WIN32/Kryptik/BFK.trojan

ahojte, rozhodol som sa sem aj na napisat, lebo ma to dosti otravuje uz, a kedze tento trojan je odlisny od tych co som cital (v podstate aj moj problem je trochu odlisny) zakladam nove vlakno.
Ked som pripojeny na internet cca kazdych 5min mi vyskoci z ESETu toto okno:

objekt:
http://91.212.226.178/old.crypted.exe
Infiltrácia:
variant infiltrácie WIN32/Kryptik/BFK trojsky kon
Info:
prerusene spojenie - ulozeny do karanteny

Na internete som o tom nasiel toto:

http://forums.techguy.org/malware-remov ... rojan.html

...moja anglictina je zlaaa, ale mam pocit ze tam sa nepise o rieseni problemu.
Cca pred 2dnami mi ESET vyhadzoval este plno trojanov v PC, ktore vyliecil zmazanim, nasledno po nainstalovani ad-aware sa mi podarilo cca25 zaskodnikov odstranit, nainstaloval som este aj spybot S-D, ktory mi odstranil dalsich cca 25 zaskodnikov. Teraz sa mi zda byt PC ciste, kompletny scan jedneho aj druheho programu nic nezistil, len vzdy ked sa pripojim na internet tak sa ten trojan chce dostat do PC :-/
existuje nejaky lahky sposob ako sa toho zbavit, alebo su len tie tazke?
dakujem za rady
PS: mam OS win Vista a aj som rozmyslal skusit obnovu systemu ako som si vsimol v inej diskusii, ale nejako je ta ikonka na obnosu systemu neaktivna...

Ahoj, existuje par celkom jednoduchych sposobov. Treba vsak citat navody a robit vsetko podla nich:

Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.

Keby mi to ale slo...
dds.scr sa mi otvori v poznamkovom bloku vo forme divnych znakov a pisma, proste chaos a dds.pif mi vyhadzuje tabulku ze nie je platnou aplikaciou win32...

Stiahol som si dds.pif od inakial a ten mi ide spustit, ibaze po chvilke sa mi zjavi tabulka error: An unknown error occured. The program will be terminated.

ak by to pomohlo tak som pomocou UPM vytvoril log:

Nemam rad UPM, hrozne neprehladny soft...

1) Stiahni Daft. Spust a klikni na "Scan". Cervene riadky oznac a klikni na "Fix". Restart PC.



2) Stiahni si Win32kDiag, najlepsie na plochu. Spust dvojklikom, po skonceni scanu by sa ti mal zobrazit textovy subor. Jeho obsah sem vloz.


3) A znova skus spustit DDS.

1) Boli tam dve cervene veci, fixol som a restartol PC

2) Spustil, vysledok je tuna:


Running from: C:\Users\Michal\Desktop\Win32kDiag.exe

Log file at : C:\Users\Michal\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

[1] 2009-11-29 14:16:30 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl

[1] 2009-11-29 14:16:09 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl

[1] 2009-11-29 14:16:09 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl

[1] 2009-11-29 14:16:09 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl ()





Finished!




3) Zasa ta ista chyba co minule.

PS: Keby som skusil pomocou RSIT spravit ten log??

Jj, pouzi RSIT. Neviem, ci mas navod, pre istotu posielam:

Stiahni RSIT. Spust, klik na "Continue". Po dokoneceni by se ti mal otvorit textovy subor. Ten skopiruj sem.
Pokial by sa nieco stalo, najdes ho aj na adrese "C:\rsit\log.txt".

podarilo sa

Logfile of random's system information tool 1.06 (written by random/random)
Run by Michal at 2009-11-29 15:47:53
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 134 GB (85%) free of 157 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:48:23, on 29. 11. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michal\Desktop\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [hbnbuv] RUNDLL32.EXE C:\Windows\TEMP\msxjxaec.dll,w (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [hbnbuv] RUNDLL32.EXE C:\Windows\TEMP\msxjxaec.dll,w (User 'Default user')
O4 - Startup: Windows Updater.lnk = C:\Users\Michal\AppData\Local\Temp\JDstart.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

--
End of file - 7078 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-889193068-329059495-362259107-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-889193068-329059495-362259107-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-11-25 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2054360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-27 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Windows Updater.lnk - C:\Users\Michal\AppData\Local\Temp\JDstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\system32\winlogon.exe"="C:\Windows\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea3060f6-d8fa-11de-bb45-0011d8d8a381}]
shell\AutoRun\command - E:\WD_Windows_Tools\Setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2009-11-29 15:47:54 ----D---- C:\Program Files\trend micro
2009-11-29 15:47:53 ----D---- C:\rsit
2009-11-28 20:05:33 ----D---- C:\Program Files\CCleaner
2009-11-28 19:04:03 ----D---- C:\Program Files\Ultimate Process Manager
2009-11-28 18:40:33 ----HD---- C:\Windows\PIF
2009-11-28 16:18:32 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-11-28 16:18:19 ----D---- C:\Users\Michal\AppData\Roaming\SUPERAntiSpyware.com
2009-11-28 16:18:19 ----D---- C:\Program Files\SUPERAntiSpyware
2009-11-28 16:18:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-27 19:32:38 ----A---- C:\mxfgi.exe
2009-11-27 19:32:35 ----A---- C:\vdjf.exe
2009-11-27 19:32:35 ----A---- C:\uarcq.exe
2009-11-27 19:32:35 ----A---- C:\lcvs.exe
2009-11-27 19:32:35 ----A---- C:\jcwna.exe
2009-11-27 19:32:35 ----A---- C:\ggfixu.exe
2009-11-27 19:32:35 ----A---- C:\cngshr.exe
2009-11-27 19:32:34 ----A---- C:\wtrf.exe
2009-11-27 19:32:34 ----A---- C:\ajtsbo.exe
2009-11-27 19:08:57 ----D---- C:\Program Files\Common Files\Protexis
2009-11-27 19:08:56 ----D---- C:\ProgramData\Corel
2009-11-27 19:06:08 ----D---- C:\Program Files\Corel
2009-11-27 18:38:53 ----D---- C:\Users\Michal\AppData\Roaming\Corel
2009-11-27 18:35:45 ----D---- C:\Program Files\Common Files\Corel
2009-11-27 18:16:21 ----A---- C:\Windows\system32\javaws.exe
2009-11-27 18:16:21 ----A---- C:\Windows\system32\javaw.exe
2009-11-27 18:16:21 ----A---- C:\Windows\system32\java.exe
2009-11-27 18:16:21 ----A---- C:\Windows\system32\deploytk.dll
2009-11-27 18:16:03 ----D---- C:\Program Files\Java
2009-11-27 17:52:46 ----D---- C:\Users\Michal\AppData\Roaming\VistaCodecs
2009-11-27 17:52:43 ----D---- C:\Program Files\VistaCodecPack
2009-11-27 17:51:22 ----D---- C:\ProgramData\VistaCodecs
2009-11-27 13:38:07 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-27 13:18:01 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-27 13:16:55 ----D---- C:\ProgramData\Lavasoft
2009-11-27 12:42:00 ----A---- C:\Windows\system32\test.txt
2009-11-26 23:21:20 ----A---- C:\Windows\system32\8464,472.exe
2009-11-26 23:20:52 ----SHD---- C:\Windows\system32\%APPDATA%
2009-11-26 21:17:46 ----D---- C:\Program Files\Common Files\Akamai
2009-11-25 19:36:45 ----D---- C:\ProgramData\FLEXnet
2009-11-25 19:32:32 ----D---- C:\Program Files\Adobe Media Player
2009-11-25 19:30:42 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-11-25 19:27:46 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-25 19:05:18 ----D---- C:\ProgramData\Advanced Chemistry Development
2009-11-25 19:04:18 ----D---- C:\Program Files\ACDFREE12
2009-11-25 19:03:42 ----D---- C:\Users\Michal\AppData\Roaming\Advanced Chemistry Development
2009-11-25 16:31:24 ----D---- C:\ProgramData\Apple Computer
2009-11-25 16:31:24 ----D---- C:\Program Files\QuickTime
2009-11-25 16:29:49 ----D---- C:\Program Files\BSP Multimedia
2009-11-25 15:29:04 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 14:32:08 ----D---- C:\ProgramData\Google Updater
2009-11-25 14:32:05 ----D---- C:\Program Files\Google
2009-11-25 10:05:10 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 10:05:08 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 18:52:41 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-23 18:52:08 ----D---- C:\Program Files\Microsoft
2009-11-22 16:32:22 ----D---- C:\Users\Michal\AppData\Roaming\Nero
2009-11-22 16:30:00 ----D---- C:\Program Files\Nero
2009-11-22 16:29:43 ----D---- C:\ProgramData\Nero
2009-11-22 16:29:39 ----D---- C:\Program Files\Common Files\Nero
2009-11-21 17:27:59 ----D---- C:\ProgramData\Symantec
2009-11-21 17:27:59 ----D---- C:\ProgramData\Norton
2009-11-21 17:27:57 ----D---- C:\ProgramData\NortonInstaller
2009-11-21 17:23:58 ----D---- C:\Program Files\Windows Portable Devices
2009-11-21 17:19:31 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-21 17:19:30 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-21 17:19:30 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-21 17:19:01 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-21 17:19:00 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-21 17:19:00 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-21 17:19:00 ----A---- C:\Windows\system32\cdd.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-21 17:18:59 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-21 17:18:59 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-21 17:18:59 ----A---- C:\Windows\system32\d2d1.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\FntCache.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\dxgi.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\DWrite.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\d3d11.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-21 17:18:58 ----A---- C:\Windows\system32\d3d10.dll
2009-11-21 17:18:26 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-21 17:18:26 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-21 17:18:26 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-21 17:18:24 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-21 17:18:22 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-21 17:16:49 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-21 17:16:48 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-21 17:16:48 ----A---- C:\Windows\system32\oleacc.dll
2009-11-21 17:12:27 ----D---- C:\Users\Michal\AppData\Roaming\ESET
2009-11-21 17:11:00 ----D---- C:\ProgramData\ESET
2009-11-21 17:11:00 ----D---- C:\Program Files\ESET
2009-11-21 16:54:47 ----D---- C:\Program Files\Ask.com
2009-11-21 16:54:39 ----D---- C:\Program Files\uTorrent
2009-11-21 16:52:00 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2009-11-21 14:55:28 ----D---- C:\Users\Michal\AppData\Roaming\DivX
2009-11-21 14:49:50 ----D---- C:\Program Files\DivX
2009-11-21 14:49:37 ----D---- C:\Program Files\Common Files\DivX Shared
2009-11-21 14:44:58 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-11-21 14:44:56 ----D---- C:\Program Files\Winamp
2009-11-21 13:44:08 ----A---- C:\Windows\ALCFDRTM.EXE
2009-11-20 19:33:15 ----D---- C:\Windows\system32\vi-VN
2009-11-20 19:33:15 ----D---- C:\Windows\system32\eu-ES
2009-11-20 19:33:15 ----D---- C:\Windows\system32\ca-ES
2009-11-20 19:09:05 ----D---- C:\Windows\system32\EventProviders
2009-11-18 18:54:24 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-11-18 18:54:21 ----A---- C:\Windows\system32\SLCExt.dll
2009-11-18 18:54:20 ----A---- C:\Windows\system32\SLsvc.exe
2009-11-18 18:54:18 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-11-18 18:54:18 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-11-18 18:54:17 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-11-18 18:54:15 ----A---- C:\Windows\system32\mssrch.dll
2009-11-18 18:54:13 ----A---- C:\Windows\system32\tquery.dll
2009-11-18 18:54:12 ----A---- C:\Windows\system32\scavenge.dll
2009-11-18 18:54:12 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-11-18 18:54:12 ----A---- C:\Windows\system32\RMActivate.exe
2009-11-18 18:54:12 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-11-18 18:54:11 ----A---- C:\Windows\system32\msi.dll
2009-11-18 18:54:10 ----A---- C:\Windows\system32\WscEapPr.dll
2009-11-18 18:54:10 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-11-18 18:54:10 ----A---- C:\Windows\system32\secproc_isv.dll
2009-11-18 18:54:10 ----A---- C:\Windows\system32\imapi2fs.dll
2009-11-18 18:54:09 ----A---- C:\Windows\system32\sysmain.dll
2009-11-18 18:54:09 ----A---- C:\Windows\system32\icardagt.exe
2009-11-18 18:54:08 ----A---- C:\Windows\system32\EhStorShell.dll
2009-11-18 18:54:07 ----A---- C:\Windows\system32\spreview.exe
2009-11-18 18:54:07 ----A---- C:\Windows\system32\spinstall.exe
2009-11-18 18:54:07 ----A---- C:\Windows\system32\drmv2clt.dll
2009-11-18 18:54:06 ----A---- C:\Windows\system32\spwizui.dll
2009-11-18 18:54:06 ----A---- C:\Windows\system32\shell32.dll
2009-11-18 18:54:06 ----A---- C:\Windows\system32\secproc.dll
2009-11-18 18:54:06 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-11-18 18:54:05 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-11-18 18:54:05 ----A---- C:\Windows\system32\p2psvc.dll
2009-11-18 18:54:05 ----A---- C:\Windows\system32\mssvp.dll
2009-11-18 18:54:04 ----A---- C:\Windows\system32\mssphtb.dll
2009-11-18 18:54:04 ----A---- C:\Windows\system32\mssph.dll
2009-11-18 18:54:04 ----A---- C:\Windows\system32\mscoree.dll
2009-11-18 18:54:04 ----A---- C:\Windows\system32\imapi2.dll
2009-11-18 18:54:03 ----A---- C:\Windows\system32\sdohlp.dll
2009-11-18 18:54:03 ----A---- C:\Windows\system32\esent.dll
2009-11-18 18:54:02 ----A---- C:\Windows\system32\sperror.dll
2009-11-18 18:54:02 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-11-18 18:54:02 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-11-18 18:54:02 ----A---- C:\Windows\system32\DevicePairing.dll
2009-11-18 18:54:01 ----A---- C:\Windows\system32\wevtsvc.dll
2009-11-18 18:54:01 ----A---- C:\Windows\system32\SLC.dll
2009-11-18 18:54:01 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-11-18 18:54:01 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-11-18 18:54:01 ----A---- C:\Windows\system32\msshsq.dll
2009-11-18 18:54:01 ----A---- C:\Windows\system32\korwbrkr.dll
2009-11-18 18:54:00 ----A---- C:\Windows\system32\msjet40.dll
2009-11-18 18:53:59 ----A---- C:\Windows\system32\MPSSVC.dll
2009-11-18 18:53:58 ----A---- C:\Windows\system32\Query.dll
2009-11-18 18:53:58 ----A---- C:\Windows\system32\qmgr.dll
2009-11-18 18:53:58 ----A---- C:\Windows\system32\P2PGraph.dll
2009-11-18 18:53:58 ----A---- C:\Windows\system32\msexch40.dll
2009-11-18 18:53:58 ----A---- C:\Windows\system32\diagperf.dll
2009-11-18 18:53:57 ----A---- C:\Windows\system32\winload.exe
2009-11-18 18:53:57 ----A---- C:\Windows\system32\srchadmin.dll
2009-11-18 18:53:57 ----A---- C:\Windows\system32\ole32.dll
2009-11-18 18:53:57 ----A---- C:\Windows\system32\ntdll.dll
2009-11-18 18:53:57 ----A---- C:\Windows\system32\IasMigReader.exe
2009-11-18 18:53:56 ----A---- C:\Windows\system32\uDWM.dll
2009-11-18 18:53:56 ----A---- C:\Windows\system32\mmc.exe
2009-11-18 18:53:56 ----A---- C:\Windows\system32\MBLCTR.EXE
2009-11-18 18:53:56 ----A---- C:\Windows\system32\EncDec.dll
2009-11-18 18:53:56 ----A---- C:\Windows\system32\dfsr.exe
2009-11-18 18:53:55 ----A---- C:\Windows\system32\riched20.dll
2009-11-18 18:53:55 ----A---- C:\Windows\system32\RacEngn.dll
2009-11-18 18:53:55 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-11-18 18:53:55 ----A---- C:\Windows\system32\fdBth.dll
2009-11-18 18:53:54 ----A---- C:\Windows\system32\spoolss.dll
2009-11-18 18:53:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-11-18 18:53:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-11-18 18:53:54 ----A---- C:\Windows\system32\milcore.dll
2009-11-18 18:53:54 ----A---- C:\Windows\system32\kernel32.dll
2009-11-18 18:53:54 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-11-18 18:53:54 ----A---- C:\Windows\system32\CertEnroll.dll
2009-11-18 18:53:53 ----A---- C:\Windows\system32\schedsvc.dll
2009-11-18 18:53:53 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-11-18 18:53:53 ----A---- C:\Windows\system32\msvcp60.dll
2009-11-18 18:53:53 ----A---- C:\Windows\system32\msjtes40.dll
2009-11-18 18:53:53 ----A---- C:\Windows\system32\infocardapi.dll
2009-11-18 18:53:53 ----A---- C:\Windows\system32\gpedit.dll
2009-11-18 18:53:52 ----A---- C:\Windows\system32\WinSAT.exe
2009-11-18 18:53:52 ----A---- C:\Windows\system32\mstext40.dll
2009-11-18 18:53:52 ----A---- C:\Windows\system32\Magnify.exe
2009-11-18 18:53:52 ----A---- C:\Windows\system32\es.dll
2009-11-18 18:53:52 ----A---- C:\Windows\system32\advapi32.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\WebClnt.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\vssapi.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\slwmi.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\msxbde40.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\msexcl40.dll
2009-11-18 18:53:51 ----A---- C:\Windows\system32\comsvcs.dll
2009-11-18 18:53:50 ----A---- C:\Windows\system32\PresentationHost.exe
2009-11-18 18:53:50 ----A---- C:\Windows\system32\msrepl40.dll
2009-11-18 18:53:50 ----A---- C:\Windows\system32\authui.dll
2009-11-18 18:53:49 ----A---- C:\Windows\system32\propsys.dll
2009-11-18 18:53:49 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-18 18:53:49 ----A---- C:\Windows\system32\newdev.dll
2009-11-18 18:53:49 ----A---- C:\Windows\system32\iasrecst.dll
2009-11-18 18:53:49 ----A---- C:\Windows\system32\gpsvc.dll
2009-11-18 18:53:49 ----A---- C:\Windows\system32\eudcedit.exe
2009-11-18 18:53:49 ----A---- C:\Windows\system32\crypt32.dll
2009-11-18 18:53:48 ----A---- C:\Windows\system32\setupapi.dll
2009-11-18 18:53:48 ----A---- C:\Windows\system32\rpcss.dll
2009-11-18 18:53:48 ----A---- C:\Windows\system32\mspbde40.dll
2009-11-18 18:53:48 ----A---- C:\Windows\system32\d3d9.dll
2009-11-18 18:53:48 ----A---- C:\Windows\explorer.exe
2009-11-18 18:53:47 ----A---- C:\Windows\system32\shlwapi.dll
2009-11-18 18:53:47 ----A---- C:\Windows\system32\msrd3x40.dll
2009-11-18 18:53:47 ----A---- C:\Windows\system32\msltus40.dll
2009-11-18 18:53:47 ----A---- C:\Windows\system32\mfc42.dll
2009-11-18 18:53:47 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-11-18 18:53:47 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-11-18 18:53:47 ----A---- C:\Windows\system32\davclnt.dll
2009-11-18 18:53:46 ----A---- C:\Windows\system32\wevtapi.dll
2009-11-18 18:53:46 ----A---- C:\Windows\system32\photowiz.dll
2009-11-18 18:53:46 ----A---- C:\Windows\system32\nlhtml.dll
2009-11-18 18:53:46 ----A---- C:\Windows\system32\msdtctm.dll
2009-11-18 18:53:46 ----A---- C:\Windows\system32\browseui.dll
2009-11-18 18:53:45 ----A---- C:\Windows\system32\win32spl.dll
2009-11-18 18:53:45 ----A---- C:\Windows\system32\user32.dll
2009-11-18 18:53:45 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-11-18 18:53:45 ----A---- C:\Windows\system32\samsrv.dll
2009-11-18 18:53:45 ----A---- C:\Windows\system32\quartz.dll
2009-11-18 18:53:45 ----A---- C:\Windows\system32\ci.dll
2009-11-18 18:53:44 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-11-18 18:53:44 ----A---- C:\Windows\system32\oleaut32.dll
2009-11-18 18:53:44 ----A---- C:\Windows\system32\netshell.dll
2009-11-18 18:53:44 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-11-18 18:53:44 ----A---- C:\Windows\system32\compcln.exe
2009-11-18 18:53:44 ----A---- C:\Windows\system32\apds.dll
2009-11-18 18:53:43 ----A---- C:\Windows\system32\xmlfilter.dll
2009-11-18 18:53:43 ----A---- C:\Windows\system32\winhttp.dll
2009-11-18 18:53:43 ----A---- C:\Windows\system32\mswstr10.dll
2009-11-18 18:53:43 ----A---- C:\Windows\system32\msctf.dll
2009-11-18 18:53:43 ----A---- C:\Windows\system32\emdmgmt.dll
2009-11-18 18:53:43 ----A---- C:\Windows\system32\audiosrv.dll
2009-11-18 18:53:42 ----A---- C:\Windows\system32\VSSVC.exe
2009-11-18 18:53:42 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-11-18 18:53:42 ----A---- C:\Windows\system32\msvcrt.dll
2009-11-18 18:53:42 ----A---- C:\Windows\system32\mfc42u.dll
2009-11-18 18:53:42 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-11-18 18:53:42 ----A---- C:\Windows\system32\gdi32.dll
2009-11-18 18:53:41 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-11-18 18:53:41 ----A---- C:\Windows\system32\SLUI.exe
2009-11-18 18:53:41 ----A---- C:\Windows\system32\msrd2x40.dll
2009-11-18 18:53:41 ----A---- C:\Windows\system32\eapphost.dll
2009-11-18 18:53:40 ----A---- C:\Windows\system32\winresume.exe
2009-11-18 18:53:40 ----A---- C:\Windows\system32\wevtutil.exe
2009-11-18 18:53:40 ----A---- C:\Windows\system32\shdocvw.dll
2009-11-18 18:53:40 ----A---- C:\Windows\system32\propdefs.dll
2009-11-18 18:53:40 ----A---- C:\Windows\system32\odbc32.dll
2009-11-18 18:53:40 ----A---- C:\Windows\system32\mssitlb.dll
2009-11-18 18:53:40 ----A---- C:\Windows\system32\dbgeng.dll
2009-11-18 18:53:39 ----A---- C:\Windows\system32\WsmSvc.dll
2009-11-18 18:53:38 ----A---- C:\Windows\system32\swprv.dll
2009-11-18 18:53:37 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\vds.exe
2009-11-18 18:53:36 ----A---- C:\Windows\system32\usp10.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\netlogon.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\msscb.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\msctfp.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\drvinst.exe
2009-11-18 18:53:36 ----A---- C:\Windows\system32\devmgr.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-11-18 18:53:36 ----A---- C:\Windows\system32\BFE.DLL
2009-11-18 18:53:36 ----A---- C:\Windows\system32\adsldpc.dll
2009-11-18 18:53:35 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-11-18 18:53:35 ----A---- C:\Windows\system32\Wldap32.dll
2009-11-18 18:53:35 ----A---- C:\Windows\system32\wcnwiz.dll
2009-11-18 18:53:35 ----A---- C:\Windows\system32\evr.dll
2009-11-18 18:53:34 ----A---- C:\Windows\system32\WERCON.EXE
2009-11-18 18:53:34 ----A---- C:\Windows\system32\services.exe
2009-11-18 18:53:34 ----A---- C:\Windows\system32\comdlg32.dll
2009-11-18 18:53:34 ----A---- C:\Windows\system32\adtschema.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\wcncsvc.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\taskeng.exe
2009-11-18 18:53:33 ----A---- C:\Windows\system32\rtffilt.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\reg.exe
2009-11-18 18:53:33 ----A---- C:\Windows\system32\mswdat10.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\msjter40.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\msdtcprx.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\msdrm.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\mimefilt.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\dnsapi.dll
2009-11-18 18:53:33 ----A---- C:\Windows\system32\certcli.dll
2009-11-18 18:53:32 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-11-18 18:53:32 ----A---- C:\Windows\system32\w32time.dll
2009-11-18 18:53:32 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-11-18 18:53:32 ----A---- C:\Windows\system32\msshooks.dll
2009-11-18 18:53:32 ----A---- C:\Windows\system32\msscntrs.dll
2009-11-18 18:53:32 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-11-18 18:53:32 ----A---- C:\Windows\system32\certutil.exe
2009-11-18 18:53:32 ----A---- C:\Windows\system32\bcrypt.dll
2009-11-18 18:53:31 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-11-18 18:53:31 ----A---- C:\Windows\system32\rsaenh.dll
2009-11-18 18:53:31 ----A---- C:\Windows\system32\msstrc.dll
2009-11-18 18:53:31 ----A---- C:\Windows\system32\msihnd.dll
2009-11-18 18:53:31 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-11-18 18:53:31 ----A---- C:\Windows\system32\bthserv.dll
2009-11-18 18:53:30 ----A---- C:\Windows\system32\netapi32.dll
2009-11-18 18:53:30 ----A---- C:\Windows\system32\mtxclu.dll
2009-11-18 18:53:30 ----A---- C:\Windows\system32\inetpp.dll
2009-11-18 18:53:30 ----A---- C:\Windows\system32\inetcomm.dll
2009-11-18 18:53:30 ----A---- C:\Windows\system32\dfshim.dll
2009-11-18 18:53:30 ----A---- C:\Windows\system32\cryptsvc.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\termsrv.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\profsvc.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\mscories.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\hidserv.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\fundisc.dll
2009-11-18 18:53:29 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\wdc.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\shsvcs.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\rasmans.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\pnidui.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\MSIEXEC.EXE
2009-11-18 18:53:28 ----A---- C:\Windows\system32\imapi.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\iassdo.dll
2009-11-18 18:53:28 ----A---- C:\Windows\system32\chsbrkr.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\wersvc.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\spoolsv.exe
2009-11-18 18:53:27 ----A---- C:\Windows\system32\slmgr.vbs
2009-11-18 18:53:27 ----A---- C:\Windows\system32\scrrun.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\PSHED.DLL
2009-11-18 18:53:27 ----A---- C:\Windows\system32\pdh.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\icardres.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\azroles.dll
2009-11-18 18:53:27 ----A---- C:\Windows\system32\autofmt.exe
2009-11-18 18:53:26 ----A---- C:\Windows\system32\wmpmde.dll
2009-11-18 18:53:26 ----A---- C:\Windows\system32\winlogon.exe
2009-11-18 18:53:26 ----A---- C:\Windows\system32\SyncCenter.dll
2009-11-18 18:53:26 ----A---- C:\Windows\system32\pidgenx.dll
2009-11-18 18:53:26 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-11-18 18:53:25 ----A---- C:\Windows\system32\SLUINotify.dll
2009-11-18 18:53:25 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-11-18 18:53:25 ----A---- C:\Windows\system32\comuid.dll
2009-11-18 18:53:25 ----A---- C:\Windows\system32\certmgr.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\wisptis.exe
2009-11-18 18:53:24 ----A---- C:\Windows\system32\untfs.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\taskcomp.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\spp.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\sethc.exe
2009-11-18 18:53:24 ----A---- C:\Windows\system32\scrobj.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\rtutils.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\ncrypt.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\kd1394.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\iassam.dll
2009-11-18 18:53:24 ----A---- C:\Windows\system32\dwm.exe
2009-11-18 18:53:23 ----A---- C:\Windows\system32\winsrv.dll
2009-11-18 18:53:23 ----A---- C:\Windows\system32\printui.dll
2009-11-18 18:53:23 ----A---- C:\Windows\system32\iasnap.dll
2009-11-18 18:53:23 ----A---- C:\Windows\system32\autochk.exe
2009-11-18 18:53:23 ----A---- C:\Windows\system32\autoconv.exe
2009-11-18 18:53:22 ----A---- C:\Windows\system32\wow32.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\winmm.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\userenv.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\RelMon.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\rdpencom.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\osk.exe
2009-11-18 18:53:22 ----A---- C:\Windows\system32\onex.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\mswsock.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\kdusb.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\kdcom.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\cscript.exe
2009-11-18 18:53:22 ----A---- C:\Windows\system32\basecsp.dll
2009-11-18 18:53:22 ----A---- C:\Windows\system32\audiodg.exe
2009-11-18 18:53:21 ----A---- C:\Windows\system32\WinSCard.dll
2009-11-18 18:53:21 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-11-18 18:53:21 ----A---- C:\Windows\system32\spcmsg.dll
2009-11-18 18:53:21 ----A---- C:\Windows\system32\offfilt.dll
2009-11-18 18:53:21 ----A---- C:\Windows\system32\msftedit.dll
2009-11-18 18:53:21 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\wsepno.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\WerFault.exe
2009-11-18 18:53:20 ----A---- C:\Windows\system32\Utilman.exe
2009-11-18 18:53:20 ----A---- C:\Windows\system32\stobject.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\SndVol.exe
2009-11-18 18:53:20 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\prnntfy.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\msnetobj.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\mscms.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\mfplat.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\diskraid.exe
2009-11-18 18:53:20 ----A---- C:\Windows\system32\apphelp.dll
2009-11-18 18:53:20 ----A---- C:\Windows\system32\adsmsext.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\wscript.exe
2009-11-18 18:53:19 ----A---- C:\Windows\system32\wiaservc.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\ulib.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\sysclass.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\odbccp32.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-11-18 18:53:19 ----A---- C:\Windows\system32\iasdatastore.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\dsound.dll
2009-11-18 18:53:19 ----A---- C:\Windows\system32\cryptui.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\wscsvc.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\wscntfy.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\wlangpui.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\vdsdyn.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\rastls.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\rastapi.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\pnpsetup.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\logman.exe
2009-11-18 18:53:18 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\iashlpr.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\gpapi.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\fdProxy.dll
2009-11-18 18:53:18 ----A---- C:\Windows\system32\diskpart.exe
2009-11-18 18:53:18 ----A---- C:\Windows\system32\brcpl.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\zipfldr.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\wusa.exe
2009-11-18 18:53:17 ----A---- C:\Windows\system32\wshext.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\wpccpl.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-11-18 18:53:17 ----A---- C:\Windows\system32\regsvc.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\rasapi32.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\ntprint.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\mscorier.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\iasrad.dll
2009-11-18 18:53:17 ----A---- C:\Windows\system32\findstr.exe
2009-11-18 18:53:16 ----A---- C:\Windows\system32\wsnmp32.dll
2009-11-18 18:53:16 ----A---- C:\Windows\system32\wer.dll
2009-11-18 18:53:16 ----A---- C:\Windows\system32\rasdlg.dll
2009-11-18 18:53:16 ----A---- C:\Windows\system32\netcenter.dll
2009-11-18 18:53:16 ----A---- C:\Windows\system32\iassvcs.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\uxsms.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\tsbyuv.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\themecpl.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\srvsvc.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\scansetting.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\ntmarta.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\msutb.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\mstlsapi.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\mssprxy.dll
2009-11-18 18:53:15 ----A---- C:\Windows\system32\iasads.dll
2009-11-18 18:53:14 ----A---- C:\Windows\system32\slcc.dll
2009-11-18 18:53:14 ----A---- C:\Windows\system32\powrprof.dll
2009-11-18 18:53:14 ----A---- C:\Windows\system32\powercpl.dll
2009-11-18 18:53:14 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-11-18 18:53:14 ----A---- C:\Windows\system32\networkmap.dll
2009-11-18 18:53:14 ----A---- C:\Windows\system32\MSTSC.EXE
2009-11-18 18:53:14 ----A---- C:\Windows\system32\iasacct.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\themeui.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\systemcpl.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\sud.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\pcaui.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\newdev.exe
2009-11-18 18:53:13 ----A---- C:\Windows\system32\dot3svc.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\connect.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\authz.dll
2009-11-18 18:53:13 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\wlanpref.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\usercpl.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\samlib.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\rpchttp.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\qdvd.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\mmci.dll
2009-11-18 18:53:12 ----A---- C:\Windows\system32\autoplay.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\wpcao.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\vdsutil.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\tapisrv.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\scksp.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\scesrv.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\regapi.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\psisdecd.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\oleprn.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\MSINFO32.EXE
2009-11-18 18:53:11 ----A---- C:\Windows\system32\mpr.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\feclient.dll
2009-11-18 18:53:11 ----A---- C:\Windows\system32\AudioSes.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\wscisvif.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\SDCLT.EXE
2009-11-18 18:53:10 ----A---- C:\Windows\system32\rekeywiz.exe
2009-11-18 18:53:10 ----A---- C:\Windows\system32\qedit.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\pnpui.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\perfdisk.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\ncryptui.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\imm32.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\iaspolcy.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\Faultrep.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\dpapimig.exe
2009-11-18 18:53:10 ----A---- C:\Windows\system32\dot3msm.dll
2009-11-18 18:53:10 ----A---- C:\Windows\system32\DeviceEject.exe
2009-11-18 18:53:09 ----A---- C:\Windows\system32\TSTheme.exe
2009-11-18 18:53:09 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-11-18 18:53:09 ----A---- C:\Windows\system32\spwinsat.dll
2009-11-18 18:53:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-11-18 18:53:09 ----A---- C:\Windows\system32\scecli.dll
2009-11-18 18:53:09 ----A---- C:\Windows\system32\rasplap.dll
2009-11-18 18:53:09 ----A---- C:\Windows\system32\rasgcw.dll
2009-11-18 18:53:09 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-11-18 18:53:09 ----A---- C:\Windows\system32\hdwwiz.exe
2009-11-18 18:53:09 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-11-18 18:53:09 ----A---- C:\Windows\system32\cmmon32.exe
2009-11-18 18:53:09 ----A---- C:\Windows\system32\certreq.exe
2009-11-18 18:53:08 ----A---- C:\Windows\system32\whealogr.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\tcpmon.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\srcore.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\SCardSvr.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\raschap.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\fontext.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\fdWSD.dll
2009-11-18 18:53:08 ----A---- C:\Windows\system32\conime.exe
2009-11-18 18:53:08 ----A---- C:\Windows\system32\cmdial32.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-11-18 18:53:07 ----A---- C:\Windows\system32\wlanui.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\wiaaut.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\shwebsvc.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\rasppp.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\PnPutil.exe
2009-11-18 18:53:07 ----A---- C:\Windows\system32\oobefldr.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\dsprop.dll
2009-11-18 18:53:07 ----A---- C:\Windows\system32\dimsroam.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\shsetup.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\rasmontr.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\mscandui.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\modemui.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\chtbrkr.dll
2009-11-18 18:53:06 ----A---- C:\Windows\system32\dataclen.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\WSDMon.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\wmpeffects.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\smss.exe
2009-11-18 18:53:05 ----A---- C:\Windows\system32\rdpwsx.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\netplwiz.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\credui.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\certprop.dll
2009-11-18 18:53:05 ----A---- C:\Windows\system32\blackbox.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\wscapi.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\wpcsvc.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\thawbrkr.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\softkbd.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\sendmail.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\networkexplorer.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\msscp.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\msimtf.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\logagent.exe
2009-11-18 18:53:04 ----A---- C:\Windows\system32\InkEd.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\ifmon.dll
2009-11-18 18:53:04 ----A---- C:\Windows\system32\gpresult.exe
2009-11-18 18:53:04 ----A---- C:\Windows\system32\cipher.exe
2009-11-18 18:53:03 ----A---- C:\Windows\system32\puiapi.dll
2009-11-18 18:53:03 ----A---- C:\Windows\system32\olepro32.dll
2009-11-18 18:53:03 ----A---- C:\Windows\system32\msctfui.dll
2009-11-18 18:53:03 ----A---- C:\Windows\system32\input.dll
2009-11-18 18:53:03 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-11-18 18:53:03 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-11-18 18:53:03 ----A---- C:\Windows\system32\dmsynth.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\wshbth.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\version.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\SLLUA.exe
2009-11-18 18:53:02 ----A---- C:\Windows\system32\msjint40.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\msisip.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\mprapi.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\l2nacp.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\ftp.exe
2009-11-18 18:53:02 ----A---- C:\Windows\system32\fdSSDP.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\fc.exe
2009-11-18 18:53:02 ----A---- C:\Windows\system32\eapp3hst.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\dmusic.dll
2009-11-18 18:53:02 ----A---- C:\Windows\system32\cscapi.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\wsdchngr.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\tscupgrd.exe
2009-11-18 18:53:01 ----A---- C:\Windows\system32\Storprop.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\slcinst.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\rasdial.exe
2009-11-18 18:53:01 ----A---- C:\Windows\system32\rasdiag.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\nslookup.exe
2009-11-18 18:53:01 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\ipconfig.exe
2009-11-18 18:53:01 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\fdWCN.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\eappcfg.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\dot3cfg.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\cscdll.dll
2009-11-18 18:53:01 ----A---- C:\Windows\system32\bthudtask.exe
2009-11-18 18:53:01 ----A---- C:\Windows\system32\bthci.dll
2009-11-18 18:53:00 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-11-18 18:53:00 ----A---- C:\Windows\system32\ocsetup.exe
2009-11-18 18:53:00 ----A---- C:\Windows\system32\mmcico.dll
2009-11-18 18:53:00 ----A---- C:\Windows\system32\hbaapi.dll
2009-11-18 18:53:00 ----A---- C:\Windows\system32\gpupdate.exe
2009-11-18 18:53:00 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-11-18 18:53:00 ----A---- C:\Windows\system32\fdeploy.dll
2009-11-18 18:53:00 ----A---- C:\Windows\system32\eappgnui.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\winrnr.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\vdmdbg.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\slwga.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\odbcconf.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\NcdProp.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\midimap.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\iscsilog.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\inetppui.dll
2009-11-18 18:52:59 ----A---- C:\Windows\system32\csrstub.exe
2009-11-18 18:52:59 ----A---- C:\Windows\system32\cbsra.exe
2009-11-18 18:52:59 ----A---- C:\Windows\system32\bitsigd.dll
2009-11-18 18:52:57 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-11-18 18:52:56 ----A---- C:\Windows\system32\msimsg.dll
2009-11-18 18:52:32 ----A---- C:\Windows\system32\SmiEngine.dll
2009-11-18 18:52:18 ----A---- C:\Windows\system32\wdscore.dll
2009-11-18 18:52:18 ----A---- C:\Windows\system32\PkgMgr.exe
2009-11-18 18:51:46 ----A---- C:\Windows\system32\drvstore.dll
2009-11-18 18:37:02 ----D---- C:\Program Files\GPS
2009-11-18 14:55:26 ----D---- C:\Program Files\IrfanView
2009-11-18 14:08:55 ----D---- C:\Program Files\Windows Mobile Resources
2009-11-18 13:19:50 ----D---- C:\Users\Michal\AppData\Roaming\skypePM
2009-11-18 13:18:49 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2009-11-18 13:18:37 ----D---- C:\Program Files\Common Files\Skype
2009-11-18 13:18:35 ----RD---- C:\Program Files\Skype
2009-11-18 13:18:31 ----D---- C:\ProgramData\Skype
2009-11-18 13:09:00 ----A---- C:\Windows\FixCamera.exe
2009-11-18 13:09:00 ----A---- C:\Windows\AMCAP.EXE
2009-11-18 13:08:59 ----A---- C:\Windows\vsnp325.exe
2009-11-18 13:08:59 ----A---- C:\Windows\tsnp325.exe
2009-11-18 13:08:59 ----A---- C:\Windows\snp325.ini
2009-11-18 13:08:58 ----D---- C:\Program Files\Common Files\snp325
2009-11-18 13:08:58 ----A---- C:\Windows\system32\vsnp325.dll
2009-11-18 13:08:58 ----A---- C:\Windows\system32\rsnp325.dll
2009-11-18 13:08:58 ----A---- C:\Windows\system32\csnp325.dll
2009-11-18 13:08:38 ----D---- C:\Users\Michal\AppData\Roaming\InstallShield
2009-11-17 21:17:27 ----D---- C:\ProgramData\Adobe
2009-11-17 21:17:01 ----D---- C:\Program Files\Common Files\Adobe
2009-11-17 21:17:01 ----D---- C:\Program Files\Adobe
2009-11-17 20:51:10 ----D---- C:\Program Files\MSXML 4.0
2009-11-17 20:47:45 ----A---- C:\Windows\system32\mshtml.dll
2009-11-17 20:47:43 ----A---- C:\Windows\system32\jscript.dll
2009-11-17 20:40:42 ----A---- C:\Windows\system32\msonpmon.dll
2009-11-17 20:39:43 ----D---- C:\Program Files\Microsoft Works
2009-11-17 20:39:08 ----D---- C:\Windows\PCHEALTH
2009-11-17 20:39:08 ----D---- C:\Program Files\Microsoft.NET
2009-11-17 20:37:03 ----D---- C:\Windows\SHELLNEW
2009-11-17 20:36:35 ----D---- C:\ProgramData\Microsoft Help
2009-11-17 20:36:11 ----RHD---- C:\MSOCache
2009-11-17 20:24:16 ----A---- C:\Windows\system32\MSVCRTD.DLL
2009-11-17 20:24:16 ----A---- C:\Windows\system32\mfc42d.dll
2009-11-17 20:23:14 ----A---- C:\Windows\system32\AsIO.dll
2009-11-17 20:23:10 ----D---- C:\Program Files\ASUS
2009-11-17 20:08:43 ----A---- C:\Windows\system32\occache.dll
2009-11-17 20:08:43 ----A---- C:\Windows\system32\msfeeds.dll
2009-11-17 20:08:43 ----A---- C:\Windows\system32\jsproxy.dll
2009-11-17 20:08:43 ----A---- C:\Windows\system32\iepeers.dll
2009-11-17 20:08:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-11-17 20:08:42 ----A---- C:\Windows\system32\ieui.dll
2009-11-17 20:08:42 ----A---- C:\Windows\system32\iesetup.dll
2009-11-17 20:08:42 ----A---- C:\Windows\system32\iernonce.dll
2009-11-17 20:08:41 ----A---- C:\Windows\system32\wininet.dll
2009-11-17 20:08:41 ----A---- C:\Windows\system32\msfeedssync.exe
2009-11-17 20:08:41 ----A---- C:\Windows\system32\ieUnatt.exe
2009-11-17 20:08:41 ----A---- C:\Windows\system32\iesysprep.dll
2009-11-17 20:08:41 ----A---- C:\Windows\system32\iertutil.dll
2009-11-17 20:08:41 ----A---- C:\Windows\system32\iedkcs32.dll
2009-11-17 20:08:41 ----A---- C:\Windows\system32\IE4UINIT.EXE
2009-11-17 20:08:40 ----A---- C:\Windows\system32\urlmon.dll
2009-11-17 20:08:40 ----A---- C:\Windows\system32\ieframe.dll
2009-11-17 20:07:03 ----A---- C:\Windows\system32\mshtmler.dll
2009-11-17 20:07:03 ----A---- C:\Windows\system32\mshtmled.dll
2009-11-17 20:07:03 ----A---- C:\Windows\system32\icardie.dll
2009-11-17 20:07:03 ----A---- C:\Windows\system32\admparse.dll
2009-11-17 20:07:02 ----A---- C:\Windows\system32\msls31.dll
2009-11-17 20:07:02 ----A---- C:\Windows\system32\imgutil.dll
2009-11-17 20:07:02 ----A---- C:\Windows\system32\ieakeng.dll
2009-11-17 20:07:02 ----A---- C:\Windows\system32\dxtrans.dll
2009-11-17 20:07:02 ----A---- C:\Windows\system32\dxtmsft.dll
2009-11-17 20:07:02 ----A---- C:\Windows\system32\corpol.dll
2009-11-17 20:07:01 ----A---- C:\Windows\system32\webcheck.dll
2009-11-17 20:07:01 ----A---- C:\Windows\system32\msrating.dll
2009-11-17 20:07:01 ----A---- C:\Windows\system32\licmgr10.dll
2009-11-17 20:07:01 ----A---- C:\Windows\system32\inseng.dll
2009-11-17 20:07:01 ----A---- C:\Windows\system32\ieaksie.dll
2009-11-17 20:07:00 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-11-17 20:07:00 ----A---- C:\Windows\system32\wextract.exe
2009-11-17 20:07:00 ----A---- C:\Windows\system32\pngfilt.dll
2009-11-17 20:07:00 ----A---- C:\Windows\system32\mstime.dll
2009-11-17 20:07:00 ----A---- C:\Windows\system32\ieakui.dll
2009-11-17 20:07:00 ----A---- C:\Windows\system32\advpack.dll
2009-11-17 20:06:59 ----A---- C:\Windows\system32\vbscript.dll
2009-11-17 20:06:59 ----A---- C:\Windows\system32\url.dll
2009-11-17 20:06:59 ----A---- C:\Windows\system32\ieapfltr.dll
2009-11-17 20:06:57 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-11-17 20:06:57 ----A---- C:\Windows\system32\SetDepNx.exe
2009-11-17 20:06:57 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-11-17 20:06:57 ----A---- C:\Windows\system32\PDMSetup.exe
2009-11-17 20:06:57 ----A---- C:\Windows\system32\mshta.exe
2009-11-17 20:06:57 ----A---- C:\Windows\system32\iexpress.exe
2009-11-17 20:06:09 ----A---- C:\Windows\system32\kerberos.dll
2009-11-17 20:06:07 ----A---- C:\Windows\system32\schannel.dll
2009-11-17 19:23:04 ----D---- C:\Program Files\AutoCAD 2007
2009-11-17 19:02:20 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-11-17 18:38:14 ----D---- C:\Users\Michal\AppData\Roaming\CD-LabelPrint
2009-11-17 18:30:06 ----A---- C:\Windows\BJPSUNST.EXE
2009-11-17 18:29:08 ----A---- C:\Windows\IsUninst.exe
2009-11-17 18:28:41 ----D---- C:\Windows\StartHtmico
2009-11-17 18:27:43 ----A---- C:\Windows\system32\CNMVS78.DLL
2009-11-17 18:27:43 ----A---- C:\Windows\system32\CNMLM78.DLL
2009-11-17 18:27:41 ----RA---- C:\Windows\system32\CNMCP78.EXE
2009-11-17 18:27:23 ----HD---- C:\ProgramData\CanonBJ
2009-11-17 18:27:06 ----D---- C:\Program Files\Canon
2009-11-17 18:02:00 ----N---- C:\Windows\system32\MpSigStub.exe
2009-11-17 17:28:15 ----D---- C:\Users\Michal\AppData\Roaming\progeSOFT
2009-11-17 17:26:41 ----D---- C:\ProgramData\progeSOFT
2009-11-17 17:24:27 ----A---- C:\Windows\system32\cdintf251.dll
2009-11-17 17:24:11 ----A---- C:\Windows\system32\vb5db.dll
2009-11-17 17:23:53 ----A---- C:\Windows\system32\wintab32.dll
2009-11-17 17:23:53 ----A---- C:\Windows\system32\msvcr71.dll
2009-11-17 17:23:53 ----A---- C:\Windows\system32\msvcp71.dll
2009-11-17 17:23:53 ----A---- C:\Windows\system32\mfc71.dll
2009-11-17 17:23:49 ----A---- C:\Windows\system32\skeyinst.dll
2009-11-17 17:23:49 ----A---- C:\Windows\system32\skeydrv.dll
2009-11-17 17:23:34 ----A---- C:\Windows\system32\gdiplus.dll
2009-11-17 17:23:33 ----A---- C:\Windows\system32\vbar332.dll
2009-11-17 16:31:50 ----D---- C:\Users\Michal\AppData\Roaming\WinRAR
2009-11-17 16:29:34 ----D---- C:\Program Files\WinRAR
2009-11-17 16:25:40 ----D---- C:\Users\Michal\AppData\Roaming\Macromedia
2009-11-17 16:25:40 ----D---- C:\Users\Michal\AppData\Roaming\Adobe
2009-11-17 16:17:32 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-11-17 16:17:32 ----A---- C:\Windows\system32\ROUTE.EXE
2009-11-17 16:17:32 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-11-17 16:17:32 ----A---- C:\Windows\system32\netiohlp.dll
2009-11-17 16:17:32 ----A---- C:\Windows\system32\netevent.dll
2009-11-17 16:17:32 ----A---- C:\Windows\system32\MRINFO.EXE
2009-11-17 16:17:32 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-11-17 16:17:32 ----A---- C:\Windows\system32\finger.exe
2009-11-17 16:17:32 ----A---- C:\Windows\system32\ARP.EXE
2009-11-17 16:17:16 ----A---- C:\Windows\system32\wlansvc.dll
2009-11-17 16:17:16 ----A---- C:\Windows\system32\wlansec.dll
2009-11-17 16:17:16 ----A---- C:\Windows\system32\wlanmsm.dll
2009-11-17 16:17:16 ----A---- C:\Windows\system32\wlanhlp.dll
2009-11-17 16:17:16 ----A---- C:\Windows\system32\wlanapi.dll
2009-11-17 16:17:16 ----A---- C:\Windows\system32\L2SecHC.dll
2009-11-17 16:17:14 ----A---- C:\Windows\system32\t2embed.dll
2009-11-17 16:17:14 ----A---- C:\Windows\system32\lpk.dll
2009-11-17 16:17:14 ----A---- C:\Windows\system32\fontsub.dll
2009-11-17 16:17:14 ----A---- C:\Windows\system32\dciman32.dll
2009-11-17 16:17:14 ----A---- C:\Windows\system32\atmlib.dll
2009-11-17 16:17:14 ----A---- C:\Windows\system32\atmfd.dll
2009-11-17 16:17:13 ----A---- C:\Windows\system32\lsasrv.dll
2009-11-17 16:17:12 ----A---- C:\Windows\system32\wdigest.dll
2009-11-17 16:17:12 ----A---- C:\Windows\system32\msv1_0.dll
2009-11-17 16:17:10 ----A---- C:\Windows\system32\secur32.dll
2009-11-17 16:17:10 ----A---- C:\Windows\system32\lsass.exe
2009-11-17 16:17:05 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-11-17 16:17:04 ----A---- C:\Windows\system32\rrinstaller.exe
2009-11-17 16:17:04 ----A---- C:\Windows\system32\mfps.dll
2009-11-17 16:17:04 ----A---- C:\Windows\system32\mfpmp.exe
2009-11-17 16:17:04 ----A---- C:\Windows\system32\mferror.dll
2009-11-17 16:17:04 ----A---- C:\Windows\system32\mf.dll
2009-11-17 16:16:41 ----A---- C:\Windows\system32\atl.dll
2009-11-17 16:16:34 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-11-17 16:16:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-11-17 16:16:28 ----A---- C:\Windows\system32\wkssvc.dll
2009-11-17 16:16:25 ----A---- C:\Windows\system32\mstscax.dll
2009-11-17 16:16:24 ----A---- C:\Windows\system32\tsgqec.dll
2009-11-17 16:16:24 ----A---- C:\Windows\system32\aaclient.dll
2009-11-17 16:16:11 ----A---- C:\Windows\system32\localspl.dll
2009-11-17 16:16:09 ----A---- C:\Windows\system32\avifil32.dll
2009-11-17 16:15:49 ----A---- C:\Windows\system32\kbd106n.dll
2009-11-17 16:15:26 ----A---- C:\Windows\system32\wmpdxm.dll
2009-11-17 16:15:17 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-11-17 16:15:17 ----A---- C:\Windows\system32\gameux.dll
2009-11-17 16:15:17 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-11-17 16:15:06 ----A---- C:\Windows\system32\msasn1.dll
2009-11-17 16:15:03 ----A---- C:\Windows\system32\rpcrt4.dll
2009-11-17 16:14:59 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-17 16:14:54 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-11-17 16:14:47 ----A---- C:\Windows\system32\wmp.dll
2009-11-17 16:14:44 ----A---- C:\Windows\system32\UNREGMP2.EXE
2009-11-17 16:14:43 ----A---- C:\Windows\system32\wmploc.DLL
2009-11-17 16:14:43 ----A---- C:\Windows\system32\spwmp.dll
2009-11-17 16:14:43 ----A---- C:\Windows\system32\dxmasf.dll
2009-11-17 15:32:19 ----D---- C:\Program Files\Microsoft Office
2009-11-17 15:32:08 ----D---- C:\Program Files\AnswerWorks 4.0
2009-11-17 15:31:59 ----D---- C:\Program Files\Common Files\Designer
2009-11-17 15:29:12 ----D---- C:\ProgramData\Autodesk
2009-11-17 15:03:41 ----D---- C:\Users\Michal\AppData\Roaming\Autodesk
2009-11-17 15:00:49 ----SHD---- C:\Windows\Installer
2009-11-17 15:00:47 ----D---- C:\Windows\system32\Macromed
2009-11-17 15:00:44 ----D---- C:\Program Files\Common Files\Autodesk Shared
2009-11-17 15:00:42 ----D---- C:\Program Files\Autodesk
2009-11-17 14:55:08 ----D---- C:\Program Files\AMD
2009-11-17 14:55:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-17 14:54:41 ----D---- C:\Program Files\Common Files\InstallShield
2009-11-17 14:47:58 ----A---- C:\Windows\Ascd_tmp.ini
2009-11-17 14:45:17 ----A---- C:\Windows\system32\wups2.dll
2009-11-17 14:45:17 ----A---- C:\Windows\system32\wucltux.dll
2009-11-17 14:45:17 ----A---- C:\Windows\system32\wuaueng.dll
2009-11-17 14:45:17 ----A---- C:\Windows\system32\wuauclt.exe
2009-11-17 14:45:04 ----A---- C:\Windows\system32\wups.dll
2009-11-17 14:45:04 ----A---- C:\Windows\system32\wudriver.dll
2009-11-17 14:45:04 ----A---- C:\Windows\system32\wuapi.dll
2009-11-17 14:44:52 ----A---- C:\Windows\system32\wuwebv.dll
2009-11-17 14:44:52 ----A---- C:\Windows\system32\WUAPP.EXE
2009-11-17 14:38:40 ----D---- C:\Users\Michal\AppData\Roaming\Identities
2009-11-17 14:38:21 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2009-11-17 14:33:46 ----D---- C:\Windows\Debug
2009-11-17 14:26:22 ----D---- C:\Windows\SoftwareDistribution
2009-11-17 14:17:13 ----D---- C:\Windows\Prefetch
2009-11-17 14:16:24 ----D---- C:\Windows\Panther
2009-11-17 14:16:08 ----RAS---- C:\BOOTSECT.BAK
2009-11-17 14:16:08 ----H---- C:\Boot.BAK
2009-11-17 14:16:06 ----SHD---- C:\Boot
2009-11-14 01:47:32 ----A---- C:\Windows\system32\dpl100.dll
2009-11-14 01:47:28 ----A---- C:\Windows\system32\divx_xx16.dll
2009-11-14 01:47:28 ----A---- C:\Windows\system32\divx_xx11.dll
2009-11-14 01:47:28 ----A---- C:\Windows\system32\divx_xx0c.dll
2009-11-14 01:47:28 ----A---- C:\Windows\system32\divx_xx0a.dll
2009-11-14 01:47:28 ----A---- C:\Windows\system32\divx_xx07.dll

======List

part2:
======List of files/folders modified in the last 1 months======

2009-11-29 15:48:07 ----D---- C:\Windows\Temp
2009-11-29 15:47:54 ----RD---- C:\Program Files
2009-11-29 14:24:31 ----D---- C:\Windows\System32
2009-11-29 14:24:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-29 14:24:30 ----D---- C:\Windows\inf
2009-11-29 14:18:51 ----D---- C:\Windows\Tasks
2009-11-29 13:10:47 ----D---- C:\Windows
2009-11-28 20:10:53 ----HD---- C:\Config.Msi
2009-11-28 20:10:52 ----HD---- C:\ProgramData
2009-11-28 17:43:21 ----D---- C:\Windows\system32\drivers
2009-11-28 17:43:21 ----D---- C:\Windows\system32\catroot
2009-11-28 16:54:53 ----D---- C:\Windows\system32\Tasks
2009-11-28 16:18:03 ----D---- C:\Program Files\Common Files
2009-11-28 16:16:16 ----SHD---- C:\System Volume Information
2009-11-27 19:07:26 ----RSD---- C:\Windows\Fonts
2009-11-27 17:49:48 ----A---- C:\Windows\win.ini
2009-11-27 17:41:30 ----D---- C:\Windows\winsxs
2009-11-27 12:58:05 ----D---- C:\Program Files\Windows Mail
2009-11-27 12:57:43 ----D---- C:\Program Files\Movie Maker
2009-11-27 12:51:45 ----D---- C:\Program Files\Windows Media Player
2009-11-27 12:49:20 ----D---- C:\Program Files\Windows Photo Gallery
2009-11-25 16:32:34 ----D---- C:\Program Files\Internet Explorer
2009-11-25 16:26:32 ----D---- C:\Windows\rescache
2009-11-25 15:29:55 ----D---- C:\Windows\system32\sk-SK
2009-11-25 15:29:42 ----D---- C:\Windows\system32\catroot2
2009-11-23 18:53:01 ----SD---- C:\ProgramData\Microsoft
2009-11-23 18:52:15 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-21 18:09:26 ----D---- C:\Windows\system32\LogFiles
2009-11-21 17:24:09 ----D---- C:\Windows\Microsoft.NET
2009-11-21 17:23:57 ----D---- C:\Windows\system32\wbem
2009-11-21 17:23:55 ----D---- C:\Windows\system32\pt-BR
2009-11-21 17:23:55 ----D---- C:\Windows\system32\it-IT
2009-11-21 17:23:55 ----D---- C:\Windows\system32\he-IL
2009-11-21 17:23:55 ----D---- C:\Windows\system32\bg-BG
2009-11-21 17:23:54 ----D---- C:\Windows\system32\zh-TW
2009-11-21 17:23:54 ----D---- C:\Windows\system32\zh-HK
2009-11-21 17:23:54 ----D---- C:\Windows\system32\zh-CN
2009-11-21 17:23:54 ----D---- C:\Windows\system32\uk-UA
2009-11-21 17:23:54 ----D---- C:\Windows\system32\tr-TR
2009-11-21 17:23:54 ----D---- C:\Windows\system32\th-TH
2009-11-21 17:23:54 ----D---- C:\Windows\system32\sv-SE
2009-11-21 17:23:54 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-21 17:23:54 ----D---- C:\Windows\system32\sl-SI
2009-11-21 17:23:54 ----D---- C:\Windows\system32\ru-RU
2009-11-21 17:23:54 ----D---- C:\Windows\system32\ro-RO
2009-11-21 17:23:54 ----D---- C:\Windows\system32\pt-PT
2009-11-21 17:23:54 ----D---- C:\Windows\system32\pl-PL
2009-11-21 17:23:54 ----D---- C:\Windows\system32\nl-NL
2009-11-21 17:23:54 ----D---- C:\Windows\system32\nb-NO
2009-11-21 17:23:54 ----D---- C:\Windows\system32\lv-LV
2009-11-21 17:23:54 ----D---- C:\Windows\system32\lt-LT
2009-11-21 17:23:54 ----D---- C:\Windows\system32\ko-KR
2009-11-21 17:23:54 ----D---- C:\Windows\system32\ja-JP
2009-11-21 17:23:54 ----D---- C:\Windows\system32\hu-HU
2009-11-21 17:23:54 ----D---- C:\Windows\system32\hr-HR
2009-11-21 17:23:54 ----D---- C:\Windows\system32\fr-FR
2009-11-21 17:23:54 ----D---- C:\Windows\system32\fi-FI
2009-11-21 17:23:54 ----D---- C:\Windows\system32\et-EE
2009-11-21 17:23:54 ----D---- C:\Windows\system32\es-ES
2009-11-21 17:23:54 ----D---- C:\Windows\system32\en-US
2009-11-21 17:23:54 ----D---- C:\Windows\system32\el-GR
2009-11-21 17:23:54 ----D---- C:\Windows\system32\de-DE
2009-11-21 17:23:54 ----D---- C:\Windows\system32\da-DK
2009-11-21 17:23:54 ----D---- C:\Windows\system32\cs-CZ
2009-11-21 17:23:54 ----D---- C:\Windows\system32\ar-SA
2009-11-21 17:23:46 ----RSD---- C:\Windows\assembly
2009-11-21 15:23:45 ----SD---- C:\Windows\Downloaded Program Files
2009-11-20 19:33:41 ----D---- C:\Program Files\Windows Sidebar
2009-11-20 19:33:41 ----D---- C:\Program Files\Windows Collaboration
2009-11-20 19:33:41 ----D---- C:\Program Files\Windows Calendar
2009-11-20 19:33:41 ----D---- C:\Program Files\Common Files\System
2009-11-20 19:33:40 ----D---- C:\Windows\servicing
2009-11-20 19:33:40 ----D---- C:\Program Files\Windows Defender
2009-11-20 19:33:38 ----D---- C:\Windows\system32\XPSViewer
2009-11-20 19:33:38 ----D---- C:\Windows\IME
2009-11-20 19:33:37 ----D---- C:\Windows\system32\oobe
2009-11-20 19:33:37 ----D---- C:\Windows\system32\migration
2009-11-20 19:33:36 ----D---- C:\Windows\system32\SLUI
2009-11-20 19:33:36 ----D---- C:\Windows\system32\setup
2009-11-20 19:33:36 ----D---- C:\Windows\system32\manifeststore
2009-11-20 19:33:36 ----D---- C:\Windows\system32\en
2009-11-20 19:33:36 ----D---- C:\Windows\system32\AdvancedInstallers
2009-11-20 19:33:29 ----D---- C:\Windows\system32\migwiz
2009-11-20 19:33:19 ----D---- C:\Windows\AppPatch
2009-11-20 19:33:15 ----D---- C:\Windows\system32\Boot
2009-11-18 14:43:08 ----D---- C:\Windows\system32\WDI
2009-11-18 14:18:55 ----D---- C:\Windows\WindowsMobile
2009-11-18 13:08:59 ----D---- C:\Windows\twain_32
2009-11-17 21:10:31 ----D---- C:\PerfLogs
2009-11-17 20:13:54 ----D---- C:\Windows\PolicyDefinitions
2009-11-17 16:04:58 ----D---- C:\Windows\Logs
2009-11-17 15:31:12 ----D---- C:\Windows\Help
2009-11-17 14:44:37 ----D---- C:\Windows\system32\restore
2009-11-17 14:39:03 ----SHD---- C:\$Recycle.Bin
2009-11-17 14:38:20 ----RD---- C:\Users
2009-11-17 14:16:08 ----RASH---- C:\Boot.ini.saved
2009-11-05 09:36:22 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-11 108792]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-11-23 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-11-23 74480]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 116008]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-09-11 135048]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-09-11 38240]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-19 2314752]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-11-23 7408]
S3 AMDMSRIO;AMDMSRIO; \??\C:\Users\Michal\AppData\Local\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 esihdrv;esihdrv; \??\C:\Users\Michal\AppData\Local\Temp\esihdrv.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 SNP325;USB PC Camera (SNPSTD325); C:\Windows\system32\DRIVERS\snp325.sys [2007-03-07 10260864]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-09-11 735960]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-25 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-25 194032]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-11-17 77944]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-25 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Vidim bordel

Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!

ComboFix 09-11-28.04 - Michal . 11. 2009 16:09.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.2047.1142 [GMT 1:00]
Running from: c:\users\Michal\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ajtsbo.exe
C:\cngshr.exe
C:\ggfixu.exe
C:\jcwna.exe
C:\lcvs.exe
C:\mxfgi.exe
c:\recycler\S-1-5-21-57989841-688789844-1801674531-1003
C:\uarcq.exe
C:\vdjf.exe
c:\windows\system32\8464,472.exe
c:\windows\system32\config\systemprofile\uninstall.exe
C:\wtrf.exe

Infected copy of c:\windows\system32\drivers\atapi.sys was found and disinfected
Restored copy from - Kitty ate it :p
c:\windows\HH.EXE . . . is infected!!

c:\windows\System32\CALC.EXE . . . is infected!!

c:\windows\System32\CHARMAP.EXE . . . is infected!!

c:\windows\System32\CLEANMGR.EXE . . . is infected!!

c:\windows\System32\CONTROL.EXE . . . is infected!!

c:\windows\System32\DFRGUI.EXE . . . is infected!!

c:\windows\System32\ISCSICPL.EXE . . . is infected!!

Infected copy of c:\windows\System32\MBLCTR.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-m..lepc-mobilitycenter_31bf3856ad364e35_6.0.6001.18000_none_5a99f4da0b4319f4\mblctr.exe

c:\windows\System32\MDSCHED.EXE . . . is infected!!

c:\windows\System32\MOBSYNC.EXE . . . is infected!!

c:\windows\System32\MSCONFIG.EXE . . . is infected!!

Infected copy of c:\windows\System32\MSIEXEC.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-installer-executable_31bf3856ad364e35_6.0.6001.18000_none_498174cc8619e2a5\msiexec.exe

Infected copy of c:\windows\System32\MSINFO32.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.0.6002.18005_none_88307826e802a99c\msinfo32.exe

c:\windows\System32\MSPAINT.EXE . . . is infected!!

c:\windows\System32\MSRA.EXE . . . is infected!!

Infected copy of c:\windows\System32\MSTSC.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.0.6001.18000_none_4ddc4d9521178ffe\mstsc.exe

Infected copy of c:\windows\System32\NOTEPAD.EXE was found and disinfected
Restored copy from - c:\windows\notepad.exe

c:\windows\System32\ODBCAD32.EXE . . . is infected!!

Infected copy of c:\windows\System32\RSTRUI.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.16646_none_44d4534db6337506\rstrui.exe

Infected copy of c:\windows\System32\SDCLT.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6001.18000_none_2509bc4c66c893cc\sdclt.exe

c:\windows\System32\SOUNDRECORDER.EXE . . . is infected!!

Infected copy of c:\windows\System32\WERCON.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6001.18000_none_560d317722e5879b\wercon.exe

c:\windows\System32\WINDOWSANYTIMEUPGRADE.EXE . . . is infected!!

c:\windows\System32\WRITE.EXE . . . is infected!!

Infected copy of c:\windows\System32\WUAPP.EXE was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.0.6001.18000_none_306ed3baedf7acff\wuapp.exe

.
((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-29 )))))))))))))))))))))))))))))))
.

2009-11-29 15:25 . 2009-11-29 15:27 -------- d-----w- c:\users\Michal\AppData\Local\temp
2009-11-29 15:25 . 2009-11-29 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-29 15:09 . 2009-11-29 15:09 -------- d-----w- c:\users\Michal\AppData\Local\ESET
2009-11-29 14:47 . 2009-11-29 14:48 -------- d-----w- c:\program files\trend micro
2009-11-29 14:47 . 2009-11-29 14:48 -------- d-----w- C:\rsit
2009-11-28 19:10 . 2009-11-28 19:10 -------- d-----w- c:\users\Michal\AppData\Local\Apple
2009-11-28 19:05 . 2009-11-28 19:05 -------- d-----w- c:\program files\CCleaner
2009-11-28 18:04 . 2009-11-28 18:16 -------- d-----w- c:\program files\Ultimate Process Manager
2009-11-28 17:40 . 2009-11-28 17:40 -------- d--h--w- c:\windows\PIF
2009-11-28 15:56 . 2009-11-28 16:38 -------- d-----w- c:\users\Michal\DoctorWeb
2009-11-28 15:53 . 2009-11-28 15:53 92488 ----a-w- c:\users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-28 15:18 . 2009-11-28 16:49 117760 ----a-w- c:\users\Michal\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-28 15:18 . 2009-11-28 15:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-11-28 15:18 . 2009-11-28 15:18 4096 d-----w- c:\program files\SUPERAntiSpyware
2009-11-28 15:18 . 2009-11-28 15:18 -------- d-----w- c:\users\Michal\AppData\Roaming\SUPERAntiSpyware.com
2009-11-28 15:18 . 2009-11-28 15:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-28 13:27 . 2009-11-28 13:27 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-27 18:08 . 2009-11-27 18:08 -------- d-----w- c:\program files\Common Files\Protexis
2009-11-27 18:08 . 2009-11-27 18:08 -------- d-----w- c:\programdata\Corel
2009-11-27 18:06 . 2009-11-27 18:06 -------- d-----w- c:\program files\Corel
2009-11-27 17:38 . 2009-11-27 18:10 -------- d-----w- c:\users\Michal\AppData\Roaming\Corel
2009-11-27 17:35 . 2009-11-27 17:35 -------- d-----w- c:\program files\Common Files\Corel
2009-11-27 17:16 . 2009-11-27 17:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-27 17:16 . 2009-11-27 17:16 -------- d-----w- c:\program files\Java
2009-11-27 16:52 . 2009-11-27 16:52 -------- d-----w- c:\users\Michal\AppData\Roaming\VistaCodecs
2009-11-27 16:52 . 2009-11-27 16:52 4096 d-----w- c:\program files\VistaCodecPack
2009-11-27 16:51 . 2009-11-27 16:52 -------- d-----w- c:\programdata\VistaCodecs
2009-11-27 12:38 . 2009-11-28 18:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-27 12:18 . 2009-11-28 16:43 -------- dc----w- c:\windows\system32\DRVSTORE
2009-11-27 12:16 . 2009-11-28 16:43 -------- d-----w- c:\programdata\Lavasoft
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\uTorrent.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\WinRAR.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\DeviceHandbook.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\uninstwa.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\OziExp.exe
2009-11-27 11:47 . 2009-11-27 11:47 2048 ----a-w- c:\windows\system32\config\systemprofile\BJPSUNST.EXE
2009-11-26 22:20 . 2009-11-26 22:20 -------- d-sh--w- c:\windows\system32\%APPDATA%
2009-11-26 20:34 . 2009-11-27 18:12 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2009-11-26 20:34 . 2009-11-27 18:10 88 --sh--r- c:\programdata\EC4096B161.sys
2009-11-26 20:17 . 2009-11-29 15:27 4096 d-----w- c:\program files\Common Files\Akamai
2009-11-25 18:36 . 2009-11-25 18:36 -------- d-----w- c:\programdata\FLEXnet
2009-11-25 18:32 . 2009-11-27 11:47 -------- d-----w- c:\program files\Adobe Media Player
2009-11-25 18:30 . 2009-11-25 18:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-25 18:27 . 2009-11-25 18:27 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-11-25 18:05 . 2009-11-25 18:05 -------- d-----w- c:\programdata\Advanced Chemistry Development
2009-11-25 18:04 . 2009-11-25 18:05 24576 d-----w- c:\program files\ACDFREE12
2009-11-25 18:03 . 2009-11-25 18:05 -------- d-----w- c:\users\Michal\AppData\Roaming\Advanced Chemistry Development
2009-11-25 15:31 . 2009-11-25 15:32 4096 d-----w- c:\program files\QuickTime
2009-11-25 15:31 . 2009-11-25 15:31 -------- d-----w- c:\programdata\Apple Computer
2009-11-25 15:29 . 2009-11-25 15:29 -------- d-----w- c:\program files\BSP Multimedia
2009-11-25 14:29 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 13:32 . 2009-11-25 13:32 2017776 ----a-w- c:\programdata\Google Updater\cache\packdata_ci_gds_5.9.909.30391_cs_setup.exe
2009-11-25 13:32 . 2009-11-25 13:32 -------- d-----w- c:\programdata\Google Updater
2009-11-25 13:32 . 2009-11-25 13:35 4096 d-----w- c:\program files\Google
2009-11-25 09:05 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 09:05 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-23 17:52 . 2009-11-23 20:08 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-23 17:52 . 2009-11-23 17:52 -------- d-----w- c:\program files\Microsoft
2009-11-22 15:32 . 2009-11-22 15:39 -------- d-----w- c:\users\Michal\AppData\Roaming\Nero
2009-11-22 15:30 . 2009-11-22 15:30 -------- d-----w- c:\program files\Nero
2009-11-22 15:29 . 2009-11-22 15:29 -------- d-----w- c:\programdata\Nero
2009-11-22 15:29 . 2009-11-22 15:30 -------- d-----w- c:\program files\Common Files\Nero
2009-11-21 16:27 . 2009-11-21 16:30 -------- d-----w- c:\programdata\Norton
2009-11-21 16:27 . 2009-11-21 16:29 -------- d-----w- c:\programdata\Symantec
2009-11-21 16:27 . 2009-11-21 16:27 -------- d-----w- c:\programdata\NortonInstaller
2009-11-21 16:23 . 2009-11-21 16:23 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-21 16:19 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-21 16:19 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-21 16:19 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-21 16:19 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-11-21 16:19 . 2009-09-24 22:54 258048 ----a-w- c:\windows\system32\winspool.drv
2009-11-21 16:19 . 2009-09-25 01:33 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-11-21 16:19 . 2009-09-25 01:27 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-21 16:19 . 2009-09-25 01:27 37888 ----a-w- c:\windows\system32\cdd.dll
2009-11-21 16:19 . 2009-09-24 22:54 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-11-21 16:16 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-21 16:16 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-21 16:16 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-21 16:11 . 2009-11-21 16:11 -------- d-----w- c:\program files\ESET
2009-11-21 15:54 . 2009-11-21 15:54 -------- d-----w- c:\program files\Ask.com
2009-11-21 15:54 . 2009-11-21 15:54 -------- d-----w- c:\program files\uTorrent
2009-11-21 15:52 . 2009-11-27 17:23 4096 d-----w- c:\users\Michal\AppData\Roaming\uTorrent
2009-11-21 13:55 . 2009-11-21 13:55 -------- d-----w- c:\users\Michal\AppData\Roaming\DivX
2009-11-21 13:49 . 2009-11-21 14:23 4096 d-----w- c:\program files\DivX
2009-11-21 13:49 . 2009-11-21 13:49 4096 d-----w- c:\program files\Common Files\DivX Shared
2009-11-21 13:44 . 2009-11-21 13:44 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-11-21 13:44 . 2009-11-28 18:47 -------- d-----w- c:\program files\Winamp
2009-11-21 12:44 . 2009-11-21 12:44 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2009-11-20 18:33 . 2009-11-20 18:33 -------- d-----w- c:\windows\system32\ca-ES
2009-11-20 18:33 . 2009-11-20 18:33 -------- d-----w- c:\windows\system32\eu-ES
2009-11-20 18:33 . 2009-11-20 18:33 -------- d-----w- c:\windows\system32\vi-VN
2009-11-20 18:09 . 2009-11-20 18:09 -------- d-----w- c:\windows\system32\EventProviders
2009-11-18 17:53 . 2009-04-11 06:28 407552 ----a-w- c:\windows\system32\MPSSVC.dll
2009-11-18 17:52 . 2009-04-11 06:28 49152 ----a-w- c:\windows\system32\wbem\wbemsvc.dll
2009-11-18 17:51 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-11-18 17:37 . 2009-11-21 22:00 4096 d-----w- c:\program files\GPS
2009-11-18 13:55 . 2009-11-27 11:48 4096 d-----w- c:\program files\IrfanView
2009-11-18 13:08 . 2009-11-18 13:08 -------- d-----w- c:\program files\Windows Mobile Resources
2009-11-18 12:19 . 2009-11-18 12:19 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-18 12:19 . 2009-11-23 10:56 -------- d-----w- c:\users\Michal\AppData\Roaming\skypePM
2009-11-18 12:18 . 2009-11-23 10:57 4096 d-----w- c:\users\Michal\AppData\Roaming\Skype
2009-11-18 12:18 . 2009-11-18 12:18 -------- d-----w- c:\program files\Common Files\Skype
2009-11-18 12:18 . 2009-11-27 16:45 -------- d-----r- c:\program files\Skype
2009-11-18 12:18 . 2009-11-18 12:18 -------- d-----w- c:\programdata\Skype
2009-11-18 12:09 . 2007-02-12 13:50 20480 ----a-w- c:\windows\FixCamera.exe
2009-11-18 12:09 . 2006-07-03 09:31 94208 ----a-w- c:\windows\AMCAP.EXE
2009-11-18 12:08 . 2007-03-07 15:58 10260864 ----a-w- c:\windows\system32\drivers\snp325.sys
2009-11-18 12:08 . 2006-10-10 14:49 270336 ----a-w- c:\windows\tsnp325.exe
2009-11-18 12:08 . 2006-10-10 13:11 827392 ----a-w- c:\windows\vsnp325.exe
2009-11-18 12:08 . 2009-11-18 12:08 -------- d-----w- c:\program files\Common Files\snp325
2009-11-18 12:08 . 2007-03-14 10:21 61440 ----a-w- c:\windows\system32\vsnp325.dll
2009-11-18 12:08 . 2006-04-12 11:11 147456 ----a-w- c:\windows\system32\rsnp325.dll
2009-11-18 12:08 . 2005-11-23 12:55 53248 ----a-w- c:\windows\system32\csnp325.dll
2009-11-18 12:08 . 2009-11-18 12:08 -------- d-----w- c:\users\Michal\AppData\Roaming\InstallShield
2009-11-17 20:24 . 2009-11-17 20:24 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-17 20:17 . 2009-11-25 18:33 8192 d-----w- c:\program files\Common Files\Adobe
2009-11-17 19:51 . 2009-11-17 19:51 -------- d-----w- c:\program files\MSXML 4.0
2009-11-17 19:40 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-11-17 19:39 . 2009-11-17 20:23 -------- d-----w- c:\program files\Microsoft Works
2009-11-17 19:39 . 2009-11-18 13:28 -------- d-----w- c:\program files\Microsoft.NET
2009-11-17 19:39 . 2009-11-17 19:39 -------- d-----w- c:\windows\PCHEALTH
2009-11-17 19:37 . 2009-11-17 19:37 -------- d-----w- c:\windows\SHELLNEW
2009-11-17 19:36 . 2009-11-17 19:36 -------- d-----w- c:\users\Michal\AppData\Local\Microsoft Help
2009-11-17 19:36 . 2009-11-18 19:59 -------- d-----w- c:\programdata\Microsoft Help
2009-11-17 19:36 . 2009-11-17 19:36 -------- d-----r- C:\MSOCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-29 15:06 . 2009-11-18 17:53 19944 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-27 11:58 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-27 11:49 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Photo Gallery
2009-11-27 11:47 . 2009-11-27 11:47 2048 ----a-w- c:\windows\system32\config\systemprofile\uninst.exe
2009-11-21 16:23 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-21 16:23 . 2009-11-21 16:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-20 18:33 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Sidebar
2009-11-20 18:33 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Collaboration
2009-11-20 18:33 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-11-20 18:33 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Defender
2009-11-18 13:18 . 2009-11-18 13:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-11-17 17:30 . 2009-11-17 17:27 4096 d-----w- c:\program files\Canon
2009-11-17 17:27 . 2009-11-17 17:27 -------- d--h--w- c:\programdata\CanonBJ
2009-11-17 13:26 . 2009-11-17 13:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-10-13 09:36 . 2009-10-13 09:36 1036288 ----a-w- c:\windows\system32\VSFilter.dll
2009-10-09 12:11 . 2009-10-09 12:11 25623336 ----a-r- c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Skype.exe
2009-10-01 01:02 . 2009-11-21 16:18 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-21 16:18 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-21 16:18 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-21 16:18 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-21 16:18 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-21 16:18 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-21 16:18 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-21 16:18 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-21 16:18 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-21 16:18 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-21 16:18 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-21 16:18 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10 . 2009-11-21 16:18 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-21 16:18 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-21 16:18 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-21 16:18 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-21 16:18 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-21 16:18 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-21 16:18 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-21 16:18 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-21 16:18 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:32 . 2009-11-21 16:18 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-21 16:18 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-21 16:18 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-21 16:18 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-21 16:18 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-21 16:18 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-21 16:18 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-21 16:18 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-11-21 16:18 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-11-21 16:18 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-11-21 16:18 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-11-21 16:18 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-23 23:46 . 2009-09-23 23:46 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-09-11 06:26 . 2009-09-11 06:26 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-09-11 06:26 . 2009-09-11 06:26 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-09-11 06:23 . 2009-09-11 06:23 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-11 06:17 . 2009-09-11 06:17 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-10 16:48 . 2009-11-17 15:17 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 02:13 . 2009-09-07 02:13 69382 ----a-w- c:\windows\system32\pthreadGC2.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 13:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-23 2001648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-27 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2009-04-14 604704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):92,ba,6b,ce,10,6a,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-889193068-329059495-362259107-1000]
"EnableNotificationsRef"=dword:00000002

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [11. 9. 2009 7:23 108792]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23. 11. 2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23. 11. 2009 8:43 74480]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [21. 1. 2008 3:33 21504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11. 9. 2009 7:24 735960]
R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [11. 9. 2009 7:26 38240]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23. 11. 2009 8:43 7408]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25. 11. 2009 14:34 135664]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:33 21504]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\System32\drivers\snp325.sys [18. 11. 2009 13:08 10260864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2009-11-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-25 13:32]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-25 13:34]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-25 13:34]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889193068-329059495-362259107-1000Core.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-17 18:57]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889193068-329059495-362259107-1000UA.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-17 18:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Easy-PhotoPrint - c:\program files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
AddRemove-MediaNavigation.CDLabelPrint - c:\program files\Canon\CD-LabelPrint\Uninstal.exe Canon.CDLabelPrint.Application
AddRemove-{68a724aa-8dfd-45be-a448-649fa3e761b5} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-29 16:27
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8487B369]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x879abd24
\Driver\ACPI -> acpi.sys @ 0x80610d68
\Driver\atapi -> ataport.SYS @ 0x8071fa2c
IoDeviceObjectType -> DumpProcedure -> 0x674a502a
\Device\Harddisk0\DR0 -> DumpProcedure -> 0x674a502a
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3612.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3612.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2184)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2009-11-29 16:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-29 15:36

Pre-Run: 140 430 536 704 bytes free
Post-Run: 140 372 590 592 bytes free

- - End Of File - - 081FD65D378A189EE88D8F65597144B3

Tak toto je doslova HNOJ.
Za prve tam mas nejakeho fileinfectora a ten tam robi neplechu, za druhe tam mas zvysky po tolkych bezpecnostnych softoch, ze hruza a za tretie tam mas mozno aj TDL3 rootkit...cize naozaj velmi pekne.

Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:


Uloz na plochu ako CFScript.txt a mysou pretiahni nad ikonou CF.



Program script spracuje a spravi novy log.


Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.

Uhm, tak to bolo asi zle ked vravis, jedine co mozem potvrdit ze som istaloval viac programov typu ad-aware, alebo spybot S-D... ale zasa nie az tak vela podla mna, no co uz, aspon viem ze menej je niekedy viac
PS: co robi taky fileinfector??

tu je najnovsi log:

ComboFix 09-11-28.04 - Michal . 11. 2009 18:20.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.2047.1299 [GMT 1:00]
Running from: c:\users\Michal\Desktop\ComboFix.exe
Command switches used :: c:\users\Michal\Desktop\CFScript.txt
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\HH.EXE . . . is infected!!

c:\windows\System32\CALC.EXE . . . is infected!!

c:\windows\System32\CLEANMGR.EXE . . . is infected!!

c:\windows\System32\CONTROL.EXE . . . is infected!!

c:\windows\System32\DFRGUI.EXE . . . is infected!!

c:\windows\System32\CHARMAP.EXE . . . is infected!!

c:\windows\System32\ISCSICPL.EXE . . . is infected!!

c:\windows\System32\MDSCHED.EXE . . . is infected!!

c:\windows\System32\MOBSYNC.EXE . . . is infected!!

c:\windows\System32\MSCONFIG.EXE . . . is infected!!

c:\windows\System32\MSPAINT.EXE . . . is infected!!

c:\windows\System32\MSRA.EXE . . . is infected!!

c:\windows\System32\ODBCAD32.EXE . . . is infected!!

c:\windows\System32\SOUNDRECORDER.EXE . . . is infected!!

c:\windows\System32\WINDOWSANYTIMEUPGRADE.EXE . . . is infected!!

c:\windows\System32\WRITE.EXE . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-29 )))))))))))))))))))))))))))))))
.

2009-11-29 17:30 . 2009-11-29 17:32 -------- d-----w- c:\users\Michal\AppData\Local\temp
2009-11-29 17:30 . 2009-11-29 17:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-11-29 17:30 . 2009-11-29 17:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-29 17:16 . 2009-11-29 17:16 -------- d-----w- C:\32788R22FWJFW
2009-11-29 15:09 . 2009-11-29 15:09 -------- d-----w- c:\users\Michal\AppData\Local\ESET
2009-11-29 14:47 . 2009-11-29 14:48 -------- d-----w- c:\program files\trend micro
2009-11-29 14:47 . 2009-11-29 14:48 -------- d-----w- C:\rsit
2009-11-28 19:10 . 2009-11-28 19:10 -------- d-----w- c:\users\Michal\AppData\Local\Apple
2009-11-28 19:05 . 2009-11-28 19:05 -------- d-----w- c:\program files\CCleaner
2009-11-28 18:04 . 2009-11-28 18:16 -------- d-----w- c:\program files\Ultimate Process Manager
2009-11-28 17:40 . 2009-11-28 17:40 -------- d--h--w- c:\windows\PIF
2009-11-28 15:56 . 2009-11-28 16:38 -------- d-----w- c:\users\Michal\DoctorWeb
2009-11-28 15:53 . 2009-11-28 15:53 92488 ----a-w- c:\users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-28 15:18 . 2009-11-28 16:49 117760 ----a-w- c:\users\Michal\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-28 15:18 . 2009-11-28 15:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-11-28 15:18 . 2009-11-28 15:18 4096 d-----w- c:\program files\SUPERAntiSpyware
2009-11-28 15:18 . 2009-11-28 15:18 -------- d-----w- c:\users\Michal\AppData\Roaming\SUPERAntiSpyware.com
2009-11-28 15:18 . 2009-11-28 15:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-28 13:27 . 2009-11-28 13:27 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-27 18:08 . 2009-11-27 18:08 -------- d-----w- c:\program files\Common Files\Protexis
2009-11-27 18:08 . 2009-11-27 18:08 -------- d-----w- c:\programdata\Corel
2009-11-27 18:06 . 2009-11-27 18:06 -------- d-----w- c:\program files\Corel
2009-11-27 17:38 . 2009-11-27 18:10 -------- d-----w- c:\users\Michal\AppData\Roaming\Corel
2009-11-27 17:35 . 2009-11-27 17:35 -------- d-----w- c:\program files\Common Files\Corel
2009-11-27 17:16 . 2009-11-27 17:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-27 17:16 . 2009-11-27 17:16 -------- d-----w- c:\program files\Java
2009-11-27 16:52 . 2009-11-27 16:52 -------- d-----w- c:\users\Michal\AppData\Roaming\VistaCodecs
2009-11-27 16:52 . 2009-11-27 16:52 4096 d-----w- c:\program files\VistaCodecPack
2009-11-27 16:51 . 2009-11-27 16:52 -------- d-----w- c:\programdata\VistaCodecs
2009-11-27 12:38 . 2009-11-28 18:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-27 12:18 . 2009-11-28 16:43 -------- dc----w- c:\windows\system32\DRVSTORE
2009-11-27 12:16 . 2009-11-28 16:43 -------- d-----w- c:\programdata\Lavasoft
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\uTorrent.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\WinRAR.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\DeviceHandbook.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\uninstwa.exe
2009-11-27 11:49 . 2009-11-27 11:49 2048 ----a-w- c:\windows\system32\config\systemprofile\OziExp.exe
2009-11-27 11:47 . 2009-11-27 11:47 2048 ----a-w- c:\windows\system32\config\systemprofile\BJPSUNST.EXE
2009-11-26 22:20 . 2009-11-26 22:20 -------- d-sh--w- c:\windows\system32\%APPDATA%
2009-11-26 20:34 . 2009-11-27 18:12 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2009-11-26 20:34 . 2009-11-27 18:10 88 --sh--r- c:\programdata\EC4096B161.sys
2009-11-26 20:17 . 2009-11-29 17:32 4096 d-----w- c:\program files\Common Files\Akamai
2009-11-25 18:36 . 2009-11-25 18:36 -------- d-----w- c:\programdata\FLEXnet
2009-11-25 18:32 . 2009-11-27 11:47 -------- d-----w- c:\program files\Adobe Media Player
2009-11-25 18:30 . 2009-11-25 18:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-25 18:27 . 2009-11-25 18:27 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-11-25 18:05 . 2009-11-25 18:05 -------- d-----w- c:\programdata\Advanced Chemistry Development
2009-11-25 18:04 . 2009-11-25 18:05 24576 d-----w- c:\program files\ACDFREE12
2009-11-25 18:03 . 2009-11-25 18:05 -------- d-----w- c:\users\Michal\AppData\Roaming\Advanced Chemistry Development
2009-11-25 15:31 . 2009-11-25 15:32 4096 d-----w- c:\program files\QuickTime
2009-11-25 15:31 . 2009-11-25 15:31 -------- d-----w- c:\programdata\Apple Computer
2009-11-25 15:29 . 2009-11-25 15:29 -------- d-----w- c:\program files\BSP Multimedia
2009-11-25 14:29 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 13:32 . 2009-11-25 13:32 2017776 ----a-w- c:\programdata\Google Updater\cache\packdata_ci_gds_5.9.909.30391_cs_setup.exe
2009-11-25 13:32 . 2009-11-25 13:32 -------- d-----w- c:\programdata\Google Updater
2009-11-25 13:32 . 2009-11-25 13:35 4096 d-----w- c:\program files\Google
2009-11-25 09:05 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 09:05 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-23 17:52 . 2009-11-23 20:08 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-23 17:52 . 2009-11-23 17:52 -------- d-----w- c:\program files\Microsoft
2009-11-22 15:32 . 2009-11-22 15:39 -------- d-----w- c:\users\Michal\AppData\Roaming\Nero
2009-11-22 15:30 . 2009-11-22 15:30 -------- d-----w- c:\program files\Nero
2009-11-22 15:29 . 2009-11-22 15:29 -------- d-----w- c:\programdata\Nero
2009-11-22 15:29 . 2009-11-22 15:30 -------- d-----w- c:\program files\Common Files\Nero
2009-11-21 16:27 . 2009-11-21 16:30 -------- d-----w- c:\programdata\Norton
2009-11-21 16:27 . 2009-11-21 16:29 -------- d-----w- c:\programdata\Symantec
2009-11-21 16:27 . 2009-11-21 16:27 -------- d-----w- c:\programdata\NortonInstaller
2009-11-21 16:23 . 2009-11-21 16:23 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-21 16:19 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-21 16:19 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-21 16:19 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-21 16:19 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-11-21 16:19 . 2009-09-24 22:54 258048 ----a-w- c:\windows\system32\winspool.drv
2009-11-21 16:19 . 2009-09-25 01:33 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-11-21 16:19 . 2009-09-25 01:27 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-21 16:19 . 2009-09-25 01:27 37888 ----a-w- c:\windows\system32\cdd.dll
2009-11-21 16:19 . 2009-09-24 22:54 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-11-21 16:16 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-21 16:16 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-21 16:16 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-21 16:11 . 2009-11-21 16:11 -------- d-----w- c:\program files\ESET
2009-11-21 15:54 . 2009-11-21 15:54 -------- d-----w- c:\program files\Ask.com
2009-11-21 15:54 . 2009-11-21 15:54 -------- d-----w- c:\program files\uTorrent
2009-11-21 15:52 . 2009-11-27 17:23 4096 d-----w- c:\users\Michal\AppData\Roaming\uTorrent
2009-11-21 13:55 . 2009-11-21 13:55 -------- d-----w- c:\users\Michal\AppData\Roaming\DivX
2009-11-21 13:49 . 2009-11-21 14:23 4096 d-----w- c:\program files\DivX
2009-11-21 13:49 . 2009-11-21 13:49 4096 d-----w- c:\program files\Common Files\DivX Shared
2009-11-21 13:44 . 2009-11-21 13:44 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-11-21 13:44 . 2009-11-28 18:47 -------- d-----w- c:\program files\Winamp
2009-11-21 12:44 . 2009-11-21 12:44 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2009-11-20 18:33 . 2009-11-20 18:33 -------- d-----w- c:\windows\system32\ca-ES
2009-11-20 18:33 . 2009-11-20 18:33 -------- d-----w- c:\windows\system32\eu-ES
2009-11-20 18:33 . 2009-11-20 18:33 -------- d-----w- c:\windows\system32\vi-VN
2009-11-20 18:09 . 2009-11-20 18:09 -------- d-----w- c:\windows\system32\EventProviders
2009-11-18 17:53 . 2009-04-11 06:28 407552 ----a-w- c:\windows\system32\MPSSVC.dll
2009-11-18 17:52 . 2009-04-11 06:28 49152 ----a-w- c:\windows\system32\wbem\wbemsvc.dll
2009-11-18 17:51 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-11-18 17:37 . 2009-11-21 22:00 4096 d-----w- c:\program files\GPS
2009-11-18 13:55 . 2009-11-27 11:48 4096 d-----w- c:\program files\IrfanView
2009-11-18 13:08 . 2009-11-18 13:08 -------- d-----w- c:\program files\Windows Mobile Resources
2009-11-18 12:19 . 2009-11-18 12:19 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-18 12:19 . 2009-11-23 10:56 -------- d-----w- c:\users\Michal\AppData\Roaming\skypePM
2009-11-18 12:18 . 2009-11-23 10:57 4096 d-----w- c:\users\Michal\AppData\Roaming\Skype
2009-11-18 12:18 . 2009-11-18 12:18 -------- d-----w- c:\program files\Common Files\Skype
2009-11-18 12:18 . 2009-11-27 16:45 -------- d-----r- c:\program files\Skype
2009-11-18 12:18 . 2009-11-18 12:18 -------- d-----w- c:\programdata\Skype
2009-11-18 12:09 . 2007-02-12 13:50 20480 ----a-w- c:\windows\FixCamera.exe
2009-11-18 12:09 . 2006-07-03 09:31 94208 ----a-w- c:\windows\AMCAP.EXE
2009-11-18 12:08 . 2007-03-07 15:58 10260864 ----a-w- c:\windows\system32\drivers\snp325.sys
2009-11-18 12:08 . 2006-10-10 14:49 270336 ----a-w- c:\windows\tsnp325.exe
2009-11-18 12:08 . 2006-10-10 13:11 827392 ----a-w- c:\windows\vsnp325.exe
2009-11-18 12:08 . 2009-11-18 12:08 -------- d-----w- c:\program files\Common Files\snp325
2009-11-18 12:08 . 2007-03-14 10:21 61440 ----a-w- c:\windows\system32\vsnp325.dll
2009-11-18 12:08 . 2006-04-12 11:11 147456 ----a-w- c:\windows\system32\rsnp325.dll
2009-11-18 12:08 . 2005-11-23 12:55 53248 ----a-w- c:\windows\system32\csnp325.dll
2009-11-18 12:08 . 2009-11-18 12:08 -------- d-----w- c:\users\Michal\AppData\Roaming\InstallShield
2009-11-17 20:24 . 2009-11-17 20:24 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-17 20:17 . 2009-11-25 18:33 8192 d-----w- c:\program files\Common Files\Adobe
2009-11-17 19:51 . 2009-11-17 19:51 -------- d-----w- c:\program files\MSXML 4.0
2009-11-17 19:40 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-11-17 19:39 . 2009-11-17 20:23 -------- d-----w- c:\program files\Microsoft Works
2009-11-17 19:39 . 2009-11-18 13:28 -------- d-----w- c:\program files\Microsoft.NET
2009-11-17 19:39 . 2009-11-17 19:39 -------- d-----w- c:\windows\PCHEALTH
2009-11-17 19:37 . 2009-11-17 19:37 -------- d-----w- c:\windows\SHELLNEW
2009-11-17 19:36 . 2009-11-17 19:36 -------- d-----w- c:\users\Michal\AppData\Local\Microsoft Help

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-29 15:06 . 2009-11-18 17:53 19944 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-27 11:58 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-27 11:49 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Photo Gallery
2009-11-27 11:47 . 2009-11-27 11:47 2048 ----a-w- c:\windows\system32\config\systemprofile\uninst.exe
2009-11-21 16:23 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-21 16:23 . 2009-11-21 16:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-20 18:33 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Sidebar
2009-11-20 18:33 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Collaboration
2009-11-20 18:33 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-11-20 18:33 . 2006-11-02 12:35 4096 d-----w- c:\program files\Windows Defender
2009-11-18 13:18 . 2009-11-18 13:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-11-17 17:30 . 2009-11-17 17:27 4096 d-----w- c:\program files\Canon
2009-11-17 17:27 . 2009-11-17 17:27 -------- d--h--w- c:\programdata\CanonBJ
2009-11-17 13:26 . 2009-11-17 13:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-10-13 09:36 . 2009-10-13 09:36 1036288 ----a-w- c:\windows\system32\VSFilter.dll
2009-10-09 12:11 . 2009-10-09 12:11 25623336 ----a-r- c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Skype.exe
2009-10-01 01:02 . 2009-11-21 16:18 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-21 16:18 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-21 16:18 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-21 16:18 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-21 16:18 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-21 16:18 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-21 16:18 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-21 16:18 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-21 16:18 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-21 16:18 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-21 16:18 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-21 16:18 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10 . 2009-11-21 16:18 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07 . 2009-11-21 16:18 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04 . 2009-11-21 16:18 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49 . 2009-11-21 16:18 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48 . 2009-11-21 16:18 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38 . 2009-11-21 16:18 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36 . 2009-11-21 16:18 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35 . 2009-11-21 16:18 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33 . 2009-11-21 16:18 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:32 . 2009-11-21 16:18 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31 . 2009-11-21 16:18 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31 . 2009-11-21 16:18 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31 . 2009-11-21 16:18 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31 . 2009-11-21 16:18 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31 . 2009-11-21 16:18 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31 . 2009-11-21 16:18 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30 . 2009-11-21 16:18 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30 . 2009-11-21 16:18 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27 . 2009-11-21 16:18 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27 . 2009-11-21 16:18 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54 . 2009-11-21 16:18 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-23 23:46 . 2009-09-23 23:46 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-09-11 06:26 . 2009-09-11 06:26 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2009-09-11 06:26 . 2009-09-11 06:26 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-09-11 06:23 . 2009-09-11 06:23 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-09-11 06:17 . 2009-09-11 06:17 116008 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-09-10 16:48 . 2009-11-17 15:17 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 02:13 . 2009-09-07 02:13 69382 ----a-w- c:\windows\system32\pthreadGC2.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\windows\system32\config\systemprofile\OziExp.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 2048
Created time: 2009-11-27 11:49
Modified time: 2009-11-27 11:49
MD5: B588BA6CE5967641269AA3188866BFA3
SHA1: AAC8F056C30D62B958ADAF05AFDBD84721243E50


--- c:\windows\system32\config\systemprofile\uninstwa.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 2048
Created time: 2009-11-27 11:49
Modified time: 2009-11-27 11:49
MD5: B588BA6CE5967641269AA3188866BFA3
SHA1: AAC8F056C30D62B958ADAF05AFDBD84721243E50


(((((((((((((((((((((((((((((((((((((((((( SR_Search ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
((((((((((((((((((((((((((((( SnapShot@2009-11-29_15.27.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-11-29 17:33 34906 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-11-29 17:34 61364 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-11-17 13:36 . 2009-11-29 15:26 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-17 13:36 . 2009-11-29 17:10 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-17 13:36 . 2009-11-29 17:10 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 13:36 . 2009-11-29 15:26 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 13:36 . 2009-11-29 17:10 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-17 13:36 . 2009-11-29 15:26 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 13:42 . 2009-11-29 17:34 7892 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-889193068-329059495-362259107-1000_UserData.bin
+ 2009-11-29 17:31 . 2009-11-29 17:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-11-29 15:26 . 2009-11-29 15:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-11-29 15:26 . 2009-11-29 15:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-11-29 17:31 . 2009-11-29 17:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-11-29 17:18 586980 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-11-29 15:16 586980 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-11-29 15:16 101052 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-11-29 17:18 101052 c:\windows\System32\perfc009.dat
+ 2009-11-17 19:17 . 2009-11-29 17:10 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-11-17 19:17 . 2009-11-29 15:26 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 13:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-11-23 2001648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-27 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2009-04-14 604704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):92,ba,6b,ce,10,6a,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-889193068-329059495-362259107-1000]
"EnableNotificationsRef"=dword:00000002

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [11. 9. 2009 7:23 108792]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23. 11. 2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23. 11. 2009 8:43 74480]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [21. 1. 2008 3:33 21504]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11. 9. 2009 7:24 735960]
R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [11. 9. 2009 7:26 38240]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23. 11. 2009 8:43 7408]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25. 11. 2009 14:34 135664]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21. 1. 2008 3:33 21504]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\System32\drivers\snp325.sys [18. 11. 2009 13:08 10260864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2009-11-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-25 13:32]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-25 13:34]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-25 13:34]

2009-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889193068-329059495-362259107-1000Core.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-17 18:57]

2009-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889193068-329059495-362259107-1000UA.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-17 18:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-29 18:32
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3612.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3612.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3932)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2009-11-29 18:39 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-29 17:39
ComboFix2.txt 2009-11-29 15:36

Pre-Run: 140 416 176 128 bytes free
Post-Run: 140 364 967 936 bytes free

- - End Of File - - F0E4E54C1306F3D2D999CCC6582484DB

Neviem ci uz je vsetko v pohode, lebo v logoch sa nevyznam :-(

Takze nwm, ci to je ok abo nie, ale co viem, ze som pripojeny na internet uz nejaku chvilku a stale mi neprislo upozornenie o pokus infiltrovania kryptika (predtym bola frekvencia opakovania kazdych 5min, teraz uz 20min nic neukazalo )

Dobre to nie je...co robi taky fileinfector? Precitaj si toto, vsetko to su systemove subory a ten smejd ti ich patchol:



Nas5 k problemu - mas instalacne CD/DVD? Bez neho sa zjvane nepohneme, lebo si bez SVI a bez cistych kopii. Tym padom je jedine riesenie expand z instalacky. Predtym ale sprav este toto:


1) Stiahni CKScanner na plochu. Spust program dvojklikom na ikonu. Otvori sa okno, v nom klik na "Search For Files". Zacne scan, po jeho skonceni klikni na "Save List To File" -> "OK". Na ploche by sa mal objavit subor s nazvom CKFiles.txt, jeho obsah mi sem skopiruj.


2) Stiahni SecurityCheck. Spust ho a postupuj podla instrukcii. Nakoniec vyhodi log, ktory skopiruj sem.

Instalacku mam
tu je log z CKScanner:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\corel\coreldraw graphics suite x4\custom data\bumpmap\cracks.cpt
c:\program files\corel\coreldraw graphics suite x4\custom data\canvas\cracks2c.pcx
c:\program files\corel\coreldraw graphics suite x4\custom data\tiles\cracks2m.cpt
c:\windows\prefetch\keygen.exe-ef668a13.pf
scanner sequence 3.BB.11
----- EOF -----


A tu mas log z SecurityCheck:

Results of screen317's Security Check version 0.99.1
Windows Vista Service Pack 2 (UAC is disabled!)
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ESET Smart Security
WMIC entry does not exist for antivirus; attempting automatic update.
``````````````````````````````
Anti-malware/Other Utilities Check:
SUPERAntiSpyware Free Edition
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 17
Adobe Flash Player 10
Adobe Reader 9.2
``````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

Nabootuj z instalacky a dostan sa prosim do Recovery Console. V nej zadas postupne tieto prikazy, za kazdym jednym ENTER:






















Potom nabootujes do normalneho rezimu a spravis tento CFScript:




ODPORUCAM CELU STRANU VYTLACIT!

Dostal som sa do recevery console, kde na mna vyskocilo tusim 6moznosti co dalej robit, a tak som skusil pouzit poslednu moznost: COMMAND PROMPT: ale po zadani prikazu "expand HH.EX_ C:\backup" mi to napisalo: "CAN´T OPEN INPUT FILE HH.EX_" ...napadlo ma ze to mam teda robit namiesto "EX_" tam pisat "EXE", ale vysledok bol ten isty. Ale ten prvy prikaz "md C:\backup" mi to vzalo v pohode...

napadlo ma ci by sa nedalo rucne tie subory presunut do toho priecinka a nasledne napisat ten CFScript???

Praveze nie...a prepac, je tam chyba z mojej strany, posielam novy navod:

Nabootuj z instalacky a dostan sa prosim do Recovery Console. V nej zadas postupne tieto prikazy, za kazdym jednym ENTER:






















Potom nabootujes do normalneho rezimu a spravis tento CFScript:




ODPORUCAM CELU STRANU VYTLACIT![/quote]

stale to ukazuje to iste

To je sice fajn, ale bez logov sa nepohnem...

Alebo ukazuje stale to iste v RC?

Praveze v RC ukazuje stale to iste

Jeeej som skusal a DDS mi ide spustit, tak sem hodim co mi to vypisalo:


DDS (Ver_09-12-01.01) - NTFSx86
Run by Michal at 20:56:24,75 on ut 08. 12. 2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1051.18.2047.1342 [GMT 1:00]

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\taskeng.exe
C:\Users\Michal\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.sk/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Pomocník pri prihlasovaní v konte Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-11-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-11-23 74480]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-21 21504]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-7-15 172032]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-9-11 38240]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-11-23 7408]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-11-25 135664]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [2009-11-18 10260864]

=============== Created Last 30 ================

2009-12-08 19:51:56 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-12-08 19:44:12 0 d-----w- c:\program files\common files\Windows Live
2009-12-02 18:08:44 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-02 18:00:17 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-12-02 18:00:17 18440 ----a-w- c:\windows\atiogl.xml
2009-12-02 17:59:45 0 d-----w- c:\program files\ATI
2009-12-02 17:58:44 0 d-----w- c:\program files\ATI Technologies
2009-12-02 12:34:10 1905 ----a-w- c:\windows\diagwrn.xml
2009-12-02 12:34:10 1905 ----a-w- c:\windows\diagerr.xml
2009-11-29 15:03:47 77312 ----a-w- c:\windows\MBR.exe
2009-11-29 15:03:47 260608 ----a-w- c:\windows\PEV.exe
2009-11-29 15:03:47 161792 ----a-w- c:\windows\SWREG.exe
2009-11-29 15:03:46 98816 ----a-w- c:\windows\sed.exe
2009-11-29 14:47:54 0 d-----w- c:\program files\trend micro
2009-11-28 19:05:33 0 d-----w- c:\program files\CCleaner
2009-11-28 17:40:33 0 d--h--w- c:\windows\PIF
2009-11-28 15:18:32 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2009-11-28 15:18:19 0 d-----w- c:\users\michal\appdata\roaming\SUPERAntiSpyware.com
2009-11-28 15:18:19 0 d-----w- c:\program files\SUPERAntiSpyware
2009-11-28 15:18:03 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-28 13:27:34 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-27 18:32:34 2409 ----a-w- C:\-1934951307
2009-11-27 18:08:57 0 d-----w- c:\program files\common files\Protexis
2009-11-27 18:08:56 0 d-----w- c:\programdata\Corel
2009-11-27 18:06:08 0 d-----w- c:\program files\Corel
2009-11-27 17:35:45 0 d-----w- c:\program files\common files\Corel
2009-11-27 17:16:21 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-27 16:52:46 0 d-----w- c:\users\michal\appdata\roaming\VistaCodecs
2009-11-27 16:52:43 0 d-----w- c:\program files\VistaCodecPack
2009-11-27 16:51:22 0 d-----w- c:\programdata\VistaCodecs
2009-11-26 22:20:52 0 d-sh--w- c:\windows\system32\%APPDATA%
2009-11-26 20:34:20 88 --sh--r- c:\programdata\EC4096B161.sys
2009-11-26 20:34:20 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2009-11-26 20:17:46 0 d-----w- c:\program files\common files\Akamai
2009-11-25 18:36:45 0 d-----w- c:\programdata\FLEXnet
2009-11-25 18:27:46 0 d-----w- c:\program files\common files\Macrovision Shared
2009-11-25 18:05:18 0 d-----w- c:\programdata\Advanced Chemistry Development
2009-11-25 18:04:18 0 d-----w- c:\program files\ACDFREE12
2009-11-25 18:03:42 0 d-----w- c:\users\michal\appdata\roaming\Advanced Chemistry Development
2009-11-25 15:31:24 0 d-----w- c:\programdata\Apple Computer
2009-11-25 15:29:49 0 d-----w- c:\program files\BSP Multimedia
2009-11-25 14:29:04 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 13:32:08 0 d-----w- c:\programdata\Google Updater
2009-11-25 09:05:10 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 09:05:08 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-25 09:05:04 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-23 17:52:08 0 d-----w- c:\program files\Microsoft
2009-11-22 15:30:00 0 d-----w- c:\program files\Nero
2009-11-22 15:29:43 0 d-----w- c:\programdata\Nero
2009-11-21 16:23:58 0 d-----w- c:\program files\Windows Portable Devices
2009-11-21 16:23:29 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-21 16:19:31 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-21 16:19:30 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-21 16:19:30 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-21 16:19:01 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-11-21 16:19:01 258048 ----a-w- c:\windows\system32\winspool.drv
2009-11-21 16:19:00 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-11-21 16:19:00 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-21 16:19:00 37888 ----a-w- c:\windows\system32\cdd.dll
2009-11-21 16:19:00 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-11-21 16:16:49 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-21 16:16:48 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-21 16:16:48 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-21 16:12:27 0 d-----w- c:\users\michal\appdata\roaming\ESET
2009-11-21 16:11:00 0 d-----w- c:\programdata\ESET
2009-11-21 16:11:00 0 d-----w- c:\program files\ESET
2009-11-21 15:54:39 0 d-----w- c:\program files\uTorrent
2009-11-21 15:52:00 0 d-----w- c:\users\michal\appdata\roaming\uTorrent
2009-11-21 13:49:50 0 d-----w- c:\program files\DivX
2009-11-21 13:49:37 0 d-----w- c:\program files\common files\DivX Shared
2009-11-21 13:44:58 0 d-----w- c:\program files\common files\PX Storage Engine
2009-11-21 12:44:08 60416 ----a-w- c:\windows\ALCFDRTM.VER
2009-11-21 12:44:08 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2009-11-20 18:33:15 0 d-----w- c:\windows\system32\vi-VN
2009-11-20 18:33:15 0 d-----w- c:\windows\system32\eu-ES
2009-11-20 18:33:15 0 d-----w- c:\windows\system32\ca-ES
2009-11-20 18:09:05 0 d-----w- c:\windows\system32\EventProviders
2009-11-18 17:53:59 407552 ----a-w- c:\windows\system32\MPSSVC.dll
2009-11-18 17:52:59 9212 ----a-w- c:\windows\system32\RacUR.xml
2009-11-18 17:51:46 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-11-18 17:37:02 0 d-----w- c:\program files\GPS
2009-11-18 13:55:26 0 d-----w- c:\program files\IrfanView
2009-11-18 13:18:29 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-11-18 13:08:55 0 d-----w- c:\program files\Windows Mobile Resources
2009-11-18 12:19:51 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-18 12:18:35 0 d-----r- c:\program files\Skype
2009-11-18 12:18:31 0 d-----w- c:\programdata\Skype
2009-11-18 12:09:00 94208 ----a-w- c:\windows\AMCAP.EXE
2009-11-18 12:09:00 20480 ----a-w- c:\windows\FixCamera.exe
2009-11-18 12:08:59 827392 ----a-w- c:\windows\vsnp325.exe
2009-11-18 12:08:59 270336 ----a-w- c:\windows\tsnp325.exe
2009-11-18 12:08:59 15498 ----a-w- c:\windows\snp325.ini
2009-11-18 12:08:59 13023 ----a-w- c:\windows\snp325.src
2009-11-18 12:08:59 10260864 ----a-w- c:\windows\system32\drivers\snp325.sys
2009-11-18 12:08:58 61440 ----a-w- c:\windows\system32\vsnp325.dll
2009-11-18 12:08:58 53248 ----a-w- c:\windows\system32\csnp325.dll
2009-11-18 12:08:58 147456 ----a-w- c:\windows\system32\rsnp325.dll
2009-11-18 12:08:58 0 d-----w- c:\program files\common files\snp325
2009-11-17 20:17:27 0 d-----w- c:\programdata\Adobe
2009-11-17 19:51:10 0 d-----w- c:\program files\MSXML 4.0
2009-11-17 19:47:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-11-17 19:40:42 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-11-17 19:39:08 0 d-----w- c:\windows\PCHEALTH
2009-11-17 19:37:03 0 d-----w- c:\windows\SHELLNEW
2009-11-17 19:36:35 0 d-----w- c:\programdata\Microsoft Help
2009-11-17 19:24:16 962612 ----a-w- c:\windows\system32\mfc42d.dll
2009-11-17 19:24:16 434252 ----a-w- c:\windows\system32\MSVCRTD.DLL
2009-11-17 19:23:14 24576 ----a-w- c:\windows\system32\AsIO.dll
2009-11-17 19:23:14 12400 ----a-w- c:\windows\system32\drivers\AsIO.sys
2009-11-17 19:23:10 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2009-11-17 19:23:10 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2009-11-17 19:23:10 0 d-----w- c:\program files\ASUS
2009-11-17 19:22:37 7680 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2009-11-17 19:07:03 72704 ----a-w- c:\windows\system32\admparse.dll
2009-11-17 19:06:59 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-11-17 19:06:57 45568 ----a-w- c:\windows\system32\mshta.exe
2009-11-17 19:06:57 385024 ----a-w- c:\windows\system32\html.iec
2009-11-17 19:06:57 169472 ----a-w- c:\windows\system32\iexpress.exe
2009-11-17 19:06:57 109568 ----a-w- c:\windows\system32\PDMSetup.exe
2009-11-17 19:06:57 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2009-11-17 19:06:57 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2009-11-17 19:06:57 103936 ----a-w- c:\windows\system32\SetDepNx.exe
2009-11-17 19:06:09 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-11-17 19:06:07 270848 ----a-w- c:\windows\system32\schannel.dll
2009-11-17 18:23:04 0 d-----w- c:\program files\AutoCAD 2007
2009-11-17 17:38:14 0 d-----w- c:\users\michal\appdata\roaming\CD-LabelPrint
2009-11-17 17:30:06 163840 ----a-w- c:\windows\BJPSUNST.EXE
2009-11-17 17:29:08 306688 ----a-w- c:\windows\IsUninst.exe
2009-11-17 17:28:41 0 d-----w- c:\windows\StartHtmico
2009-11-17 17:27:43 8704 ----a-w- c:\windows\system32\CNMVS78.DLL
2009-11-17 17:27:43 140288 ----a-w- c:\windows\system32\CNMLM78.DLL
2009-11-17 17:27:41 90112 ----a-r- c:\windows\system32\CNMCP78.EXE
2009-11-17 17:27:23 0 d--h--w- c:\programdata\CanonBJ
2009-11-17 17:27:06 0 d-----w- c:\program files\Canon
2009-11-17 17:02:00 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-17 17:01:08 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2009-11-17 17:01:06 11967524 ----a-w- c:\windows\system32\korwbrkr.lex
2009-11-17 16:28:15 0 d-----w- c:\users\michal\appdata\roaming\progeSOFT
2009-11-17 16:25:21 2186 ----a-w- c:\windows\print3d.dat
2009-11-17 16:25:11 647872 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2009-11-17 16:25:03 431616 ----a-w- c:\windows\system32\temp.005
2009-11-17 16:25:02 1392671 ----a-w- c:\windows\system32\temp.004
2009-11-17 16:24:30 77878 ----a-w- c:\windows\system32\temp.002
2009-11-17 16:24:30 69632 ----a-w- c:\windows\system32\temp.003
2009-11-17 16:24:30 266293 ----a-w- c:\windows\system32\temp.001
2009-11-17 16:24:27 2134016 ----a-w- c:\windows\system32\cdintf251.dll
2009-11-17 16:24:11 89360 ----a-w- c:\windows\system32\vb5db.dll
2009-11-17 16:24:08 274432 ----a-w- c:\windows\system32\DwgThumbnail.ocx
2009-11-17 16:24:07 339968 ----a-w- c:\windows\system32\Slide.ocx
2009-11-17 16:24:07 151552 ----a-w- c:\windows\system32\temp.000
2009-11-17 16:23:53 61440 ----a-w- c:\windows\system32\wintab32.dll
2009-11-17 16:23:53 503808 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-17 16:23:53 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-17 16:23:53 1060864 ----a-w- c:\windows\system32\mfc71.dll
2009-11-17 16:23:49 73728 ----a-w- c:\windows\system32\skeydrv.dll
2009-11-17 16:23:49 129632 ----a-w- c:\windows\system32\skeyinst.dll
2009-11-17 16:23:36 43968 ----a-w- c:\windows\system32\drivers\eusk3usb.sys
2009-11-17 16:23:34 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2009-11-17 16:23:34 1115704 ----a-w- c:\windows\system32\O2CPlayer.OCX
2009-11-17 16:23:33 368912 ----a-w- c:\windows\system32\vbar332.dll
2009-11-17 15:16:41 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-17 15:16:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-17 15:16:33 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-11-17 15:16:28 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-17 15:16:25 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-11-17 15:16:24 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-17 15:16:24 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-17 15:16:11 623616 ----a-w- c:\windows\system32\localspl.dll
2009-11-17 15:16:09 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-11-17 15:15:49 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-17 15:15:39 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-17 15:15:26 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-11-17 15:15:22 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-11-17 15:15:22 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-11-17 15:15:17 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-11-17 15:15:17 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-11-17 15:15:17 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-11-17 15:15:06 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-11-17 15:15:03 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-11-17 15:15:01 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-11-17 15:14:59 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-17 15:14:54 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-11-17 15:14:44 310272 ----a-w- c:\windows\system32\UNREGMP2.EXE
2009-11-17 15:14:43 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-17 15:14:43 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-11-17 15:14:43 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-11-17 15:14:43 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-11-17 14:32:08 0 d-----w- c:\program files\AnswerWorks 4.0
2009-11-17 14:29:12 0 d-----w- c:\programdata\Autodesk
2009-11-17 14:03:41 0 d-----w- c:\users\michal\appdata\roaming\Autodesk
2009-11-17 14:00:49 0 d-sh--w- c:\windows\Installer
2009-11-17 14:00:44 0 d-----w- c:\program files\common files\Autodesk Shared
2009-11-17 14:00:42 0 d-----w- c:\program files\Autodesk
2009-11-17 13:55:08 0 d-----w- c:\program files\AMD
2009-11-17 13:47:58 935 ----a-w- c:\windows\Ascd_tmp.ini
2009-11-17 13:45:17 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-11-17 13:45:04 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-11-17 13:44:52 31232 ----a-w- c:\windows\system32\WUAPP.EXE
2009-11-17 13:44:52 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-17 13:26:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-11-17 13:16:24 0 d-----w- c:\windows\Panther
2009-11-17 13:16:08 8192 --s-a-r- C:\BOOTSECT.BAK
2009-11-17 13:16:07 333257 --sha-r- C:\bootmgr
2009-11-17 13:16:06 0 d-----w- C:\Boot
2009-11-14 00:47:32 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47:28 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47:28 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47:28 839680 ----a-w- c:\windows\system32\divx_xx11.dll

==================== Find3M ====================

2009-12-02 18:01:41 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-12-02 18:01:41 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-02 18:01:38 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-29 15:06:22 19944 ------w- c:\windows\system32\drivers\atapi.sys
2009-11-21 16:23:53 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-20 18:25:50 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-10-13 09:36:04 1036288 ----a-w- c:\windows\system32\VSFilter.dll
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01:54 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-09-25 02:10:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07:08 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04:32 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49:22 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48:08 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38:29 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36:13 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35:31 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33:25 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:32:59 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31:53 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31:26 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31:21 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31:19 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31:16 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31:15 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30:23 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30:23 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27:04 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27:04 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54:53 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-23 23:46:04 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-09-10 16:48:01 218624 ----a-w- c:\windows\system32\msv1_0.dll
2008-01-21 05:36:45 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2008-01-21 05:36:45 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2008-01-21 05:36:45 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2008-01-21 05:36:45 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 20:57:34,08 ===============

a este attach.txt
ako si sam precitac, tak mam nejaky problem s instalatorom windowsu...


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 17. 11. 2009 14:31:40
System Uptime: 12. 8. 2009 20:40:54 (2832 hours ago)

Motherboard: ASUSTeK Computer INC. | | A8N-SLI
Processor: AMD Athlon(tm) 64 Processor 3000+ | Socket 939 | 1800/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 153 GiB total, 117,249 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 466 GiB total, 440,832 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP87: 30. 11. 2009 20:32:15 - Windows Update
RP88: 2. 12. 2009 14:20:53 - Plánovaný kontrolný bod
RP89: 2. 12. 2009 19:00:24 - Inštalácia balíka ovládačov zariadenia: ATI Technologies Inc. Display adapters
RP90: 2. 12. 2009 19:01:24 - Inštalácia balíka ovládačov zariadenia: ATI Sound, video and game controllers
RP91: 3. 12. 2009 20:58:12 - Windows Update
RP92: 8. 12. 2009 15:08:47 - Windows Update
RP93: 8. 12. 2009 20:43:24 - Windows Update

==== Installed Programs ======================

325 USB PC Camera _beta
ACD/Labs Software in C:\Program Files\ACDFREE12\
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.2
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Advertising Center
Akamai NetSession Interface
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)
Aktualizácia Microsoft Office Word 2007 Help (KB963665)
Asistent pri prihlasovaní v konte Windows Live ID
Ask Toolbar
Athlon 64 Processor Driver
µTorrent
AutoCAD 2007 - English
Autodesk DWF Viewer
AutoUpdate
Canon iP4200
Canon Setup Utility 2.0
Canon Utilities Easy-PrintToolBox
CCleaner
Centrum zariadení Windows Mobile
Connect
Cool & Quiet
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang EN
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW(R) Graphics Suite X4
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
DivX Codec
DivX Plus Web Player
DivX Version Checker
Easy-WebPrint
ENCYKLOPEDIE VĚDY
ESET Smart Security
Google Chrome
Google Update Helper
Google Updater
Google Zem
HijackThis 2.0.2
IrfanView (remove only)
Java(TM) 6 Update 17
kuler
Macromedia Flash Player 8
Microsoft .NET Compact Framework 3.5
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (Slovak) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (Slovak) 2007
Microsoft Office PowerPoint MUI (Slovak) 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Hungarian) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Slovak) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Slovak) 2007
Microsoft Office Word MUI (Slovak) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
MoZiGo 2009.10.31.21
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero ControlCenter
Nero Installer
Nero Online Upgrade
Nero StartSmart
neroxml
OziExplorer 3.95
PDF Settings CS4
Photoshop Camera Raw
QuickTime
Realtek AC'97 Audio
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Skype™ 4.1
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Word 2007 (KB974561)
VC80CRTRedist - 8.0.50727.4053
Vista Codec Package
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Mobile Device Center Driver Update
Windows Mobile Resources
WinRAR archiver

==== Event Viewer Messages From Past Week ========

8. 12. 2009 20:55:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80070643: Windows Live Essentials.
8. 12. 2009 20:52:04, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 9-krát.
8. 12. 2009 20:51:54, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 8-krát.
8. 12. 2009 20:51:46, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 7-krát.
8. 12. 2009 20:51:38, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 6-krát.
8. 12. 2009 20:51:31, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 5-krát.
8. 12. 2009 20:51:22, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 4-krát.
8. 12. 2009 20:51:14, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 3-krát.
8. 12. 2009 20:51:06, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
8. 12. 2009 20:44:59, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
8. 12. 2009 20:42:57, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
8. 12. 2009 20:39:33, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
8. 12. 2009 20:39:06, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
8. 12. 2009 20:06:45, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
8. 12. 2009 15:00:42, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
7. 12. 2009 18:36:51, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
7. 12. 2009 18:20:44, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
6. 12. 2009 19:18:28, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
6. 12. 2009 16:56:30, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
6. 12. 2009 16:47:30, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
6. 12. 2009 16:46:44, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
6. 12. 2009 12:05:11, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
5. 12. 2009 23:04:52, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
5. 12. 2009 15:29:24, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
5. 12. 2009 14:11:55, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 4-krát.
5. 12. 2009 14:11:40, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 3-krát.
5. 12. 2009 14:11:36, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
5. 12. 2009 14:03:34, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
5. 12. 2009 13:58:11, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
5. 12. 2009 13:18:39, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
5. 12. 2009 12:41:40, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
4. 12. 2009 19:43:14, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
3. 12. 2009 20:55:00, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 21:37:24, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 19:47:53, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 19:10:27, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 19:04:25, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 38-krát.
2. 12. 2009 19:04:18, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 37-krát.
2. 12. 2009 19:04:08, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 36-krát.
2. 12. 2009 19:04:04, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 35-krát.
2. 12. 2009 19:04:01, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 34-krát.
2. 12. 2009 19:03:57, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 33-krát.
2. 12. 2009 19:03:53, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 32-krát.
2. 12. 2009 19:03:49, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 31-krát.
2. 12. 2009 19:03:45, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 30-krát.
2. 12. 2009 19:03:41, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 29-krát.
2. 12. 2009 19:03:37, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 28-krát.
2. 12. 2009 19:03:34, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 27-krát.
2. 12. 2009 19:03:30, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 26-krát.
2. 12. 2009 19:03:26, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 25-krát.
2. 12. 2009 19:03:22, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 24-krát.
2. 12. 2009 19:03:18, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 23-krát.
2. 12. 2009 19:03:14, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 22-krát.
2. 12. 2009 19:03:10, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 21-krát.
2. 12. 2009 19:03:05, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 20-krát.
2. 12. 2009 19:03:01, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 19-krát.
2. 12. 2009 19:02:56, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 18-krát.
2. 12. 2009 19:02:52, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 17-krát.
2. 12. 2009 19:02:48, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 16-krát.
2. 12. 2009 19:02:44, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 15-krát.
2. 12. 2009 19:02:40, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 14-krát.
2. 12. 2009 19:02:37, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 13-krát.
2. 12. 2009 19:02:33, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 12-krát.
2. 12. 2009 19:02:27, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 11-krát.
2. 12. 2009 19:02:23, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 10-krát.
2. 12. 2009 19:02:19, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 9-krát.
2. 12. 2009 19:02:16, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 8-krát.
2. 12. 2009 19:02:12, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 7-krát.
2. 12. 2009 19:02:08, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 6-krát.
2. 12. 2009 19:02:03, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 5-krát.
2. 12. 2009 19:01:59, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 4-krát.
2. 12. 2009 19:00:05, Error: Service Control Manager [7034] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 3-krát.
2. 12. 2009 19:00:01, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
2. 12. 2009 18:59:50, Error: Service Control Manager [7031] - Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
2. 12. 2009 18:55:40, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 18:50:00, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: i8042prt Lbd
2. 12. 2009 15:19:29, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 15:02:57, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 14:47:07, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
2. 12. 2009 12:37:02, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd
1. 12. 2009 20:32:43, Error: Service Control Manager [7026] - Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní: Lbd

==== End Of File ===========================