Prosím o kontrolu LOGU

kotas · Příspěvek od **kotas** » ned 15. dub 2007, 12:37

Logfile of HijackThis v1.99.1
Scan saved at 12:37:45, on 15.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\BitLord\BitLord.exe
C:\Documents and Settings\kotas\Plocha\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RivaTuner] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /T
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\icwahktd.dll",setvm
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O18 - Protocol: bw+0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {5092C740-FAE6-4C96-9F5A-B84EE354425D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

likc · Příspěvek od **likc** » ned 15. dub 2007, 12:59

fixni
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

tohle je divny O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\icwahktd.dll",setvm www.virustotal.com

Je tam trochu zvlastne nainstalovany AVG. A ten Logitech\Desktop Messenger\ to jsou veci.

//edit: Uz jsem ten Logitech Desktop Messenger nasel. Podle me to muzes odinstalovat/zakazat, at se to nespousti. Jen to upozornuje na novinky a podobne.

rary · Příspěvek od **rary** » ned 15. dub 2007, 14:57

A vypadá to že tam máš Virtumonde nákazu dle té 04:
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\icwahktd.dll",setvm
Takže nic netestuj.

A postupuj takhle:
Postupuj dle tohoto návodu

Použij toho Vundofix-a

Akorát je ten návod psaný na starou verzi takže mám k tomu dvě připomínky:

1.Hned jak to spustíš tak klikni na Scan for Vundo

2.Je možné že se VundoFix po restartu znovu automaticky spustí, znamená, že některé infikované soubory, které našel, nemohly být smazány.A v tom případě opakuj postup s Vundofixem znovu.

Poté přejmenuj HijackThis.exe na Analyse.exe a udělej z něj log z toho přejmenovaného souboru + sem dej log z Vundofixu měl by být umístěný na C:\vundofix.txt.

likc · Příspěvek od **likc** » ned 15. dub 2007, 16:09

Zase jsem o neco chytrejsi.

kotas · Příspěvek od **kotas** » ned 15. dub 2007, 18:17

OK, dám jdu se dát do toho a dám vědět a hodím nový LOG. Díky

//EDIT: Takže hlásím neúspěch, soft VundoFix mi nalezne přibližně tyto záznamy:
C:\WINDOWS\system32\aaxuvtnt.dll
C:\WINDOWS\system32\efcdbby.dll
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\hjkmp.bak2
C:\WINDOWS\system32\hjkmp.ini
C:\WINDOWS\system32\hjkmp.ini2
C:\WINDOWS\system32\hjkmp.tmp
C:\WINDOWS\system32\ndyrmqul.dll
C:\WINDOWS\system32\pelhaufw.dll
C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\toudmnqh.dll
C:\WINDOWS\system32\yrikbaxj.dll

Ale při pokusu o smazání to hodí BSOD (modrou smrt) a nezbývá nic jiného než restart. Opakovaný postup nepomáhá, pořád to samé (BSOD a restart). Bohužel se nemůžu dostat do nouzového režimu! Vždy když se nouzový režim spouští, tak se PC restartuje, nepomohla ani oprava přes CD WinXPSP2

Nevíte ještě o způsobu jak se toho zbavit? Nevíte ještě jak se dá opravit systém abych mohl do nouzového režimu?..

kotas · Příspěvek od **kotas** » ned 15. dub 2007, 19:14

HELP

Ty reklamy a přesměrování se nedají vydržet..jinak když nejsem na netu vše ostatní OK. Kůli toho nebudu přece provádět format HDD

rary · Příspěvek od **rary** » ned 15. dub 2007, 19:51

takže toho šmejda budeme muset odprásknout jinak.
Stáhni si combofix
a spusť ho.Postupuj dle pokynů během aplikování ComboFixu neklikej do zobrazujícího se okna může se stát totiž že to proces zastaví.
Po skončení se vytvoří log tak sem zkopíruj jeho obsah.

(Je možné že se PC restartuje pokud combofix nalezne nějaký infikovaný soubory u kterých je potřeba restart aby je smazal.)

Musíš mít účet administrátora aby ti fungoval combofix.

Poté sem dej log z combofixu + log z HJT (udělej log z toho přejmenovanýho HJT).

kotas · Příspěvek od **kotas** » ned 15. dub 2007, 20:27

Opět při puštění programu ComboFix BSOD

LOG z Analyse.exe (HijacakThis):
Logfile of HijackThis v1.99.1
Scan saved at 20:28, on 07-04-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Analyse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {37F7B211-0C65-4EE7-9A30-8CB96E89D318} - C:\WINDOWS\system32\pmkjh.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\hnofmhuu.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {81AB83A8-A45B-42D2-A824-EC7808EC2D2a} - C:\WINDOWS\system32\tqyomhga.dll (file missing)
O2 - BHO: MSEvents Object - {F971D217-D242-46A2-9D40-019582933A64} - C:\WINDOWS\system32\efcdbby.dll
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RivaTuner] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /T
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O20 - Winlogon Notify: efcdbby - C:\WINDOWS\SYSTEM32\efcdbby.dll
O20 - Winlogon Notify: pmkjh - C:\WINDOWS\system32\pmkjh.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe
Co radíš teď? Předem děkuji

//EDIT: Zkusím, písmo zvětšeno

Tím MWAV to ale projedu zítra bude to trvat několik hodin

Budu zkoušet dnes ještě dál ten VundoFix!

Baron Prášil

já nevim jak rary,ale já sem moc starej na ty malí písmenka.

použil bych MWAV-tim nic nezkazíš

použij MWAV
http://www.mwti.com/products/mwav/mwav.asp

Po spuštění MWAV dej Update.Nezatrhávej volbu Scan Only Po update klikni na Scan & Clean začne scanování.Co najde to odstraní.
Po skončení scanování možná bude chtít restart tak ho povol.

pro jistotu vypni obnovu systému
pravím na T.počítač>vlastnosti>obnova systému a zaškrtni a ok a potvrdit
až budem hotoví,tak si jí zase zapni

kotas · Příspěvek od **kotas** » ned 15. dub 2007, 21:40

Tak, vyřešil jsem to "asi", udělal jsem to tím způsobem, že to co našel vundofix jsem následně mazal přes avenger, teď po spuštění vundofix to píše že žádné soubory nenalezeny

Přikládám LOG z avenger:
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\naxcrsvc

*******************

Script file located at: \??\C:\Documents and Settings\qxvbinbt.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\aaxuvtnt.dll deleted successfully.
File C:\WINDOWS\system32\efcdbby.dll deleted successfully.
File C:\WINDOWS\system32\gjrvyrtg.dll deleted successfully.
File C:\WINDOWS\system32\hjkmp.bak1 deleted successfully.
File C:\WINDOWS\system32\hjkmp.bak2 deleted successfully.
File C:\WINDOWS\system32\hjkmp.ini deleted successfully.
File C:\WINDOWS\system32\hjkmp.ini2 deleted successfully.
File C:\WINDOWS\system32\hjkmp.tmp deleted successfully.
File C:\WINDOWS\system32\ndyrmqul.dll deleted successfully.
File C:\WINDOWS\system32\pelhaufw.dll deleted successfully.
File C:\WINDOWS\system32\pmkjh.dll deleted successfully.
File C:\WINDOWS\system32\tgqvvnnu.dll deleted successfully.
File C:\WINDOWS\system32\toudmnqh.dll deleted successfully.
File C:\WINDOWS\system32\vpnwdago.dll deleted successfully.
File C:\WINDOWS\system32\yrikbaxj.dll deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

a LOG z HiJackThis:
Logfile of HijackThis v1.99.1
Scan saved at 21:38, on 07-04-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Analyzer.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RivaTuner] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /T
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe

Tak co říkáte na můj LOG teď? PC ještě pročištěno software: a-squared Free, Spybot - Search & Destroy, Ad-Aware SE Personal, AVG Anti-Rootkit + AVG Antivir+Anti-Spyware a jako třešnička na dortu on-line sken od trendmicro:
http://housecall.trendmicro.com/
Promazáno, PC se zdá být normální..Ještě zítra to projedu tím MWAV

Shit · Příspěvek od **Shit** » ned 15. dub 2007, 21:42

Baron Prášil píše: použil bych MWAV-tim nic nezkazíš

použij MWAV
http://www.mwti.com/products/mwav/mwav.asp

Po spuštění MWAV dej Update.Nezatrhávej volbu Scan Only Po update klikni na Scan & Clean začne scanování.Co najde to odstraní.
Po skončení scanování možná bude chtít restart tak ho povol.

pro jistotu vypni obnovu systému
pravím na T.počítač>vlastnosti>obnova systému a zaškrtni a ok a potvrdit
až budem hotoví,tak si jí zase zapni

Nějak tak, ale před tím já bych osobně odinstalil AVG.
MWAV lze sosnout i zde.

solda1 · Příspěvek od **solda1** » ned 15. dub 2007, 22:29

mam malej dotaz , predem se omlouvam, za spam, ale zajima me jedna vec..Jak to tak dokazete urcit ? To fixovani ? Fakt ziram co je tu za borce...Toto bych taky chtel jednou umet....Nejaky navod by na to fixovani nebyl ? Jakoze dneska sem mel problem s tim userlist.exe a pomohli mi s tim lidi diky tomu fixovani...Kdyby mel nekdo nejakej navod (pro lamku jako jsem ja) jak se to naucit, rad bych se neco priucil (S PC moc neumim, je me 17 a umim zakladni veci..celkem dost, ale na Vas nemam..Mam chut se neco naucit, sem driv jen hral...Tak jeste jednou vsem moc dekuji , ze sou tu tak hodni...pa lidi

kotas · Příspěvek od **kotas** » ned 15. dub 2007, 22:40

Ještě kontrola s ComboFix:

"kotas" - 07-04-15 22:37:11 Service Pack 2
ComboFix 07-04-05.Rev3 - Running from: "C:\Program Files"

((((((((((((((((((((((((((((((( Files Created from 2007-03-15 to 2007-04-15 ))))))))))))))))))))))))))))))))))

2007-04-15 22:36 349 --a------ C:\findcombo.vbs
2007-04-15 21:16 130,048 --a------ C:\Program Files\avenger.exe
2007-04-15 20:54 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-04-15 20:46 <DIR> d-------- C:\WINDOWS\CSC
2007-04-15 20:26 1,171,910 --a------ C:\Program Files\ComboFix.exe
2007-04-15 19:26 <DIR> d-------- C:\Program Files\Java
2007-04-15 19:22 <DIR> d-------- C:\Program Files\Common Files\Java
2007-04-15 18:28 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-04-15 18:27 97,280 --a------ C:\Program Files\VundoFix.exe
2007-04-15 18:27 96,978 --a------ C:\Program Files\VirtumundoBeGone.exe
2007-04-15 18:22 <DIR> d-------- C:\Program Files\backups
2007-04-15 12:30 218,112 --a------ C:\Program Files\Analyzer.exe
2007-04-15 12:20 <DIR> d-------- C:\Program Files\CrystalCPUID4101329
2007-04-14 11:26 <DIR> d-------- C:\Program Files\RegCleaner
2007-04-13 14:35 8,192 -ra------ C:\WINDOWS\system32\bdco1.dll
2007-04-13 14:35 56,960 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-13 14:35 33,280 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-13 14:35 32,256 -ra------ C:\WINDOWS\system32\nvconrm.dll
2007-04-13 14:35 198,656 -ra------ C:\WINDOWS\system32\fdco1.dll
2007-04-13 14:35 191,232 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-13 14:35 172,032 -ra------ C:\WINDOWS\system32\nvusmb.exe
2007-04-13 14:35 172,032 -ra------ C:\WINDOWS\system32\nvumctl.exe
2007-04-13 14:35 172,032 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-13 14:35 12,928 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-13 14:34 32,256 -ra------ C:\WINDOWS\system32\NVCOG.DLL
2007-04-13 14:34 21,760 -ra------ C:\WINDOWS\system32\drivers\nv_agp.SYS
2007-04-13 14:34 172,032 --a------ C:\WINDOWS\system32\nvugart.exe
2007-04-13 09:24 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-04-13 09:24 <DIR> d-------- C:\WINDOWS\nview
2007-04-13 09:20 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-13 09:18 <DIR> d-------- C:\NVIDIA
2007-04-11 08:39 544,768 --a------ C:\WINDOWS\system32\NvRaidServer.dll
2007-04-11 08:39 538 --a------ C:\WINDOWS\system32\RegRaidSedona.bat
2007-04-11 08:39 148,992 --a------ C:\WINDOWS\system32\NvRaidServerEnu.dll
2007-04-11 08:39 109,568 --a------ C:\WINDOWS\system32\nvtcp.sys
2007-04-11 08:37 289,792 --a------ C:\WINDOWS\system32\idecoiins.dll
2007-04-11 08:37 159,232 --a------ C:\WINDOWS\system32\fdco_l1036.dll
2007-04-11 08:37 159,232 --a------ C:\WINDOWS\system32\fdco_l1034.dll
2007-04-11 08:37 159,232 --a------ C:\WINDOWS\system32\fdco_l1031.dll
2007-04-11 08:37 158,720 --a------ C:\WINDOWS\system32\fdco_l1046.dll
2007-04-11 08:37 158,720 --a------ C:\WINDOWS\system32\fdco_l1040.dll
2007-04-11 08:37 156,672 --a------ C:\WINDOWS\system32\fdco_l1042.dll
2007-04-11 08:37 156,672 --a------ C:\WINDOWS\system32\fdco_l1041.dll
2007-04-11 08:37 155,648 --a------ C:\WINDOWS\system32\fdco_l1028.dll
2007-04-11 08:37 155,136 --a------ C:\WINDOWS\system32\fdco_l2052.dll
2007-04-11 08:37 10,240 --a------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-07 18:54 <DIR> d-------- C:\Program Files\CDex_150
2007-04-07 15:28 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-04-07 15:28 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-04-07 15:28 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-04-07 15:28 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-04-05 12:13 <DIR> d-------- C:\WINDOWS\pss
2007-04-04 07:59 <DIR> d-------- C:\Temp
2007-04-03 22:33 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2007-04-03 22:31 16,032 --a------ C:\WINDOWS\system32\drivers\P2k.sys
2007-04-01 09:19 5,632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
2007-03-30 19:48 <DIR> d-------- C:\WINDOWS\Sun
2007-03-30 16:39 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-03-29 16:53 <DIR> d--h----- C:\WINDOWS\PIF
2007-03-28 21:25 110,592 --a------ C:\WINDOWS\system32\avgfwafu.dll
2007-03-28 19:19 <DIR> d-------- C:\Program Files\Webteh
2007-03-25 12:07 <DIR> d-------- C:\Program Files\Teleport Pro
2007-03-25 10:24 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-03-19 23:02 <DIR> d-------- C:\WINDOWS\XXLGS
2007-03-19 23:01 <DIR> d-------- C:\TRANSLAT
2007-03-19 22:13 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-03-18 11:59 <DIR> d-------- C:\Program Files\Common Files\Vivendi Universal Games
2007-03-18 11:53 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-03-17 20:08 <DIR> d-------- C:\Program Files\RivaTuner v2.0 Final Release
2007-03-17 20:03 1,732,608 --a------ C:\WINDOWS\system32\nvwssr.dll
2007-03-17 20:03 1,011,712 --a------ C:\WINDOWS\system32\nvcpluir.dll
2007-03-17 13:46 3,972 --------- C:\WINDOWS\system32\drivers\PciBus.sys
2007-03-17 13:46 21,664 --a------ C:\WINDOWS\system32\drivers\Entech.sys
2007-03-17 13:46 <DIR> d-------- C:\WINDOWS\system32\Futuremark
2007-03-17 13:46 <DIR> d-------- C:\Program Files\Futuremark
2007-03-17 13:43 831,600 --------- C:\WINDOWS\system32\Ctaa1.dat
2007-03-17 13:43 204,800 --------- C:\WINDOWS\system32\IVIresizeW7.dll
2007-03-17 13:43 200,704 --------- C:\WINDOWS\system32\IVIresizeA6.dll
2007-03-17 13:43 20,480 --------- C:\WINDOWS\system32\IVIresize.dll
2007-03-17 13:43 192,512 --------- C:\WINDOWS\system32\IVIresizeP6.dll
2007-03-17 13:43 192,512 --------- C:\WINDOWS\system32\IVIresizeM6.dll
2007-03-17 13:43 188,416 --------- C:\WINDOWS\system32\IVIresizePX.dll
2007-03-17 13:43 122,880 --------- C:\WINDOWS\system32\cddvdint.dll
2007-03-17 13:43 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-03-17 13:43 <DIR> d-------- C:\Program Files\InterVideo
2007-03-17 13:43 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2007-03-17 13:34 935,632 --a------ C:\WINDOWS\system\VB40016.DLL
2007-03-17 13:34 63,488 --------- C:\WINDOWS\system32\unam4ie.exe
2007-03-17 13:34 57,328 --a------ C:\WINDOWS\system\OLE2CONV.DLL
2007-03-17 13:34 56,320 --------- C:\WINDOWS\system32\Iyvu9_32.dll
2007-03-17 13:34 536,048 --a------ C:\WINDOWS\system\OC25.DLL
2007-03-17 13:34 51,712 --a------ C:\WINDOWS\system\OLE2PROX.DLL
2007-03-17 13:34 5,120 --a------ C:\WINDOWS\system\STKIT416.DLL
2007-03-17 13:34 4,608 --------- C:\WINDOWS\system32\w95inf32.dll
2007-03-17 13:34 38,160 --------- C:\WINDOWS\system32\LMRTREND.dll
2007-03-17 13:34 304,640 --a------ C:\WINDOWS\system\OLE2.DLL
2007-03-17 13:34 28,113 --a------ C:\WINDOWS\system\OLE2.REG
2007-03-17 13:34 26,992 --a------ C:\WINDOWS\system\CTL3DV2.DLL
2007-03-17 13:34 2,272 --------- C:\WINDOWS\system32\w95inf16.dll
2007-03-17 13:34 194,320 --------- C:\WINDOWS\system32\qcut.dll
2007-03-17 13:34 182,032 --------- C:\WINDOWS\system32\dxtmsft3.dll
2007-03-17 13:34 177,824 --a------ C:\WINDOWS\system\TYPELIB.DLL
2007-03-17 13:34 164,960 --a------ C:\WINDOWS\system\OLE2DISP.DLL
2007-03-17 13:34 157,696 --a------ C:\WINDOWS\system\STORAGE.DLL
2007-03-17 13:34 152,976 --a------ C:\WINDOWS\system\OLE2NLS.DLL
2007-03-17 13:34 12,976 --a------ C:\WINDOWS\system\SCP.DLL
2007-03-17 13:34 109,056 --a------ C:\WINDOWS\system\COMPOBJ.DLL
2007-03-17 13:34 10,240 --------- C:\WINDOWS\system32\vidx16.dll
2007-03-17 13:34 <DIR> d-------- C:\Program Files\Centauri
2007-03-17 09:24 <DIR> d-------- C:\Program Files\a-squared Free
2007-03-17 00:38 <DIR> d-------- C:\Program Files\GameXP
2007-03-17 00:21 <DIR> d-------- C:\Program Files\ICQLite
2007-03-17 00:17 34,576 --a------ C:\WINDOWS\system32\drivers\LHidFilt.Sys
2007-03-17 00:17 33,296 --a------ C:\WINDOWS\system32\drivers\LMouFilt.Sys
2007-03-17 00:17 28,176 --a------ C:\WINDOWS\system32\drivers\LUsbFilt.sys
2007-03-17 00:17 1,419,024 --------- C:\WINDOWS\system32\WdfCoInstaller01005.dll
2007-03-17 00:17 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-03-17 00:14 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-03-17 00:14 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-03-17 00:14 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-03-17 00:14 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-03-17 00:14 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-03-17 00:14 <DIR> d-------- C:\Program Files\Winamp
2007-03-17 00:10 <DIR> d-------- C:\Program Files\Total Video Converter
2007-03-17 00:06 1,289 --a------ C:\WINDOWS\mozver.dat
2007-03-16 23:57 <DIR> d-------- C:\WINDOWS\system32\oodag
2007-03-16 23:56 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-03-16 23:54 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-03-16 23:49 3,072 --a------ C:\WINDOWS\CTXFIRES.DLL
2007-03-16 23:49 10,240 --a------ C:\WINDOWS\CTDCRES.DLL
2007-03-16 23:46 <DIR> d-------- C:\Program Files\OO Software
2007-03-16 23:44 <DIR> d-------- C:\Hry segry
2007-03-16 23:44 <DIR> d-------- C:\Hry moje
2007-03-16 23:35 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-03-16 23:34 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-03-16 23:32 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-03-16 23:14 <DIR> d-------- C:\Program Files\Microsoft Works
2007-03-16 23:10 24,816 --------- C:\WINDOWS\system32\mdimon.dll
2007-03-16 23:10 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-03-16 23:09 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-03-16 23:08 <DIR> dr-h----- C:\MSOCache
2007-03-16 23:04 <DIR> d-------- C:\Program Files\Nero
2007-03-16 23:04 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-03-16 22:57 <DIR> d-------- C:\Fraps
2007-03-16 22:54 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-16 22:54 <DIR> d-------- C:\Program Files\xp-AntiSpy
2007-03-16 22:53 255,848 --------- C:\WINDOWS\system32\xactengine2_6.dll
2007-03-16 22:53 <DIR> d-------- C:\Program Files\CCleaner
2007-03-16 22:52 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-03-16 22:52 62,744 --------- C:\WINDOWS\system32\xinput1_2.dll
2007-03-16 22:52 3,426,072 --------- C:\WINDOWS\system32\d3dx9_32.dll
2007-03-16 22:52 251,672 --------- C:\WINDOWS\system32\xactengine2_5.dll
2007-03-16 22:52 237,848 --------- C:\WINDOWS\system32\xactengine2_4.dll
2007-03-16 22:52 236,824 --------- C:\WINDOWS\system32\xactengine2_3.dll
2007-03-16 22:52 2,414,360 --------- C:\WINDOWS\system32\d3dx9_31.dll
2007-03-16 22:52 2,297,552 --------- C:\WINDOWS\system32\d3dx9_26.dll
2007-03-16 22:52 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-03-16 22:51 <DIR> d-------- C:\Program Files\Driver Cleaner Pro
2007-03-16 22:50 545 --a------ C:\WINDOWS\UC.PIF
2007-03-16 22:50 545 --a------ C:\WINDOWS\RAR.PIF
2007-03-16 22:50 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-03-16 22:50 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-03-16 22:50 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-03-16 22:50 545 --a------ C:\WINDOWS\LHA.PIF
2007-03-16 22:50 545 --a------ C:\WINDOWS\ARJ.PIF
2007-03-16 22:50 <DIR> d-------- C:\Program Files\totalcmd
2007-03-16 22:34 28,672 --------- C:\WINDOWS\system32\verclsid.exe
2007-03-16 22:33 23,856 --------- C:\WINDOWS\system32\spupdsvc.exe
2007-03-16 22:29 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-03-16 22:27 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-03-16 22:27 21,504 --------- C:\WINDOWS\system32\hidserv.dll
2007-03-16 22:26 75,264 --------- C:\WINDOWS\system32\usbui.dll
2007-03-16 22:26 58,240 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-03-16 22:26 <DIR> d-------- C:\Program Files\Lavasoft
2007-03-16 22:25 6,144 --------- C:\WINDOWS\system32\kbdtuq.dll
2007-03-16 22:25 6,144 --------- C:\WINDOWS\system32\kbdtuf.dll
2007-03-16 22:25 5,632 --------- C:\WINDOWS\system32\kbdmon.dll
2007-03-16 22:25 5,632 --------- C:\WINDOWS\system32\kbdkyr.dll
2007-03-16 22:25 5,632 --------- C:\WINDOWS\system32\kbdazel.dll
2007-03-16 22:25 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-03-16 22:25 <DIR> dr------- C:\Program Files
2007-03-16 22:25 <DIR> d--hs---- C:\WINDOWS\Installer
2007-03-16 22:25 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-03-16 22:25 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-03-16 22:24 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-03-16 22:24 9,291 --a------ C:\WINDOWS\system\VER.DLL
2007-03-16 22:24 85,020 --------- C:\WINDOWS\system32\dgsetup.dll
2007-03-16 22:24 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-03-16 22:24 8,704 --------- C:\WINDOWS\system32\batt.dll
2007-03-16 22:24 8,192 --------- C:\WINDOWS\system32\kbdhept.dll
2007-03-16 22:24 75,264 --------- C:\WINDOWS\system32\storprop.dll
2007-03-16 22:24 70,272 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-03-16 22:24 69,632 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-03-16 22:24 69,008 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdycl.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdsl1.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdsl.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdpl.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdhu.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdhela3.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\kbdcr.dll
2007-03-16 22:24 6,656 --------- C:\WINDOWS\system32\KBDAL.DLL
2007-03-16 22:24 6,144 --------- C:\WINDOWS\system32\kbdlv1.dll
2007-03-16 22:24 6,144 --------- C:\WINDOWS\system32\kbdlv.dll
2007-03-16 22:24 6,144 --------- C:\WINDOWS\system32\kbdhela2.dll
2007-03-16 22:24 6,144 --------- C:\WINDOWS\system32\kbdgkl.dll
2007-03-16 22:24 6,144 --------- C:\WINDOWS\system32\kbdest.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdro.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdpl1.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdlt1.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdlt.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdhu1.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdhe319.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdhe220.dll
2007-03-16 22:24 5,632 --------- C:\WINDOWS\system32\kbdhe.dll
2007-03-16 22:24 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-03-16 22:24 33,040 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-03-16 22:24 24,661 --------- C:\WINDOWS\system32\spxcoins.dll
2007-03-16 22:24 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-03-16 22:24 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-03-16 22:24 176,157 --------- C:\WINDOWS\system32\dgrpsetu.dll
2007-03-16 22:24 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-03-16 22:24 13,312 --------- C:\WINDOWS\system32\irclass.dll
2007-03-16 22:24 127,024 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-03-16 22:24 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-03-16 22:24 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-03-16 22:24 103,424 --------- C:\WINDOWS\system32\EqnClass.Dll
2007-03-16 22:24 <DIR> d--hs---- C:\System Volume Information
2007-03-16 22:24 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-03-16 22:24 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-03-16 22:24 <DIR> d-------- C:\Documents and Settings
2007-03-16 22:22 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-03-16 22:21 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-03-16 22:21 <DIR> d-------- C:\Program Files\IrfanView
2007-03-16 22:21 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2007-03-16 22:19 <DIR> d-------- C:\Program Files\QuickTime Alternative
2007-03-16 22:19 <DIR> d-------- C:\Program Files\Media Player Classic
2007-03-16 22:18 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-03-16 22:18 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-03-16 22:18 <DIR> dr------- C:\WINDOWS\Web
2007-03-16 22:18 <DIR> d--h----- C:\WINDOWS\inf
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\WinSxS
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\twain_32
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\wins
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\spool
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\ras
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\npp
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\mui
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\IME
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\ias
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\export
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\config
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\3076
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\2052
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1054
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1042
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1041
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1037
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1033
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1031
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1029
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1028
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32\1025
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system32
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\system
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\security
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Resources
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\repair
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Provisioning
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\PeerNet
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\pchealth
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\mui
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\msapps
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\msagent
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Media
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\java
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\ime
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Help
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\ehome
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Debug
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Cursors
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\Config
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\AppPatch
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS\addins
2007-03-16 22:18 <DIR> d-------- C:\WINDOWS
2007-03-16 22:15 69,376 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2007-03-16 22:15 55,552 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
2007-03-16 22:15 13,440 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS
2007-03-16 22:15 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2007-03-16 22:14 89,088 --------- C:\WINDOWS\system32\atl71.dll
2007-03-16 22:14 69,632 --------- C:\WINDOWS\system32\KemXML.dll
2007-03-16 22:14 499,712 --------- C:\WINDOWS\system32\msvcp71.dll
2007-03-16 22:14 36,608 --a------ C:\WINDOWS\system32\drivers\LHidUsbK.sys
2007-03-16 22:14 348,160 --------- C:\WINDOWS\system32\msvcr71.dll
2007-03-16 22:14 27,776 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
2007-03-16 22:14 258,352 --------- C:\WINDOWS\system32\unicows.dll
2007-03-16 22:14 163,840 --------- C:\WINDOWS\system32\kemutb.dll
2007-03-16 22:14 14,976 --a------ C:\WINDOWS\system32\drivers\LUsbKbd.sys
2007-03-16 22:14 135,168 --------- C:\WINDOWS\system32\KemUtil.dll
2007-03-16 22:14 110,592 --------- C:\WINDOWS\system32\KemWnd.dll
2007-03-16 22:14 101,136 --a------ C:\WINDOWS\KHALMNPR.Exe
2007-03-16 22:14 1,060,864 --------- C:\WINDOWS\system32\MFC71.dll
2007-03-16 22:14 1,047,552 --------- C:\WINDOWS\system32\MFC71u.dll
2007-03-16 22:14 <DIR> d-------- C:\Program Files\Logitech
2007-03-16 22:14 <DIR> d-------- C:\Program Files\Common Files\Logitech
2007-03-16 22:12 41,984 --------- C:\WINDOWS\Ctregrun.exe
2007-03-16 22:11 90,112 --------- C:\WINDOWS\Updreg.EXE
2007-03-16 22:11 <DIR> d-------- C:\WINDOWS\system32\Defaults
2007-03-16 22:10 86,016 --------- C:\WINDOWS\system32\OpenAL32.dll
2007-03-16 22:10 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-03-16 22:10 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-03-16 22:10 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-03-16 22:10 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-03-16 22:10 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-03-16 22:10 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-03-16 22:10 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-03-16 22:10 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-03-16 22:10 409,600 --------- C:\WINDOWS\system32\wrap_oal.dll
2007-03-16 22:10 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-03-16 22:10 4,096 --------- C:\WINDOWS\system32\ksuser.dll
2007-03-16 22:10 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-03-16 22:10 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-03-16 22:10 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-03-16 22:10 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-03-16 22:09 11,776 --a------ C:\WINDOWS\INRES.DLL
2007-03-16 22:09 <DIR> d-------- C:\WINDOWS\system32\Data
2007-03-16 22:08 77,824 --------- C:\WINDOWS\system32\ctdvda32.dll
2007-03-16 22:07 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-03-16 22:07 <DIR> d-------- C:\Program Files\Creative
2007-03-16 22:02 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-03-16 21:48 <DIR> d-------- C:\Program Files\DVD Shrink
2007-03-16 21:48 <DIR> d-------- C:\Program Files\CPU-Z
2007-03-16 21:48 <DIR> d-------- C:\Program Files\BitLord
2007-03-16 21:47 <DIR> d-------- C:\Program Files\Scorpions WinCheater
2007-03-16 21:47 <DIR> d-------- C:\Program Files\ORTHOS
2007-03-16 21:47 <DIR> d-------- C:\Program Files\Everest Ultimate 2007
2007-03-16 21:45 <DIR> d-------- C:\__Nově soft
2007-03-16 21:43 <DIR> d-------- C:\StarGate - Atlantis
2007-03-16 21:41 <DIR> d--hs---- C:\RECYCLER
2007-03-16 21:40 82,944 --a------ C:\WINDOWS\system32\drivers\nvraid.sys
2007-03-16 21:40 289,792 --a------ C:\WINDOWS\system32\idecoi.dll
2007-03-16 21:40 19,456 --a------ C:\WINDOWS\system32\nvraidco.dll
2007-03-16 21:40 100,736 --a------ C:\WINDOWS\system32\drivers\nvatabus.sys
2007-03-16 21:40 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-03-16 21:39 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-03-16 21:38 664 --------- C:\WINDOWS\system32\d3d9caps.dat
2007-03-16 21:38 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-03-16 21:37 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-03-16 21:37 <DIR> d-------- C:\WINDOWS\Prefetch
2007-03-16 21:34 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-03-16 21:34 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-03-16 21:33 112,128 --------- C:\WINDOWS\system32\mapi32.dll
2007-03-16 21:33 0 -rahs---- C:\MSDOS.SYS
2007-03-16 21:33 0 -rahs---- C:\IO.SYS
2007-03-16 21:33 0 --a------ C:\CONFIG.SYS
2007-03-16 21:33 0 --a------ C:\AUTOEXEC.BAT
2007-03-16 21:32 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-03-16 21:32 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-03-16 21:32 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-03-16 21:32 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-03-16 21:32 <DIR> d-------- C:\Program Files\Online Services
2007-03-16 21:31 81,920 --------- C:\WINDOWS\system32\isign32.dll
2007-03-16 21:31 81,920 --------- C:\WINDOWS\system32\ils.dll
2007-03-16 21:31 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-03-16 21:31 73,728 --------- C:\WINDOWS\system32\icwdial.dll
2007-03-16 21:31 73,344 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-03-16 21:31 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-03-16 21:31 69,632 --------- C:\WINDOWS\system32\msconf.dll
2007-03-16 21:31 679,424 --------- C:\WINDOWS\system32\inetcomm.dll
2007-03-16 21:31 67,584 --------- C:\WINDOWS\system32\srclient.dll
2007-03-16 21:31 65,536 --------- C:\WINDOWS\system32\icwphbk.dll
2007-03-16 21:31 64,512 --------- C:\WINDOWS\system32\acctres.dll
2007-03-16 21:31 6,656 --------- C:\WINDOWS\system32\wuauserv.dll
2007-03-16 21:31 47,616 --------- C:\WINDOWS\system32\inetres.dll
2007-03-16 21:31 45,568 --------- C:\WINDOWS\system32\safrslv.dll
2007-03-16 21:31 431,104 --------- C:\WINDOWS\system32\wuapi.dll
2007-03-16 21:31 43,520 --------- C:\WINDOWS\system32\safrcdlg.dll
2007-03-16 21:31 43,520 --------- C:\WINDOWS\system32\racpldlg.dll
2007-03-16 21:31 382,464 --------- C:\WINDOWS\system32\qmgr.dll
2007-03-16 21:31 36,864 --------- C:\WINDOWS\system32\wups.dll
2007-03-16 21:31 34,560 --------- C:\WINDOWS\system32\mnmdd.dll
2007-03-16 21:31 32,768 --------- C:\WINDOWS\system32\mnmsrvc.exe
2007-03-16 21:31 32,768 --------- C:\WINDOWS\system32\isrdbg32.dll
2007-03-16 21:31 29,696 --------- C:\WINDOWS\system32\safrdm.dll
2007-03-16 21:31 28,672 --------- C:\WINDOWS\system32\nmmkcert.dll
2007-03-16 21:31 275,968 --------- C:\WINDOWS\system32\mstask.dll
2007-03-16 21:31 274,432 --------- C:\WINDOWS\system32\inetcfg.dll
2007-03-16 21:31 252,928 --------- C:\WINDOWS\system32\msoeacct.dll
2007-03-16 21:31 240,128 --------- C:\WINDOWS\system32\srrstr.dll
2007-03-16 21:31 22,528 --------- C:\WINDOWS\system32\fltMc.exe
2007-03-16 21:31 190,976 --------- C:\WINDOWS\system32\schedsvc.dll
2007-03-16 21:31 183,296 --------- C:\WINDOWS\system32\wuaueng1.dll
2007-03-16 21:31 18,944 --------- C:\WINDOWS\system32\qmgrprxy.dll
2007-03-16 21:31 170,496 --------- C:\WINDOWS\system32\srsvc.dll
2007-03-16 21:31 166,912 --------- C:\WINDOWS\system32\wuauclt1.exe
2007-03-16 21:31 16,896 --------- C:\WINDOWS\system32\fltlib.dll
2007-03-16 21:31 16,384 --------- C:\WINDOWS\system32\icfgnt5.dll
2007-03-16 21:31 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-03-16 21:31 120,320 --------- C:\WINDOWS\system32\wuweb.dll
2007-03-16 21:31 12,288 --------- C:\WINDOWS\system32\nmevtmsg.dll
2007-03-16 21:31 12,288 --------- C:\WINDOWS\system32\mstinit.exe
2007-03-16 21:31 112,640 --------- C:\WINDOWS\system32\wucltui.dll
2007-03-16 21:31 111,104 --------- C:\WINDOWS\system32\wuauclt.exe
2007-03-16 21:31 11,264 --------- C:\WINDOWS\system32\atrace.dll
2007-03-16 21:31 105,984 --------- C:\WINDOWS\system32\msoert2.dll
2007-03-16 21:31 1,134,592 --------- C:\WINDOWS\system32\wuaueng.dll
2007-03-16 21:31 <DIR> d---s---- C:\WINDOWS\Tasks
2007-03-16 21:31 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-03-16 21:31 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-03-16 21:31 <DIR> d-------- C:\WINDOWS\srchasst
2007-03-16 21:31 <DIR> d-------- C:\Program Files\Movie Maker
2007-03-16 21:31 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-03-16 21:30 5,632 --------- C:\WINDOWS\system32\write.exe
2007-03-16 21:30 21,812 --------- C:\WINDOWS\system32\emptyregdb.dat
2007-03-16 21:30 <DIR> d-------- C:\WINDOWS\Registration
2007-03-16 21:30 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-03-16 21:30 <DIR> d-------- C:\Program Files\Messenger
2007-03-16 21:29 97,792 --------- C:\WINDOWS\system32\comrepl.dll
2007-03-16 21:29 956,416 --------- C:\WINDOWS\system32\msdtctm.dll
2007-03-16 21:29 94,208 --------- C:\WINDOWS\system32\tscfgwmi.dll
2007-03-16 21:29 91,136 --------- C:\WINDOWS\system32\mtxoci.dll
2007-03-16 21:29 9,728 --------- C:\WINDOWS\system32\reset.exe
2007-03-16 21:29 87,176 --------- C:\WINDOWS\system32\rdpwsx.dll
2007-03-16 21:29 85,504 --------- C:\WINDOWS\system32\catsrvps.dll
2007-03-16 21:29 80,896 --------- C:\WINDOWS\system32\charmap.exe
2007-03-16 21:29 73,216 --------- C:\WINDOWS\system32\avwav.dll
2007-03-16 21:29 670,720 --------- C:\WINDOWS\system32\getuname.dll
2007-03-16 21:29 67,072 --------- C:\WINDOWS\system32\rdshost.exe
2007-03-16 21:29 655,360 --------- C:\WINDOWS\system32\mstscax.dll
2007-03-16 21:29 625,152 --------- C:\WINDOWS\system32\catsrvut.dll
2007-03-16 21:29 62,464 --------- C:\WINDOWS\system32\rdpclip.exe
2007-03-16 21:29 60,416 --------- C:\WINDOWS\system32\remotepg.dll
2007-03-16 21:29 60,416 --------- C:\WINDOWS\system32\colbact.dll
2007-03-16 21:29 6,144 --------- C:\WINDOWS\system32\msdtc.exe
2007-03-16 21:29 58,880 --------- C:\WINDOWS\system32\msdtclog.dll
2007-03-16 21:29 58,880 --------- C:\WINDOWS\system32\licwmi.dll
2007-03-16 21:29 56,832 --------- C:\WINDOWS\system32\sol.exe
2007-03-16 21:29 56,320 --------- C:\WINDOWS\system32\servdeps.dll
2007-03-16 21:29 55,296 --------- C:\WINDOWS\system32\freecell.exe
2007-03-16 21:29 540,160 --------- C:\WINDOWS\system32\comuid.dll
2007-03-16 21:29 54,272 --------- C:\WINDOWS\system32\stclient.dll
2007-03-16 21:29 538,624 --------- C:\WINDOWS\system32\spider.exe
2007-03-16 21:29 5,120 --------- C:\WINDOWS\system32\dcomcnfg.exe
2007-03-16 21:29 498,688 --------- C:\WINDOWS\system32\clbcatq.dll
2007-03-16 21:29 44,544 --------- C:\WINDOWS\system32\tscupgrd.exe
2007-03-16 21:29 44,544 --------- C:\WINDOWS\system32\hticons.dll
2007-03-16 21:29 426,496 --------- C:\WINDOWS\system32\msdtcprx.dll
2007-03-16 21:29 405,504 --------- C:\WINDOWS\system32\mstsc.exe
2007-03-16 21:29 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-03-16 21:29 4,096 --------- C:\WINDOWS\system32\rdpcfgex.dll
2007-03-16 21:29 4,096 --------- C:\WINDOWS\system32\mtxex.dll
2007-03-16 21:29 39,424 --------- C:\WINDOWS\system32\cfgbkend.dll
2007-03-16 21:29 351,232 --------- C:\WINDOWS\system32\hypertrm.dll
2007-03-16 21:29 35,328 --------- C:\WINDOWS\system32\winchat.exe
2007-03-16 21:29 343,552 --------- C:\WINDOWS\system32\mspaint.exe
2007-03-16 21:29 33,792 --------- C:\WINDOWS\system32\regini.exe
2007-03-16 21:29 295,936 --------- C:\WINDOWS\system32\termsrv.dll
2007-03-16 21:29 25,600 --------- C:\WINDOWS\system32\comaddin.dll
2007-03-16 21:29 25,088 --------- C:\WINDOWS\system32\mtxlegih.dll
2007-03-16 21:29 228,864 --------- C:\WINDOWS\system32\avtapi.dll
2007-03-16 21:29 225,792 --------- C:\WINDOWS\system32\catsrv.dll
2007-03-16 21:29 22,528 --------- C:\WINDOWS\system32\qwinsta.exe
2007-03-16 21:29 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-03-16 21:29 21,504 --------- C:\WINDOWS\system32\msg.exe
2007-03-16 21:29 20,480 --------- C:\WINDOWS\system32\qprocess.exe
2007-03-16 21:29 20,480 --------- C:\WINDOWS\system32\mtxdm.dll
2007-03-16 21:29 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-03-16 21:29 19,968 --------- C:\WINDOWS\system32\rdpsnd.dll
2007-03-16 21:29 185,856 --------- C:\WINDOWS\system32\cmprops.dll
2007-03-16 21:29 185,344 --------- C:\WINDOWS\system32\accwiz.exe
2007-03-16 21:29 17,408 --------- C:\WINDOWS\system32\qappsrv.exe
2007-03-16 21:29 17,408 --------- C:\WINDOWS\system32\mmfutil.dll
2007-03-16 21:29 161,280 --------- C:\WINDOWS\system32\msdtcuiu.dll
2007-03-16 21:29 16,896 --------- C:\WINDOWS\system32\tsshutdn.exe
2007-03-16 21:29 16,384 --------- C:\WINDOWS\system32\tskill.exe
2007-03-16 21:29 16,384 --------- C:\WINDOWS\system32\avmeter.dll
2007-03-16 21:29 15,872 --------- C:\WINDOWS\system32\rwinsta.exe
2007-03-16 21:29 15,872 --------- C:\WINDOWS\system32\cdmodem.dll
2007-03-16 21:29 15,360 --------- C:\WINDOWS\system32\tscon.exe
2007-03-16 21:29 15,360 --------- C:\WINDOWS\system32\shadow.exe
2007-03-16 21:29 15,360 --------- C:\WINDOWS\system32\logoff.exe
2007-03-16 21:29 147,968 --------- C:\WINDOWS\system32\rdchost.dll
2007-03-16 21:29 147,456 --------- C:\WINDOWS\system32\comsnap.dll
2007-03-16 21:29 141,312 --------- C:\WINDOWS\system32\sessmgr.exe
2007-03-16 21:29 14,848 --------- C:\WINDOWS\system32\tsdiscon.exe
2007-03-16 21:29 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-03-16 21:29 138,752 --------- C:\WINDOWS\system32\sndvol32.exe
2007-03-16 21:29 131,584 --------- C:\WINDOWS\system32\sndrec32.exe
2007-03-16 21:29 13,824 --------- C:\WINDOWS\system32\rdsaddin.exe
2007-03-16 21:29 127,488 --------- C:\WINDOWS\system32\mshearts.exe
2007-03-16 21:29 123,904 --------- C:\WINDOWS\system32\mplay32.exe
2007-03-16 21:29 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-03-16 21:29 119,808 --------- C:\WINDOWS\system32\winmine.exe
2007-03-16 21:29 114,688 --------- C:\WINDOWS\system32\calc.exe
2007-03-16 21:29 110,080 --------- C:\WINDOWS\system32\clbcatex.dll
2007-03-16 21:29 11,776 --------- C:\WINDOWS\system32\xolehlp.dll
2007-03-16 21:29 11,264 --------- C:\WINDOWS\system32\icaapi.dll
2007-03-16 21:29 103,424 --------- C:\WINDOWS\system32\clipbrd.exe
2007-03-16 21:29 1,267,200 --------- C:\WINDOWS\system32\comsvcs.dll
2007-03-16 21:29 1,161 --------- C:\WINDOWS\system32\usrlogon.cmd
2007-03-16 21:29 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-03-16 21:29 <DIR> d-------- C:\WINDOWS\system32\Com
2007-03-16 21:29 <DIR> d-------- C:\Program Files\Windows NT

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-04-15 21:38 4873 --a------ C:\Program Files\hijackthis.log
2007-04-15 21:38 4873 --a------ C:\Program Files\hijackthis.log
2007-04-13 20:38 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-04-11 08:50 73236 --a------ C:\WINDOWS\system32\perfc005.dat
2007-04-11 08:50 398472 --a------ C:\WINDOWS\system32\perfh005.dat
2007-02-19 12:34 343040 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-01-16 07:32 2854400 --a------ C:\WINDOWS\system32\msi.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy4\\DVDAudio\\CTDVDDET.EXE\""
"CTSysVol"="C:\\Program Files\\Creative\\SBAudigy4\\Surround Mixer\\CTSysVol.exe /r"
"AudioDrvEmulator"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" -1 AudioDrvEmulator \"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\Audio Emulator\\AudDrvEm.dll\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"CTHelper"="CTHELPER.EXE"
"CTxfiHlp"="CTXFIHLP.EXE"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"RivaTuner"="\"C:\\Program Files\\RivaTuner v2.0 Final Release\\RivaTuner.exe\" /T"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{F971D217-D242-46A2-9D40-019582933A64}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=dword:00000000
"SynchronousMachineGroupPolicy"=dword:00000000
"SynchronousUserGroupPolicy"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"=dword:00000000
"NoColorChoice"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoDispSettingsPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoSizeChoice"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoRemoteRecursiveEvents"=dword:00000001
"NoStrCmpLogical"=dword:00000001
"NoClose"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoSaveSettings"=dword:00000000
"NoRecentDocsHistory"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000000
"NoClose"=dword:00000000
"NoAutoTrayNotify"=dword:00000000
"NoResolveTrack"=dword:00000000
"NoResolveSearch"=dword:00000001
"LinkResolveIgnoreLinkInfo"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoWelcomeScreen"=dword:00000001
"NoRecentDocsNetHood"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoSharedDocuments"=dword:00000001
"NoThemesTab"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WdfLoadGroup

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\wincmd.ini 4096 bytes
C:\WINDOWS\WindowsShell.Manifest 4096 bytes
C:\WINDOWS\winhelp.exe 258048 bytes
C:\WINDOWS\winhlp32.exe 286720 bytes
C:\WINDOWS\winnt.bmp 49152 bytes
C:\WINDOWS\winnt256.bmp 49152 bytes
C:\WINDOWS\WinSxS
C:\WINDOWS\WinSxS\InstallTemp
C:\WINDOWS\WinSxS\Manifests
C:\WINDOWS\WinSxS\Policies
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_cs-CZ_8b83fff2
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_c9ba3671
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.3085_x-ww_e059201c
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9
C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
C:\WINDOWS\wmprfCSY.prx 36864 bytes
C:\WINDOWS\WMSysPr9.prx 319488 bytes
C:\WINDOWS\WTRAN32.INI 8192 bytes
C:\WINDOWS\WTRDCTM.INI 40 bytes
C:\WINDOWS\XXLGS
C:\WINDOWS\XXLGS\REG.EXE 98304 bytes
C:\WINDOWS\XXLGS\UN32.EXE 163840 bytes
C:\WINDOWS\XXLGS\UN32.INI 4096 bytes
C:\WINDOWS\XXLGSC 0 bytes
C:\WINDOWS\Zapotec.bmp 12288 bytes
C:\WINDOWS\Zelený kámen.bmp 28672 bytes
C:\WINDOWS\Zrnko kávy.bmp 20480 bytes
C:\WINDOWS\_default.pif 712 bytes
C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000008-10211102}.CDF 4960256 bytes
C:\WINDOWS\
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 49

********************************************************************

Completion time: 07-04-15 22:38:35
C:\ComboFix-quarantined-files.txt ... 07-04-15 22:38

rary · Příspěvek od **rary** » pon 16. dub 2007, 06:58

Na log z Combofixu se podívám tak odpoledne teď nemám čas.

Jinak jak jsi to udělal s tím Avengerem tak to by mohlo taky být.

Chtěl jsem ten log z Combofixu proto aby jsme zjistily jestli tam ještě něco není.

kotas · Příspěvek od **kotas** » pon 16. dub 2007, 12:25

rary píše:Na log z Combofixu se podívám tak odpoledne teď nemám čas.

Jinak jak jsi to udělal s tím Avengerem tak to by mohlo taky být.

Chtěl jsem ten log z Combofixu proto aby jsme zjistily jestli tam ještě něco není.

OK díky! Ještě si celé PC vyčistím a nechám po restartu celé projet Antivirem a Anti-Spywarem

rary · Příspěvek od **rary** » pon 16. dub 2007, 20:28

takže jsem v logu combofixu narazil na infekci postupuj dle tohoto návodu

Použij to alternativní řešení s tím Avengerem.

po restartu by ti měl se zobrazit log z Avengeru tak sem ho zkopíruj.

Takže jsem projel log z Combofixu.
Kromě tamté infekce to vypadá že už je to čistý.

Ale ten log z Combofixu je tak obrovský

.

Jdu si snad vyhlásit hodinovou pauzu

kotas · Příspěvek od **kotas** » pon 16. dub 2007, 21:07

Ale ten log z Combofixu je tak obrovský...Počkej až uvidíš níže ten z AVENGER!?!

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\uanpchhc

*******************

Script file located at: \??\C:\Program Files\flabtitf.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\accm.exe not found!
Deletion of file C:\WINDOWS\accm.exe failed!

Could not process line:
C:\WINDOWS\accm.exe
Status: 0xc0000034

File C:\WINDOWS\ais32.exe not found!
Deletion of file C:\WINDOWS\ais32.exe failed!

Could not process line:
C:\WINDOWS\ais32.exe
Status: 0xc0000034

File C:\WINDOWS\alerter.exe not found!
Deletion of file C:\WINDOWS\alerter.exe failed!

Could not process line:
C:\WINDOWS\alerter.exe
Status: 0xc0000034

File C:\WINDOWS\aorvno91m.txt not found!
Deletion of file C:\WINDOWS\aorvno91m.txt failed!

Could not process line:
C:\WINDOWS\aorvno91m.txt
Status: 0xc0000034

File C:\WINDOWS\attcfg.tmp not found!
Deletion of file C:\WINDOWS\attcfg.tmp failed!

Could not process line:
C:\WINDOWS\attcfg.tmp
Status: 0xc0000034

File C:\WINDOWS\avistat.tmp not found!
Deletion of file C:\WINDOWS\avistat.tmp failed!

Could not process line:
C:\WINDOWS\avistat.tmp
Status: 0xc0000034

File C:\WINDOWS\b6iqdkku.scf not found!
Deletion of file C:\WINDOWS\b6iqdkku.scf failed!

Could not process line:
C:\WINDOWS\b6iqdkku.scf
Status: 0xc0000034

File C:\WINDOWS\brwmark.ini not found!
Deletion of file C:\WINDOWS\brwmark.ini failed!

Could not process line:
C:\WINDOWS\brwmark.ini
Status: 0xc0000034

File C:\WINDOWS\cc2.exe not found!
Deletion of file C:\WINDOWS\cc2.exe failed!

Could not process line:
C:\WINDOWS\cc2.exe
Status: 0xc0000034

File C:\WINDOWS\cc3.exe not found!
Deletion of file C:\WINDOWS\cc3.exe failed!

Could not process line:
C:\WINDOWS\cc3.exe
Status: 0xc0000034

File C:\WINDOWS\cc5.exe not found!
Deletion of file C:\WINDOWS\cc5.exe failed!

Could not process line:
C:\WINDOWS\cc5.exe
Status: 0xc0000034

File C:\WINDOWS\ccsserv.exe not found!
Deletion of file C:\WINDOWS\ccsserv.exe failed!

Could not process line:
C:\WINDOWS\ccsserv.exe
Status: 0xc0000034

File C:\WINDOWS\cct2.exe not found!
Deletion of file C:\WINDOWS\cct2.exe failed!

Could not process line:
C:\WINDOWS\cct2.exe
Status: 0xc0000034

File C:\WINDOWS\concfg.tmp not found!
Deletion of file C:\WINDOWS\concfg.tmp failed!

Could not process line:
C:\WINDOWS\concfg.tmp
Status: 0xc0000034

File C:\WINDOWS\cserv32.exe not found!
Deletion of file C:\WINDOWS\cserv32.exe failed!

Could not process line:
C:\WINDOWS\cserv32.exe
Status: 0xc0000034

File C:\WINDOWS\cservv32.exe not found!
Deletion of file C:\WINDOWS\cservv32.exe failed!

Could not process line:
C:\WINDOWS\cservv32.exe
Status: 0xc0000034

File C:\WINDOWS\egadata.tmp not found!
Deletion of file C:\WINDOWS\egadata.tmp failed!

Could not process line:
C:\WINDOWS\egadata.tmp
Status: 0xc0000034

File C:\WINDOWS\c6wsq6.reg not found!
Deletion of file C:\WINDOWS\c6wsq6.reg failed!

Could not process line:
C:\WINDOWS\c6wsq6.reg
Status: 0xc0000034

File C:\WINDOWS\cesm9q.reg not found!
Deletion of file C:\WINDOWS\cesm9q.reg failed!

Could not process line:
C:\WINDOWS\cesm9q.reg
Status: 0xc0000034

File C:\WINDOWS\dbmdata.tmp not found!
Deletion of file C:\WINDOWS\dbmdata.tmp failed!

Could not process line:
C:\WINDOWS\dbmdata.tmp
Status: 0xc0000034

File C:\WINDOWS\dqpdroc.ini not found!
Deletion of file C:\WINDOWS\dqpdroc.ini failed!

Could not process line:
C:\WINDOWS\dqpdroc.ini
Status: 0xc0000034

File C:\WINDOWS\eba2h6cc.dat not found!
Deletion of file C:\WINDOWS\eba2h6cc.dat failed!

Could not process line:
C:\WINDOWS\eba2h6cc.dat
Status: 0xc0000034

File C:\WINDOWS\eevmwk.reg not found!
Deletion of file C:\WINDOWS\eevmwk.reg failed!

Could not process line:
C:\WINDOWS\eevmwk.reg
Status: 0xc0000034

File C:\WINDOWS\f3da8e.reg not found!
Deletion of file C:\WINDOWS\f3da8e.reg failed!

Could not process line:
C:\WINDOWS\f3da8e.reg
Status: 0xc0000034

File C:\WINDOWS\f8or9s.exe not found!
Deletion of file C:\WINDOWS\f8or9s.exe failed!

Could not process line:
C:\WINDOWS\f8or9s.exe
Status: 0xc0000034

File C:\WINDOWS\ftg71cj1qx.dat not found!
Deletion of file C:\WINDOWS\ftg71cj1qx.dat failed!

Could not process line:
C:\WINDOWS\ftg71cj1qx.dat
Status: 0xc0000034

File C:\WINDOWS\gen.exe not found!
Deletion of file C:\WINDOWS\gen.exe failed!

Could not process line:
C:\WINDOWS\gen.exe
Status: 0xc0000034

File C:\WINDOWS\hv4e05.dll not found!
Deletion of file C:\WINDOWS\hv4e05.dll failed!

Could not process line:
C:\WINDOWS\hv4e05.dll
Status: 0xc0000034

File C:\WINDOWS\irk.exe not found!
Deletion of file C:\WINDOWS\irk.exe failed!

Could not process line:
C:\WINDOWS\irk.exe
Status: 0xc0000034

File C:\WINDOWS\chater.exe not found!
Deletion of file C:\WINDOWS\chater.exe failed!

Could not process line:
C:\WINDOWS\chater.exe
Status: 0xc0000034

File C:\WINDOWS\md2icut9a2.dll not found!
Deletion of file C:\WINDOWS\md2icut9a2.dll failed!

Could not process line:
C:\WINDOWS\md2icut9a2.dll
Status: 0xc0000034

File C:\WINDOWS\msout.exe not found!
Deletion of file C:\WINDOWS\msout.exe failed!

Could not process line:
C:\WINDOWS\msout.exe
Status: 0xc0000034

File C:\WINDOWS\msserrv32.exe not found!
Deletion of file C:\WINDOWS\msserrv32.exe failed!

Could not process line:
C:\WINDOWS\msserrv32.exe
Status: 0xc0000034

File C:\WINDOWS\msserv.exe not found!
Deletion of file C:\WINDOWS\msserv.exe failed!

Could not process line:
C:\WINDOWS\msserv.exe
Status: 0xc0000034

File C:\WINDOWS\msserv32.exe not found!
Deletion of file C:\WINDOWS\msserv32.exe failed!

Could not process line:
C:\WINDOWS\msserv32.exe
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.exe not found!
Deletion of file C:\WINDOWS\msupdtwiz.exe failed!

Could not process line:
C:\WINDOWS\msupdtwiz.exe
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.c not found!
Deletion of file C:\WINDOWS\msupdtwiz.c failed!

Could not process line:
C:\WINDOWS\msupdtwiz.c
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.s not found!
Deletion of file C:\WINDOWS\msupdtwiz.s failed!

Could not process line:
C:\WINDOWS\msupdtwiz.s
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.z not found!
Deletion of file C:\WINDOWS\msupdtwiz.z failed!

Could not process line:
C:\WINDOWS\msupdtwiz.z
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.dat not found!
Deletion of file C:\WINDOWS\msupdtwiz.dat failed!

Could not process line:
C:\WINDOWS\msupdtwiz.dat
Status: 0xc0000034

File C:\WINDOWS\mswiiz32.exe not found!
Deletion of file C:\WINDOWS\mswiiz32.exe failed!

Could not process line:
C:\WINDOWS\mswiiz32.exe
Status: 0xc0000034

File C:\WINDOWS\mswiizz32.exe not found!
Deletion of file C:\WINDOWS\mswiizz32.exe failed!

Could not process line:
C:\WINDOWS\mswiizz32.exe
Status: 0xc0000034

File C:\WINDOWS\mswiz32.exe not found!
Deletion of file C:\WINDOWS\mswiz32.exe failed!

Could not process line:
C:\WINDOWS\mswiz32.exe
Status: 0xc0000034

File C:\WINDOWS\nmac32.exe not found!
Deletion of file C:\WINDOWS\nmac32.exe failed!

Could not process line:
C:\WINDOWS\nmac32.exe
Status: 0xc0000034

File C:\WINDOWS\npp32.exe not found!
Deletion of file C:\WINDOWS\npp32.exe failed!

Could not process line:
C:\WINDOWS\npp32.exe
Status: 0xc0000034

File C:\WINDOWS\ptr.exe not found!
Deletion of file C:\WINDOWS\ptr.exe failed!

Could not process line:
C:\WINDOWS\ptr.exe
Status: 0xc0000034

File C:\WINDOWS\reg.exe not found!
Deletion of file C:\WINDOWS\reg.exe failed!

Could not process line:
C:\WINDOWS\reg.exe
Status: 0xc0000034

File C:\WINDOWS\reggserv.exe not found!
Deletion of file C:\WINDOWS\reggserv.exe failed!

Could not process line:
C:\WINDOWS\reggserv.exe
Status: 0xc0000034

File C:\WINDOWS\serrv.c not found!
Deletion of file C:\WINDOWS\serrv.c failed!

Could not process line:
C:\WINDOWS\serrv.c
Status: 0xc0000034

File C:\WINDOWS\serrv.exe not found!
Deletion of file C:\WINDOWS\serrv.exe failed!

Could not process line:
C:\WINDOWS\serrv.exe
Status: 0xc0000034

File C:\WINDOWS\serrv.wax not found!
Deletion of file C:\WINDOWS\serrv.wax failed!

Could not process line:
C:\WINDOWS\serrv.wax
Status: 0xc0000034

File C:\WINDOWS\serrv.dat not found!
Deletion of file C:\WINDOWS\serrv.dat failed!

Could not process line:
C:\WINDOWS\serrv.dat
Status: 0xc0000034

File C:\WINDOWS\serv.exe not found!
Deletion of file C:\WINDOWS\serv.exe failed!

Could not process line:
C:\WINDOWS\serv.exe
Status: 0xc0000034

File C:\WINDOWS\serv.wax not found!
Deletion of file C:\WINDOWS\serv.wax failed!

Could not process line:
C:\WINDOWS\serv.wax
Status: 0xc0000034

File C:\WINDOWS\skcc32.exe not found!
Deletion of file C:\WINDOWS\skcc32.exe failed!

Could not process line:
C:\WINDOWS\skcc32.exe
Status: 0xc0000034

File C:\WINDOWS\smm126.exe not found!
Deletion of file C:\WINDOWS\smm126.exe failed!

Could not process line:
C:\WINDOWS\smm126.exe
Status: 0xc0000034

File C:\WINDOWS\spow32.exe not found!
Deletion of file C:\WINDOWS\spow32.exe failed!

Could not process line:
C:\WINDOWS\spow32.exe
Status: 0xc0000034

File C:\WINDOWS\sqhost.exe not found!
Deletion of file C:\WINDOWS\sqhost.exe failed!

Could not process line:
C:\WINDOWS\sqhost.exe
Status: 0xc0000034

File C:\WINDOWS\sqhost.wax not found!
Deletion of file C:\WINDOWS\sqhost.wax failed!

Could not process line:
C:\WINDOWS\sqhost.wax
Status: 0xc0000034

File C:\WINDOWS\sqhost.c not found!
Deletion of file C:\WINDOWS\sqhost.c failed!

Could not process line:
C:\WINDOWS\sqhost.c
Status: 0xc0000034

File C:\WINDOWS\sqhost.s not found!
Deletion of file C:\WINDOWS\sqhost.s failed!

Could not process line:
C:\WINDOWS\sqhost.s
Status: 0xc0000034

File C:\WINDOWS\sqhost.z not found!
Deletion of file C:\WINDOWS\sqhost.z failed!

Could not process line:
C:\WINDOWS\sqhost.z
Status: 0xc0000034

File C:\WINDOWS\sqhost.dat not found!
Deletion of file C:\WINDOWS\sqhost.dat failed!

Could not process line:
C:\WINDOWS\sqhost.dat
Status: 0xc0000034

File C:\WINDOWS\sscrs.exe not found!
Deletion of file C:\WINDOWS\sscrs.exe failed!

Could not process line:
C:\WINDOWS\sscrs.exe
Status: 0xc0000034

File C:\WINDOWS\sserrvv.exe not found!
Deletion of file C:\WINDOWS\sserrvv.exe failed!

Could not process line:
C:\WINDOWS\sserrvv.exe
Status: 0xc0000034

File C:\WINDOWS\sserrvv.wax not found!
Deletion of file C:\WINDOWS\sserrvv.wax failed!

Could not process line:
C:\WINDOWS\sserrvv.wax
Status: 0xc0000034

File C:\WINDOWS\sserrvv.c not found!
Deletion of file C:\WINDOWS\sserrvv.c failed!

Could not process line:
C:\WINDOWS\sserrvv.c
Status: 0xc0000034

File C:\WINDOWS\sserrvv.s not found!
Deletion of file C:\WINDOWS\sserrvv.s failed!

Could not process line:
C:\WINDOWS\sserrvv.s
Status: 0xc0000034

File C:\WINDOWS\sserrvv.z not found!
Deletion of file C:\WINDOWS\sserrvv.z failed!

Could not process line:
C:\WINDOWS\sserrvv.z
Status: 0xc0000034

File C:\WINDOWS\stm.exe not found!
Deletion of file C:\WINDOWS\stm.exe failed!

Could not process line:
C:\WINDOWS\stm.exe
Status: 0xc0000034

File C:\WINDOWS\t2serv.dll not found!
Deletion of file C:\WINDOWS\t2serv.dll failed!

Could not process line:
C:\WINDOWS\t2serv.dll
Status: 0xc0000034

File C:\WINDOWS\t2serv.s not found!
Deletion of file C:\WINDOWS\t2serv.s failed!

Could not process line:
C:\WINDOWS\t2serv.s
Status: 0xc0000034

File C:\WINDOWS\t2serv.wax not found!
Deletion of file C:\WINDOWS\t2serv.wax failed!

Could not process line:
C:\WINDOWS\t2serv.wax
Status: 0xc0000034

File C:\WINDOWS\tpup.wax not found!
Deletion of file C:\WINDOWS\tpup.wax failed!

Could not process line:
C:\WINDOWS\tpup.wax
Status: 0xc0000034

File C:\WINDOWS\tpup.exe not found!
Deletion of file C:\WINDOWS\tpup.exe failed!

Could not process line:
C:\WINDOWS\tpup.exe
Status: 0xc0000034

File C:\WINDOWS\tpup.z not found!
Deletion of file C:\WINDOWS\tpup.z failed!

Could not process line:
C:\WINDOWS\tpup.z
Status: 0xc0000034

File C:\WINDOWS\tpup.dat not found!
Deletion of file C:\WINDOWS\tpup.dat failed!

Could not process line:
C:\WINDOWS\tpup.dat
Status: 0xc0000034

File C:\WINDOWS\update86.exe not found!
Deletion of file C:\WINDOWS\update86.exe failed!

Could not process line:
C:\WINDOWS\update86.exe
Status: 0xc0000034

File C:\WINDOWS\wnet32.exe not found!
Deletion of file C:\WINDOWS\wnet32.exe failed!

Could not process line:
C:\WINDOWS\wnet32.exe
Status: 0xc0000034

File C:\WINDOWS\wqpd32.exe not found!
Deletion of file C:\WINDOWS\wqpd32.exe failed!

Could not process line:
C:\WINDOWS\wqpd32.exe
Status: 0xc0000034

File C:\WINDOWS\system32\1.tmp not found!
Deletion of file C:\WINDOWS\system32\1.tmp failed!

Could not process line:
C:\WINDOWS\system32\1.tmp
Status: 0xc0000034

File C:\WINDOWS\system32\11.tmp not found!
Deletion of file C:\WINDOWS\system32\11.tmp failed!

Could not process line:
C:\WINDOWS\system32\11.tmp
Status: 0xc0000034

File C:\WINDOWS\system32\aclekern.dll not found!
Deletion of file C:\WINDOWS\system32\aclekern.dll failed!

Could not process line:
C:\WINDOWS\system32\aclekern.dll
Status: 0xc0000034

File C:\WINDOWS\system32\actidmoc.exe not found!
Deletion of file C:\WINDOWS\system32\actidmoc.exe failed!

Could not process line:
C:\WINDOWS\system32\actidmoc.exe
Status: 0xc0000034

File C:\WINDOWS\system32\adpticmp.exe not found!
Deletion of file C:\WINDOWS\system32\adpticmp.exe failed!

Could not process line:
C:\WINDOWS\system32\adpticmp.exe
Status: 0xc0000034

File C:\WINDOWS\system32\advacfgb.dll not found!
Deletion of file C:\WINDOWS\system32\advacfgb.dll failed!

Could not process line:
C:\WINDOWS\system32\advacfgb.dll
Status: 0xc0000034

File C:\WINDOWS\system32\advacfgb.exe not found!
Deletion of file C:\WINDOWS\system32\advacfgb.exe failed!

Could not process line:
C:\WINDOWS\system32\advacfgb.exe
Status: 0xc0000034

File C:\WINDOWS\system32\alrsbatt.dll not found!
Deletion of file C:\WINDOWS\system32\alrsbatt.dll failed!

Could not process line:
C:\WINDOWS\system32\alrsbatt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\alerter.exe not found!
Deletion of file C:\WINDOWS\system32\alerter.exe failed!

Could not process line:
C:\WINDOWS\system32\alerter.exe
Status: 0xc0000034

File C:\WINDOWS\system32\amcconf.exe not found!
Deletion of file C:\WINDOWS\system32\amcconf.exe failed!

Could not process line:
C:\WINDOWS\system32\amcconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\appconf.exe not found!
Deletion of file C:\WINDOWS\system32\appconf.exe failed!

Could not process line:
C:\WINDOWS\system32\appconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\appmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\appmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\appmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\appstat.dll not found!
Deletion of file C:\WINDOWS\system32\appstat.dll failed!

Could not process line:
C:\WINDOWS\system32\appstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\atkcadpt.dll not found!
Deletion of file C:\WINDOWS\system32\atkcadpt.dll failed!

Could not process line:
C:\WINDOWS\system32\atkcadpt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\atkcadpt.exe not found!
Deletion of file C:\WINDOWS\system32\atkcadpt.exe failed!

Could not process line:
C:\WINDOWS\system32\atkcadpt.exe
Status: 0xc0000034

File C:\WINDOWS\system32\atmconf.exe not found!
Deletion of file C:\WINDOWS\system32\atmconf.exe failed!

Could not process line:
C:\WINDOWS\system32\atmconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\atrconf.exe not found!
Deletion of file C:\WINDOWS\system32\atrconf.exe failed!

Could not process line:
C:\WINDOWS\system32\atrconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\attmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\attmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\attmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\atmprf32.dll not found!
Deletion of file C:\WINDOWS\system32\atmprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\atmprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\atmstat.dll not found!
Deletion of file C:\WINDOWS\system32\atmstat.dll failed!

Could not process line:
C:\WINDOWS\system32\atmstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\attperf.exe not found!
Deletion of file C:\WINDOWS\system32\attperf.exe failed!

Could not process line:
C:\WINDOWS\system32\attperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\attprf32.dll not found!
Deletion of file C:\WINDOWS\system32\attprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\attprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\attstat.dll not found!
Deletion of file C:\WINDOWS\system32\attstat.dll failed!

Could not process line:
C:\WINDOWS\system32\attstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audconf.exe not found!
Deletion of file C:\WINDOWS\system32\audconf.exe failed!

Could not process line:
C:\WINDOWS\system32\audconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\audmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\audmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\audmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audperf.exe not found!
Deletion of file C:\WINDOWS\system32\audperf.exe failed!

Could not process line:
C:\WINDOWS\system32\audperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\audprf32.dll not found!
Deletion of file C:\WINDOWS\system32\audprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\audprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audstat.dll not found!
Deletion of file C:\WINDOWS\system32\audstat.dll failed!

Could not process line:
C:\WINDOWS\system32\audstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\brwconf.exe not found!
Deletion of file C:\WINDOWS\system32\brwconf.exe failed!

Could not process line:
C:\WINDOWS\system32\brwconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\brwmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\brwmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\brwmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\brwperf.exe not found!
Deletion of file C:\WINDOWS\system32\brwperf.exe failed!

Could not process line:
C:\WINDOWS\system32\brwperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\brwprf32.dll not found!
Deletion of file C:\WINDOWS\system32\brwprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\brwprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\brwstat.dll not found!
Deletion of file C:\WINDOWS\system32\brwstat.dll failed!

Could not process line:
C:\WINDOWS\system32\brwstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgbphot.exe not found!
Deletion of file C:\WINDOWS\system32\cfgbphot.exe failed!

Could not process line:
C:\WINDOWS\system32\cfgbphot.exe
Status: 0xc0000034

File C:\WINDOWS\system32\cfgcrs.dll not found!
Deletion of file C:\WINDOWS\system32\cfgcrs.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgcrs.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgd3d.dll not found!
Deletion of file C:\WINDOWS\system32\cfgd3d.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgd3d.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgdei.dll not found!
Deletion of file C:\WINDOWS\system32\cfgdei.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgdei.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgdsk.dll not found!
Deletion of file C:\WINDOWS\system32\cfgdsk.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgdsk.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgdss.dll not found!
Deletion of file C:\WINDOWS\system32\cfgdss.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgdss.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgdxt.dll not found!
Deletion of file C:\WINDOWS\system32\cfgdxt.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgdxt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgfsd.dll not found!
Deletion of file C:\WINDOWS\system32\cfgfsd.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgfsd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgisr.dll not found!
Deletion of file C:\WINDOWS\system32\cfgisr.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgisr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgmmprm.dll not found!
Deletion of file C:\WINDOWS\system32\cfgmmprm.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgmmprm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgmplus.dll not found!
Deletion of file C:\WINDOWS\system32\cfgmplus.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgmplus.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgmwmid.exe not found!
Deletion of file C:\WINDOWS\system32\cfgmwmid.exe failed!

Could not process line:
C:\WINDOWS\system32\cfgmwmid.exe
Status: 0xc0000034

File C:\WINDOWS\system32\clicsaml.dll not found!
Deletion of file C:\WINDOWS\system32\clicsaml.dll failed!

Could not process line:
C:\WINDOWS\system32\clicsaml.dll
Status: 0xc0000034

File C:\WINDOWS\system32\clicsaml.exe not found!
Deletion of file C:\WINDOWS\system32\clicsaml.exe failed!

Could not process line:
C:\WINDOWS\system32\clicsaml.exe
Status: 0xc0000034

File C:\WINDOWS\system32\confapp.dll not found!
Deletion of file C:\WINDOWS\system32\confapp.dll failed!

Could not process line:
C:\WINDOWS\system32\confapp.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confatm.dll not found!
Deletion of file C:\WINDOWS\system32\confatm.dll failed!

Could not process line:
C:\WINDOWS\system32\confatm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confatt.dll not found!
Deletion of file C:\WINDOWS\system32\confatt.dll failed!

Could not process line:
C:\WINDOWS\system32\confatt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confaud.dll not found!
Deletion of file C:\WINDOWS\system32\confaud.dll failed!

Could not process line:
C:\WINDOWS\system32\confaud.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confbrw.dll not found!
Deletion of file C:\WINDOWS\system32\confbrw.dll failed!

Could not process line:
C:\WINDOWS\system32\confbrw.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confcon.dll not found!
Deletion of file C:\WINDOWS\system32\confcon.dll failed!

Could not process line:
C:\WINDOWS\system32\confcon.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confega.dll not found!
Deletion of file C:\WINDOWS\system32\confega.dll failed!

Could not process line:
C:\WINDOWS\system32\confega.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confifc.dll not found!
Deletion of file C:\WINDOWS\system32\confifc.dll failed!

Could not process line:
C:\WINDOWS\system32\confifc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confjpg.dll not found!
Deletion of file C:\WINDOWS\system32\confjpg.dll failed!

Could not process line:
C:\WINDOWS\system32\confjpg.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confwmv.dll not found!
Deletion of file C:\WINDOWS\system32\confwmv.dll failed!

Could not process line:
C:\WINDOWS\system32\confwmv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\conmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\conmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\conmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\conperf.exe not found!
Deletion of file C:\WINDOWS\system32\conperf.exe failed!

Could not process line:
C:\WINDOWS\system32\conperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\conprf32.dll not found!
Deletion of file C:\WINDOWS\system32\conprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\conprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\constat.dll not found!
Deletion of file C:\WINDOWS\system32\constat.dll failed!

Could not process line:
C:\WINDOWS\system32\constat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cp8xpqj.dll not found!
Deletion of file C:\WINDOWS\system32\cp8xpqj.dll failed!

Could not process line:
C:\WINDOWS\system32\cp8xpqj.dll
Status: 0xc0000034

File C:\WINDOWS\system32\creconf.exe not found!
Deletion of file C:\WINDOWS\system32\creconf.exe failed!

Could not process line:
C:\WINDOWS\system32\creconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\crsconf.exe not found!
Deletion of file C:\WINDOWS\system32\crsconf.exe failed!

Could not process line:
C:\WINDOWS\system32\crsconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\crypds16.dll not found!
Deletion of file C:\WINDOWS\system32\crypds16.dll failed!

Could not process line:
C:\WINDOWS\system32\crypds16.dll
Status: 0xc0000034

File C:\WINDOWS\system32\crypmapi.exe not found!
Deletion of file C:\WINDOWS\system32\crypmapi.exe failed!

Could not process line:
C:\WINDOWS\system32\crypmapi.exe
Status: 0xc0000034

File C:\WINDOWS\system32\crypmapi.dll not found!
Deletion of file C:\WINDOWS\system32\crypmapi.dll failed!

Could not process line:
C:\WINDOWS\system32\crypmapi.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cssewmpd.exe not found!
Deletion of file C:\WINDOWS\system32\cssewmpd.exe failed!

Could not process line:
C:\WINDOWS\system32\cssewmpd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\decconf.exe not found!
Deletion of file C:\WINDOWS\system32\decconf.exe failed!

Could not process line:
C:\WINDOWS\system32\decconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\deiconf.exe not found!
Deletion of file C:\WINDOWS\system32\deiconf.exe failed!

Could not process line:
C:\WINDOWS\system32\deiconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\deiprf32.dll not found!
Deletion of file C:\WINDOWS\system32\deiprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\deiprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\deiprov.exe not found!
Deletion of file C:\WINDOWS\system32\deiprov.exe failed!

Could not process line:
C:\WINDOWS\system32\deiprov.exe
Status: 0xc0000034

File C:\WINDOWS\system32\deskmcd3.dll not found!
Deletion of file C:\WINDOWS\system32\deskmcd3.dll failed!

Could not process line:
C:\WINDOWS\system32\deskmcd3.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dfssrasc.dll not found!
Deletion of file C:\WINDOWS\system32\dfssrasc.dll failed!

Could not process line:
C:\WINDOWS\system32\dfssrasc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dfssrasc.exe not found!
Deletion of file C:\WINDOWS\system32\dfssrasc.exe failed!

Could not process line:
C:\WINDOWS\system32\dfssrasc.exe
Status: 0xc0000034

File C:\WINDOWS\system32\diagamc.dll not found!
Deletion of file C:\WINDOWS\system32\diagamc.dll failed!

Could not process line:
C:\WINDOWS\system32\diagamc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagcre.dll not found!
Deletion of file C:\WINDOWS\system32\diagcre.dll failed!

Could not process line:
C:\WINDOWS\system32\diagcre.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagcrs.dll not found!
Deletion of file C:\WINDOWS\system32\diagcrs.dll failed!

Could not process line:
C:\WINDOWS\system32\diagcrs.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagd3d.dll not found!
Deletion of file C:\WINDOWS\system32\diagd3d.dll failed!

Could not process line:
C:\WINDOWS\system32\diagd3d.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagdei.dll not found!
Deletion of file C:\WINDOWS\system32\diagdei.dll failed!

Could not process line:
C:\WINDOWS\system32\diagdei.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagdsk.dll not found!
Deletion of file C:\WINDOWS\system32\diagdsk.dll failed!

Could not process line:
C:\WINDOWS\system32\diagdsk.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagdss.dll not found!
Deletion of file C:\WINDOWS\system32\diagdss.dll failed!

Could not process line:
C:\WINDOWS\system32\diagdss.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagdxt.dll not found!
Deletion of file C:\WINDOWS\system32\diagdxt.dll failed!

Could not process line:
C:\WINDOWS\system32\diagdxt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagfsd.dll not found!
Deletion of file C:\WINDOWS\system32\diagfsd.dll failed!

Could not process line:
C:\WINDOWS\system32\diagfsd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagisr.dll not found!
Deletion of file C:\WINDOWS\system32\diagisr.dll failed!

Could not process line:
C:\WINDOWS\system32\diagisr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dic.exe not found!
Deletion of file C:\WINDOWS\system32\dic.exe failed!

Could not process line:
C:\WINDOWS\system32\dic.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dmimmdt2.exe not found!
Deletion of file C:\WINDOWS\system32\dmimmdt2.exe failed!

Could not process line:
C:\WINDOWS\system32\dmimmdt2.exe
Status: 0xc0000034

File C:\WINDOWS\system32\docpfram.dll not found!
Deletion of file C:\WINDOWS\system32\docpfram.dll failed!

Could not process line:
C:\WINDOWS\system32\docpfram.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dpugmswe.dll not found!
Deletion of file C:\WINDOWS\system32\dpugmswe.dll failed!

Could not process line:
C:\WINDOWS\system32\dpugmswe.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dpvacdfv.dll not found!
Deletion of file C:\WINDOWS\system32\dpvacdfv.dll failed!

Could not process line:
C:\WINDOWS\system32\dpvacdfv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\drmvndde.exe not found!
Deletion of file C:\WINDOWS\system32\drmvndde.exe failed!

Could not process line:
C:\WINDOWS\system32\drmvndde.exe
Status: 0xc0000034

File C:\WINDOWS\system32\drmvndde.dll not found!
Deletion of file C:\WINDOWS\system32\drmvndde.dll failed!

Could not process line:
C:\WINDOWS\system32\drmvndde.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dskconf.exe not found!
Deletion of file C:\WINDOWS\system32\dskconf.exe failed!

Could not process line:
C:\WINDOWS\system32\dskconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dsprcdfv.dll not found!
Deletion of file C:\WINDOWS\system32\dsprcdfv.dll failed!

Could not process line:
C:\WINDOWS\system32\dsprcdfv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dsprcdfv.exe not found!
Deletion of file C:\WINDOWS\system32\dsprcdfv.exe failed!

Could not process line:
C:\WINDOWS\system32\dsprcdfv.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dsqudisp.dll not found!
Deletion of file C:\WINDOWS\system32\dsqudisp.dll failed!

Could not process line:
C:\WINDOWS\system32\dsqudisp.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dssconf.exe not found!
Deletion of file C:\WINDOWS\system32\dssconf.exe failed!

Could not process line:
C:\WINDOWS\system32\dssconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dsseds32.dll not found!
Deletion of file C:\WINDOWS\system32\dsseds32.dll failed!

Could not process line:
C:\WINDOWS\system32\dsseds32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dsseds32.exe not found!
Deletion of file C:\WINDOWS\system32\dsseds32.exe failed!

Could not process line:
C:\WINDOWS\system32\dsseds32.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dxdimqtr.dll not found!
Deletion of file C:\WINDOWS\system32\dxdimqtr.dll failed!

Could not process line:
C:\WINDOWS\system32\dxdimqtr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dxtconf.exe not found!
Deletion of file C:\WINDOWS\system32\dxtconf.exe failed!

Could not process line:
C:\WINDOWS\system32\dxtconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dxtmmnmd.dll not found!
Deletion of file C:\WINDOWS\system32\dxtmmnmd.dll failed!

Could not process line:
C:\WINDOWS\system32\dxtmmnmd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dxtmmnmd.exe not found!
Deletion of file C:\WINDOWS\system32\dxtmmnmd.exe failed!

Could not process line:
C:\WINDOWS\system32\dxtmmnmd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dxtmsft3.dll not found!
Deletion of file C:\WINDOWS\system32\dxtmsft3.dll failed!

Could not process line:
C:\WINDOWS\system32\dxtmsft3.dll
Status: 0xc0000034

File C:\WINDOWS\system32\e1.dll not found!
Deletion of file C:\WINDOWS\system32\e1.dll failed!

Could not process line:
C:\WINDOWS\system32\e1.dll
Status: 0xc0000034

File C:\WINDOWS\system32\e1.sys not found!
Deletion of file C:\WINDOWS\system32\e1.sys failed!

Could not process line:
C:\WINDOWS\system32\e1.sys
Status: 0xc0000034

File C:\WINDOWS\system32\egaavi.exe not found!
Deletion of file C:\WINDOWS\system32\egaavi.exe failed!

Could not process line:
C:\WINDOWS\system32\egaavi.exe
Status: 0xc0000034

File C:\WINDOWS\system32\egamgr32.dll not found!
Deletion of file C:\WINDOWS\system32\egamgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\egamgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\egastat.dll not found!
Deletion of file C:\WINDOWS\system32\egastat.dll failed!

Could not process line:
C:\WINDOWS\system32\egastat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\egperf32.dll not found!
Deletion of file C:\WINDOWS\system32\egperf32.dll failed!

Could not process line:
C:\WINDOWS\system32\egperf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\encddpva.dll not found!
Deletion of file C:\WINDOWS\system32\encddpva.dll failed!

Could not process line:
C:\WINDOWS\system32\encddpva.dll
Status: 0xc0000034

File C:\WINDOWS\system32\evenncob.dll not found!
Deletion of file C:\WINDOWS\system32\evenncob.dll failed!

Could not process line:
C:\WINDOWS\system32\evenncob.dll
Status: 0xc0000034

File C:\WINDOWS\system32\fpwppgpm.exe not found!
Deletion of file C:\WINDOWS\system32\fpwppgpm.exe failed!

Could not process line:
C:\WINDOWS\system32\fpwppgpm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\fsdconf.exe not found!
Deletion of file C:\WINDOWS\system32\fsdconf.exe failed!

Could not process line:
C:\WINDOWS\system32\fsdconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\fsxsh4.dll not found!
Deletion of file C:\WINDOWS\system32\fsxsh4.dll failed!

Could not process line:
C:\WINDOWS\system32\fsxsh4.dll
Status: 0xc0000034

File C:\WINDOWS\system32\glu3panm.dll not found!
Deletion of file C:\WINDOWS\system32\glu3panm.dll failed!

Could not process line:
C:\WINDOWS\system32\glu3panm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\gpkrmssi.dll not found!
Deletion of file C:\WINDOWS\system32\gpkrmssi.dll failed!

Could not process line:
C:\WINDOWS\system32\gpkrmssi.dll
Status: 0xc0000034

File C:\WINDOWS\system32\gtmqf608r7.dll not found!
Deletion of file C:\WINDOWS\system32\gtmqf608r7.dll failed!

Could not process line:
C:\WINDOWS\system32\gtmqf608r7.dll
Status: 0xc0000034

File C:\WINDOWS\system32\hypewmv9.exe not found!
Deletion of file C:\WINDOWS\system32\hypewmv9.exe failed!

Could not process line:
C:\WINDOWS\system32\hypewmv9.exe
Status: 0xc0000034

File C:\WINDOWS\system32\i57ff9ieo.dll not found!
Deletion of file C:\WINDOWS\system32\i57ff9ieo.dll failed!

Could not process line:
C:\WINDOWS\system32\i57ff9ieo.dll
Status: 0xc0000034

File C:\WINDOWS\system32\iasamsre.dll not found!
Deletion of file C:\WINDOWS\system32\iasamsre.dll failed!

Could not process line:
C:\WINDOWS\system32\iasamsre.dll
Status: 0xc0000034

File C:\WINDOWS\system32\icmpdx3j.dll not found!
Deletion of file C:\WINDOWS\system32\icmpdx3j.dll failed!

Could not process line:
C:\WINDOWS\system32\icmpdx3j.dll
Status: 0xc0000034

File C:\WINDOWS\system32\icmuwmad.exe not found!
Deletion of file C:\WINDOWS\system32\icmuwmad.exe failed!

Could not process line:
C:\WINDOWS\system32\icmuwmad.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ifcconf.exe not found!
Deletion of file C:\WINDOWS\system32\ifcconf.exe failed!

Could not process line:
C:\WINDOWS\system32\ifcconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ifcmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\ifcmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\ifcmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ifcstat.dll not found!
Deletion of file C:\WINDOWS\system32\ifcstat.dll failed!

Could not process line:
C:\WINDOWS\system32\ifcstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\imagalrs.exe not found!
Deletion of file C:\WINDOWS\system32\imagalrs.exe failed!

Could not process line:
C:\WINDOWS\system32\imagalrs.exe
Status: 0xc0000034

File C:\WINDOWS\system32\inketype.dll not found!
Deletion of file C:\WINDOWS\system32\inketype.dll failed!

Could not process line:
C:\WINDOWS\system32\inketype.dll
Status: 0xc0000034

File C:\WINDOWS\system32\inetzlco.dll not found!
Deletion of file C:\WINDOWS\system32\inetzlco.dll failed!

Could not process line:
C:\WINDOWS\system32\inetzlco.dll
Status: 0xc0000034

File C:\WINDOWS\system32\inetzlco.exe not found!
Deletion of file C:\WINDOWS\system32\inetzlco.exe failed!

Could not process line:
C:\WINDOWS\system32\inetzlco.exe
Status: 0xc0000034

File C:\WINDOWS\system32\inpufm20.exe not found!
Deletion of file C:\WINDOWS\system32\inpufm20.exe failed!

Could not process line:
C:\WINDOWS\system32\inpufm20.exe
Status: 0xc0000034

File C:\WINDOWS\system32\jpgmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\jpgmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\jpgmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ipnardch.dll not found!
Deletion of file C:\WINDOWS\system32\ipnardch.dll failed!

Could not process line:
C:\WINDOWS\system32\ipnardch.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ipsecmon.exe not found!
Deletion of file C:\WINDOWS\system32\ipsecmon.exe failed!

Could not process line:
C:\WINDOWS\system32\ipsecmon.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipsmwebh.exe not found!
Deletion of file C:\WINDOWS\system32\ipsmwebh.exe failed!

Could not process line:
C:\WINDOWS\system32\ipsmwebh.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipv6rasm.dll not found!
Deletion of file C:\WINDOWS\system32\ipv6rasm.dll failed!

Could not process line:
C:\WINDOWS\system32\ipv6rasm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ipv6rasm.exe not found!
Deletion of file C:\WINDOWS\system32\ipv6rasm.exe failed!

Could not process line:
C:\WINDOWS\system32\ipv6rasm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipxpextm.exe not found!
Deletion of file C:\WINDOWS\system32\ipxpextm.exe failed!

Could not process line:
C:\WINDOWS\system32\ipxpextm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipxsshdo.exe not found!
Deletion of file C:\WINDOWS\system32\ipxsshdo.exe failed!

Could not process line:
C:\WINDOWS\system32\ipxsshdo.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipxsshdo.dll not found!
Deletion of file C:\WINDOWS\system32\ipxsshdo.dll failed!

Could not process line:
C:\WINDOWS\system32\ipxsshdo.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ipxwshel.exe not found!
Deletion of file C:\WINDOWS\system32\ipxwshel.exe failed!

Could not process line:
C:\WINDOWS\system32\ipxwshel.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipxwersv.dll not found!
Deletion of file C:\WINDOWS\system32\ipxwersv.dll failed!

Could not process line:
C:\WINDOWS\system32\ipxwersv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\isrconf.exe not found!
Deletion of file C:\WINDOWS\system32\isrconf.exe failed!

Could not process line:
C:\WINDOWS\system32\isrconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\isrprf32.dll not found!
Deletion of file C:\WINDOWS\system32\isrprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\isrprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\isrprov.exe not found!
Deletion of file C:\WINDOWS\system32\isrprov.exe failed!

Could not process line:
C:\WINDOWS\system32\isrprov.exe
Status: 0xc0000034

File C:\WINDOWS\system32\iuennwcf.dll not found!
Deletion of file C:\WINDOWS\system32\iuennwcf.dll failed!

Could not process line:
C:\WINDOWS\system32\iuennwcf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ixssregw.exe not found!
Deletion of file C:\WINDOWS\system32\ixssregw.exe failed!

Could not process line:
C:\WINDOWS\system32\ixssregw.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ixsswmas.exe not found!
Deletion of file C:\WINDOWS\system32\ixsswmas.exe failed!

Could not process line:
C:\WINDOWS\system32\ixsswmas.exe
Status: 0xc0000034

File C:\WINDOWS\system32\j2t3crh.dll not found!
Deletion of file C:\WINDOWS\system32\j2t3crh.dll failed!

Could not process line:
C:\WINDOWS\system32\j2t3crh.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jgdwadsn.dll not found!
Deletion of file C:\WINDOWS\system32\jgdwadsn.dll failed!

Could not process line:
C:\WINDOWS\system32\jgdwadsn.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jgdwadsn.exe not found!
Deletion of file C:\WINDOWS\system32\jgdwadsn.exe failed!

Could not process line:
C:\WINDOWS\system32\jgdwadsn.exe
Status: 0xc0000034

File C:\WINDOWS\system32\jgmdwstd.dll not found!
Deletion of file C:\WINDOWS\system32\jgmdwstd.dll failed!

Could not process line:
C:\WINDOWS\system32\jgmdwstd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jgsdrpcn.dll not found!
Deletion of file C:\WINDOWS\system32\jgsdrpcn.dll failed!

Could not process line:
C:\WINDOWS\system32\jgsdrpcn.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jgsdrpcn.exe not found!
Deletion of file C:\WINDOWS\system32\jgsdrpcn.exe failed!

Could not process line:
C:\WINDOWS\system32\jgsdrpcn.exe
Status: 0xc0000034

File C:\WINDOWS\system32\jgawmsne.dll not found!
Deletion of file C:\WINDOWS\system32\jgawmsne.dll failed!

Could not process line:
C:\WINDOWS\system32\jgawmsne.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jpgconf.exe not found!
Deletion of file C:\WINDOWS\system32\jpgconf.exe failed!

Could not process line:
C:\WINDOWS\system32\jpgconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\jpgstat.dll not found!
Deletion of file C:\WINDOWS\system32\jpgstat.dll failed!

Could not process line:
C:\WINDOWS\system32\jpgstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\kbdfnmmk.exe not found!
Deletion of file C:\WINDOWS\system32\kbdfnmmk.exe failed!

Could not process line:
C:\WINDOWS\system32\kbdfnmmk.exe
Status: 0xc0000034

File C:\WINDOWS\system32\kbdfwshe.exe not found!
Deletion of file C:\WINDOWS\system32\kbdfwshe.exe failed!

Could not process line:
C:\WINDOWS\system32\kbdfwshe.exe
Status: 0xc0000034

File C:\WINDOWS\system32\kbdcrtut.dll not found!
Deletion of file C:\WINDOWS\system32\kbdcrtut.dll failed!

Could not process line:
C:\WINDOWS\system32\kbdcrtut.dll
Status: 0xc0000034

File C:\WINDOWS\system32\libdprin.dll not found!
Deletion of file C:\WINDOWS\system32\libdprin.dll failed!

Could not process line:
C:\WINDOWS\system32\libdprin.dll
Status: 0xc0000034

File C:\WINDOWS\system32\loghatkc.dll not found!
Deletion of file C:\WINDOWS\system32\loghatkc.dll failed!

Could not process line:
C:\WINDOWS\system32\loghatkc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\lprmneth.dll not found!
Deletion of file C:\WINDOWS\system32\lprmneth.dll failed!

Could not process line:
C:\WINDOWS\system32\lprmneth.dll
Status: 0xc0000034

File C:\WINDOWS\system32\lprmneth.exe not found!
Deletion of file C:\WINDOWS\system32\lprmneth.exe failed!

Could not process line:
C:\WINDOWS\system32\lprmneth.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mcd3mscm.dll not found!
Deletion of file C:\WINDOWS\system32\mcd3mscm.dll failed!

Could not process line:
C:\WINDOWS\system32\mcd3mscm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mcd3stor.dll not found!
Deletion of file C:\WINDOWS\system32\mcd3stor.dll failed!

Could not process line:
C:\WINDOWS\system32\mcd3stor.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mfcscoma.dll not found!
Deletion of file C:\WINDOWS\system32\mfcscoma.dll failed!

Could not process line:
C:\WINDOWS\system32\mfcscoma.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mididpnh.dll not found!
Deletion of file C:\WINDOWS\system32\mididpnh.dll failed!

Could not process line:
C:\WINDOWS\system32\mididpnh.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ml7swr.exe not found!
Deletion of file C:\WINDOWS\system32\ml7swr.exe failed!

Could not process line:
C:\WINDOWS\system32\ml7swr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mmfubits.dll not found!
Deletion of file C:\WINDOWS\system32\mmfubits.dll failed!

Could not process line:
C:\WINDOWS\system32\mmfubits.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mmfubits.exe not found!
Deletion of file C:\WINDOWS\system32\mmfubits.exe failed!

Could not process line:
C:\WINDOWS\system32\mmfubits.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mp4sglmf.dll not found!
Deletion of file C:\WINDOWS\system32\mp4sglmf.dll failed!

Could not process line:
C:\WINDOWS\system32\mp4sglmf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mprmsfma.dll not found!
Deletion of file C:\WINDOWS\system32\mprmsfma.dll failed!

Could not process line:
C:\WINDOWS\system32\mprmsfma.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mprwanp.dll not found!
Deletion of file C:\WINDOWS\system32\mprwanp.dll failed!

Could not process line:
C:\WINDOWS\system32\mprwanp.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mqadscp3.exe not found!
Deletion of file C:\WINDOWS\system32\mqadscp3.exe failed!

Could not process line:
C:\WINDOWS\system32\mqadscp3.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mqqmkbdu.dll not found!
Deletion of file C:\WINDOWS\system32\mqqmkbdu.dll failed!

Could not process line:
C:\WINDOWS\system32\mqqmkbdu.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mqqmdisp.dll not found!
Deletion of file C:\WINDOWS\system32\mqqmdisp.dll failed!

Could not process line:
C:\WINDOWS\system32\mqqmdisp.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mqqmdisp.exe not found!
Deletion of file C:\WINDOWS\system32\mqqmdisp.exe failed!

Could not process line:
C:\WINDOWS\system32\mqqmdisp.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msihftpw.dll not found!
Deletion of file C:\WINDOWS\system32\msihftpw.dll failed!

Could not process line:
C:\WINDOWS\system32\msihftpw.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msisnwcf.dll not found!
Deletion of file C:\WINDOWS\system32\msisnwcf.dll failed!

Could not process line:
C:\WINDOWS\system32\msisnwcf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msjidpmo.dll not found!
Deletion of file C:\WINDOWS\system32\msjidpmo.dll failed!

Could not process line:
C:\WINDOWS\system32\msjidpmo.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mslskern.dll not found!
Deletion of file C:\WINDOWS\system32\mslskern.dll failed!

Could not process line:
C:\WINDOWS\system32\mslskern.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msnepngf.exe not found!
Deletion of file C:\WINDOWS\system32\msnepngf.exe failed!

Could not process line:
C:\WINDOWS\system32\msnepngf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mspradme.exe not found!
Deletion of file C:\WINDOWS\system32\mspradme.exe failed!

Could not process line:
C:\WINDOWS\system32\mspradme.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msrdtscf.exe not found!
Deletion of file C:\WINDOWS\system32\msrdtscf.exe failed!

Could not process line:
C:\WINDOWS\system32\msrdtscf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msrdwint.dll not found!
Deletion of file C:\WINDOWS\system32\msrdwint.dll failed!

Could not process line:
C:\WINDOWS\system32\msrdwint.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msrdwint.dat not found!
Deletion of file C:\WINDOWS\system32\msrdwint.dat failed!

Could not process line:
C:\WINDOWS\system32\msrdwint.dat
Status: 0xc0000034

File C:\WINDOWS\system32\msrdwint.exe not found!
Deletion of file C:\WINDOWS\system32\msrdwint.exe failed!

Could not process line:
C:\WINDOWS\system32\msrdwint.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msssfpwp.dll not found!
Deletion of file C:\WINDOWS\system32\msssfpwp.dll failed!

Could not process line:
C:\WINDOWS\system32\msssfpwp.dll
Status: 0xc0000034

File C:\WINDOWS\System32\msssmsda.exe not found!
Deletion of file C:\WINDOWS\System32\msssmsda.exe failed!

Could not process line:
C:\WINDOWS\System32\msssmsda.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msssmsda.dll not found!
Deletion of file C:\WINDOWS\system32\msssmsda.dll failed!

Could not process line:
C:\WINDOWS\system32\msssmsda.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msssfpwp.exe not found!
Deletion of file C:\WINDOWS\system32\msssfpwp.exe failed!

Could not process line:
C:\WINDOWS\system32\msssfpwp.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mstsodbc.exe not found!
Deletion of file C:\WINDOWS\system32\mstsodbc.exe failed!

Could not process line:
C:\WINDOWS\system32\mstsodbc.exe
Status: 0xc0000034

File C:\WINDOWS\system32\narrwshr.dll not found!
Deletion of file C:\WINDOWS\system32\narrwshr.dll failed!

Could not process line:
C:\WINDOWS\system32\narrwshr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\netfrtm.dll not found!
Deletion of file C:\WINDOWS\system32\netfrtm.dll failed!

Could not process line:
C:\WINDOWS\system32\netfrtm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\netstraf.dll not found!
Deletion of file C:\WINDOWS\system32\netstraf.dll failed!

Could not process line:
C:\WINDOWS\system32\netstraf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\netstraf.exe not found!
Deletion of file C:\WINDOWS\system32\netstraf.exe failed!

Could not process line:
C:\WINDOWS\system32\netstraf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\nlhtjgdw.exe not found!
Deletion of file C:\WINDOWS\system32\nlhtjgdw.exe failed!

Could not process line:
C:\WINDOWS\system32\nlhtjgdw.exe
Status: 0xc0000034

File C:\WINDOWS\system32\npptdpnm.dll not found!
Deletion of file C:\WINDOWS\system32\npptdpnm.dll failed!

Could not process line:
C:\WINDOWS\system32\npptdpnm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\npptdpnm.exe not found!
Deletion of file C:\WINDOWS\system32\npptdpnm.exe failed!

Could not process line:
C:\WINDOWS\system32\npptdpnm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ntlamsht.dll not found!
Deletion of file C:\WINDOWS\system32\ntlamsht.dll failed!

Could not process line:
C:\WINDOWS\system32\ntlamsht.dll
Status: 0xc0000034

File C:\WINDOWS\system32\oaklrass.exe not found!
Deletion of file C:\WINDOWS\system32\oaklrass.exe failed!

Could not process line:
C:\WINDOWS\system32\oaklrass.exe
Status: 0xc0000034

File C:\WINDOWS\system32\odtemdt2.dll not found!
Deletion of file C:\WINDOWS\system32\odtemdt2.dll failed!

Could not process line:
C:\WINDOWS\system32\odtemdt2.dll
Status: 0xc0000034

File C:\WINDOWS\system32\offfmsre.dll not found!
Deletion of file C:\WINDOWS\system32\offfmsre.dll failed!

Could not process line:
C:\WINDOWS\system32\offfmsre.dll
Status: 0xc0000034

File C:\WINDOWS\system32\olecmsre.dll not found!
Deletion of file C:\WINDOWS\system32\olecmsre.dll failed!

Could not process line:
C:\WINDOWS\system32\olecmsre.dll
Status: 0xc0000034

File C:\WINDOWS\system32\osunuxth.dll not found!
Deletion of file C:\WINDOWS\system32\osunuxth.dll failed!

Could not process line:
C:\WINDOWS\system32\osunuxth.dll
Status: 0xc0000034

File C:\WINDOWS\system32\osunuxth.exe not found!
Deletion of file C:\WINDOWS\system32\osunuxth.exe failed!

Could not process line:
C:\WINDOWS\system32\osunuxth.exe
Status: 0xc0000034

File C:\WINDOWS\system32\p2psifmo.exe not found!
Deletion of file C:\WINDOWS\system32\p2psifmo.exe failed!

Could not process line:
C:\WINDOWS\system32\p2psifmo.exe
Status: 0xc0000034

File C:\WINDOWS\system32\panmavic.dll not found!
Deletion of file C:\WINDOWS\system32\panmavic.dll failed!

Could not process line:
C:\WINDOWS\system32\panmavic.dll
Status: 0xc0000034

File C:\WINDOWS\system32\panmavic.exe not found!
Deletion of file C:\WINDOWS\system32\panmavic.exe failed!

Could not process line:
C:\WINDOWS\system32\panmavic.exe
Status: 0xc0000034

File C:\WINDOWS\system32\panmnets.dll not found!
Deletion of file C:\WINDOWS\system32\panmnets.dll failed!

Could not process line:
C:\WINDOWS\system32\panmnets.dll
Status: 0xc0000034

File C:\WINDOWS\system32\panmnets.exe not found!
Deletion of file C:\WINDOWS\system32\panmnets.exe failed!

Could not process line:
C:\WINDOWS\system32\panmnets.exe
Status: 0xc0000034

File C:\WINDOWS\system32\pngfmsne.dll not found!
Deletion of file C:\WINDOWS\system32\pngfmsne.dll failed!

Could not process line:
C:\WINDOWS\system32\pngfmsne.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psapdani.dll not found!
Deletion of file C:\WINDOWS\system32\psapdani.dll failed!

Could not process line:
C:\WINDOWS\system32\psapdani.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psbaavic.dll not found!
Deletion of file C:\WINDOWS\system32\psbaavic.dll failed!

Could not process line:
C:\WINDOWS\system32\psbaavic.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psbamtxe.dll not found!
Deletion of file C:\WINDOWS\system32\psbamtxe.dll failed!

Could not process line:
C:\WINDOWS\system32\psbamtxe.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psbamtxe.exe not found!
Deletion of file C:\WINDOWS\system32\psbamtxe.exe failed!

Could not process line:
C:\WINDOWS\system32\psbamtxe.exe
Status: 0xc0000034

File C:\WINDOWS\system32\qasfole2.dll not found!
Deletion of file C:\WINDOWS\system32\qasfole2.dll failed!

Could not process line:
C:\WINDOWS\system32\qasfole2.dll
Status: 0xc0000034

File C:\WINDOWS\system32\rdpwmsjt.exe not found!
Deletion of file C:\WINDOWS\system32\rdpwmsjt.exe failed!

Could not process line:
C:\WINDOWS\system32\rdpwmsjt.exe
Status: 0xc0000034

File C:\WINDOWS\system32\rtutdmin.dll not found!
Deletion of file C:\WINDOWS\system32\rtutdmin.dll failed!

Could not process line:
C:\WINDOWS\system32\rtutdmin.dll
Status: 0xc0000034

File C:\WINDOWS\system32\samsusrr.dll not found!
Deletion of file C:\WINDOWS\system32\samsusrr.dll failed!

Could not process line:
C:\WINDOWS\system32\samsusrr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\samsusrr.exe not found!
Deletion of file C:\WINDOWS\system32\samsusrr.exe failed!

Could not process line:
C:\WINDOWS\system32\samsusrr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\sbeddem.dll not found!
Deletion of file C:\WINDOWS\system32\sbeddem.dll failed!

Could not process line:
C:\WINDOWS\system32\sbeddem.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sbeddem.exe not found!
Deletion of file C:\WINDOWS\system32\sbeddem.exe failed!

Could not process line:
C:\WINDOWS\system32\sbeddem.exe
Status: 0xc0000034

File C:\WINDOWS\system32\sbeddem.z1 not found!
Deletion of file C:\WINDOWS\system32\sbeddem.z1 failed!

Could not process line:
C:\WINDOWS\system32\sbeddem.z1
Status: 0xc0000034

File C:\WINDOWS\system32\sccsumdm.dll not found!
Deletion of file C:\WINDOWS\system32\sccsumdm.dll failed!

Could not process line:
C:\WINDOWS\system32\sccsumdm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sccsumdm.exe not found!
Deletion of file C:\WINDOWS\system32\sccsumdm.exe failed!

Could not process line:
C:\WINDOWS\system32\sccsumdm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\scp3sdhc.dll not found!
Deletion of file C:\WINDOWS\system32\scp3sdhc.dll failed!

Could not process line:
C:\WINDOWS\system32\scp3sdhc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\scsm.exe not found!
Deletion of file C:\WINDOWS\system32\scsm.exe failed!

Could not process line:
C:\WINDOWS\system32\scsm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ssdprasa.dll not found!
Deletion of file C:\WINDOWS\system32\ssdprasa.dll failed!

Could not process line:
C:\WINDOWS\system32\ssdprasa.dll
Status: 0xc0000034

File C:\WINDOWS\system32\shsvmdim.dll not found!
Deletion of file C:\WINDOWS\system32\shsvmdim.dll failed!

Could not process line:
C:\WINDOWS\system32\shsvmdim.dll
Status: 0xc0000034

File C:\WINDOWS\system32\slbipsch.dll not found!
Deletion of file C:\WINDOWS\system32\slbipsch.dll failed!

Could not process line:
C:\WINDOWS\system32\slbipsch.dll
Status: 0xc0000034

File C:\WINDOWS\system32\slbipsch.exe not found!
Deletion of file C:\WINDOWS\system32\slbipsch.exe failed!

Could not process line:
C:\WINDOWS\system32\slbipsch.exe
Status: 0xc0000034

File C:\WINDOWS\system32\smlomswc.dll not found!
Deletion of file C:\WINDOWS\system32\smlomswc.dll failed!

Could not process line:
C:\WINDOWS\system32\smlomswc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\snmpmmcn.dll not found!
Deletion of file C:\WINDOWS\system32\snmpmmcn.dll failed!

Could not process line:
C:\WINDOWS\system32\snmpmmcn.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statamc.dll not found!
Deletion of file C:\WINDOWS\system32\statamc.dll failed!

Could not process line:
C:\WINDOWS\system32\statamc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statcre.dll not found!
Deletion of file C:\WINDOWS\system32\statcre.dll failed!

Could not process line:
C:\WINDOWS\system32\statcre.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statcrs.dll not found!
Deletion of file C:\WINDOWS\system32\statcrs.dll failed!

Could not process line:
C:\WINDOWS\system32\statcrs.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statd3d.dll not found!
Deletion of file C:\WINDOWS\system32\statd3d.dll failed!

Could not process line:
C:\WINDOWS\system32\statd3d.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statdei.dll not found!
Deletion of file C:\WINDOWS\system32\statdei.dll failed!

Could not process line:
C:\WINDOWS\system32\statdei.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statdsk.dll not found!
Deletion of file C:\WINDOWS\system32\statdsk.dll failed!

Could not process line:
C:\WINDOWS\system32\statdsk.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statdss.dll not found!
Deletion of file C:\WINDOWS\system32\statdss.dll failed!

Could not process line:
C:\WINDOWS\system32\statdss.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statdxt.dll not found!
Deletion of file C:\WINDOWS\system32\statdxt.dll failed!

Could not process line:
C:\WINDOWS\system32\statdxt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statfsd.dll not found!
Deletion of file C:\WINDOWS\system32\statfsd.dll failed!

Could not process line:
C:\WINDOWS\system32\statfsd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statisr.dll not found!
Deletion of file C:\WINDOWS\system32\statisr.dll failed!

Could not process line:
C:\WINDOWS\system32\statisr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\stcisxum.dll not found!
Deletion of file C:\WINDOWS\system32\stcisxum.dll failed!

Could not process line:
C:\WINDOWS\system32\stcisxum.dll
Status: 0xc0000034

File C:\WINDOWS\system32\strmatkc.dll not found!
Deletion of file C:\WINDOWS\system32\strmatkc.dll failed!

Could not process line:
C:\WINDOWS\system32\strmatkc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\strmwin8.dll not found!
Deletion of file C:\WINDOWS\system32\strmwin8.dll failed!

Could not process line:
C:\WINDOWS\system32\strmwin8.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sysshtic.dll not found!
Deletion of file C:\WINDOWS\system32\sysshtic.dll failed!

Could not process line:
C:\WINDOWS\system32\sysshtic.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sysshtic.exe not found!
Deletion of file C:\WINDOWS\system32\sysshtic.exe failed!

Could not process line:
C:\WINDOWS\system32\sysshtic.exe
Status: 0xc0000034

File C:\WINDOWS\system32\tlntrass.exe not found!
Deletion of file C:\WINDOWS\system32\tlntrass.exe failed!

Could not process line:
C:\WINDOWS\system32\tlntrass.exe
Status: 0xc0000034

File C:\WINDOWS\system32\trkwpipa.exe not found!
Deletion of file C:\WINDOWS\system32\trkwpipa.exe failed!

Could not process line:
C:\WINDOWS\system32\trkwpipa.exe
Status: 0xc0000034

File C:\WINDOWS\system32\tscfvjoy.dll not found!
Deletion of file C:\WINDOWS\system32\tscfvjoy.dll failed!

Could not process line:
C:\WINDOWS\system32\tscfvjoy.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ujn6oqt.dll not found!
Deletion of file C:\WINDOWS\system32\ujn6oqt.dll failed!

Could not process line:
C:\WINDOWS\system32\ujn6oqt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ulibofff.exe not found!
Deletion of file C:\WINDOWS\system32\ulibofff.exe failed!

Could not process line:
C:\WINDOWS\system32\ulibofff.exe
Status: 0xc0000034

File C:\WINDOWS\system32\uregdeve.dll not found!
Deletion of file C:\WINDOWS\system32\uregdeve.dll failed!

Could not process line:
C:\WINDOWS\system32\uregdeve.dll
Status: 0xc0000034

File C:\WINDOWS\system32\uregdeve.exe not found!
Deletion of file C:\WINDOWS\system32\uregdeve.exe failed!

Could not process line:
C:\WINDOWS\system32\uregdeve.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vb5dmspo.dll not found!
Deletion of file C:\WINDOWS\system32\vb5dmspo.dll failed!

Could not process line:
C:\WINDOWS\system32\vb5dmspo.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vbscqdv.exe not found!
Deletion of file C:\WINDOWS\system32\vbscqdv.exe failed!

Could not process line:
C:\WINDOWS\system32\vbscqdv.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vdshlicw.exe not found!
Deletion of file C:\WINDOWS\system32\vdshlicw.exe failed!

Could not process line:
C:\WINDOWS\system32\vdshlicw.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vgnb4c.dll not found!
Deletion of file C:\WINDOWS\system32\vgnb4c.dll failed!

Could not process line:
C:\WINDOWS\system32\vgnb4c.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vmhevnet.dll not found!
Deletion of file C:\WINDOWS\system32\vmhevnet.dll failed!

Could not process line:
C:\WINDOWS\system32\vmhevnet.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vmhevnet.exe not found!
Deletion of file C:\WINDOWS\system32\vmhevnet.exe failed!

Could not process line:
C:\WINDOWS\system32\vmhevnet.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vp31srsv.exe not found!
Deletion of file C:\WINDOWS\system32\vp31srsv.exe failed!

Could not process line:
C:\WINDOWS\system32\vp31srsv.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vsutxpob.dll not found!
Deletion of file C:\WINDOWS\system32\vsutxpob.dll failed!

Could not process line:
C:\WINDOWS\system32\vsutxpob.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vwipsti_.dll not found!
Deletion of file C:\WINDOWS\system32\vwipsti_.dll failed!

Could not process line:
C:\WINDOWS\system32\vwipsti_.dll
Status: 0xc0000034

File C:\WINDOWS\system32\w3sskbda.dll not found!
Deletion of file C:\WINDOWS\system32\w3sskbda.dll failed!

Could not process line:
C:\WINDOWS\system32\w3sskbda.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wdmicpui.dll not found!

rary · Příspěvek od **rary** » stř 18. dub 2007, 07:13

Ok dej sem nový log z Combofixu.

kotas · Příspěvek od **kotas** » stř 18. dub 2007, 09:54

OK, díky, tady je nový LOG z ComboFix:

"kotas" - 07-04-18 9:53:05 Service Pack 2
ComboFix 07-04-05.Rev3 - Running from: "C:\Program Files"

((((((((((((((((((((((((((((((( Files Created from 2007-03-18 to 2007-04-18 ))))))))))))))))))))))))))))))))))

2007-04-18 09:30 <DIR> d-------- C:\VundoFix Backups
2007-04-17 20:07 <DIR> d-------- C:\_Vypalit stare hry2
2007-04-17 19:10 <DIR> d-------- C:\_Vypalit stare hry
2007-04-16 21:11 229,005 --a------ C:\Program Files\stration_remover.exe
2007-04-15 21:16 130,048 --a------ C:\Program Files\avenger.exe
2007-04-15 20:54 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-04-15 20:46 <DIR> d-------- C:\WINDOWS\CSC
2007-04-15 20:26 1,171,910 --a------ C:\Program Files\ComboFix.exe
2007-04-15 19:26 <DIR> d-------- C:\Program Files\Java
2007-04-15 19:22 <DIR> d-------- C:\Program Files\Common Files\Java
2007-04-15 18:28 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-04-15 18:27 97,280 --a------ C:\Program Files\VundoFix.exe
2007-04-15 18:27 96,978 --a------ C:\Program Files\VirtumundoBeGone.exe
2007-04-15 18:22 <DIR> d-------- C:\Program Files\backups
2007-04-15 12:30 218,112 --a------ C:\Program Files\Analyzer.exe
2007-04-15 12:20 <DIR> d-------- C:\Program Files\CrystalCPUID4101329
2007-04-14 11:26 <DIR> d-------- C:\Program Files\RegCleaner
2007-04-13 14:35 8,192 -ra------ C:\WINDOWS\system32\bdco1.dll
2007-04-13 14:35 56,960 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-13 14:35 356,352 --a------ C:\WINDOWS\system32\nvusmb.exe
2007-04-13 14:35 356,352 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-13 14:35 356,352 --a------ C:\WINDOWS\system32\nvumctl.exe
2007-04-13 14:35 33,280 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-13 14:35 32,256 -ra------ C:\WINDOWS\system32\nvconrm.dll
2007-04-13 14:35 198,656 -ra------ C:\WINDOWS\system32\fdco1.dll
2007-04-13 14:35 191,232 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-13 14:35 12,928 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-13 14:34 356,352 --a------ C:\WINDOWS\system32\nvugart.exe
2007-04-13 14:34 32,256 -ra------ C:\WINDOWS\system32\NVCOG.DLL
2007-04-13 14:34 21,760 -ra------ C:\WINDOWS\system32\drivers\nv_agp.SYS
2007-04-13 09:24 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-04-13 09:24 <DIR> d-------- C:\WINDOWS\nview
2007-04-13 09:20 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-13 09:18 <DIR> d-------- C:\NVIDIA
2007-04-11 08:39 544,768 --a------ C:\WINDOWS\system32\NvRaidServer.dll
2007-04-11 08:39 538 --a------ C:\WINDOWS\system32\RegRaidSedona.bat
2007-04-11 08:39 148,992 --a------ C:\WINDOWS\system32\NvRaidServerEnu.dll
2007-04-11 08:39 109,568 --a------ C:\WINDOWS\system32\nvtcp.sys
2007-04-11 08:37 289,792 --a------ C:\WINDOWS\system32\idecoiins.dll
2007-04-11 08:37 159,232 --a------ C:\WINDOWS\system32\fdco_l1036.dll
2007-04-11 08:37 159,232 --a------ C:\WINDOWS\system32\fdco_l1034.dll
2007-04-11 08:37 159,232 --a------ C:\WINDOWS\system32\fdco_l1031.dll
2007-04-11 08:37 158,720 --a------ C:\WINDOWS\system32\fdco_l1046.dll
2007-04-11 08:37 158,720 --a------ C:\WINDOWS\system32\fdco_l1040.dll
2007-04-11 08:37 156,672 --a------ C:\WINDOWS\system32\fdco_l1042.dll
2007-04-11 08:37 156,672 --a------ C:\WINDOWS\system32\fdco_l1041.dll
2007-04-11 08:37 155,648 --a------ C:\WINDOWS\system32\fdco_l1028.dll
2007-04-11 08:37 155,136 --a------ C:\WINDOWS\system32\fdco_l2052.dll
2007-04-11 08:37 10,240 --a------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-07 18:54 <DIR> d-------- C:\Program Files\CDex_150
2007-04-07 15:28 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-04-07 15:28 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-04-07 15:28 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-04-07 15:28 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-04-05 12:13 <DIR> d-------- C:\WINDOWS\pss
2007-04-03 22:33 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2007-04-03 22:31 16,032 --a------ C:\WINDOWS\system32\drivers\P2k.sys
2007-04-01 09:19 5,632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
2007-03-30 19:48 <DIR> d-------- C:\WINDOWS\Sun
2007-03-30 16:39 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-03-29 16:53 <DIR> d--h----- C:\WINDOWS\PIF
2007-03-28 21:25 110,592 --a------ C:\WINDOWS\system32\avgfwafu.dll
2007-03-28 19:19 <DIR> d-------- C:\Program Files\Webteh
2007-03-25 12:07 <DIR> d-------- C:\Program Files\Teleport Pro
2007-03-25 10:24 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-03-19 23:02 <DIR> d-------- C:\WINDOWS\XXLGS
2007-03-19 23:01 <DIR> d-------- C:\TRANSLAT
2007-03-19 22:13 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-03-18 11:59 <DIR> d-------- C:\Program Files\Common Files\Vivendi Universal Games
2007-03-18 11:53 306,688 --a------ C:\WINDOWS\IsUninst.exe

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-04-15 21:38 4873 --a------ C:\Program Files\hijackthis.log
2007-04-15 21:38 4873 --a------ C:\Program Files\hijackthis.log
2007-04-15 19:27 1289 --a------ C:\WINDOWS\mozver.dat
2007-04-15 19:09 -------- d-------- C:\Program Files\ccleaner
2007-04-15 19:09 -------- d-------- C:\Program Files\ccleaner
2007-04-13 20:38 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-04-11 08:50 73236 --a------ C:\WINDOWS\system32\perfc005.dat
2007-04-11 08:50 398472 --a------ C:\WINDOWS\system32\perfh005.dat
2007-04-06 14:31 -------- d-------- C:\Program Files\scorpions wincheater
2007-04-06 14:31 -------- d-------- C:\Program Files\scorpions wincheater
2007-04-04 12:34 -------- d-------- C:\Program Files\orthos
2007-04-04 12:34 -------- d-------- C:\Program Files\orthos
2007-04-01 10:13 -------- d-------- C:\Program Files\futuremark
2007-04-01 10:13 -------- d-------- C:\Program Files\futuremark
2007-04-01 09:19 -------- d--h----- C:\Program Files\installshield installation information
2007-04-01 09:19 -------- d--h----- C:\Program Files\installshield installation information
2007-03-30 15:43 81768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-03-25 09:52 -------- d-------- C:\Program Files\icqlite
2007-03-25 09:52 -------- d-------- C:\Program Files\icqlite
2007-03-17 20:44 -------- d-------- C:\Program Files\Common Files\installshield
2007-03-17 20:08 -------- d-------- C:\Program Files\rivatuner v2.0 final release
2007-03-17 20:08 -------- d-------- C:\Program Files\rivatuner v2.0 final release
2007-03-17 13:43 -------- d-------- C:\Program Files\msxml 4.0
2007-03-17 13:43 -------- d-------- C:\Program Files\msxml 4.0
2007-03-17 13:43 -------- d-------- C:\Program Files\intervideo
2007-03-17 13:43 -------- d-------- C:\Program Files\intervideo
2007-03-17 13:43 -------- d-------- C:\Program Files\creative
2007-03-17 13:43 -------- d-------- C:\Program Files\creative
2007-03-17 13:43 -------- d-------- C:\Program Files\Common Files\intervideo
2007-03-17 13:34 4608 --------- C:\WINDOWS\system32\w95inf32.dll
2007-03-17 13:34 2272 --------- C:\WINDOWS\system32\w95inf16.dll
2007-03-17 13:34 -------- d-------- C:\Program Files\centauri
2007-03-17 13:34 -------- d-------- C:\Program Files\centauri
2007-03-17 10:29 -------- d-------- C:\Program Files\everest ultimate 2007
2007-03-17 10:29 -------- d-------- C:\Program Files\everest ultimate 2007
2007-03-17 00:39 -------- d-------- C:\Program Files\gamexp
2007-03-17 00:39 -------- d-------- C:\Program Files\gamexp
2007-03-17 00:21 -------- d-------- C:\Program Files\winamp
2007-03-17 00:21 -------- d-------- C:\Program Files\winamp
2007-03-17 00:17 -------- d-------- C:\Program Files\Common Files\logitech
2007-03-17 00:11 -------- d-------- C:\Program Files\total video converter
2007-03-17 00:11 -------- d-------- C:\Program Files\total video converter
2007-03-16 23:56 -------- d-------- C:\Program Files\alcohol soft
2007-03-16 23:56 -------- d-------- C:\Program Files\alcohol soft
2007-03-16 23:54 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-03-16 23:50 86016 --------- C:\WINDOWS\system32\openal32.dll
2007-03-16 23:50 409600 --------- C:\WINDOWS\system32\wrap_oal.dll
2007-03-16 23:46 -------- d-------- C:\Program Files\oo software
2007-03-16 23:46 -------- d-------- C:\Program Files\oo software
2007-03-16 23:34 -------- d-------- C:\Program Files\windows media connect 2
2007-03-16 23:34 -------- d-------- C:\Program Files\windows media connect 2
2007-03-16 23:34 -------- d-------- C:\Program Files\driver cleaner pro
2007-03-16 23:34 -------- d-------- C:\Program Files\driver cleaner pro
2007-03-16 23:14 -------- d-------- C:\Program Files\microsoft works
2007-03-16 23:14 -------- d-------- C:\Program Files\microsoft works
2007-03-16 23:10 -------- d-------- C:\Program Files\microsoft.net
2007-03-16 23:10 -------- d-------- C:\Program Files\microsoft.net
2007-03-16 23:04 -------- d-------- C:\Program Files\nero
2007-03-16 23:04 -------- d-------- C:\Program Files\nero
2007-03-16 23:02 -------- d-------- C:\Program Files\messenger
2007-03-16 23:02 -------- d-------- C:\Program Files\messenger
2007-03-16 22:54 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-16 22:54 -------- d-------- C:\Program Files\xp-antispy
2007-03-16 22:54 -------- d-------- C:\Program Files\xp-antispy
2007-03-16 22:50 -------- d-------- C:\Program Files\totalcmd
2007-03-16 22:50 -------- d-------- C:\Program Files\totalcmd
2007-03-16 22:30 -------- d-------- C:\Program Files\dvd shrink
2007-03-16 22:30 -------- d-------- C:\Program Files\dvd shrink
2007-03-16 22:29 -------- d-------- C:\Program Files\cpu-z
2007-03-16 22:29 -------- d-------- C:\Program Files\cpu-z
2007-03-16 22:29 -------- d-------- C:\Program Files\bitlord
2007-03-16 22:29 -------- d-------- C:\Program Files\bitlord
2007-03-16 22:26 -------- d-------- C:\Program Files\lavasoft
2007-03-16 22:26 -------- d-------- C:\Program Files\lavasoft
2007-03-16 22:25 -------- d-------- C:\Program Files\Common Files\speechengines
2007-03-16 22:25 -------- d-------- C:\Program Files\Common Files\odbc
2007-03-16 22:21 -------- d-------- C:\Program Files\irfanview
2007-03-16 22:21 -------- d-------- C:\Program Files\irfanview
2007-03-16 22:21 -------- d-------- C:\Program Files\codec pack - all in 1
2007-03-16 22:21 -------- d-------- C:\Program Files\codec pack - all in 1
2007-03-16 22:20 737280 --a------ C:\WINDOWS\iun6002.exe
2007-03-16 22:19 -------- d-------- C:\Program Files\quicktime alternative
2007-03-16 22:19 -------- d-------- C:\Program Files\quicktime alternative
2007-03-16 22:19 -------- d-------- C:\Program Files\media player classic
2007-03-16 22:19 -------- d-------- C:\Program Files\media player classic
2007-03-16 22:15 118784 -r------- C:\WINDOWS\bwunin-7.2.0.137-8876480sl.exe
2007-03-16 22:15 -------- d-------- C:\Program Files\logitech
2007-03-16 22:15 -------- d-------- C:\Program Files\logitech
2007-03-16 21:38 664 --------- C:\WINDOWS\system32\d3d9caps.dat
2007-03-16 21:34 -------- d-------- C:\Program Files\microsoft frontpage
2007-03-16 21:34 -------- d-------- C:\Program Files\microsoft frontpage
2007-03-16 21:33 0 -rahs---- C:\MSDOS.SYS
2007-03-16 21:33 0 -rahs---- C:\IO.SYS
2007-03-16 21:33 0 --a------ C:\CONFIG.SYS
2007-03-16 21:33 0 --a------ C:\AUTOEXEC.BAT
2007-03-16 21:32 -------- d--h----- C:\Program Files\windowsupdate
2007-03-16 21:32 -------- d--h----- C:\Program Files\windowsupdate
2007-03-16 21:32 -------- d-------- C:\Program Files\online services
2007-03-16 21:32 -------- d-------- C:\Program Files\online services
2007-03-16 21:31 -------- d-------- C:\Program Files\movie maker
2007-03-16 21:31 -------- d-------- C:\Program Files\movie maker
2007-03-16 21:31 -------- d-------- C:\Program Files\Common Files\mssoap
2007-03-16 21:30 21812 --------- C:\WINDOWS\system32\emptyregdb.dat
2007-03-16 21:30 -------- d-------- C:\Program Files\msn gaming zone
2007-03-16 21:30 -------- d-------- C:\Program Files\msn gaming zone
2007-03-16 21:29 -------- d-------- C:\Program Files\windows nt
2007-03-16 21:29 -------- d-------- C:\Program Files\windows nt
2007-03-05 12:42 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-02-19 12:34 343040 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-01-30 02:46 69632 --------- C:\WINDOWS\system32\kemxml.dll
2007-01-30 02:46 163840 --------- C:\WINDOWS\system32\kemutb.dll
2007-01-30 02:46 135168 --------- C:\WINDOWS\system32\kemutil.dll
2007-01-30 02:46 110592 --------- C:\WINDOWS\system32\kemwnd.dll
2007-01-24 16:27 255848 --------- C:\WINDOWS\system32\xactengine2_6.dll
2007-01-23 16:45 1419024 --------- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2007-01-23 16:44 101136 --a------ C:\WINDOWS\khalmnpr.exe

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy4\\DVDAudio\\CTDVDDET.EXE\""
"CTSysVol"="C:\\Program Files\\Creative\\SBAudigy4\\Surround Mixer\\CTSysVol.exe /r"
"AudioDrvEmulator"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" -1 AudioDrvEmulator \"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\Audio Emulator\\AudDrvEm.dll\""
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"CTHelper"="CTHELPER.EXE"
"CTxfiHlp"="CTXFIHLP.EXE"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"RivaTuner"="\"C:\\Program Files\\RivaTuner v2.0 Final Release\\RivaTuner.exe\" /T"
"wdmxsemr"="C:\\pxmmwanu.bat"
"RivaTunerStartupDaemon"="\"C:\\Program Files\\RivaTuner v2.0 Final Release\\RivaTuner.exe\" /S"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{F971D217-D242-46A2-9D40-019582933A64}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=dword:00000000
"SynchronousMachineGroupPolicy"=dword:00000000
"SynchronousUserGroupPolicy"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"=dword:00000000
"NoColorChoice"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoDispSettingsPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoSizeChoice"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoRemoteRecursiveEvents"=dword:00000001
"NoStrCmpLogical"=dword:00000001
"NoClose"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoSaveSettings"=dword:00000000
"NoRecentDocsHistory"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000000
"NoClose"=dword:00000000
"NoAutoTrayNotify"=dword:00000000
"NoResolveTrack"=dword:00000000
"NoResolveSearch"=dword:00000001
"LinkResolveIgnoreLinkInfo"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoWelcomeScreen"=dword:00000001
"NoRecentDocsNetHood"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoSharedDocuments"=dword:00000001
"NoThemesTab"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WdfLoadGroup

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f438f38-d409-11db-8915-00138fefd0fc}]
Shell\AutoRun\command E:\install.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f438f39-d409-11db-8915-00138fefd0fc}]
Shell\AutoRun\command F:\start.exe
Shell\readme\command notepad cti_mne.txt

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f438f3a-d409-11db-8915-00138fefd0fc}]
Shell\AutoRun\command G:\Logopedie.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f438f3b-d409-11db-8915-00138fefd0fc}]
Shell\AutoRun\command H:\start.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f438f3c-d409-11db-8915-00138fefd0fc}]
Shell\AutoRun\command I:\autoplay.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f438f3d-d409-11db-8915-00138fefd0fc}]
Shell\AutoRun\command J:\AUTOPLAY.EXE

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5ad04b3-d533-11db-892d-00138fefd0fc}]
Shell\AutoRun\command K:\autorun.exe
Shell\readme\command notepad readme.txt
Shell\Setup\command K:\install.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5ad04b4-d533-11db-892d-00138fefd0fc}]
Shell\AutoRun\command L:\Autorun.exe

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\wincmd.ini 4096 bytes
C:\WINDOWS\WindowsShell.Manifest 4096 bytes
C:\WINDOWS\winhelp.exe 258048 bytes
C:\WINDOWS\winhlp32.exe 286720 bytes
C:\WINDOWS\winnt.bmp 49152 bytes
C:\WINDOWS\winnt256.bmp 49152 bytes
C:\WINDOWS\WinSxS
C:\WINDOWS\WinSxS\InstallTemp
C:\WINDOWS\WinSxS\Manifests
C:\WINDOWS\WinSxS\Policies
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a
C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries.Resources_6595b64144ccf1df_6.0.0.0_cs-CZ_8b83fff2
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7
C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_c9ba3671
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.3085_x-ww_e059201c
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_cs_d92a54f9
C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
C:\WINDOWS\wmprfCSY.prx 36864 bytes
C:\WINDOWS\WMSysPr9.prx 319488 bytes
C:\WINDOWS\WTRAN32.INI 8192 bytes
C:\WINDOWS\WTRDCTM.INI 40 bytes
C:\WINDOWS\XXLGS
C:\WINDOWS\XXLGS\REG.EXE 98304 bytes
C:\WINDOWS\XXLGS\UN32.EXE 163840 bytes
C:\WINDOWS\XXLGS\UN32.INI 4096 bytes
C:\WINDOWS\XXLGSC 0 bytes
C:\WINDOWS\Zapotec.bmp 12288 bytes
C:\WINDOWS\Zelený kámen.bmp 28672 bytes
C:\WINDOWS\Zrnko kávy.bmp 20480 bytes
C:\WINDOWS\_default.pif 712 bytes
C:\WINDOWS\{00000002-00000000-0000000A-00001102-00000008-10211102}.CDF 4960256 bytes
C:\WINDOWS\
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 49

********************************************************************

Completion time: 07-04-18 9:54:05
C:\ComboFix-quarantined-files.txt ... 07-04-18 09:54

kotas · Příspěvek od **kotas** » stř 18. dub 2007, 12:32

Při spouštění AVG mi vždy zobrazí toto varování:
Obrázek

Vždy to nechám ignorovat, mám dát uložit změny? Jinak v informacích je akorát odlišná velikost od původního souboru, viz screen:
Obrázek