ----D---- C:\Program Files\MSXML 4.0
2009-10-15 20:50:06 ----A---- C:\WINDOWS\system32\msxml4r.dll
2009-10-15 20:50:06 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-10-15 20:50:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-15 20:49:22 ----D---- C:\WINDOWS\system32\windowspowershell
2009-10-15 20:49:22 ----D---- C:\WINDOWS\SoftwareDistribution
2009-10-15 20:49:22 ----A---- C:\WINDOWS\system32\muweb.dll
2009-10-15 20:49:22 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-10-15 20:49:22 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-10-15 20:49:22 ----A---- C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll
2009-10-15 20:49:21 ----A---- C:\WINDOWS\system32\WgaTray.exe
2009-10-15 20:49:21 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2009-10-15 20:49:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-10-15 20:49:20 ----D---- C:\WINDOWS\system32\PreInstall
2009-10-15 20:49:11 ----D---- C:\Program Files\Microsoft Silverlight
2009-10-15 20:49:10 ----D---- C:\Program Files\Messenger
2009-10-15 20:49:07 ----D---- C:\Program Files\MSN Gaming Zone
2009-10-15 20:49:07 ----A---- C:\WINDOWS\system32\write.exe
2009-10-15 20:49:00 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-10-15 20:48:59 ----A---- C:\WINDOWS\system32\winchat.exe
2009-10-15 20:48:59 ----A---- C:\WINDOWS\system32\hticons.dll
2009-10-15 20:48:59 ----A---- C:\WINDOWS\system32\avwav.dll
2009-10-15 20:48:59 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-10-15 20:48:59 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-10-15 20:48:54 ----A---- C:\WINDOWS\system32\charmap.exe
2009-10-15 20:48:54 ----A---- C:\WINDOWS\system32\getuname.dll
2009-10-15 20:48:53 ----A---- C:\WINDOWS\system32\winmine.exe
2009-10-15 20:48:53 ----A---- C:\WINDOWS\system32\sol.exe
2009-10-15 20:48:53 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-10-15 20:48:53 ----A---- C:\WINDOWS\system32\freecell.exe
2009-10-15 20:48:53 ----A---- C:\WINDOWS\system32\calc.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\tskill.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\tscon.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\shadow.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\reset.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\regini.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\msg.exe
2009-10-15 20:48:52 ----A---- C:\WINDOWS\system32\logoff.exe
2009-10-15 20:48:51 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-10-15 20:48:51 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-10-15 20:48:47 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-10-15 20:48:46 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-10-15 20:48:46 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-10-15 20:48:46 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-10-15 20:48:46 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-10-15 20:48:45 ----D---- C:\Program Files\Windows NT
2009-10-15 20:48:45 ----A---- C:\WINDOWS\system32\spider.exe
2009-10-15 20:48:45 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-10-15 20:48:45 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-10-15 20:48:44 ----A---- C:\WINDOWS\system32\tsgqec.dll
2009-10-15 20:48:44 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-10-15 20:48:44 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2009-10-15 20:48:44 ----A---- C:\WINDOWS\system32\aaclient.dll
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-10-15 20:48:43 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-10-15 20:48:42 ----D---- C:\WINDOWS\system32\MsDtc
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-10-15 20:48:42 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-10-15 20:48:41 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-10-15 20:48:41 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-10-15 20:48:41 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-10-15 20:48:41 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-10-15 20:48:40 ----D---- C:\WINDOWS\system32\Com
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\stclient.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\colbact.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-10-15 20:48:40 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-10-15 20:48:39 ----A---- C:\WINDOWS\system32\comuid.dll
2009-10-15 20:48:39 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-10-15 20:48:39 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-10-15 20:48:39 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-10-15 20:48:39 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-10-15 20:48:39 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-10-15 20:48:33 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-10-15 20:48:33 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-10-15 20:48:33 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-10-15 20:48:33 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-09-28 16:00:36 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2009-09-28 15:59:39 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-09-28 15:41:21 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2009-09-28 15:41:16 ----A---- C:\WINDOWS\system32\wups2.dll
2009-09-28 15:41:15 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-09-28 15:41:15 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-09-28 15:41:15 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-09-28 15:41:10 ----A---- C:\WINDOWS\system32\wdsmgmt.dll.mui
2009-09-28 15:41:10 ----A---- C:\WINDOWS\system32\wdsmgmt.dll
2009-09-28 15:41:09 ----A---- C:\WINDOWS\system32\wdsimage.dll.mui
2009-09-28 15:41:09 ----A---- C:\WINDOWS\system32\wdsimage.dll
2009-09-28 15:41:09 ----A---- C:\WINDOWS\system32\wdscsl.dll
2009-09-28 15:41:06 ----A---- C:\WINDOWS\system32\uexfat.dll
2009-09-28 15:41:01 ----A---- C:\WINDOWS\system32\rspndr.exe
2009-09-28 15:40:53 ----A---- C:\WINDOWS\system32\qfecheck.exe
2009-09-28 15:40:40 ----A---- C:\WINDOWS\system32\pintool.exe
2009-09-28 15:40:23 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-28 15:38:53 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2009-09-28 15:38:50 ----A---- C:\WINDOWS\system32\imadmui.dll.mui
2009-09-28 15:38:50 ----A---- C:\WINDOWS\system32\imadmui.dll
2009-09-28 15:38:50 ----A---- C:\WINDOWS\system32\ifxcardm.dll
2009-09-28 15:38:49 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2009-09-28 15:37:25 ----A---- C:\WINDOWS\system32\bcsprsrc.dll
2009-09-28 15:37:25 ----A---- C:\WINDOWS\system32\basecsp.dll
2009-09-28 15:37:25 ----A---- C:\WINDOWS\system32\axaltocm.dll
2009-09-28 15:37:13 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-28 15:37:12 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2009-09-28 15:37:11 ----A---- C:\WINDOWS\system32\wudfx.dll
2009-09-28 15:37:11 ----A---- C:\WINDOWS\system32\wudfplatform.dll
2009-09-28 15:37:10 ----A---- C:\WINDOWS\system32\wudfsvc.dll
2009-09-28 15:37:10 ----A---- C:\WINDOWS\system32\wudfhost.exe
2009-09-28 15:37:10 ----A---- C:\WINDOWS\system32\wudfcoinstaller.dll
2009-09-28 15:37:05 ----A---- C:\WINDOWS\system32\wshext.dll
2009-09-28 15:37:05 ----A---- C:\WINDOWS\system32\wscript.exe
2009-09-28 15:37:05 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2009-09-28 15:37:04 ----A---- C:\WINDOWS\system32\wpdsp.dll
2009-09-28 15:37:03 ----A---- C:\WINDOWS\system32\wpdshserviceobj.dll
2009-09-28 15:37:03 ----A---- C:\WINDOWS\system32\wpdshext.dll
2009-09-28 15:37:01 ----A---- C:\WINDOWS\system32\wpdshextres.dll
2009-09-28 15:37:01 ----A---- C:\WINDOWS\system32\wpdshextautoplay.exe
2009-09-28 15:37:01 ----A---- C:\WINDOWS\system32\wpdmtpus.dll
2009-09-28 15:37:00 ----A---- C:\WINDOWS\system32\wpdmtp.dll
2009-09-28 15:36:59 ----A---- C:\WINDOWS\system32\wpdconns.dll
2009-09-28 15:36:59 ----A---- C:\WINDOWS\system32\wmvxencd.dll
2009-09-28 15:36:58 ----A---- C:\WINDOWS\system32\wmvsencd.dll
2009-09-28 15:36:58 ----A---- C:\WINDOWS\system32\wmvsdecd.dll
2009-09-28 15:36:57 ----A---- C:\WINDOWS\system32\wmvencod.dll
2009-09-28 15:36:55 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-09-28 15:36:55 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2009-09-28 15:36:55 ----A---- C:\WINDOWS\system32\wmvdecod.dll
2009-09-28 15:36:54 ----A---- C:\WINDOWS\system32\wmvcore.dll
2009-09-28 15:36:52 ----A---- C:\WINDOWS\system32\wmvadve.dll
2009-09-28 15:36:52 ----A---- C:\WINDOWS\system32\wmvadvd.dll
2009-09-28 15:36:51 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2009-09-28 15:36:50 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-09-28 15:36:48 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-09-28 15:36:48 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2009-09-28 15:36:48 ----A---- C:\WINDOWS\system32\wmpsrcwp.dll
2009-09-28 15:36:47 ----A---- C:\WINDOWS\system32\wmpshell.dll
2009-09-28 15:36:47 ----A---- C:\WINDOWS\system32\wmpps.dll
2009-09-28 15:36:45 ----A---- C:\WINDOWS\system32\wmpmde.dll
2009-09-28 15:36:44 ----A---- C:\WINDOWS\system32\wmploc.dll
2009-09-28 15:36:36 ----A---- C:\WINDOWS\system32\wmpencen.dll
2009-09-28 15:36:34 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2009-09-28 15:36:34 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-09-28 15:36:33 ----A---- C:\WINDOWS\system32\wmpasf.dll
2009-09-28 15:36:32 ----A---- C:\WINDOWS\system32\wmp.dll
2009-09-28 15:36:19 ----A---- C:\WINDOWS\system32\wmnetmgr.dll
2009-09-28 15:36:17 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-09-28 15:36:17 ----A---- C:\WINDOWS\system32\wmerror.dll
2009-09-28 15:36:17 ----A---- C:\WINDOWS\system32\wmdrmsdk.dll
2009-09-28 15:36:16 ----A---- C:\WINDOWS\system32\wmdrmnet.dll
2009-09-28 15:36:15 ----A---- C:\WINDOWS\system32\wmdrmdev.dll
2009-09-28 15:36:15 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-09-28 15:36:15 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-09-28 15:36:12 ----A---- C:\WINDOWS\system32\wmasf.dll
2009-09-28 15:36:12 ----A---- C:\WINDOWS\system32\wmadmoe.dll
2009-09-28 15:36:11 ----A---- C:\WINDOWS\system32\wmadmod.dll
2009-09-28 15:36:10 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-09-28 15:36:10 ----A---- C:\WINDOWS\system32\wlanapi.dll
2009-09-28 15:36:10 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-09-28 15:36:10 ----A---- C:\WINDOWS\system32\wintrust.dll
2009-09-28 15:36:10 ----A---- C:\WINDOWS\system32\winsrv.dll
2009-09-28 15:36:09 ----A---- C:\WINDOWS\system32\winlogon.exe
2009-09-28 15:36:09 ----A---- C:\WINDOWS\system32\wininet.dll
2009-09-28 15:36:08 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-09-28 15:36:07 ----A---- C:\WINDOWS\system32\winfxdocobj.exe
2009-09-28 15:36:07 ----A---- C:\WINDOWS\system32\winbrand.dll
2009-09-28 15:36:06 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-09-28 15:36:04 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2009-09-28 15:36:04 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2009-09-28 15:36:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-09-28 15:36:03 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-09-28 15:36:03 ----A---- C:\WINDOWS\system32\wdfmgr.exe
2009-09-28 15:36:03 ----A---- C:\WINDOWS\system32\wdfapi.dll
2009-09-28 15:36:02 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-09-28 15:36:02 ----A---- C:\WINDOWS\system32\w32time.dll
2009-09-28 15:36:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-09-28 15:36:00 ----A---- C:\WINDOWS\system32\uwdf.exe
2009-09-28 15:36:00 ----A---- C:\WINDOWS\system32\user32.dll
2009-09-28 15:35:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-09-28 15:35:57 ----A---- C:\WINDOWS\system32\url.dll
2009-09-28 15:35:56 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2009-09-28 15:35:56 ----A---- C:\WINDOWS\system32\ulib.dll
2009-09-28 15:35:56 ----A---- C:\WINDOWS\system32\tzchange.exe
2009-09-28 15:35:55 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-09-28 15:35:53 ----A---- C:\WINDOWS\system32\tcpmon.dll
2009-09-28 15:35:53 ----A---- C:\WINDOWS\system32\tapisrv.dll
2009-09-28 15:35:52 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-09-28 15:35:48 ----A---- C:\WINDOWS\system32\sxs.dll
2009-09-28 15:35:47 ----A---- C:\WINDOWS\system32\svchost.exe
2009-09-28 15:35:47 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-09-28 15:35:46 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-09-28 15:35:36 ----A---- C:\WINDOWS\system32\shsvcs.dll
2009-09-28 15:35:36 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-09-28 15:35:36 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-09-28 15:35:35 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-09-28 15:35:35 ----A---- C:\WINDOWS\system32\shell32.dll
2009-09-28 15:35:25 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-09-28 15:35:24 ----A---- C:\WINDOWS\system32\services.exe
2009-09-28 15:35:24 ----A---- C:\WINDOWS\system32\secur32.dll
2009-09-28 15:35:24 ----A---- C:\WINDOWS\system32\scrrun.dll
2009-09-28 15:35:23 ----A---- C:\WINDOWS\system32\schannel.dll
2009-09-28 15:35:23 ----A---- C:\WINDOWS\system32\scrobj.dll
2009-09-28 15:35:23 ----A---- C:\WINDOWS\system32\sc.exe
2009-09-28 15:35:23 ----A---- C:\WINDOWS\system32\rpcss.dll
2009-09-28 15:35:22 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-09-28 15:35:21 ----A---- C:\WINDOWS\system32\riched20.dll
2009-09-28 15:35:20 ----A---- C:\WINDOWS\system32\rdpdd.dll
2009-09-28 15:35:20 ----A---- C:\WINDOWS\system32\rastls.dll
2009-09-28 15:35:20 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-09-28 15:35:19 ----A---- C:\WINDOWS\system32\quartz.dll
2009-09-28 15:35:18 ----A---- C:\WINDOWS\system32\qedit.dll
2009-09-28 15:35:17 ----A---- C:\WINDOWS\system32\qasf.dll
2009-09-28 15:35:16 ----A---- C:\WINDOWS\system32\psbase.dll
2009-09-28 15:35:16 ----A---- C:\WINDOWS\system32\proquota.exe
2009-09-28 15:35:16 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-09-28 15:35:16 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2009-09-28 15:35:15 ----A---- C:\WINDOWS\system32\portabledevicewiacompat.dll
2009-09-28 15:35:15 ----A---- C:\WINDOWS\system32\portabledevicetypes.dll
2009-09-28 15:35:14 ----A---- C:\WINDOWS\system32\portabledeviceclassextension.dll
2009-09-28 15:35:14 ----A---- C:\WINDOWS\system32\portabledeviceapi.dll
2009-09-28 15:35:14 ----A---- C:\WINDOWS\system32\pdh.dll
2009-09-28 15:35:13 ----A---- C:\WINDOWS\system32\portabledevicewmdrm.dll
2009-09-28 15:35:13 ----A---- C:\WINDOWS\system32\osk.exe
2009-09-28 15:35:13 ----A---- C:\WINDOWS\system32\ole32.dll
2009-09-28 15:35:11 ----A---- C:\WINDOWS\system32\offfilt.dll
2009-09-28 15:35:11 ----A---- C:\WINDOWS\system32\odbccp32.dll
2009-09-28 15:35:11 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2009-09-28 15:35:11 ----A---- C:\WINDOWS\system32\odbc32.dll
2009-09-28 15:35:10 ----A---- C:\WINDOWS\system32\occache.dll
2009-09-28 15:35:10 ----A---- C:\WINDOWS\system32\oakley.dll
2009-09-28 15:35:09 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-09-28 15:35:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-09-28 15:35:04 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2009-09-28 15:35:04 ----A---- C:\WINDOWS\system32\ntbackup.exe
2009-09-28 15:35:01 ----A---- C:\WINDOWS\system32\normaliz.dll
2009-09-28 15:35:01 ----A---- C:\WINDOWS\system32\nlsdl.dll
2009-09-28 15:35:01 ----A---- C:\WINDOWS\system32\nlhtml.dll
2009-09-28 15:35:00 ----A---- C:\WINDOWS\system32\netlogon.dll
2009-09-28 15:35:00 ----A---- C:\WINDOWS\system32\netapi32.dll
2009-09-28 15:34:59 ----A---- C:\WINDOWS\system32\napipsec.dll
2009-09-28 15:34:58 ----A---- C:\WINDOWS\system32\mtxclu.dll
2009-09-28 15:34:58 ----A---- C:\WINDOWS\system32\msxml6.dll
2009-09-28 15:34:57 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-09-28 15:34:56 ----A---- C:\WINDOWS\system32\msxml2.dll
2009-09-28 15:34:55 ----A---- C:\WINDOWS\system32\mswsock.dll
2009-09-28 15:34:54 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-09-28 15:34:54 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-09-28 15:34:54 ----A---- C:\WINDOWS\system32\msw3prt.dll
2009-09-28 15:34:53 ----A---- C:\WINDOWS\system32\msvcrt.dll
2009-09-28 15:34:53 ----A---- C:\WINDOWS\system32\msvcirt.dll
2009-09-28 15:34:53 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-28 15:34:53 ----A---- C:\WINDOWS\system32\mstime.dll
2009-09-28 15:34:52 ----A---- C:\WINDOWS\system32\msscp.dll
2009-09-28 15:34:51 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-09-28 15:34:51 ----A---- C:\WINDOWS\system32\msrating.dll
2009-09-28 15:34:50 ----A---- C:\WINDOWS\system32\mspmsp.dll
2009-09-28 15:34:50 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-09-28 15:34:49 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-09-28 15:34:48 ----A---- C:\WINDOWS\system32\msls31.dll
2009-09-28 15:34:48 ----A---- C:\WINDOWS\system32\msjint40.dll
2009-09-28 15:34:48 ----A---- C:\WINDOWS\system32\msjet40.dll
2009-09-28 15:34:46 ----A---- C:\WINDOWS\system32\msisip.dll
2009-09-28 15:34:46 ----A---- C:\WINDOWS\system32\msimsg.dll
2009-09-28 15:34:46 ----A---- C:\WINDOWS\system32\msihnd.dll
2009-09-28 15:34:46 ----A---- C:\WINDOWS\system32\msiexec.exe
2009-09-28 15:34:45 ----A---- C:\WINDOWS\system32\msi.dll
2009-09-28 15:34:41 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-09-28 15:34:41 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-09-28 15:34:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-09-28 15:34:31 ----A---- C:\WINDOWS\system32\mshta.exe
2009-09-28 15:34:30 ----A---- C:\WINDOWS\system32\msgina.dll
2009-09-28 15:34:30 ----A---- C:\WINDOWS\system32\msftedit.dll
2009-09-28 15:34:29 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-09-28 15:34:29 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-09-28 15:34:29 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-09-28 15:34:28 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-09-28 15:34:25 ----A---- C:\WINDOWS\system32\msdelta.dll
2009-09-28 15:34:25 ----A---- C:\WINDOWS\system32\msdbg2.dll
2009-09-28 15:34:24 ----A---- C:\WINDOWS\system32\MSCTF.dll
2009-09-28 15:34:24 ----A---- C:\WINDOWS\system32\mscms.dll
2009-09-28 15:34:22 ----A---- C:\WINDOWS\system32\mqutil.dll
2009-09-28 15:34:21 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2009-09-28 15:34:21 ----A---- C:\WINDOWS\system32\mqsec.dll
2009-09-28 15:34:21 ----A---- C:\WINDOWS\system32\mqrt.dll
2009-09-28 15:34:21 ----A---- C:\WINDOWS\system32\mqqm.dll
2009-09-28 15:34:20 ----A---- C:\WINDOWS\system32\mqise.dll
2009-09-28 15:34:20 ----A---- C:\WINDOWS\system32\mqdscli.dll
2009-09-28 15:34:20 ----A---- C:\WINDOWS\system32\mqad.dll
2009-09-28 15:34:19 ----A---- C:\WINDOWS\system32\mpg4dmod.dll
2009-09-28 15:34:19 ----A---- C:\WINDOWS\system32\mpg4decd.dll
2009-09-28 15:34:19 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2009-09-28 15:34:19 ----A---- C:\WINDOWS\system32\mp4sdecd.dll
2009-09-28 15:34:19 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2009-09-28 15:34:18 ----A---- C:\WINDOWS\system32\mp43decd.dll
2009-09-28 15:34:18 ----A---- C:\WINDOWS\system32\mountvol.exe
2009-09-28 15:34:18 ----A---- C:\WINDOWS\system32\mmcshext.dll
2009-09-28 15:34:18 ----A---- C:\WINDOWS\system32\mmcperf.exe
2009-09-28 15:34:18 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2009-09-28 15:34:16 ----A---- C:\WINDOWS\system32\mmcex.dll
2009-09-28 15:34:16 ----A---- C:\WINDOWS\system32\mmcbase.dll
2009-09-28 15:34:15 ----A---- C:\WINDOWS\system32\mmc.exe
2009-09-28 15:34:14 ----A---- C:\WINDOWS\system32\mimefilt.dll
2009-09-28 15:34:13 ----A---- C:\WINDOWS\system32\mfplat.dll
2009-09-28 15:34:13 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-09-28 15:34:12 ----A---- C:\WINDOWS\system32\logagent.exe
2009-09-28 15:34:11 ----A---- C:\WINDOWS\system32\localspl.dll
2009-09-28 15:34:11 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-09-28 15:34:11 ----A---- C:\WINDOWS\system32\licdll.dll
2009-09-28 15:34:07 ----A---- C:\WINDOWS\system32\laprxy.dll
2009-09-28 15:34:06 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-09-28 15:34:05 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-09-28 15:34:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-09-28 15:34:04 ----A---- C:\WINDOWS\system32\jscript.dll
2009-09-28 15:34:03 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2009-09-28 15:34:03 ----A---- C:\WINDOWS\system32\ipconfig.exe
2009-09-28 15:34:02 ----A---- C:\WINDOWS\system32\inseng.dll
2009-09-28 15:34:02 ----A---- C:\WINDOWS\system32\infosoft.dll
2009-09-28 15:33:58 ----A---- C:\WINDOWS\system32\inetpp.dll
2009-09-28 15:33:55 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-09-28 15:33:55 ----A---- C:\WINDOWS\system32\ifsutil.dll
2009-09-28 15:33:53 ----A---- C:\WINDOWS\system32\ieui.dll
2009-09-28 15:33:53 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-09-28 15:33:53 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-09-28 15:33:53 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-09-28 15:33:51 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-09-28 15:33:50 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-09-28 15:33:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-09-28 15:33:38 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-09-28 15:33:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-09-28 15:33:33 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-09-28 15:33:32 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-09-28 15:33:32 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-09-28 15:33:31 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-09-28 15:33:28 ----A---- C:\WINDOWS\system32\idndl.dll
2009-09-28 15:33:27 ----A---- C:\WINDOWS\system32\icm32.dll
2009-09-28 15:33:27 ----A---- C:\WINDOWS\system32\icardie.dll
2009-09-28 15:33:26 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2009-09-28 15:33:24 ----A---- C:\WINDOWS\system32\hal.dll
2009-09-28 15:33:24 ----A---- C:\WINDOWS\system32\gptext.dll
2009-09-28 15:33:24 ----A---- C:\WINDOWS\system32\gdi32.dll
2009-09-28 15:33:23 ----A---- C:\WINDOWS\system32\format.com
2009-09-28 15:33:23 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-09-28 15:33:23 ----A---- C:\WINDOWS\system32\fmifs.dll
2009-09-28 15:33:18 ----A---- C:\WINDOWS\system32\fc.exe
2009-09-28 15:33:17 ----A---- C:\WINDOWS\explorer.exe
2009-09-28 15:33:16 ----A---- C:\WINDOWS\system32\es.dll
2009-09-28 15:33:15 ----A---- C:\WINDOWS\system32\eapphost.dll
2009-09-28 15:33:15 ----A---- C:\WINDOWS\system32\eappgnui.dll
2009-09-28 15:33:15 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-09-28 15:33:15 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-09-28 15:33:14 ----A---- C:\WINDOWS\system32\dsuiext.dll
2009-09-28 15:33:14 ----A---- C:\WINDOWS\system32\drprov.dll
2009-09-28 15:33:14 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-09-28 15:33:13 ----A---- C:\WINDOWS\system32\drmupgds.exe
2009-09-28 15:33:13 ----A---- C:\WINDOWS\system32\dot3svc.dll
2009-09-28 15:33:12 ----A---- C:\WINDOWS\system32\dot3msm.dll
2009-09-28 15:33:12 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2009-09-28 15:33:12 ----A---- C:\WINDOWS\system32\dnsapi.dll
2009-09-28 15:33:12 ----A---- C:\WINDOWS\system32\dimsroam.dll
2009-09-28 15:33:12 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-09-28 15:33:11 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2009-09-28 15:33:11 ----A---- C:\WINDOWS\system32\d3d9.dll
2009-09-28 15:33:10 ----A---- C:\WINDOWS\system32\cscript.exe
2009-09-28 15:33:09 ----A---- C:\WINDOWS\system32\cscdll.dll
2009-09-28 15:33:09 ----A---- C:\WINDOWS\system32\crypt32.dll
2009-09-28 15:33:09 ----A---- C:\WINDOWS\system32\corpol.dll
2009-09-28 15:33:04 ----A---- C:\WINDOWS\system32\cic.dll
2009-09-28 15:33:04 ----A---- C:\WINDOWS\system32\cewmdm.dll
2009-09-28 15:33:03 ----A---- C:\WINDOWS\system32\cdm.dll
2009-09-28 15:33:03 ----A---- C:\WINDOWS\system32\browser.dll
2009-09-28 15:33:03 ----A---- C:\WINDOWS\system32\blackbox.dll
2009-09-28 15:33:02 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-09-28 15:33:02 ----A---- C:\WINDOWS\system32\audiodev.dll
2009-09-28 15:33:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2009-09-28 15:33:02 ----A---- C:\WINDOWS\system32\atl.dll
2009-09-28 15:33:02 ----A---- C:\WINDOWS\system32\asferror.dll
2009-09-28 15:32:54 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-09-28 15:32:54 ----A---- C:\WINDOWS\system32\advpack.dll
2009-09-28 15:32:54 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-09-28 15:32:53 ----A---- C:\WINDOWS\system32\adsmsext.dll
2009-09-28 15:32:53 ----A---- C:\WINDOWS\system32\adsldp.dll
2009-09-28 15:32:53 ----A---- C:\WINDOWS\system32\admparse.dll

======List of files/folders modified in the last 1 months======

2009-10-15 22:39:08 ----A---- C:\WINDOWS\system.ini
2009-10-15 20:57:25 ----A---- C:\WINDOWS\win.ini
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\pjlmon.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\pid.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\msyuv.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\hid.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\dmutil.dll
2009-09-28 15:48:24 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\wowfaxui.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\wowfax.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrvpa.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrvoica.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrv80a.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrv42a.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrsvpia.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrshuta.exe
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrsdpia.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrrtosa.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrprbda.exe
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrlbva.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrfaxa.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrdtea.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrdpa.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrcoina.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\usrcntra.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\tsbyuv.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\streamci.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\sprio800.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\sprio600.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\spnike.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\paqsp.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll
2009-09-28 15:47:22 ----A---- C:\WINDOWS\system32\dvdplay.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2009-09-28 62848]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-21 3565056]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]

[Buzo]

Zbytek

R3 emu10k;Creative SB Live! series(WDM); C:\WINDOWS\system32\drivers\emu10k1f.sys [2001-08-14 775296]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlface.sys [2001-07-11 6912]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-09-28 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfman.sys [2001-08-31 36992]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-09-28 30464]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2009-09-28 17152]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2009-09-28 9472]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-09-28 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2009-09-28 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-21 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-15 153376]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-21 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-09-28 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-09-28 14848]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[jaro3]

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[Buzo]

ComboFix 09-10-18.04 - Skálovi 19.10.2009 13:19.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.629 [GMT 2:00]
Spuštěný z: c:\documents and settings\Skálovi\Plocha\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\axaltocm.dll
c:\windows\system32\structuredqueryschematrivial.bin

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-19 do 2009-10-19 )))))))))))))))))))))))))))))))
.

2009-10-19 10:24 . 2009-10-19 10:29 -------- d-----w- c:\program files\dosbox
2009-10-19 10:24 . 2009-10-19 10:24 -------- d-----w- c:\program files\Common Files\lightning group shared files
2009-10-19 10:24 . 2009-10-19 10:24 -------- d-----w- C:\_dosboxvirtualdisk
2009-10-19 10:23 . 2009-10-19 10:23 -------- d-----w- c:\program files\PocketDOS
2009-10-19 09:48 . 2009-10-19 09:49 -------- d-----w- C:\rsit
2009-10-18 17:51 . 1999-10-10 23:01 41984 ----a-w- c:\windows\CTRegRun.exe
2009-10-18 17:50 . 1998-03-18 23:00 3584 ----a-w- c:\windows\system32\Ahqcpres.dll
2009-10-18 17:50 . 2009-10-18 17:51 -------- d-----w- c:\program files\Creative
2009-10-18 17:50 . 1999-12-16 23:00 6752 ----a-w- c:\windows\system32\PfModNT.sys
2009-10-18 17:50 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-10-18 17:50 . 2009-03-25 12:29 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2009-10-18 17:50 . 2009-03-03 18:18 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2009-10-18 17:50 . 2009-10-18 17:50 -------- d-----w- c:\program files\Realtek
2009-10-18 17:44 . 2009-10-19 10:18 -------- d-----w- c:\program files\DOSBox-0.72
2009-10-18 17:35 . 2009-10-18 17:35 -------- d-----w- c:\program files\Driver-Soft
2009-10-18 17:34 . 2009-10-18 17:34 -------- d-----w- c:\program files\7-Zip
2009-10-18 17:30 . 2004-06-14 12:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2009-10-18 17:21 . 2009-10-18 17:21 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-10-18 17:15 . 2002-07-12 16:15 106496 ----a-w- c:\windows\SiSUSBrg.exe
2009-10-18 17:15 . 2002-01-02 13:40 32768 ----a-w- c:\windows\SIS_LIB.DLL
2009-10-18 17:15 . 2001-12-07 08:11 3583 ----a-w- c:\windows\SiSport.sys
2009-10-18 17:15 . 1998-01-23 10:19 304640 ----a-w- c:\windows\IsUn0405.exe
2009-10-18 16:48 . 2009-10-18 16:48 -------- d-----w- c:\program files\sisagp
2009-10-18 14:56 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-18 14:56 . 2009-10-18 14:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-18 14:56 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-18 11:54 . 2009-10-18 11:54 -------- d-----w- c:\program files\Trend Micro
2009-10-18 10:00 . 2009-10-18 14:51 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-18 06:55 . 2009-10-18 06:55 -------- d-----w- c:\program files\Security Task Manager
2009-10-18 06:32 . 2009-10-18 06:35 -------- d-----w- c:\program files\FastStone Photo Resizer
2009-10-17 18:45 . 2009-10-17 18:45 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-10-17 18:45 . 2009-10-17 18:45 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2009-10-17 18:44 . 2009-10-17 18:44 -------- d-----w- c:\windows\system32\Futuremark
2009-10-17 18:44 . 2004-10-25 18:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2009-10-17 18:44 . 2004-06-22 13:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2009-10-17 18:44 . 2001-11-19 17:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2009-10-17 18:42 . 2009-10-17 18:42 -------- d-----w- c:\program files\Futuremark
2009-10-17 13:45 . 2009-10-17 13:45 -------- d-----w- c:\program files\WM Converter
2009-10-17 13:40 . 2009-10-17 13:44 -------- d-----w- c:\program files\Total Video Converter
2009-10-17 12:30 . 2009-10-17 12:35 -------- d-----w- c:\program files\CamStudio
2009-10-17 11:14 . 2008-04-13 20:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-10-17 10:41 . 2009-10-17 10:41 -------- d-----w- c:\program files\uTorrent
2009-10-17 06:45 . 2009-10-17 06:45 -------- d-----w- c:\program files\AceLogix
2009-10-16 07:29 . 2009-10-16 07:29 -------- d-----w- c:\program files\IObit
2009-10-16 06:03 . 2009-10-16 06:03 -------- d-----w- c:\program files\Intel Desktop Board
2009-10-16 05:56 . 2009-10-17 07:13 -------- d-----w- c:\program files\Uniblue
2009-10-16 02:19 . 2009-10-17 06:10 -------- d-----w- c:\program files\World of Warcraft
2009-10-16 02:15 . 2009-10-16 03:13 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-18 17:50 . 2009-10-15 19:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-15 19:58 . 2001-10-25 12:00 90546 ----a-w- c:\windows\system32\perfc005.dat
2009-10-15 19:58 . 2001-10-25 12:00 458370 ----a-w- c:\windows\system32\perfh005.dat
2009-10-15 19:47 . 2009-10-15 19:46 -------- d-----w- c:\program files\ICQ6.5
2009-10-15 19:47 . 2009-10-15 19:47 -------- d-----w- c:\program files\ICQ6Toolbar
2009-10-15 19:21 . 2009-10-15 19:21 0 ----a-w- c:\windows\ativpsrm.bin
2009-10-15 19:19 . 2009-10-15 19:18 -------- d-----w- c:\program files\ATI Technologies
2009-10-15 19:18 . 2009-10-15 19:18 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-15 19:03 . 2009-10-15 19:03 -------- d-----w- c:\program files\microsoft frontpage
2009-10-15 19:02 . 2009-10-15 19:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-15 19:02 . 2009-10-15 19:02 -------- d-----w- c:\program files\Java
2009-10-15 19:00 . 2009-10-15 19:00 -------- d-----w- c:\program files\MSBuild
2009-10-15 19:00 . 2009-10-15 19:00 -------- d-----w- c:\program files\Reference Assemblies
2009-10-15 18:54 . 2009-10-15 18:54 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-15 18:51 . 2009-10-15 18:51 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-15 18:50 . 2009-10-15 18:50 -------- d-----w- c:\program files\Windows Desktop Search
2009-10-15 18:50 . 2009-10-15 18:50 -------- d-----w- c:\program files\MSXML 4.0
2009-10-15 18:49 . 2009-10-15 18:49 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-28 14:00 . 2009-09-28 14:00 1571840 ----a-w- c:\windows\system32\sfcfiles.dll
2009-09-28 14:00 . 2009-09-28 14:00 4096 ----a-w- c:\windows\system32\drivers\siside.sys
2009-09-28 13:47 . 2001-10-24 10:25 77891 ----a-w- c:\windows\system32\usrmlnka.exe
2009-09-28 13:41 . 2009-10-15 18:50 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2009-09-28 13:40 . 2009-10-15 18:50 523376 ----a-w- c:\windows\system32\RmActivate.exe
2009-09-28 13:38 . 2009-10-15 18:50 922112 ----a-w- c:\windows\system32\imapi2fs.dll
2009-09-28 13:38 . 2009-10-15 18:50 426496 ----a-w- c:\windows\system32\imapi2.dll
2009-09-28 13:38 . 2009-09-28 13:38 151552 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-28 13:38 . 2009-09-28 13:38 113152 ----a-w- c:\windows\system32\imadmui.dll
2009-09-28 13:38 . 2009-09-28 13:38 633856 ----a-w- c:\windows\system32\gpprefcl.dll
2009-09-28 13:38 . 2009-09-28 13:38 9472 ----a-w- c:\windows\system32\drivers\dumpdrv.sys
2009-09-28 13:38 . 2009-09-28 13:38 133632 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-09-28 13:36 . 2009-09-28 13:36 656896 ----a-w- c:\windows\system32\wmvxencd.dll
2009-09-28 13:35 . 2009-09-28 13:35 30464 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-09-28 13:34 . 2009-09-28 13:34 91776 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-09-28 13:33 . 2009-09-28 13:33 76800 ----a-w- c:\windows\system32\inetpp.dll
2009-09-28 13:32 . 2009-09-28 13:32 684032 ----a-w- c:\windows\system32\advapi32.dll
2009-09-28 13:32 . 2009-09-28 13:32 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2009-09-28 13:32 . 2009-09-28 13:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-09-28 13:32 . 2009-09-28 13:32 68096 ----a-w- c:\windows\system32\adsmsext.dll
2009-09-28 13:32 . 2009-09-28 13:32 176128 ----a-w- c:\windows\system32\adsldp.dll
2009-09-19 17:37 . 2009-09-19 17:37 4463 ----a-w- c:\windows\system32\oembios.dat
2009-09-19 17:37 . 2009-09-19 17:37 13107200 ----a-w- c:\windows\system32\oembios.bin
2009-09-19 06:55 . 2009-09-28 13:59 997376 ----a-w- c:\windows\system32\syssetup.dll
2009-09-11 14:15 . 2009-09-28 13:34 136704 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 22:44 . 2009-09-04 22:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 22:44 . 2009-09-04 22:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 22:44 . 2009-09-04 22:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 22:29 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-09-04 21:05 . 2008-04-14 06:51 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:03 . 2009-09-28 13:35 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-04 20:53 . 2009-07-15 08:47 2068352 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 17:23 . 2009-09-28 13:35 2191488 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-07-21 16:30 . 2009-07-21 16:30 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-07-21 15:55 . 2009-07-21 15:55 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-07-21 15:54 . 2009-07-21 15:54 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-07-21 15:44 . 2009-07-21 15:44 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-07-21 15:44 . 2009-07-21 15:44 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-07-21 15:43 . 2009-07-21 15:43 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-07-21 15:43 . 2009-07-21 15:43 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-07-21 15:43 . 2009-07-21 15:43 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-07-21 15:42 . 2009-07-21 15:42 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-07-21 15:40 . 2009-07-21 15:40 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-07-21 15:35 . 2009-07-21 15:35 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-07-21 15:32 . 2009-07-21 15:32 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-07-21 15:32 . 2009-07-21 15:32 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-07-21 15:17 . 2009-07-21 15:17 2670720 ----a-w- c:\windows\system32\ativvaxx.dll
2009-07-21 15:17 . 2009-07-21 15:17 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-07-21 15:17 . 2009-07-21 15:17 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-07-21 15:01 . 2009-07-21 15:01 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-07-21 14:57 . 2009-07-21 14:57 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-07-21 14:55 . 2009-07-21 14:55 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-07-21 14:54 . 2009-07-21 14:54 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-07-21 14:54 . 2009-07-21 14:54 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-07-21 14:53 . 2009-07-21 14:53 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-07-21 14:53 . 2009-07-21 14:53 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-07-21 14:52 . 2009-07-21 14:52 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-07-21 14:52 . 2009-07-21 14:52 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-07-21 14:48 . 2009-07-21 14:48 626688 ----a-w- c:\windows\system32\ati2cqag.dll
.

------- Sigcheck -------

[-] 2009-09-28 . 66E217E5E009815E06BA4F632794B731 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Ram Optimizer"="c:\program files\AceLogix\Free Ram Optimizer\fro.exe" [2003-08-22 57344]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-17 289072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"AudioHQ"="c:\program files\Creative\SBLive\AudioHQ\AHQTB.EXE" [2000-05-10 205312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2009-10-15 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-09-28 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [28.9.2009 15:38 9472]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [18.10.2009 19:21 23600]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-19 13:22
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-10-19 13:23
ComboFix-quarantined-files.txt 2009-10-19 11:23

Před spuštěním: Volných bajtů: 34 280 226 816
Po spuštění: Volných bajtů: 34 345 791 488

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 9D3DCADC9B59448DC8D9E79D3D7F3075

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\ativpsrm.bin

Folder::
C:\WINDOWS\system32\appmgmt


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Toto otestuj na Virustotal
c:\windows\system32\sfcfiles.dll
Vlož sem pak odkaz výsledku.

[Buzo]

Soubor na virustotalu komplet čistý 0/41

ComboFix 09-10-18.06 - Skálovi 19.10.2009 15:34.2.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.676 [GMT 2:00]
Spuštěný z: c:\documents and settings\Skálovi\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Skálovi\Plocha\CFScript.txt.txt

FILE ::
"c:\windows\ativpsrm.bin"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\ativpsrm.bin

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-19 do 2009-10-19 )))))))))))))))))))))))))))))))
.

2009-10-19 10:24 . 2009-10-19 10:29 -------- d-----w- c:\program files\dosbox
2009-10-19 10:24 . 2009-10-19 10:24 -------- d-----w- c:\program files\Common Files\lightning group shared files
2009-10-19 10:24 . 2009-10-19 10:24 -------- d-----w- C:\_dosboxvirtualdisk
2009-10-19 10:23 . 2009-10-19 10:23 -------- d-----w- c:\program files\PocketDOS
2009-10-19 09:48 . 2009-10-19 09:49 -------- d-----w- C:\rsit
2009-10-18 17:51 . 1999-10-10 23:01 41984 ----a-w- c:\windows\CTRegRun.exe
2009-10-18 17:50 . 1998-03-18 23:00 3584 ----a-w- c:\windows\system32\Ahqcpres.dll
2009-10-18 17:50 . 2009-10-18 17:51 -------- d-----w- c:\program files\Creative
2009-10-18 17:50 . 1999-12-16 23:00 6752 ----a-w- c:\windows\system32\PfModNT.sys
2009-10-18 17:50 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-10-18 17:50 . 2009-03-25 12:29 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2009-10-18 17:50 . 2009-03-03 18:18 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2009-10-18 17:50 . 2009-10-18 17:50 -------- d-----w- c:\program files\Realtek
2009-10-18 17:44 . 2009-10-19 10:18 -------- d-----w- c:\program files\DOSBox-0.72
2009-10-18 17:35 . 2009-10-18 17:35 -------- d-----w- c:\program files\Driver-Soft
2009-10-18 17:34 . 2009-10-18 17:34 -------- d-----w- c:\program files\7-Zip
2009-10-18 17:30 . 2004-06-14 12:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2009-10-18 17:21 . 2009-10-18 17:21 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-10-18 17:15 . 2002-07-12 16:15 106496 ----a-w- c:\windows\SiSUSBrg.exe
2009-10-18 17:15 . 2002-01-02 13:40 32768 ----a-w- c:\windows\SIS_LIB.DLL
2009-10-18 17:15 . 2001-12-07 08:11 3583 ----a-w- c:\windows\SiSport.sys
2009-10-18 17:15 . 1998-01-23 10:19 304640 ----a-w- c:\windows\IsUn0405.exe
2009-10-18 16:48 . 2009-10-18 16:48 -------- d-----w- c:\program files\sisagp
2009-10-18 14:56 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-18 14:56 . 2009-10-18 14:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-18 14:56 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-18 11:54 . 2009-10-18 11:54 -------- d-----w- c:\program files\Trend Micro
2009-10-18 10:00 . 2009-10-18 14:51 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-18 06:55 . 2009-10-18 06:55 -------- d-----w- c:\program files\Security Task Manager
2009-10-18 06:32 . 2009-10-18 06:35 -------- d-----w- c:\program files\FastStone Photo Resizer
2009-10-17 18:45 . 2009-10-17 18:45 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2009-10-17 18:45 . 2009-10-17 18:45 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2009-10-17 18:44 . 2009-10-17 18:44 -------- d-----w- c:\windows\system32\Futuremark
2009-10-17 18:44 . 2004-10-25 18:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2009-10-17 18:44 . 2004-06-22 13:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2009-10-17 18:44 . 2001-11-19 17:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2009-10-17 18:42 . 2009-10-17 18:42 -------- d-----w- c:\program files\Futuremark
2009-10-17 13:45 . 2009-10-17 13:45 -------- d-----w- c:\program files\WM Converter
2009-10-17 13:40 . 2009-10-17 13:44 -------- d-----w- c:\program files\Total Video Converter
2009-10-17 12:30 . 2009-10-17 12:35 -------- d-----w- c:\program files\CamStudio
2009-10-17 11:14 . 2008-04-13 20:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-10-17 10:41 . 2009-10-17 10:41 -------- d-----w- c:\program files\uTorrent
2009-10-17 06:45 . 2009-10-17 06:45 -------- d-----w- c:\program files\AceLogix
2009-10-16 07:29 . 2009-10-16 07:29 -------- d-----w- c:\program files\IObit
2009-10-16 06:03 . 2009-10-16 06:03 -------- d-----w- c:\program files\Intel Desktop Board
2009-10-16 05:56 . 2009-10-17 07:13 -------- d-----w- c:\program files\Uniblue
2009-10-16 02:19 . 2009-10-17 06:10 -------- d-----w- c:\program files\World of Warcraft
2009-10-16 02:15 . 2009-10-16 03:13 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-18 17:50 . 2009-10-15 19:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-15 19:58 . 2001-10-25 12:00 90546 ----a-w- c:\windows\system32\perfc005.dat
2009-10-15 19:58 . 2001-10-25 12:00 458370 ----a-w- c:\windows\system32\perfh005.dat
2009-10-15 19:47 . 2009-10-15 19:46 -------- d-----w- c:\program files\ICQ6.5
2009-10-15 19:47 . 2009-10-15 19:47 -------- d-----w- c:\program files\ICQ6Toolbar
2009-10-15 19:19 . 2009-10-15 19:18 -------- d-----w- c:\program files\ATI Technologies
2009-10-15 19:18 . 2009-10-15 19:18 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-15 19:03 . 2009-10-15 19:03 -------- d-----w- c:\program files\microsoft frontpage
2009-10-15 19:02 . 2009-10-15 19:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-15 19:02 . 2009-10-15 19:02 -------- d-----w- c:\program files\Java
2009-10-15 19:00 . 2009-10-15 19:00 -------- d-----w- c:\program files\MSBuild
2009-10-15 19:00 . 2009-10-15 19:00 -------- d-----w- c:\program files\Reference Assemblies
2009-10-15 18:54 . 2009-10-15 18:54 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-15 18:51 . 2009-10-15 18:51 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-15 18:50 . 2009-10-15 18:50 -------- d-----w- c:\program files\Windows Desktop Search
2009-10-15 18:50 . 2009-10-15 18:50 -------- d-----w- c:\program files\MSXML 4.0
2009-10-15 18:49 . 2009-10-15 18:49 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-28 14:00 . 2009-09-28 14:00 1571840 ----a-w- c:\windows\system32\sfcfiles.dll
2009-09-28 14:00 . 2009-09-28 14:00 4096 ----a-w- c:\windows\system32\drivers\siside.sys
2009-09-28 13:47 . 2001-10-24 10:25 77891 ----a-w- c:\windows\system32\usrmlnka.exe
2009-09-28 13:41 . 2009-10-15 18:50 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2009-09-28 13:40 . 2009-10-15 18:50 523376 ----a-w- c:\windows\system32\RmActivate.exe
2009-09-28 13:38 . 2009-10-15 18:50 922112 ----a-w- c:\windows\system32\imapi2fs.dll
2009-09-28 13:38 . 2009-10-15 18:50 426496 ----a-w- c:\windows\system32\imapi2.dll
2009-09-28 13:38 . 2009-09-28 13:38 151552 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-28 13:38 . 2009-09-28 13:38 113152 ----a-w- c:\windows\system32\imadmui.dll
2009-09-28 13:38 . 2009-09-28 13:38 633856 ----a-w- c:\windows\system32\gpprefcl.dll
2009-09-28 13:38 . 2009-09-28 13:38 9472 ----a-w- c:\windows\system32\drivers\dumpdrv.sys
2009-09-28 13:38 . 2009-09-28 13:38 133632 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-09-28 13:36 . 2009-09-28 13:36 656896 ----a-w- c:\windows\system32\wmvxencd.dll
2009-09-28 13:35 . 2009-09-28 13:35 30464 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-09-28 13:34 . 2009-09-28 13:34 91776 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-09-28 13:33 . 2009-09-28 13:33 76800 ----a-w- c:\windows\system32\inetpp.dll
2009-09-28 13:32 . 2009-09-28 13:32 684032 ----a-w- c:\windows\system32\advapi32.dll
2009-09-28 13:32 . 2009-09-28 13:32 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2009-09-28 13:32 . 2009-09-28 13:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-09-28 13:32 . 2009-09-28 13:32 68096 ----a-w- c:\windows\system32\adsmsext.dll
2009-09-28 13:32 . 2009-09-28 13:32 176128 ----a-w- c:\windows\system32\adsldp.dll
2009-09-19 17:37 . 2009-09-19 17:37 4463 ----a-w- c:\windows\system32\oembios.dat
2009-09-19 17:37 . 2009-09-19 17:37 13107200 ----a-w- c:\windows\system32\oembios.bin
2009-09-19 06:55 . 2009-09-28 13:59 997376 ----a-w- c:\windows\system32\syssetup.dll
2009-09-11 14:15 . 2009-09-28 13:34 136704 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 22:44 . 2009-09-04 22:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 22:44 . 2009-09-04 22:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 22:44 . 2009-09-04 22:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 22:29 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 22:29 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-09-04 21:05 . 2008-04-14 06:51 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:03 . 2009-09-28 13:35 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-04 20:53 . 2009-07-15 08:47 2068352 ------w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 17:23 . 2009-09-28 13:35 2191488 ------w- c:\windows\system32\ntoskrnl.exe
2009-07-21 16:30 . 2009-07-21 16:30 3565056 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-07-21 15:55 . 2009-07-21 15:55 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-07-21 15:54 . 2009-07-21 15:54 325120 ----a-w- c:\windows\system32\ati2dvag.dll
2009-07-21 15:44 . 2009-07-21 15:44 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-07-21 15:44 . 2009-07-21 15:44 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-07-21 15:43 . 2009-07-21 15:43 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-07-21 15:43 . 2009-07-21 15:43 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-07-21 15:43 . 2009-07-21 15:43 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-07-21 15:42 . 2009-07-21 15:42 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-07-21 15:40 . 2009-07-21 15:40 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-07-21 15:35 . 2009-07-21 15:35 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-07-21 15:32 . 2009-07-21 15:32 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-07-21 15:32 . 2009-07-21 15:32 3818272 ----a-w- c:\windows\system32\ati3duag.dll
2009-07-21 15:17 . 2009-07-21 15:17 2670720 ----a-w- c:\windows\system32\ativvaxx.dll
2009-07-21 15:17 . 2009-07-21 15:17 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-07-21 15:17 . 2009-07-21 15:17 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-07-21 15:01 . 2009-07-21 15:01 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-07-21 14:57 . 2009-07-21 14:57 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-07-21 14:55 . 2009-07-21 14:55 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-07-21 14:54 . 2009-07-21 14:54 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-07-21 14:54 . 2009-07-21 14:54 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-07-21 14:53 . 2009-07-21 14:53 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-07-21 14:53 . 2009-07-21 14:53 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-07-21 14:52 . 2009-07-21 14:52 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-07-21 14:52 . 2009-07-21 14:52 3227648 ----a-w- c:\windows\system32\aticaldd.dll
2009-07-21 14:48 . 2009-07-21 14:48 626688 ----a-w- c:\windows\system32\ati2cqag.dll
.

------- Sigcheck -------

[-] 2009-09-28 . 66E217E5E009815E06BA4F632794B731 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-19_11.22.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-19 13:39 . 2009-10-19 13:39 16384 c:\windows\temp\Perflib_Perfdata_1b0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Ram Optimizer"="c:\program files\AceLogix\Free Ram Optimizer\fro.exe" [2003-08-22 57344]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-17 289072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"AudioHQ"="c:\program files\Creative\SBLive\AudioHQ\AHQTB.EXE" [2000-05-10 205312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2009-10-15 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-09-28 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [28.9.2009 15:38 9472]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [18.10.2009 19:21 23600]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-19 15:39
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(596)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(288)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\devldr32.exe
c:\combofix\CF2217.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2009-10-19 15:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-10-19 13:41
ComboFix2.txt 2009-10-19 11:23

Před spuštěním: Volných bajtů: 34 296 061 952
Po spuštění: Volných bajtů: 34 317 426 688

- - End Of File - - 8F456D4806B235105503E7B1AD9C9D47

[Buzo]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:42:57, on 19.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKCU\..\Run: [Free Ram Optimizer] C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 3828 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

Nainstaluj si Aviru free+ spywareTerminator nebo Spybot.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , fajfku.