Pro Motji

[Frenki]

Ahoj tak jsem tu o5
Včera děti normálně hráli hry a dnes jde velmi špatně internet. Projel jsem to mbam,Avirou,Combofix.
Mbam a Avira našli Trojany Combo nic Vše jsem zlikvidoval tak se to trochu zlepšilo.Ale You tube se ještě načítá pomalu.
Mrkni prosím na to.Víťa
log RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by xano at 2011-10-07 13:33:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 147 GB (48%) free of 305 GB
Total RAM: 2038 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:33:47, on 7.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\xano\Plocha\RSIT.exe
C:\Program Files\trend micro\xano.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6352 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Driver Robot.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for xano.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2007-05-16 269632]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-03-24 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-03-24 166424]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-30 281768]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-10-27 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-07-09 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-03-24 137752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-03-20 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"MSVideo8"=VfWWDM32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2011-10-07 13:33:42 ----D---- C:\rsit
2011-10-07 12:26:04 ----D---- C:\WINDOWS\LastGood
2011-10-07 11:58:12 ----D---- C:\Config.Msi
2011-10-07 11:57:52 ----SHD---- C:\RECYCLER
2011-10-07 11:38:05 ----D---- C:\WINDOWS\temp
2011-09-30 19:11:24 ----D---- C:\Documents and Settings\xano\Data aplikací\IObit
2011-09-28 14:09:32 ----D---- C:\Program Files\Postal2
2011-09-28 14:05:36 ----D---- C:\Program Files\Postal2STP(2)
2011-09-28 13:58:00 ----D---- C:\Postal 2
2011-09-28 13:42:22 ----D---- C:\Program Files\DAEMON Tools Lite
2011-09-22 10:27:47 ----D---- C:\Documents and Settings\xano\Data aplikací\Search Settings
2011-09-22 10:27:45 ----D---- C:\Program Files\IObit Toolbar
2011-09-22 10:27:45 ----D---- C:\Program Files\Common Files\Spigot
2011-09-22 10:27:45 ----D---- C:\Program Files\Application Updater
2011-09-19 07:44:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-16 15:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-16 15:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-09 08:00:55 ----A---- C:\WINDOWS\system32\CleanMFT32.exe
2011-09-09 08:00:46 ----D---- C:\Program Files\Registry Mechanic
2011-09-09 08:00:46 ----D---- C:\Program Files\Common Files\PC Tools
2011-09-08 06:19:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$

======List of files/folders modified in the last 1 month======

2011-10-07 13:33:44 ----D---- C:\Program Files\trend micro
2011-10-07 13:25:59 ----D---- C:\WINDOWS\system32\NtmsData
2011-10-07 13:23:42 ----SHD---- C:\System Volume Information
2011-10-07 13:05:10 ----A---- C:\WINDOWS\WINCMD.INI
2011-10-07 13:01:01 ----D---- C:\WINDOWS\Prefetch
2011-10-07 12:56:19 ----D---- C:\WINDOWS\Registration
2011-10-07 12:39:31 ----HD---- C:\WINDOWS\inf
2011-10-07 12:26:05 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-07 12:26:04 ----D---- C:\WINDOWS
2011-10-07 12:16:19 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-07 12:15:45 ----D---- C:\WINDOWS\system32\Restore
2011-10-07 11:58:47 ----D---- C:\WINDOWS\system32\config
2011-10-07 11:58:36 ----D---- C:\WINDOWS\system32\wbem
2011-10-07 11:58:29 ----D---- C:\Program Files
2011-10-07 11:58:20 ----D---- C:\Hry
2011-10-07 11:58:18 ----D---- C:\Program Files\Lineage int II
2011-10-07 11:58:12 ----SHD---- C:\WINDOWS\Installer
2011-10-07 11:57:58 ----DC---- C:\WINDOWS\system32\dllcache
2011-10-07 11:44:23 ----A---- C:\WINDOWS\win.ini
2011-10-07 11:44:23 ----A---- C:\WINDOWS\system.ini
2011-10-07 11:36:18 ----D---- C:\WINDOWS\system32\drivers
2011-10-07 11:36:18 ----D---- C:\WINDOWS\system32
2011-10-07 11:36:18 ----D---- C:\WINDOWS\AppPatch
2011-10-07 11:36:16 ----D---- C:\Program Files\Common Files
2011-10-07 10:40:17 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-07 08:45:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-10-07 08:21:43 ----D---- C:\Download
2011-10-01 19:01:05 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-09-30 11:47:46 ----D---- C:\Documents and Settings\xano\Data aplikací\vlc
2011-09-30 11:37:27 ----D---- C:\WINDOWS\Debug
2011-09-29 08:54:16 ----D---- C:\Gabca
2011-09-28 16:46:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-09-28 13:44:28 ----A---- C:\WINDOWS\NeroDigital.ini
2011-09-27 14:57:41 ----D---- C:\Program Files\NeoPaint
2011-09-22 10:27:45 ----D---- C:\WINDOWS\WinSxS
2011-09-22 10:27:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-09-16 15:33:51 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-09 08:01:12 ----SD---- C:\WINDOWS\Tasks
2011-09-08 17:46:51 ----D---- C:\WINDOWS\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-09-28 443448]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-07-06 138192]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-07-06 66616]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-03-20 5955872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-23 5082624]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-24 141568]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys []
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 ak3t4tki;ak3t4tki; C:\WINDOWS\system32\drivers\ak3t4tki.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ap8vknsu;ap8vknsu; C:\WINDOWS\system32\drivers\ap8vknsu.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 npkcrypt;npkcrypt; \??\C:\Hry\system\npkcrypt.sys []
S3 npkycryp;npkycryp; \??\C:\LIne ageII\system C\npkycryp.sys []
S3 PsSdk40;PsSdk40; \??\C:\WINDOWS\system32\Drivers\pssdk40.sys []
S3 PsSdkLBF;PsSdkLBF; \??\C:\WINDOWS\system32\Drivers\pssdklbf.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-06 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-06-02 136360]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-01-28 632792]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-25 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-10-11 3369044]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Frenki]

Ještě dodám že druhý comp jde na stejné síti normálně

[motji]

Ahoj
Log z combofixu by nebyl? . Potřebovala bych vidět, co mbam a cf našlo a mazalo.

[Frenki]

Ahoj motji.Tak vše zpět,druhý den jsem zapl pc a už zase špatné,na net jsem se nemohl dostat vůbec.
Tak jsem se naštval a provedl novou čistou instalaci xp +SP3
Bohužel net stále nejde,potíže s ovladači ethernet.ukazuje mi to že jsem připojen rychlostí 400mb/s což je nesmysl má tam být 100mb/s.Píšu ti z druhého PC.Pokusím se postahovat ovladače,ale mám podezření na síťovku.Jdu na to a budu referovat jak jsem dopadl Zatím pa Víťa

[Frenki]

Tak po celodení práci jsem to trochu rozpochodoval alespoň už se jakž takž dostanu na net.
Projel jsem to Mbam
Malwarebytes' Anti-Malware 1.50
http://www.malwarebytes.org

Database version: 5214

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

10.10.2011 15:39:03
mbam-log-2011-10-10 (15-38-53).txt

Scan type: Full scan (C:\|)
Objects scanned: 236381
Time elapsed: 18 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\system volume information\_restore{8c3b3129-a453-472e-af49-3a47fe2444a7}\RP2\A0001911.dll (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{8c3b3129-a453-472e-af49-3a47fe2444a7}\RP2\A0003655.dll (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{b2fc20ea-c945-409e-93ed-ed26977b934c}\RP2\A0001897.dll (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{b2fc20ea-c945-409e-93ed-ed26977b934c}\RP2\A0003641.dll (Trojan.Downloader) -> No action taken.
c:\WINDOWS\$ntservicepackuninstall$\termsrv.dll (Trojan.Downloader) -> No action taken.
c:\program files\iobit toolbar\widgihelper.exe (Adware.WidgiToolbar) -> No action taken.


a kobofix

ComboFix 11-10-07.02 - vf 10.10.2011 15:56:14.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1746 [GMT 2:00]
Spuštěný z: c:\documents and settings\vf\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ehome\medctrro.exe
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-10 do 2011-10-10 )))))))))))))))))))))))))))))))
.
.
2011-10-10 13:13 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-10 13:13 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-10 12:21 . 2008-07-16 14:05 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-10-10 12:20 . 2008-09-19 08:01 -------- d-----w- C:\Chipset
2011-10-10 11:39 . 2010-11-30 16:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-10 11:39 . 2010-11-30 16:13 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-10 11:39 . 2010-06-17 12:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-10-10 11:39 . 2010-06-17 12:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-10-10 11:18 . 2009-04-24 01:22 141568 ----a-r- c:\windows\system32\drivers\Rtenicxp.sys
2011-10-10 11:18 . 2009-03-04 02:18 73728 ----a-r- c:\windows\system32\RtNicProp32.dll
2011-10-10 10:05 . 2011-10-10 10:05 -------- d-----w- c:\program files\Lavalys
2011-10-09 07:10 . 2011-10-09 07:09 30816768 ----a-w- C:\BMP.msi
2011-10-09 06:55 . 2001-08-17 18:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2011-10-09 06:55 . 2001-08-17 18:12 19017 ----a-w- c:\windows\system32\drivers\RTL8029.sys
2011-10-09 06:53 . 2001-08-17 18:10 55999 -c--a-w- c:\windows\system32\dllcache\el556nd5.sys
2011-10-09 06:53 . 2001-08-17 18:10 55999 ----a-w- c:\windows\system32\drivers\EL556ND5.sys
2011-10-09 06:43 . 2011-10-09 06:43 -------- d-----w- c:\windows\OPTIONS
2011-10-09 06:43 . 1999-12-23 15:04 41852 ----a-w- c:\windows\system32\UpdDrv2K.exe
2011-10-09 06:43 . 2011-10-09 06:43 -------- d-----w- C:\compaq
2011-10-09 06:33 . 2011-10-09 06:33 -------- d-----w- c:\program files\Broadcom
2011-10-09 06:33 . 2011-10-09 06:33 -------- d-----w- c:\windows\Downloaded Installations
2011-10-09 06:30 . 2011-10-09 06:30 -------- d-----w- C:\swsetup
2011-10-08 13:13 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2011-10-08 13:12 . 2008-04-14 05:44 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2011-10-08 13:12 . 2001-08-17 21:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2011-10-08 13:12 . 2008-04-14 06:52 75264 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2011-10-08 13:12 . 2008-04-14 06:52 75264 ----a-w- c:\windows\system32\usbui.dll
2011-10-08 13:09 . 1980-01-01 00:00 23751 ----a-r- c:\windows\SET42.tmp
2011-10-08 13:08 . 2011-10-08 11:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS
2011-10-08 13:08 . 2011-10-09 05:20 -------- d--h--w- c:\documents and settings\Default User.WINDOWS
2011-10-08 12:27 . 2008-04-14 06:51 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2011-10-08 12:26 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002843_.tmp
2011-10-08 12:13 . 2011-10-10 11:34 -------- d-----w- c:\documents and settings\vf
2011-10-08 12:08 . 1980-01-01 00:00 9216 -c--a-w- c:\windows\system32\dllcache\wamps51.dll
2011-10-08 12:08 . 1980-01-01 00:00 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2011-10-08 12:08 . 1980-01-01 00:00 31360 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2011-10-08 12:08 . 1980-01-01 00:00 73728 -c--a-w- c:\windows\system32\dllcache\w3ext.dll
2011-10-08 12:08 . 1980-01-01 00:00 5632 -c--a-w- c:\windows\system32\dllcache\w3svapi.dll
2011-10-08 12:08 . 1980-01-01 00:00 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll
2011-10-08 12:08 . 1980-01-01 00:00 4608 -c--a-w- c:\windows\system32\dllcache\w3ctrs51.dll
2011-10-08 12:08 . 2008-04-14 06:50 86073 -c--a-w- c:\windows\system32\dllcache\voicesub.dll
2011-10-08 12:08 . 2008-04-14 06:50 426041 -c--a-w- c:\windows\system32\dllcache\voicepad.dll
2011-10-08 12:08 . 2008-04-14 06:50 76288 -c--a-w- c:\windows\system32\dllcache\uniime.dll
2011-10-08 12:08 . 1980-01-01 00:00 14336 -c--a-w- c:\windows\system32\dllcache\tsprof.exe
2011-10-08 12:06 . 1980-01-01 00:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2011-10-08 11:50 . 2008-04-14 06:52 28672 ------w- c:\windows\system32\verclsid.exe
2011-10-08 11:49 . 2007-08-10 18:43 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-10-08 11:44 . 1980-01-01 00:00 99840 -c--a-w- c:\windows\system32\dllcache\helphost.exe
2011-10-08 11:44 . 1980-01-01 00:00 7168 -c--a-w- c:\windows\system32\dllcache\hcappres.dll
2011-10-08 11:44 . 1980-01-01 00:00 35328 -c--a-w- c:\windows\system32\dllcache\notiflag.exe
2011-10-08 11:44 . 1980-01-01 00:00 21504 -c--a-w- c:\windows\system32\dllcache\brpinfo.dll
2011-10-08 11:44 . 1980-01-01 00:00 11264 -c--a-w- c:\windows\system32\dllcache\atrace.dll
2011-10-08 11:44 . 1980-01-01 00:00 11264 ----a-w- c:\windows\system32\atrace.dll
2011-10-08 11:42 . 2008-04-14 06:51 33792 ----a-w- c:\program files\Messenger\custsat.dll
2011-10-08 11:41 . 1980-01-01 00:00 45568 -c--a-w- c:\windows\system32\dllcache\wmi2xml.dll
2011-10-08 09:44 . 2011-10-10 13:58 -------- d-----w- c:\windows\ehome
2011-10-08 09:13 . 2011-10-08 12:30 -------- d-----w- c:\windows\system32\bits
2011-10-08 09:12 . 2011-10-08 09:12 -------- d-----w- c:\windows\ServicePackFiles
2011-10-08 08:16 . 2011-10-08 08:22 -------- d-----w- c:\documents and settings\vit
2011-10-08 08:15 . 2011-10-08 08:15 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY
2011-10-08 08:14 . 2011-10-08 08:14 -------- d-sh--w- c:\documents and settings\NetworkService.NT AUTHORITY
2011-10-07 12:43 . 2011-10-07 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ­
2011-10-07 09:58 . 2011-10-08 12:59 -------- d-----w- c:\windows\system32\wbem\Repository
2011-09-30 17:11 . 2011-10-07 09:58 -------- d-----w- c:\documents and settings\xano\Data aplikací\IObit
2011-09-28 12:09 . 2011-09-28 12:11 -------- d-----w- c:\program files\Postal2
2011-09-28 11:58 . 2011-10-07 09:58 -------- d-----w- C:\Postal 2
2011-09-28 11:42 . 2011-09-28 11:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\documents and settings\xano\Data aplikací\Search Settings
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\program files\Application Updater
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\program files\IObit Toolbar
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2009-03-02 11:14 57344 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2008-06-19 16:42 2808832 ----a-w- c:\windows\ALCWZRD.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-05-21 14:01 17881600 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-11-20 18:15 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [20.12.2010 9:17 135336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12.2.2010 11:41 1684736]
S3 EL556ND5;3Com 10/100 MiniPCI Ethernet Adapter Driver;c:\windows\system32\drivers\EL556ND5.sys [9.10.2011 8:53 55999]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-10 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-11-27 02:11]
.
2011-10-10 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-11-27 02:11]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-10 15:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-10-10 15:59:48
ComboFix-quarantined-files.txt 2011-10-10 13:59
ComboFix2.txt 2011-10-08 05:59
.
Před spuštěním: Volných bajtů: 157 282 045 952
Po spuštění: Volných bajtů: 157 786 542 080
.
- - End Of File - - 82AEBF577C8123FAB7F3C42B928B53D8

[Frenki]

ještě přidám čerstvý RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by vf at 2011-10-10 16:57:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 150 GB (49%) free of 305 GB
Total RAM: 2038 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:37, on 10.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\RSIT.exe
C:\Program Files\trend micro\vf.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

--
End of file - 2660 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-30 281768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2009-03-02 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-10-10 16:57:59 ----D---- C:\rsit
2011-10-10 16:56:32 ----A---- C:\RSIT.exe
2011-10-10 16:53:12 ----A---- C:\RSITx64.exe
2011-10-10 16:51:58 ----SHD---- C:\RECYCLER
2011-10-10 16:18:49 ----D---- C:\Documents and Settings\vf\Data aplikací\Avira
2011-10-10 15:59:49 ----D---- C:\WINDOWS\temp
2011-10-10 15:59:48 ----A---- C:\ComboFix.txt
2011-10-10 15:54:49 ----A---- C:\WINDOWS\zip.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\SWSC.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\SWREG.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\sed.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\PEV.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\NIRCMD.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\MBR.exe
2011-10-10 15:54:49 ----A---- C:\WINDOWS\grep.exe
2011-10-10 15:39:03 ----A---- C:\mbam-log-2011-10-10 (15-38-53).txt
2011-10-10 15:13:20 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-10-10 15:13:15 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-10-10 14:52:47 ----D---- C:\Documents and Settings\vf\Data aplikací\Malwarebytes
2011-10-10 14:52:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2011-10-10 14:48:25 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-10-10 14:48:23 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-10-10 14:48:22 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-10-10 14:48:21 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-10-10 14:48:20 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-10-10 14:48:19 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-10-10 14:48:18 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-10-10 14:48:16 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-10-10 14:48:15 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-10-10 14:48:14 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-10-10 14:48:12 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-10-10 14:48:01 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-10-10 14:48:01 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-10-10 14:48:00 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-10-10 14:21:21 ----A---- C:\WINDOWS\system32\CSVer.dll
2011-10-10 14:20:20 ----D---- C:\Chipset
2011-10-10 14:14:25 ----D---- C:\Documents and Settings\vf\Data aplikací\WinRAR
2011-10-10 13:41:59 ----D---- C:\Documents and Settings\vf\Data aplikací\Macromedia
2011-10-10 13:41:58 ----D---- C:\Documents and Settings\vf\Data aplikací\Adobe
2011-10-10 13:39:43 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-10-10 13:39:40 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-10-10 13:39:39 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-10-10 13:39:39 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-10-10 13:39:39 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-10-10 13:39:34 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Avira
2011-10-10 13:21:54 ----D---- C:\Documents and Settings\vf\Data aplikací\Opera
2011-10-10 13:18:17 ----RA---- C:\WINDOWS\system32\RtNicProp32.dll
2011-10-10 13:18:17 ----RA---- C:\WINDOWS\system32\drivers\Rtenicxp.sys
2011-10-10 12:05:16 ----D---- C:\Program Files\Lavalys
2011-10-09 09:07:51 ----A---- C:\WINDOWS\WINCMD.INI
2011-10-09 08:55:19 ----A---- C:\WINDOWS\system32\drivers\RTL8029.sys
2011-10-09 08:53:47 ----A---- C:\WINDOWS\system32\drivers\EL556ND5.sys
2011-10-09 08:43:22 ----D---- C:\WINDOWS\OPTIONS
2011-10-09 08:43:08 ----A---- C:\WINDOWS\system32\UpdDrv2K.exe
2011-10-09 08:43:04 ----D---- C:\compaq
2011-10-09 08:33:31 ----D---- C:\Program Files\Broadcom
2011-10-09 08:33:07 ----D---- C:\WINDOWS\Downloaded Installations
2011-10-09 08:30:33 ----D---- C:\swsetup
2011-10-09 07:20:15 ----D---- C:\WINDOWS\Prefetch
2011-10-08 15:37:09 ----A---- C:\WINDOWS\system32\h323log.txt
2011-10-08 15:13:13 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-10-08 15:12:50 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-10-08 15:12:27 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2011-10-08 15:12:13 ----A---- C:\WINDOWS\system32\usbui.dll
2011-10-08 15:10:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-08 15:10:45 ----A---- C:\WINDOWS\ODBCINST.INI
2011-10-08 15:10:40 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-10-08 15:10:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-10-08 15:10:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-10-08 15:10:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-10-08 15:10:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-10-08 15:10:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-10-08 15:10:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-10-08 15:10:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-10-08 15:10:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-10-08 15:10:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-10-08 15:10:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-10-08 15:10:33 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-10-08 15:10:33 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-10-08 15:10:33 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-10-08 15:10:33 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-10-08 15:10:33 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-10-08 15:10:29 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdpl.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-10-08 15:10:28 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-10-08 15:10:27 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-10-08 15:10:27 ----A---- C:\WINDOWS\system32\irclass.dll
2011-10-08 15:10:27 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-10-08 15:10:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-10-08 15:10:26 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-10-08 15:10:21 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-10-08 15:10:21 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-10-08 15:10:20 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-10-08 15:10:20 ----A---- C:\WINDOWS\system32\batt.dll
2011-10-08 15:10:20 ----A---- C:\WINDOWS\notepad.exe
2011-10-08 15:10:19 ----A---- C:\WINDOWS\system32\storprop.dll
2011-10-08 15:10:11 ----ASH---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\desktop.ini
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET86.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET85.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET84.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET83.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET82.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET81.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET80.tmp
2011-10-08 15:10:10 ----RA---- C:\WINDOWS\SET7F.tmp
2011-10-08 15:10:09 ----RA---- C:\WINDOWS\SET7E.tmp
2011-10-08 15:10:09 ----RA---- C:\WINDOWS\SET7D.tmp
2011-10-08 15:10:09 ----RA---- C:\WINDOWS\SET7C.tmp
2011-10-08 15:10:09 ----RA---- C:\WINDOWS\SET7B.tmp
2011-10-08 15:10:09 ----RA---- C:\WINDOWS\SET7A.tmp
2011-10-08 15:10:09 ----RA---- C:\WINDOWS\SET79.tmp
2011-10-08 15:10:08 ----RA---- C:\WINDOWS\SET78.tmp
2011-10-08 15:10:08 ----RA---- C:\WINDOWS\SET77.tmp
2011-10-08 15:10:08 ----RA---- C:\WINDOWS\SET76.tmp
2011-10-08 15:10:08 ----RA---- C:\WINDOWS\SET75.tmp
2011-10-08 15:10:08 ----RA---- C:\WINDOWS\SET74.tmp
2011-10-08 15:10:07 ----RA---- C:\WINDOWS\SET73.tmp
2011-10-08 15:10:07 ----RA---- C:\WINDOWS\SET72.tmp
2011-10-08 15:10:07 ----RA---- C:\WINDOWS\SET71.tmp
2011-10-08 15:10:07 ----RA---- C:\WINDOWS\SET70.tmp
2011-10-08 15:10:07 ----RA---- C:\WINDOWS\SET6F.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET6E.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET6D.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET6C.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET6B.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET6A.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET69.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET68.tmp
2011-10-08 15:10:06 ----RA---- C:\WINDOWS\SET67.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET66.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET65.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET64.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET63.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET62.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET61.tmp
2011-10-08 15:10:05 ----RA---- C:\WINDOWS\SET60.tmp
2011-10-08 15:10:04 ----RA---- C:\WINDOWS\SET5F.tmp
2011-10-08 15:10:04 ----RA---- C:\WINDOWS\SET5E.tmp
2011-10-08 15:10:04 ----RA---- C:\WINDOWS\SET5D.tmp
2011-10-08 15:10:04 ----RA---- C:\WINDOWS\SET5C.tmp
2011-10-08 15:10:04 ----RA---- C:\WINDOWS\SET5B.tmp
2011-10-08 15:10:03 ----RA---- C:\WINDOWS\SET5A.tmp
2011-10-08 15:10:03 ----RA---- C:\WINDOWS\SET59.tmp
2011-10-08 15:10:03 ----RA---- C:\WINDOWS\SET58.tmp
2011-10-08 15:10:03 ----RA---- C:\WINDOWS\SET57.tmp
2011-10-08 15:10:02 ----RA---- C:\WINDOWS\SET56.tmp
2011-10-08 15:10:02 ----RA---- C:\WINDOWS\SET55.tmp
2011-10-08 15:10:02 ----RA---- C:\WINDOWS\SET54.tmp
2011-10-08 15:10:02 ----RA---- C:\WINDOWS\SET53.tmp
2011-10-08 15:10:01 ----RA---- C:\WINDOWS\SET52.tmp
2011-10-08 15:10:01 ----RA---- C:\WINDOWS\SET51.tmp
2011-10-08 15:10:01 ----RA---- C:\WINDOWS\SET50.tmp
2011-10-08 15:10:01 ----RA---- C:\WINDOWS\SET4F.tmp
2011-10-08 15:10:01 ----RA---- C:\WINDOWS\SET4E.tmp
2011-10-08 15:10:01 ----RA---- C:\WINDOWS\SET4D.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET4C.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET4B.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET4A.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET49.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET48.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET47.tmp
2011-10-08 15:10:00 ----RA---- C:\WINDOWS\SET46.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET45.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET44.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET43.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET42.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET41.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET40.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET3F.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET3E.tmp
2011-10-08 15:09:59 ----RA---- C:\WINDOWS\SET3D.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET3C.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET3B.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET3A.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET39.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET38.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET37.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET36.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET35.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET34.tmp
2011-10-08 15:09:58 ----RA---- C:\WINDOWS\SET33.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET32.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET31.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET30.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET2F.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET2E.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET2D.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET2C.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET2B.tmp
2011-10-08 15:09:57 ----RA---- C:\WINDOWS\SET2A.tmp
2011-10-08 15:09:56 ----RA---- C:\WINDOWS\SET29.tmp
2011-10-08 15:09:56 ----RA---- C:\WINDOWS\SET28.tmp
2011-10-08 15:09:56 ----RA---- C:\WINDOWS\SET27.tmp
2011-10-08 15:09:56 ----RA---- C:\WINDOWS\SET26.tmp
2011-10-08 15:09:56 ----RA---- C:\WINDOWS\SET25.tmp
2011-10-08 15:09:53 ----RA---- C:\WINDOWS\SET8.tmp
2011-10-08 15:09:50 ----RA---- C:\WINDOWS\SET4.tmp
2011-10-08 15:09:49 ----RA---- C:\WINDOWS\SET3.tmp
2011-10-08 15:09:39 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft
2011-10-08 15:08:39 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2011-10-08 14:59:01 ----ASH---- C:\pagefile.sys
2011-10-08 14:30:23 ----N---- C:\WINDOWS\system32\msxml6r.dll
2011-10-08 14:30:23 ----N---- C:\WINDOWS\system32\msxml6.dll
2011-10-08 14:30:22 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-10-08 14:30:22 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-10-08 14:30:22 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2011-10-08 14:30:22 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-10-08 14:30:21 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-10-08 14:30:21 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-10-08 14:30:21 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-10-08 14:30:21 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-10-08 14:30:21 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\credssp.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\azroles.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-10-08 14:30:20 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-10-08 14:30:19 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-10-08 14:30:19 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-10-08 14:30:19 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-10-08 14:30:19 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-10-08 14:30:19 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\onex.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\napstat.exe
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\mssha.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-10-08 14:30:18 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\slserv.exe
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\slgen.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\setupn.exe
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\qutil.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-10-08 14:30:17 ----N---- C:\WINDOWS\system32\qagent.dll
2011-10-08 14:30:16 ----N---- C:\WINDOWS\system32\wmphoto.dll
2011-10-08 14:30:16 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-10-08 14:30:16 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2011-10-08 14:30:16 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2011-10-08 14:30:15 ----N---- C:\WINDOWS\system32\xmllite.dll
2011-10-08 14:30:15 ----N---- C:\WINDOWS\slrundll.exe
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-10-08 14:27:14 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-10-08 14:27:13 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-10-08 14:27:12 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-10-08 14:27:11 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-10-08 14:26:17 ----A---- C:\WINDOWS\002843_.tmp
2011-10-08 14:13:17 ----D---- C:\Documents and Settings\vf\Data aplikací\Identities
2011-10-08 14:13:09 ----SD---- C:\Documents and Settings\vf\Data aplikací\Microsoft
2011-10-08 14:13:09 ----ASH---- C:\Documents and Settings\vf\Data aplikací\desktop.ini
2011-10-08 14:11:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-08 14:08:14 ----AS---- C:\WINDOWS\bootstat.dat
2011-10-08 13:50:35 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-10-08 13:49:47 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-10-08 13:46:19 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-10-08 13:46:17 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-10-08 13:46:01 ----A---- C:\WINDOWS\control.ini
2011-10-08 13:45:45 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-10-08 13:44:04 ----A---- C:\WINDOWS\system32\atrace.dll
2011-10-08 13:44:02 ----A---- C:\WINDOWS\system32\desktop.ini
2011-10-08 13:44:02 ----A---- C:\WINDOWS\desktop.ini
2011-10-08 13:43:56 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-10-08 13:43:56 ----A---- C:\WINDOWS\system32\acctres.dll
2011-10-08 13:43:55 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wups.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-10-08 13:43:49 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-10-08 13:43:48 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-10-08 13:43:48 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-10-08 13:43:48 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-10-08 13:43:48 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-10-08 13:43:48 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-10-08 13:43:39 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-10-08 13:43:39 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-10-08 13:43:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-10-08 13:43:39 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-10-08 13:43:36 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-10-08 13:43:36 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-10-08 13:43:36 ----A---- C:\WINDOWS\system32\srclient.dll
2011-10-08 13:43:36 ----A---- C:\WINDOWS\system32\fltmc.exe
2011-10-08 13:43:36 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-10-08 13:43:36 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2011-10-08 13:43:35 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-10-08 13:43:35 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-10-08 13:43:35 ----A---- C:\WINDOWS\system32\ils.dll
2011-10-08 13:43:35 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-10-08 13:43:34 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-10-08 13:43:34 ----A---- C:\WINDOWS\system32\msconf.dll
2011-10-08 13:43:34 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-10-08 13:43:31 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-10-08 13:43:31 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-10-08 13:43:30 ----A---- C:\WINDOWS\system32\inetres.dll
2011-10-08 13:43:30 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-10-08 13:43:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-10-08 13:43:28 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-10-08 13:43:28 ----A---- C:\WINDOWS\system32\mstask.dll
2011-10-08 13:43:27 ----A---- C:\WINDOWS\system32\isign32.dll
2011-10-08 13:43:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-10-08 13:43:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-10-08 13:43:27 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-10-08 13:42:52 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2011-10-08 13:42:39 ----A---- C:\WINDOWS\vbaddin.ini
2011-10-08 13:42:39 ----A---- C:\WINDOWS\vb.ini
2011-10-08 13:42:20 ----A---- C:\WINDOWS\system32\write.exe
2011-10-08 13:42:13 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-10-08 13:42:13 ----A---- C:\WINDOWS\system32\hticons.dll
2011-10-08 13:42:13 ----A---- C:\WINDOWS\system32\avwav.dll
2011-10-08 13:42:12 ----A---- C:\WINDOWS\system32\winchat.exe
2011-10-08 13:42:12 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-10-08 13:42:12 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-10-08 13:42:05 ----A---- C:\WINDOWS\system32\charmap.exe
2011-10-08 13:42:05 ----A---- C:\WINDOWS\system32\getuname.dll
2011-10-08 13:42:04 ----A---- C:\WINDOWS\system32\winmine.exe
2011-10-08 13:42:04 ----A---- C:\WINDOWS\system32\sol.exe
2011-10-08 13:42:04 ----A---- C:\WINDOWS\system32\calc.exe
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\tskill.exe
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\reset.exe
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-10-08 13:42:03 ----A---- C:\WINDOWS\system32\freecell.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\tscon.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\shadow.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\regini.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\msg.exe
2011-10-08 13:42:02 ----A---- C:\WINDOWS\system32\logoff.exe
2011-10-08 13:42:01 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-10-08 13:42:01 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-10-08 13:42:00 ----RA---- C:\WINDOWS\system32\comrepl.dll
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\stclient.dll
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-10-08 13:42:00 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-10-08 13:41:51 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-10-08 13:41:49 ----RA---- C:\WINDOWS\system32\hypertrm.dll
2011-10-08 13:41:49 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-10-08 13:41:49 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-10-08 13:41:49 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-10-08 13:41:48 ----RA---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-10-08 13:41:48 ----A---- C:\WINDOWS\system32\spider.exe
2011-10-08 13:41:48 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-10-08 13:41:48 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-10-08 13:41:48 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-10-08 13:41:48 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-10-08 13:41:47 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-10-08 13:41:46 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-10-08 13:41:45 ----RA---- C:\WINDOWS\system32\mtxoci.dll
2011-10-08 13:41:45 ----RA---- C:\WINDOWS\system32\msdtcuiu.dll
2011-10-08 13:41:45 ----RA---- C:\WINDOWS\system32\msdtctm.dll
2011-10-08 13:41:45 ----RA---- C:\WINDOWS\system32\msdtcprx.dll
2011-10-08 13:41:44 ----RA---- C:\WINDOWS\system32\xolehlp.dll
2011-10-08 13:41:44 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-10-08 13:41:44 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-10-08 13:41:43 ----RA---- C:\WINDOWS\system32\colbact.dll
2011-10-08 13:41:43 ----RA---- C:\WINDOWS\system32\clbcatex.dll
2011-10-08 13:41:43 ----RA---- C:\WINDOWS\system32\catsrvut.dll
2011-10-08 13:41:43 ----RA---- C:\WINDOWS\system32\catsrv.dll
2011-10-08 13:41:43 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-10-08 13:41:42 ----RA---- C:\WINDOWS\system32\comuid.dll
2011-10-08 13:41:42 ----RA---- C:\WINDOWS\system32\comsvcs.dll
2011-10-08 13:41:42 ----RA---- C:\WINDOWS\system32\clbcatq.dll
2011-10-08 13:41:35 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-10-08 13:41:35 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-10-08 13:41:35 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-10-08 13:41:35 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-10-08 13:41:31 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-10-08 13:41:31 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2011-10-08 11:44:07 ----D---- C:\WINDOWS\ehome
2011-10-08 11:13:52 ----D---- C:\WINDOWS\system32\bits
2011-10-08 11:12:19 ----D---- C:\WINDOWS\ServicePackFiles
2011-10-08 11:08:03 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-10-08 10:17:00 ----HD---- C:\Program Files\Uninstall Information
2011-10-08 10:02:28 ----A---- C:\AUTOEXEC.BAT
2011-10-08 07:54:20 ----D---- C:\WINDOWS\ERDNT
2011-10-08 07:54:16 ----D---- C:\Qoobox
2011-10-07 20:08:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676-v2$
2011-10-07 11:58:12 ----D---- C:\Config.Msi
2011-09-28 14:09:32 ----D---- C:\Program Files\Postal2
2011-09-28 14:05:36 ----D---- C:\Program Files\Postal2STP(2)
2011-09-28 13:58:00 ----D---- C:\Postal 2
2011-09-28 13:42:22 ----D---- C:\Program Files\DAEMON Tools Lite
2011-09-22 10:27:45 ----D---- C:\Program Files\IObit Toolbar
2011-09-22 10:27:45 ----D---- C:\Program Files\Common Files\Spigot
2011-09-22 10:27:45 ----D---- C:\Program Files\Application Updater
2011-09-16 15:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-16 15:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$

======List of files/folders modified in the last 1 month======

2011-10-10 16:59:37 ----D---- C:\Program Files\trend micro
2011-10-10 15:59:49 ----D---- C:\WINDOWS
2011-10-10 15:59:03 ----A---- C:\WINDOWS\system.ini
2011-10-10 15:58:58 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-10 15:58:36 ----D---- C:\WINDOWS\system32
2011-10-10 15:57:57 ----D---- C:\WINDOWS\system32\drivers
2011-10-10 15:57:57 ----D---- C:\WINDOWS\AppPatch
2011-10-10 15:57:56 ----D---- C:\Program Files\Common Files
2011-10-10 15:55:51 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-10 15:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-10-10 15:16:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-10-10 14:53:48 ----SD---- C:\WINDOWS\Tasks
2011-10-10 14:48:30 ----DC---- C:\WINDOWS\system32\dllcache
2011-10-10 14:48:11 ----HD---- C:\WINDOWS\inf
2011-10-10 14:48:05 ----D---- C:\WINDOWS\system32\RTCOM
2011-10-10 14:44:56 ----A---- C:\WINDOWS\win.ini
2011-10-10 14:21:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-10-10 14:18:38 ----D---- C:\Program Files\WinRAR
2011-10-10 14:17:54 ----D---- C:\Download
2011-10-10 13:39:13 ----SHD---- C:\WINDOWS\Installer
2011-10-10 13:34:32 ----D---- C:\WINDOWS\Debug
2011-10-10 13:34:03 ----D---- C:\Program Files\CCleaner
2011-10-10 12:05:16 ----RD---- C:\Program Files
2011-10-09 09:11:34 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-09 07:30:36 ----D---- C:\Program Files\Online Services
2011-10-09 07:19:53 ----D---- C:\WINDOWS\system32\wbem
2011-10-09 07:19:53 ----D---- C:\WINDOWS\system32\Setup
2011-10-09 07:19:51 ----RSD---- C:\WINDOWS\Fonts
2011-10-08 15:29:05 ----D---- C:\WINDOWS\security
2011-10-08 15:07:08 ----D---- C:\WINDOWS\Media
2011-10-08 15:04:56 ----D---- C:\WINDOWS\system32\1029
2011-10-08 15:04:50 ----D---- C:\WINDOWS\twain_32
2011-10-08 15:04:36 ----D---- C:\WINDOWS\system32\ras
2011-10-08 15:04:17 ----D---- C:\WINDOWS\system32\icsxml
2011-10-08 15:03:32 ----D---- C:\WINDOWS\system32\ias
2011-10-08 15:03:20 ----D---- C:\WINDOWS\system32\1033
2011-10-08 14:58:58 ----RD---- C:\WINDOWS\Offline Web Pages
2011-10-08 14:58:58 ----D---- C:\WINDOWS\repair
2011-10-08 14:58:58 ----D---- C:\WINDOWS\pss
2011-10-08 14:58:57 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-10-08 14:30:24 ----D---- C:\Program Files\Messenger
2011-10-08 14:30:22 ----D---- C:\WINDOWS\system32\inetsrv
2011-10-08 14:30:21 ----D---- C:\WINDOWS\Network Diagnostic
2011-10-08 14:30:21 ----D---- C:\WINDOWS\ime
2011-10-08 14:30:21 ----D---- C:\WINDOWS\Help
2011-10-08 14:30:15 ----D---- C:\WINDOWS\system32\usmt
2011-10-08 14:30:15 ----D---- C:\WINDOWS\system32\cs-cz
2011-10-08 14:30:15 ----D---- C:\WINDOWS\system32\cs
2011-10-08 14:30:15 ----D---- C:\WINDOWS\L2Schemas
2011-10-08 14:30:15 ----D---- C:\Program Files\Internet Explorer
2011-10-08 14:30:14 ----D---- C:\WINDOWS\PeerNet
2011-10-08 14:30:14 ----D---- C:\Program Files\Movie Maker
2011-10-08 14:28:38 ----D---- C:\WINDOWS\system32\Restore
2011-10-08 14:28:38 ----D---- C:\WINDOWS\system32\npp
2011-10-08 14:28:37 ----D---- C:\WINDOWS\msagent
2011-10-08 14:28:36 ----D---- C:\WINDOWS\srchasst
2011-10-08 14:28:36 ----D---- C:\Program Files\NetMeeting
2011-10-08 14:28:35 ----D---- C:\WINDOWS\system32\Com
2011-10-08 14:28:33 ----D---- C:\Program Files\Windows NT
2011-10-08 14:28:33 ----D---- C:\Program Files\Windows Media Player
2011-10-08 14:28:33 ----D---- C:\Program Files\Outlook Express
2011-10-08 14:28:30 ----D---- C:\Program Files\Common Files\System
2011-10-08 14:28:18 ----D---- C:\WINDOWS\system32\oobe
2011-10-08 14:28:17 ----D---- C:\WINDOWS\system
2011-10-08 14:13:08 ----D---- C:\Documents and Settings
2011-10-08 14:11:28 ----D---- C:\WINDOWS\SoftwareDistribution
2011-10-08 14:11:26 ----SHD---- C:\System Volume Information
2011-10-08 14:09:38 ----D---- C:\WINDOWS\system32\config
2011-10-08 14:04:48 ----D---- C:\WINDOWS\RegisteredPackages
2011-10-08 13:45:41 ----D---- C:\WINDOWS\Registration
2011-10-08 13:45:33 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-10-08 13:45:00 ----RD---- C:\WINDOWS\Web
2011-10-08 13:42:33 ----D---- C:\WINDOWS\system32\MsDtc
2011-10-08 13:42:19 ----D---- C:\WINDOWS\Cursors
2011-10-08 13:37:15 ----SH---- C:\boot.ini
2011-10-08 12:35:36 ----D---- C:\totalcmd
2011-10-08 11:44:07 ----D---- C:\WINDOWS\system32\XPSViewer
2011-10-08 11:44:06 ----D---- C:\WINDOWS\system32\NtmsData
2011-10-08 11:44:05 ----D---- C:\WINDOWS\system32\en-US
2011-10-08 11:44:05 ----D---- C:\WINDOWS\system32\drivers\umdf
2011-10-08 11:44:03 ----D---- C:\WINDOWS\Logs
2011-10-08 11:44:01 ----RSD---- C:\WINDOWS\assembly
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2559049$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2530548$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-10-08 11:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2497640$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2360131$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-10-08 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-10-08 11:14:04 ----D---- C:\WINDOWS\WinSxS
2011-10-08 10:11:00 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-07 19:48:54 ----D---- C:\Hry
2011-10-07 11:58:18 ----D---- C:\Program Files\Lineage int II
2011-09-29 08:54:16 ----D---- C:\Gabca
2011-09-27 14:57:41 ----D---- C:\Program Files\NeoPaint
2011-09-12 19:00:04 ----D---- C:\Program Files\Registry Mechanic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-11-30 135096]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-11-30 61960]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-23 5082624]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-24 141568]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\vf\LOCALS~1\Temp\catchme.sys []
S3 EL556ND5;3Com 10/100 MiniPCI Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\EL556ND5.sys [2001-08-17 55999]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-11-30 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-11-30 135336]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

-----------------EOF-----------------

[Rudy]

Omluva za vstup, odpovídám na žádost uživatele.
Ještě dočistíme. Otevřte Poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\SET42.tmp
c:\windows\002843_.tmp

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Frenki]

Provedeno,při provádění scriptu jsem zapomněl vypnout Aviru,na požádání jse ji vypl. Ted mi hlaásí Maware
Virus or unwanted program 'TR/Crypt.XPACK.Gen [trojan]'
detected in file 'C:\ComboFix\handle.3XE.
Action performed: Deny access

log CF

Virus or unwanted program 'TR/Crypt.XPACK.Gen [trojan]'
detected in file 'C:\ComboFix\handle.3XE.
Action performed: Deny access

[Frenki]

ComboFix 11-10-07.02 - vf 10.10.2011 19:19:04.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1520 [GMT 2:00]
Spuštěný z: c:\documents and settings\vf\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\vf\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
file zipped: c:\windows\002843_.tmp
file zipped: c:\windows\SET42.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\002843_.tmp
c:\windows\SET42.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-10 do 2011-10-10 )))))))))))))))))))))))))))))))
.
.
2011-10-10 16:25 . 2011-10-10 16:32 -------- d-----w- c:\windows\LastGood.Tmp
2011-10-10 14:57 . 2011-10-10 14:59 -------- d-----w- C:\rsit
2011-10-10 14:56 . 2011-10-10 14:57 781383 ----a-w- C:\RSIT.exe
2011-10-10 14:53 . 2011-10-10 14:55 935175 ----a-w- C:\RSITx64.exe
2011-10-10 13:13 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-10 13:13 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-10 12:21 . 2008-07-16 14:05 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-10-10 12:20 . 2008-09-19 08:01 -------- d-----w- C:\Chipset
2011-10-10 11:39 . 2010-11-30 16:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-10 11:39 . 2010-11-30 16:13 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-10 11:39 . 2010-06-17 12:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-10-10 11:39 . 2010-06-17 12:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-10-10 11:18 . 2009-04-24 01:22 141568 ----a-r- c:\windows\system32\drivers\Rtenicxp.sys
2011-10-10 11:18 . 2009-03-04 02:18 73728 ----a-r- c:\windows\system32\RtNicProp32.dll
2011-10-10 10:05 . 2011-10-10 10:05 -------- d-----w- c:\program files\Lavalys
2011-10-09 07:10 . 2011-10-09 07:09 30816768 ----a-w- C:\BMP.msi
2011-10-09 06:55 . 2001-08-17 18:12 19017 -c--a-w- c:\windows\system32\dllcache\rtl8029.sys
2011-10-09 06:55 . 2001-08-17 18:12 19017 ----a-w- c:\windows\system32\drivers\RTL8029.sys
2011-10-09 06:53 . 2001-08-17 18:10 55999 -c--a-w- c:\windows\system32\dllcache\el556nd5.sys
2011-10-09 06:53 . 2001-08-17 18:10 55999 ----a-w- c:\windows\system32\drivers\EL556ND5.sys
2011-10-09 06:43 . 2011-10-09 06:43 -------- d-----w- c:\windows\OPTIONS
2011-10-09 06:43 . 1999-12-23 15:04 41852 ----a-w- c:\windows\system32\UpdDrv2K.exe
2011-10-09 06:43 . 2011-10-09 06:43 -------- d-----w- C:\compaq
2011-10-09 06:33 . 2011-10-09 06:33 -------- d-----w- c:\program files\Broadcom
2011-10-09 06:33 . 2011-10-09 06:33 -------- d-----w- c:\windows\Downloaded Installations
2011-10-09 06:30 . 2011-10-09 06:30 -------- d-----w- C:\swsetup
2011-10-08 13:13 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2011-10-08 13:12 . 2008-04-14 05:44 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2011-10-08 13:12 . 2001-08-17 21:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2011-10-08 13:12 . 2008-04-14 06:52 75264 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2011-10-08 13:12 . 2008-04-14 06:52 75264 ----a-w- c:\windows\system32\usbui.dll
2011-10-08 13:09 . 1980-01-01 00:00 13083 ----a-r- c:\windows\SET3F.tmp
2011-10-08 13:08 . 2011-10-08 11:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS
2011-10-08 13:08 . 2011-10-09 05:20 -------- d--h--w- c:\documents and settings\Default User.WINDOWS
2011-10-08 12:27 . 2008-04-14 06:51 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2011-10-08 12:13 . 2011-10-10 11:34 -------- d-----w- c:\documents and settings\vf
2011-10-08 12:08 . 1980-01-01 00:00 9216 -c--a-w- c:\windows\system32\dllcache\wamps51.dll
2011-10-08 12:08 . 1980-01-01 00:00 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2011-10-08 12:08 . 1980-01-01 00:00 31360 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2011-10-08 12:08 . 1980-01-01 00:00 73728 -c--a-w- c:\windows\system32\dllcache\w3ext.dll
2011-10-08 12:08 . 1980-01-01 00:00 5632 -c--a-w- c:\windows\system32\dllcache\w3svapi.dll
2011-10-08 12:08 . 1980-01-01 00:00 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll
2011-10-08 12:08 . 1980-01-01 00:00 4608 -c--a-w- c:\windows\system32\dllcache\w3ctrs51.dll
2011-10-08 12:08 . 2008-04-14 06:50 86073 -c--a-w- c:\windows\system32\dllcache\voicesub.dll
2011-10-08 12:08 . 2008-04-14 06:50 426041 -c--a-w- c:\windows\system32\dllcache\voicepad.dll
2011-10-08 12:08 . 2008-04-14 06:50 76288 -c--a-w- c:\windows\system32\dllcache\uniime.dll
2011-10-08 12:08 . 1980-01-01 00:00 14336 -c--a-w- c:\windows\system32\dllcache\tsprof.exe
2011-10-08 12:06 . 1980-01-01 00:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2011-10-08 11:50 . 2008-04-14 06:52 28672 ------w- c:\windows\system32\verclsid.exe
2011-10-08 11:49 . 2007-08-10 18:43 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-10-08 11:44 . 1980-01-01 00:00 99840 -c--a-w- c:\windows\system32\dllcache\helphost.exe
2011-10-08 11:44 . 1980-01-01 00:00 7168 -c--a-w- c:\windows\system32\dllcache\hcappres.dll
2011-10-08 11:44 . 1980-01-01 00:00 35328 -c--a-w- c:\windows\system32\dllcache\notiflag.exe
2011-10-08 11:44 . 1980-01-01 00:00 21504 -c--a-w- c:\windows\system32\dllcache\brpinfo.dll
2011-10-08 11:44 . 1980-01-01 00:00 11264 -c--a-w- c:\windows\system32\dllcache\atrace.dll
2011-10-08 11:44 . 1980-01-01 00:00 11264 ----a-w- c:\windows\system32\atrace.dll
2011-10-08 11:42 . 2008-04-14 06:51 33792 ----a-w- c:\program files\Messenger\custsat.dll
2011-10-08 11:41 . 1980-01-01 00:00 45568 -c--a-w- c:\windows\system32\dllcache\wmi2xml.dll
2011-10-08 09:44 . 2011-10-10 13:58 -------- d-----w- c:\windows\ehome
2011-10-08 09:13 . 2011-10-08 12:30 -------- d-----w- c:\windows\system32\bits
2011-10-08 09:12 . 2011-10-08 09:12 -------- d-----w- c:\windows\ServicePackFiles
2011-10-08 08:16 . 2011-10-08 08:22 -------- d-----w- c:\documents and settings\vit
2011-10-08 08:15 . 2011-10-08 08:15 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY
2011-10-08 08:14 . 2011-10-08 08:14 -------- d-sh--w- c:\documents and settings\NetworkService.NT AUTHORITY
2011-10-07 12:43 . 2011-10-07 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ­
2011-10-07 09:58 . 2011-10-08 12:59 -------- d-----w- c:\windows\system32\wbem\Repository
2011-09-30 17:11 . 2011-10-07 09:58 -------- d-----w- c:\documents and settings\xano\Data aplikací\IObit
2011-09-28 12:09 . 2011-09-28 12:11 -------- d-----w- c:\program files\Postal2
2011-09-28 11:58 . 2011-10-07 09:58 -------- d-----w- C:\Postal 2
2011-09-28 11:42 . 2011-09-28 11:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\documents and settings\xano\Data aplikací\Search Settings
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\Application Updater
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\program files\Application Updater
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\program files\IObit Toolbar
2011-09-22 08:27 . 2011-09-22 08:27 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-10_13.59.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-06 17:24 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2011-10-10 16:25 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 1980-01-01 00:00 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 1980-01-01 00:00 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 209632 c:\windows\system32\wuweb.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2011-10-08 11:43 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2011-10-08 11:43 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2011-10-08 11:43 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2011-10-08 11:43 . 2009-08-06 17:23 1929952 c:\windows\system32\wuaueng.dll
+ 2011-10-08 11:43 . 2009-08-06 17:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2009-03-02 11:14 57344 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2008-06-19 16:42 2808832 ----a-w- c:\windows\ALCWZRD.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-05-21 14:01 17881600 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-11-20 18:15 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [20.12.2010 9:17 135336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12.2.2010 11:41 1684736]
S3 EL556ND5;3Com 10/100 MiniPCI Ethernet Adapter Driver;c:\windows\system32\drivers\EL556ND5.sys [9.10.2011 8:53 55999]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-10 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-11-27 02:11]
.
2011-10-10 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-11-27 02:11]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-10 19:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-10-10 19:25:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-10 17:25
ComboFix2.txt 2011-10-10 13:59
ComboFix3.txt 2011-10-08 05:59
.
Před spuštěním: Volných bajtů: 157 627 441 152
Po spuštění: Volných bajtů: 157 619 642 368
.
- - End Of File - - 8539610F693F1821CCE3699548DFC7CA
Nahr nˇ probŘhlo ŁspŘçnŘ

[Rudy]

Smazáno, log již vypadá OK. Nastala nějaká změna?

[Frenki]

vypadá to že to běží rychleji ještě to otestuji na you tube tam je vždy poznat jak to načítá.Já mněl podezření na sítovou kartu

[Rudy]

OK.

[Frenki]

Tak to ještě nestahuje jako dřív 1520 kb/s a bývalo 2930 kb/s na tom druhém PC to tak jede.

[Frenki]

Projel jsem to aktualizovanou Airou a našla ještě Trojan Trasch Gen



Avira AntiVir Personal
Report file date: 10. října 2011 20:53

Scanning for 3380960 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : V-B7B6A0C8FB774

Version information:
BUILD.DAT : 10.2.0.703 35935 Bytes 29.8.2011 16:39:00
AVSCAN.EXE : 10.3.0.7 484008 Bytes 10.10.2011 18:22:59
AVSCAN.DLL : 10.0.5.0 47464 Bytes 10.10.2011 18:22:59
LUKE.DLL : 10.3.0.5 45416 Bytes 10.10.2011 18:23:00
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.2.2010 21:40:49
AVSCPLR.DLL : 10.3.0.7 119656 Bytes 10.10.2011 18:23:00
AVREG.DLL : 10.3.0.9 88833 Bytes 10.10.2011 18:23:00
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6.11.2009 07:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 18:22:57
VBASE002.VDF : 7.11.3.0 1950720 Bytes 9.2.2011 18:22:58
VBASE003.VDF : 7.11.5.225 1980416 Bytes 7.4.2011 18:22:58
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.5.2011 18:22:58
VBASE005.VDF : 7.11.10.251 1788416 Bytes 7.7.2011 18:22:58
VBASE006.VDF : 7.11.13.60 6411776 Bytes 16.8.2011 18:22:58
VBASE007.VDF : 7.11.15.106 2389504 Bytes 5.10.2011 18:22:58
VBASE008.VDF : 7.11.15.107 2048 Bytes 5.10.2011 18:22:58
VBASE009.VDF : 7.11.15.108 2048 Bytes 5.10.2011 18:22:58
VBASE010.VDF : 7.11.15.109 2048 Bytes 5.10.2011 18:22:58
VBASE011.VDF : 7.11.15.110 2048 Bytes 5.10.2011 18:22:58
VBASE012.VDF : 7.11.15.111 2048 Bytes 5.10.2011 18:22:58
VBASE013.VDF : 7.11.15.144 161792 Bytes 7.10.2011 18:22:58
VBASE014.VDF : 7.11.15.177 130048 Bytes 10.10.2011 18:22:58
VBASE015.VDF : 7.11.15.178 2048 Bytes 10.10.2011 18:22:58
VBASE016.VDF : 7.11.15.179 2048 Bytes 10.10.2011 18:22:58
VBASE017.VDF : 7.11.15.180 2048 Bytes 10.10.2011 18:22:58
VBASE018.VDF : 7.11.15.181 2048 Bytes 10.10.2011 18:22:58
VBASE019.VDF : 7.11.15.182 2048 Bytes 10.10.2011 18:22:58
VBASE020.VDF : 7.11.15.183 2048 Bytes 10.10.2011 18:22:58
VBASE021.VDF : 7.11.15.184 2048 Bytes 10.10.2011 18:22:59
VBASE022.VDF : 7.11.15.185 2048 Bytes 10.10.2011 18:22:59
VBASE023.VDF : 7.11.15.186 2048 Bytes 10.10.2011 18:22:59
VBASE024.VDF : 7.11.15.187 2048 Bytes 10.10.2011 18:22:59
VBASE025.VDF : 7.11.15.188 2048 Bytes 10.10.2011 18:22:59
VBASE026.VDF : 7.11.15.189 2048 Bytes 10.10.2011 18:22:59
VBASE027.VDF : 7.11.15.190 2048 Bytes 10.10.2011 18:22:59
VBASE028.VDF : 7.11.15.191 2048 Bytes 10.10.2011 18:22:59
VBASE029.VDF : 7.11.15.192 2048 Bytes 10.10.2011 18:22:59
VBASE030.VDF : 7.11.15.193 2048 Bytes 10.10.2011 18:22:59
VBASE031.VDF : 7.11.15.203 75264 Bytes 10.10.2011 18:22:59
Engineversion : 8.2.6.80
AEVDF.DLL : 8.1.2.1 106868 Bytes 30.11.2010 16:13:13
AESCRIPT.DLL : 8.1.3.81 467322 Bytes 10.10.2011 18:22:59
AESCN.DLL : 8.1.7.2 127349 Bytes 30.11.2010 16:13:12
AESBX.DLL : 8.2.1.34 323957 Bytes 10.10.2011 18:22:59
AERDL.DLL : 8.1.9.15 639348 Bytes 10.10.2011 18:22:59
AEPACK.DLL : 8.2.10.11 684408 Bytes 10.10.2011 18:22:59
AEOFFICE.DLL : 8.1.2.15 201083 Bytes 10.10.2011 18:22:59
AEHEUR.DLL : 8.1.2.177 3744120 Bytes 10.10.2011 18:22:59
AEHELP.DLL : 8.1.17.7 254327 Bytes 10.10.2011 18:22:59
AEGEN.DLL : 8.1.5.9 401780 Bytes 10.10.2011 18:22:59
AEEMU.DLL : 8.1.3.0 393589 Bytes 30.11.2010 16:13:06
AECORE.DLL : 8.1.23.0 196983 Bytes 10.10.2011 18:22:59
AEBB.DLL : 8.1.1.0 53618 Bytes 30.11.2010 16:13:05
AVWINLL.DLL : 10.0.0.0 19304 Bytes 30.11.2010 16:13:17
AVPREF.DLL : 10.0.3.2 44904 Bytes 10.10.2011 18:22:59
AVREP.DLL : 10.0.0.10 174120 Bytes 10.10.2011 18:23:00
AVARKT.DLL : 10.0.26.1 255336 Bytes 10.10.2011 18:22:59
AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 10.10.2011 18:22:59
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.6.2010 12:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 30.11.2010 16:13:17
NETNT.DLL : 10.0.0.0 11624 Bytes 17.6.2010 12:27:21
RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 10.10.2011 18:22:56
RCTEXT.DLL : 10.0.64.0 97640 Bytes 10.10.2011 18:22:56

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: Default
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: Advanced

Start of the scan: 10. října 2011 20:53

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'rsmsink.exe' - '27' Module(s) have been scanned
Scan process 'msdtc.exe' - '39' Module(s) have been scanned
Scan process 'dllhost.exe' - '57' Module(s) have been scanned
Scan process 'dllhost.exe' - '44' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '63' Module(s) have been scanned
Scan process 'avcenter.exe' - '61' Module(s) have been scanned
Scan process 'avgnt.exe' - '50' Module(s) have been scanned
Scan process 'avshadow.exe' - '25' Module(s) have been scanned
Scan process 'avguard.exe' - '53' Module(s) have been scanned
Scan process 'sched.exe' - '45' Module(s) have been scanned
Scan process 'opera.exe' - '51' Module(s) have been scanned
Scan process 'explorer.exe' - '86' Module(s) have been scanned
Scan process 'alg.exe' - '32' Module(s) have been scanned
Scan process 'spoolsv.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '164' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'lsass.exe' - '57' Module(s) have been scanned
Scan process 'services.exe' - '35' Module(s) have been scanned
Scan process 'winlogon.exe' - '64' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '345' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\System Volume Information\_restore{B2FC20EA-C945-409E-93ED-ED26977B934C}\RP5\A0004774.exe
[DETECTION] Is the TR/Trash.Gen Trojan

Beginning disinfection:
C:\System Volume Information\_restore{B2FC20EA-C945-409E-93ED-ED26977B934C}\RP5\A0004774.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4c08e30e.qua'.


End of the scan: 10. října 2011 21:28
Used time: 33:47 Minute(s)

The scan has been done completely.

5630 Scanned directories
179715 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
179714 Files not concerned
6062 Archives were scanned
0 Warnings
1 Notes
178249 Objects were scanned with rootkit scan
0 Hidden objects were found

[Rudy]

Jj. Máte ho v záloze systému. Vypněte obnovu systému, restartujte PC a obnovu opět zapněte. Tím bude vir smazán.